Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/0PYcltmJzMja0dvWKhNEIn2h5wU.roa
File: 0PYcltmJzMja0dvWKhNEIn2h5wU.roa (raw, json)
Hash identifier: yxrc3TyRtsqbuJQwsd58p+Gp8bj83VKuug5ZZ8u6nJI=
Subject key identifier: D0:F6:1C:96:D9:89:CC:C8:DA:D1:DB:D6:2A:13:44:22:7D:A1:E7:05
Certificate issuer: /CN=27873afe6330b7ae9ee562e0c988e9fd5ea8f567
Certificate serial: 01995136949DF3AD5C23A25C1BCF8304F41E
Authority key identifier: 27:87:3A:FE:63:30:B7:AE:9E:E5:62:E0:C9:88:E9:FD:5E:A8:F5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/0PYcltmJzMja0dvWKhNEIn2h5wU.roa
Signing time: Tue 16 Sep 2025 06:29:15 +0000
ROA not before: Tue 16 Sep 2025 06:29:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57087
IP address blocks: 141.8.232.0/21 maxlen: 24
141.8.232.0/24 maxlen: 24
141.8.234.0/24 maxlen: 24
141.8.236.0/23 maxlen: 24
2a13:8cc0:1f00::/48 maxlen: 48
2a13:8cc0:1f01::/48 maxlen: 48
2a13:8cc0:1f02::/48 maxlen: 48
2a13:8cc0:1f03::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.mft
rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:51:36:94:9d:f3:ad:5c:23:a2:5c:1b:cf:83:04:f4:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27873afe6330b7ae9ee562e0c988e9fd5ea8f567
Validity
Not Before: Sep 16 06:29:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0f61c96d989ccc8dad1dbd62a1344227da1e705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:45:30:08:bb:3d:89:4f:09:a7:6a:e7:dd:3a:
c4:96:0b:15:12:57:c7:62:4f:c1:f3:f4:87:8b:47:
65:16:b3:41:08:25:ed:03:91:61:eb:1e:37:6c:b7:
3e:f5:34:a2:94:51:90:52:89:f6:62:cf:61:78:d8:
a7:c1:3d:54:1d:a3:df:d8:68:50:13:91:e2:4d:4e:
56:63:f4:2c:d2:06:7d:8f:ed:4d:b5:52:8d:8b:c4:
f6:4d:ea:60:e3:8b:8a:73:41:7b:f1:84:32:99:e6:
2e:e1:9c:4b:41:ce:f9:c5:1b:68:54:be:b7:03:8c:
1b:87:f2:5a:a3:52:de:8a:ec:44:6f:00:b5:ed:f9:
7f:78:93:92:c8:93:e9:6e:ab:14:42:00:d2:b9:1c:
d1:65:35:79:e4:25:78:dc:3b:06:c0:c5:27:b6:71:
37:63:b0:e3:35:1b:10:14:1d:a2:1e:13:28:e4:15:
15:47:2b:84:3d:a9:b3:51:00:fd:74:ca:8d:b7:5a:
94:45:ca:58:29:95:34:b7:89:c2:24:5e:5c:c3:56:
44:08:85:4b:e3:f5:4f:f3:55:77:a5:6c:54:12:ff:
af:20:76:3a:2b:45:54:1a:30:8e:cf:1a:d9:82:11:
d4:ed:47:04:cd:ba:dd:ae:41:36:bf:a0:a1:e8:af:
f6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F6:1C:96:D9:89:CC:C8:DA:D1:DB:D6:2A:13:44:22:7D:A1:E7:05
X509v3 Authority Key Identifier:
keyid:27:87:3A:FE:63:30:B7:AE:9E:E5:62:E0:C9:88:E9:FD:5E:A8:F5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/0PYcltmJzMja0dvWKhNEIn2h5wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.8.232.0/21
IPv6:
2a13:8cc0:1f00::/46
