Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/Qn3X5MY5K3ykqnmnbumI2xxV95w.roa
File: Qn3X5MY5K3ykqnmnbumI2xxV95w.roa (raw, json)
Hash identifier: +yROVQDwj+ut6F9Jj7DUoe7vy2IatzZdxg+R94Am18E=
Subject key identifier: 42:7D:D7:E4:C6:39:2B:7C:A4:AA:79:A7:6E:E9:88:DB:1C:55:F7:9C
Certificate issuer: /CN=27873afe6330b7ae9ee562e0c988e9fd5ea8f567
Certificate serial: 0199513DE77D8352D6BB93A47185EB851340
Authority key identifier: 27:87:3A:FE:63:30:B7:AE:9E:E5:62:E0:C9:88:E9:FD:5E:A8:F5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/Qn3X5MY5K3ykqnmnbumI2xxV95w.roa
Signing time: Tue 16 Sep 2025 06:37:15 +0000
ROA not before: Tue 16 Sep 2025 06:37:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57094
IP address blocks: 141.8.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.mft
rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:51:3d:e7:7d:83:52:d6:bb:93:a4:71:85:eb:85:13:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27873afe6330b7ae9ee562e0c988e9fd5ea8f567
Validity
Not Before: Sep 16 06:37:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=427dd7e4c6392b7ca4aa79a76ee988db1c55f79c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:56:f0:54:17:f5:a1:4e:90:b7:0c:38:99:b2:
a8:8d:f4:6c:5a:c1:f1:f8:35:08:20:de:17:80:3c:
78:f5:fc:c8:7f:62:60:99:49:e4:25:5f:3b:a2:5e:
11:52:ee:a2:5b:b5:5f:fb:ba:23:d0:da:e1:c3:fa:
a2:17:a3:3e:f3:e8:cf:c4:88:3a:aa:9c:af:20:12:
16:ad:7a:d4:7c:46:b2:eb:1e:d2:9c:b6:57:33:2f:
fb:70:17:e7:5b:df:70:5a:80:0a:4a:75:10:0d:66:
23:a2:bd:aa:4a:c6:d6:02:97:51:34:3c:b0:7a:f3:
96:e1:3b:76:22:a6:07:b9:d7:ed:4b:f6:e7:64:d2:
40:89:9e:07:47:b7:50:c7:88:37:29:d1:01:05:7e:
5d:f4:40:42:4c:e8:ed:59:ae:4f:f6:93:fe:db:41:
4a:b7:e7:0c:d3:bd:4d:aa:91:36:a3:76:34:72:e8:
17:81:38:a9:28:51:00:c9:9f:94:b8:0d:ad:17:5b:
ad:55:1d:e6:c5:26:cd:60:ee:ad:2d:2c:45:9d:35:
39:66:c3:91:24:8b:8a:57:d3:b4:60:f4:dc:84:51:
73:fc:38:ca:08:8a:77:1b:f2:46:7a:32:21:7c:3b:
2f:c3:dd:55:07:77:3c:65:a8:bf:d5:95:fb:e5:81:
3f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:7D:D7:E4:C6:39:2B:7C:A4:AA:79:A7:6E:E9:88:DB:1C:55:F7:9C
X509v3 Authority Key Identifier:
keyid:27:87:3A:FE:63:30:B7:AE:9E:E5:62:E0:C9:88:E9:FD:5E:A8:F5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4c6_mMwt66e5WLgyYjp_V6o9Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/Qn3X5MY5K3ykqnmnbumI2xxV95w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d39416-f46a-4f82-b1e1-e0d1f7cacff1/1/J4c6_mMwt66e5WLgyYjp_V6o9Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.8.232.0/21
