Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/jhEFknqoK_BS1ZtKoMXlt2OiJ5w.roa
File: jhEFknqoK_BS1ZtKoMXlt2OiJ5w.roa (raw, json)
Hash identifier: v/53l+XCcGHQ3lOSHv89C7msVDalR3SvpophItFfOiA=
Subject key identifier: 8E:11:05:92:7A:A8:2B:F0:52:D5:9B:4A:A0:C5:E5:B7:63:A2:27:9C
Certificate issuer: /CN=2d3c3987e7c34b366aa0f09c40ea4c80bfed0e01
Certificate serial: 0199E29AEB95EC6A629AC24A6FBB37C26071
Authority key identifier: 2D:3C:39:87:E7:C3:4B:36:6A:A0:F0:9C:40:EA:4C:80:BF:ED:0E:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LTw5h-fDSzZqoPCcQOpMgL_tDgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/jhEFknqoK_BS1ZtKoMXlt2OiJ5w.roa
Signing time: Tue 14 Oct 2025 12:03:47 +0000
ROA not before: Tue 14 Oct 2025 12:03:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 194.150.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/LTw5h-fDSzZqoPCcQOpMgL_tDgE.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/LTw5h-fDSzZqoPCcQOpMgL_tDgE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LTw5h-fDSzZqoPCcQOpMgL_tDgE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e2:9a:eb:95:ec:6a:62:9a:c2:4a:6f:bb:37:c2:60:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d3c3987e7c34b366aa0f09c40ea4c80bfed0e01
Validity
Not Before: Oct 14 12:03:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e1105927aa82bf052d59b4aa0c5e5b763a2279c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fc:9d:b4:ae:07:2a:9b:ac:ed:37:da:71:fb:
ec:45:f8:14:c0:4f:82:d9:c1:8c:5b:40:6b:5c:13:
6c:73:ef:26:f0:eb:af:a1:be:ce:af:70:54:07:63:
b9:00:e0:7b:f4:d7:81:06:e7:87:40:19:bd:05:b0:
35:08:99:51:9e:6d:e7:b3:1a:e2:8b:0e:bb:83:5a:
b6:12:e0:0a:65:bd:80:61:f2:ed:ce:59:84:c0:a6:
94:36:03:36:8f:a5:fb:98:b8:a9:6e:ef:d3:dc:7a:
83:b9:1a:c7:24:c3:77:bd:6e:d7:1a:71:28:94:57:
8e:74:f8:5f:01:53:58:c6:d2:e4:f1:e2:e8:b9:21:
62:e6:ae:d9:e3:27:11:f8:92:9c:11:33:c7:38:a4:
78:5a:10:7d:15:db:9a:c1:c6:db:73:6a:4c:1b:79:
33:b3:99:c3:ae:31:e1:6c:4d:f5:0d:7a:79:8b:c9:
db:81:dd:68:71:86:6d:26:d2:4a:18:5c:62:f6:8b:
80:9a:55:09:b6:7e:96:0b:90:42:be:91:50:aa:cb:
37:cb:70:de:a9:0b:8a:8a:15:0f:41:27:5c:96:e8:
b9:50:6e:c8:4d:37:a7:03:75:0d:22:9e:5a:e4:0f:
35:40:b8:66:41:60:61:5b:a9:34:86:df:e9:a8:4e:
a9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:11:05:92:7A:A8:2B:F0:52:D5:9B:4A:A0:C5:E5:B7:63:A2:27:9C
X509v3 Authority Key Identifier:
keyid:2D:3C:39:87:E7:C3:4B:36:6A:A0:F0:9C:40:EA:4C:80:BF:ED:0E:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LTw5h-fDSzZqoPCcQOpMgL_tDgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/jhEFknqoK_BS1ZtKoMXlt2OiJ5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/068a6c-921b-4e0b-ba7e-3a6de99ede47/1/LTw5h-fDSzZqoPCcQOpMgL_tDgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.75.0/24