Signature Algorithm: sha256WithRSAEncryption
9c:b6:34:a2:53:a7:b6:1a:f2:a8:d7:c1:cf:18:57:cd:10:f4:
a2:4d:a3:02:e5:39:06:ff:97:76:26:53:17:40:87:45:e4:be:
66:ad:29:61:61:f3:3a:e9:a9:db:cd:47:dd:7b:a9:21:f5:ee:
08:28:ec:c4:15:82:9a:27:30:e1:e5:51:2f:86:e9:a6:6c:76:
67:b4:53:b1:36:3f:b5:13:21:3d:5a:ec:74:d8:59:ca:9a:a6:
3c:4b:40:20:f0:34:3b:0f:1a:9c:7c:04:61:3a:e0:e3:e7:b0:
43:ba:69:a3:88:33:e8:a9:10:32:50:fb:db:0a:f9:23:69:88:
1e:76:f5:a3:2f:1d:6a:2e:b8:27:21:1d:4e:22:07:5f:aa:3b:
ec:d3:c4:41:81:32:07:07:94:28:60:8a:29:6c:fe:4d:f6:0f:
e7:0f:bb:ec:2d:0d:90:d6:88:32:bb:a1:a8:31:ca:ad:0d:2d:
ed:83:b8:b3:d3:8b:a4:3a:b3:69:b8:29:73:ec:41:76:3e:95:
46:53:ec:f6:55:f1:78:71:a1:60:13:37:e1:a3:23:75:51:04:
ef:d8:45:fc:12:0b:33:16:bc:0c:ca:37:af:d7:6e:16:b6:d5:
1c:eb:32:63:27:c5:52:3e:85:be:3f:54:11:46:97:04:c9:76:
9b:34:b1:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZlRNpSd861cI6JcG8+DBPQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ODczYWZlNjMzMGI3YWU5ZWU1NjJlMGM5ODhlOWZkNWVh
OGY1NjcwHhcNMjUwOTE2MDYyOTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGY2MWM5NmQ5ODljY2M4ZGFkMWRiZDYyYTEzNDQyMjdkYTFlNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0UwCLs9iU8Jp2rn3TrElgsVElfH
Yk/B8/SHi0dlFrNBCCXtA5Fh6x43bLc+9TSilFGQUon2Ys9heNinwT1UHaPf2GhQ
E5HiTU5WY/Qs0gZ9j+1NtVKNi8T2Tepg44uKc0F78YQymeYu4ZxLQc75xRtoVL63
A4wbh/Jao1LeiuxEbwC17fl/eJOSyJPpbqsUQgDSuRzRZTV55CV43DsGwMUntnE3
Y7DjNRsQFB2iHhMo5BUVRyuEPamzUQD9dMqNt1qURcpYKZU0t4nCJF5cw1ZECIVL
4/VP81V3pWxUEv+vIHY6K0VUGjCOzxrZghHU7UcEzbrdrkE2v6Ch6K/2BQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFND2HJbZiczI2tHb1ioTRCJ9oecFMB8GA1UdIwQY
MBaAFCeHOv5jMLeunuVi4MmI6f1eqPVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjRjNl9tTXd0NjZlNVdMZ3lZanBfVjZvOVdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kMzk0MTYtZjQ2YS00ZjgyLWIxZTEt
ZTBkMWY3Y2FjZmYxLzEvMFBZY2x0bUp6TWphMGR2V0toTkVJbjJoNXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kMzk0MTYtZjQ2YS00ZjgyLWIxZTEtZTBkMWY3Y2FjZmYx
LzEvSjRjNl9tTXd0NjZlNVdMZ3lZanBfVjZvOVdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDjQjoMA8E
AgACMAkDBwIqE4zAHwAwDQYJKoZIhvcNAQELBQADggEBAJy2NKJTp7Ya8qjXwc8Y
V80Q9KJNowLlOQb/l3YmUxdAh0XkvmatKWFh8zrpqdvNR917qSH17ggo7MQVgpon
MOHlUS+G6aZsdme0U7E2P7UTIT1a7HTYWcqapjxLQCDwNDsPGpx8BGE64OPnsEO6
aaOIM+ipEDJQ+9sK+SNpiB529aMvHWouuCchHU4iB1+qO+zTxEGBMgcHlChgiils
/k32D+cPu+wtDZDWiDK7oagxyq0NLe2DuLPTi6Q6s2m4KXPsQXY+lUZT7PZV8Xhx
oWATN+GjI3VRBO/YRfwSCzMWvAzKN6/Xbha21RzrMmMnxVI+hb4/VBFGlwTJdps0
sXk=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:08 2025 by rpki-client