Signature Algorithm: sha256WithRSAEncryption
20:d5:d4:1f:d1:2f:a6:f1:86:5a:bb:43:37:4f:54:28:1b:c8:
ab:b8:f0:67:82:5a:7d:d0:ea:bf:4a:86:0f:16:57:85:ec:09:
7a:c3:95:63:a0:c1:70:40:b8:65:44:17:3b:1a:55:0d:d8:a4:
04:14:df:ad:b5:f6:ec:03:9e:bf:9a:b8:b6:38:2e:9a:bd:58:
29:74:44:e7:52:03:01:97:00:af:52:d2:09:cd:b7:21:8b:e8:
c3:58:84:5b:c0:97:d9:93:f4:77:86:4d:75:94:32:4b:19:01:
6b:88:3b:a7:3b:49:8e:07:61:f3:8b:3a:a0:3c:83:35:63:11:
9c:b9:4a:5b:94:d2:2e:4c:91:e6:c3:6b:e2:82:ec:62:74:c7:
9c:a4:22:f0:7e:22:bc:fc:b6:15:39:6b:de:e7:88:bf:30:71:
1f:75:1e:73:66:42:38:4d:78:3d:d3:03:75:1d:9c:2f:41:66:
ed:bd:72:cc:18:ce:d2:ff:e3:cd:34:f4:5e:d9:c7:3d:18:67:
cb:86:f1:13:00:9f:95:b7:01:de:2f:ad:5e:a1:31:14:13:7f:
0e:fb:36:0f:7c:82:83:b7:1d:c4:1a:ff:e8:91:8a:1e:d2:40:
96:ed:72:f5:d0:12:73:9f:06:eb:ae:67:b9:ea:a6:ae:f9:6b:
66:5b:b0:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlRPed9g1LWu5OkcYXrhRNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ODczYWZlNjMzMGI3YWU5ZWU1NjJlMGM5ODhlOWZkNWVh
OGY1NjcwHhcNMjUwOTE2MDYzNzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjdkZDdlNGM2MzkyYjdjYTRhYTc5YTc2ZWU5ODhkYjFjNTVmNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1bwVBf1oU6Qtww4mbKojfRsWsHx
+DUIIN4XgDx49fzIf2JgmUnkJV87ol4RUu6iW7Vf+7oj0Nrhw/qiF6M+8+jPxIg6
qpyvIBIWrXrUfEay6x7SnLZXMy/7cBfnW99wWoAKSnUQDWYjor2qSsbWApdRNDyw
evOW4Tt2IqYHudftS/bnZNJAiZ4HR7dQx4g3KdEBBX5d9EBCTOjtWa5P9pP+20FK
t+cM071NqpE2o3Y0cugXgTipKFEAyZ+UuA2tF1utVR3mxSbNYO6tLSxFnTU5ZsOR
JIuKV9O0YPTchFFz/DjKCIp3G/JGejIhfDsvw91VB3c8Zai/1ZX75YE/TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJ91+TGOSt8pKp5p27piNscVfecMB8GA1UdIwQY
MBaAFCeHOv5jMLeunuVi4MmI6f1eqPVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjRjNl9tTXd0NjZlNVdMZ3lZanBfVjZvOVdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kMzk0MTYtZjQ2YS00ZjgyLWIxZTEt
ZTBkMWY3Y2FjZmYxLzEvUW4zWDVNWTVLM3lrcW5tbmJ1bUkyeHhWOTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kMzk0MTYtZjQ2YS00ZjgyLWIxZTEtZTBkMWY3Y2FjZmYx
LzEvSjRjNl9tTXd0NjZlNVdMZ3lZanBfVjZvOVdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDjQjoMA0G
CSqGSIb3DQEBCwUAA4IBAQAg1dQf0S+m8YZau0M3T1QoG8iruPBnglp90Oq/SoYP
FleF7Al6w5VjoMFwQLhlRBc7GlUN2KQEFN+ttfbsA56/mri2OC6avVgpdETnUgMB
lwCvUtIJzbchi+jDWIRbwJfZk/R3hk11lDJLGQFriDunO0mOB2HzizqgPIM1YxGc
uUpblNIuTJHmw2viguxidMecpCLwfiK8/LYVOWve54i/MHEfdR5zZkI4TXg90wN1
HZwvQWbtvXLMGM7S/+PNNPRe2cc9GGfLhvETAJ+VtwHeL61eoTEUE38O+zYPfIKD
tx3EGv/okYoe0kCW7XL10BJznwbrrme56qau+WtmW7BP
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:21 2025 by rpki-client