Signature Algorithm: sha256WithRSAEncryption
77:1e:74:3c:3a:5f:c8:c9:73:3e:14:7b:e4:f7:2e:85:71:23:
9e:38:cf:8a:2e:e4:2c:34:ba:fd:99:51:d6:38:e9:f4:c3:0e:
61:7a:e2:45:5e:fc:37:bb:f2:27:4e:07:1b:ed:e9:8b:41:3e:
bc:75:c2:20:9e:fa:37:9f:e3:ae:f0:a1:0f:d4:e0:c2:9a:54:
54:ca:59:30:fa:e7:a8:97:3e:0c:31:28:b8:1d:27:33:87:a4:
ea:63:f4:83:eb:77:05:74:bd:ca:f3:fd:7f:f4:8a:27:53:f6:
10:fa:ed:1a:d2:6d:4b:98:37:cd:a0:b5:02:2c:99:db:05:e2:
c2:59:93:38:0e:54:f3:62:ec:4d:94:a2:d2:e8:d8:dc:4b:8a:
bf:f4:02:48:b6:c1:80:9f:53:c5:9d:42:b8:ce:33:01:a3:55:
c5:50:e8:30:27:e7:ac:24:59:19:60:ec:18:22:90:cb:46:f2:
f1:25:c5:cf:b0:6f:1a:38:80:5a:2b:fa:7a:d7:28:2b:f2:46:
05:5c:5f:6a:cc:76:3a:62:61:da:d2:e5:5f:a3:bf:d9:cc:5e:
7e:3b:17:ad:47:0c:44:7b:d8:01:59:90:3d:cf:2e:6e:8b:13:
72:c1:6f:a1:31:0c:1f:26:f3:dd:bd:0b:86:67:ff:46:d2:bb:
e6:2f:ce:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnimuuV7GpimsJKb7s3wmBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkM2MzOTg3ZTdjMzRiMzY2YWEwZjA5YzQwZWE0YzgwYmZl
ZDBlMDEwHhcNMjUxMDE0MTIwMzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTExMDU5MjdhYTgyYmYwNTJkNTliNGFhMGM1ZTViNzYzYTIyNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/ydtK4HKpus7TfacfvsRfgUwE+C
2cGMW0BrXBNsc+8m8Ouvob7Or3BUB2O5AOB79NeBBueHQBm9BbA1CJlRnm3nsxri
iw67g1q2EuAKZb2AYfLtzlmEwKaUNgM2j6X7mLipbu/T3HqDuRrHJMN3vW7XGnEo
lFeOdPhfAVNYxtLk8eLouSFi5q7Z4ycR+JKcETPHOKR4WhB9Fduawcbbc2pMG3kz
s5nDrjHhbE31DXp5i8nbgd1ocYZtJtJKGFxi9ouAmlUJtn6WC5BCvpFQqss3y3De
qQuKihUPQSdclui5UG7ITTenA3UNIp5a5A81QLhmQWBhW6k0ht/pqE6pcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4RBZJ6qCvwUtWbSqDF5bdjoiecMB8GA1UdIwQY
MBaAFC08OYfnw0s2aqDwnEDqTIC/7Q4BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFR3NWgtZkRTelpxb1BDY1FPcE1nTF90RGdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNjhhNmMtOTIxYi00ZTBiLWJhN2Ut
M2E2ZGU5OWVkZTQ3LzEvamhFRmtucW9LX0JTMVp0S29NWGx0Mk9pSjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNjhhNmMtOTIxYi00ZTBiLWJhN2UtM2E2ZGU5OWVkZTQ3
LzEvTFR3NWgtZkRTelpxb1BDY1FPcE1nTF90RGdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpZLMA0G
CSqGSIb3DQEBCwUAA4IBAQB3HnQ8Ol/IyXM+FHvk9y6FcSOeOM+KLuQsNLr9mVHW
OOn0ww5heuJFXvw3u/InTgcb7emLQT68dcIgnvo3n+Ou8KEP1ODCmlRUylkw+ueo
lz4MMSi4HSczh6TqY/SD63cFdL3K8/1/9IonU/YQ+u0a0m1LmDfNoLUCLJnbBeLC
WZM4DlTzYuxNlKLS6NjcS4q/9AJItsGAn1PFnUK4zjMBo1XFUOgwJ+esJFkZYOwY
IpDLRvLxJcXPsG8aOIBaK/p61ygr8kYFXF9qzHY6YmHa0uVfo7/ZzF5+OxetRwxE
e9gBWZA9zy5uixNywW+hMQwfJvPdvQuGZ/9G0rvmL879
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:32:25 2025 by rpki-client