Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/EnUCXK5toVH53tlZOLLeV6oPWBg.roa
File: EnUCXK5toVH53tlZOLLeV6oPWBg.roa (raw, json)
Hash identifier: 5dFEexl7EsTZCh+F8XMO8WuHOD0gqtHWJ30CQfuEpV4=
Subject key identifier: 12:75:02:5C:AE:6D:A1:51:F9:DE:D9:59:38:B2:DE:57:AA:0F:58:18
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 01994DB55D25A2812E15223400794849D061
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/EnUCXK5toVH53tlZOLLeV6oPWBg.roa
Signing time: Mon 15 Sep 2025 14:09:15 +0000
ROA not before: Mon 15 Sep 2025 14:09:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 91.109.43.0/24 maxlen: 24
91.109.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4d:b5:5d:25:a2:81:2e:15:22:34:00:79:48:49:d0:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Sep 15 14:09:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1275025cae6da151f9ded95938b2de57aa0f5818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:73:ea:69:c7:0a:e6:e3:6a:ca:4a:6d:2f:d4:
98:60:57:29:2a:7e:f0:db:b1:d5:73:47:0d:8b:da:
39:24:d4:18:ff:a4:dd:41:f0:fe:8c:aa:78:b0:ae:
fb:b0:31:68:cd:e4:2b:8b:8c:ca:7b:a7:a5:45:ff:
54:3e:3c:68:3e:fd:a3:39:09:f6:4e:5f:46:d2:a5:
82:0a:1f:93:b4:1d:83:74:31:6a:cb:ef:18:e0:01:
0c:0d:17:d1:c3:b4:d3:5f:11:d7:1d:f4:83:30:ba:
13:6e:1d:1e:36:17:97:16:6e:9c:67:6b:59:de:a2:
34:91:ed:0b:c6:e8:90:ae:d5:d3:cb:2f:5b:3c:b5:
85:44:14:2f:ff:ab:be:27:75:41:85:be:04:da:31:
bf:2d:9f:c2:e6:27:a2:0f:72:55:49:09:4c:83:89:
f3:6e:f3:97:c2:19:34:6c:6a:97:6d:0a:0b:7c:c2:
52:c4:99:61:ee:34:37:1e:5e:3f:3b:a7:44:23:99:
e7:9d:5c:0a:df:1c:04:4c:fe:30:c8:1c:04:c1:18:
b3:e0:5c:25:eb:b2:74:50:b1:e9:8f:a7:ab:a6:95:
1f:3f:ec:e9:4b:1f:2e:48:60:87:43:f7:f5:e4:de:
a1:92:42:fb:a4:a1:8b:64:00:04:a2:81:31:49:c1:
7c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:75:02:5C:AE:6D:A1:51:F9:DE:D9:59:38:B2:DE:57:AA:0F:58:18
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/EnUCXK5toVH53tlZOLLeV6oPWBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.43.0/24
91.109.47.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:25:ec:a0:b0:5d:75:fd:d7:55:eb:f8:4d:77:29:d6:0d:62:
42:ad:62:5a:33:69:ab:61:80:56:fa:5f:49:40:f9:ea:fb:a2:
95:69:23:8f:ee:54:9e:fb:c9:fe:e0:55:23:2b:84:9e:87:ff:
eb:e3:7e:e0:fd:76:34:1f:7e:41:89:c6:e3:c2:a5:82:22:24:
cc:ea:bc:75:00:7b:16:90:26:aa:c7:6c:47:f2:6c:50:a6:46:
78:38:60:6f:34:25:29:71:41:45:12:44:01:7a:64:4e:50:55:
a1:0a:24:f7:e3:39:e7:28:ad:88:51:4d:c6:95:af:ee:b9:ed:
02:68:69:27:c5:4f:cb:19:ae:24:17:a9:ba:cf:8b:9e:1d:7b:
d7:a4:ad:7d:0f:04:11:50:6d:41:81:bb:03:ea:d6:7a:92:77:
3d:01:8f:6f:79:f4:f3:92:2d:49:3d:85:17:e4:3f:e8:d1:08:
58:cd:94:6c:65:f0:84:f3:af:97:0a:a2:e7:52:b4:34:0d:73:
e4:a1:72:db:16:60:59:8f:20:c7:6d:b7:32:a1:a2:cb:1c:76:
2f:50:d1:36:49:06:9c:05:d9:84:9f:71:cf:2d:5a:9c:5b:86:
4b:81:8f:a5:b9:3e:00:7c:e7:3e:56:18:49:03:e6:eb:70:a6:
8e:1a:e4:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlNtV0looEuFSI0AHlISdBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwOTE1MTQwOTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjc1MDI1Y2FlNmRhMTUxZjlkZWQ5NTkzOGIyZGU1N2FhMGY1ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nPqaccK5uNqykptL9SYYFcpKn7w
27HVc0cNi9o5JNQY/6TdQfD+jKp4sK77sDFozeQri4zKe6elRf9UPjxoPv2jOQn2
Tl9G0qWCCh+TtB2DdDFqy+8Y4AEMDRfRw7TTXxHXHfSDMLoTbh0eNheXFm6cZ2tZ
3qI0ke0LxuiQrtXTyy9bPLWFRBQv/6u+J3VBhb4E2jG/LZ/C5ieiD3JVSQlMg4nz
bvOXwhk0bGqXbQoLfMJSxJlh7jQ3Hl4/O6dEI5nnnVwK3xwETP4wyBwEwRiz4Fwl
67J0ULHpj6erppUfP+zpSx8uSGCHQ/f15N6hkkL7pKGLZAAEooExScF8vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBJ1AlyubaFR+d7ZWTiy3leqD1gYMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvRW5VQ1hLNXRvVkg1M3RsWk9MTGVWNm9QV0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW20rAwQA
W20vMA0GCSqGSIb3DQEBCwUAA4IBAQA7JeygsF11/ddV6/hNdynWDWJCrWJaM2mr
YYBW+l9JQPnq+6KVaSOP7lSe+8n+4FUjK4Seh//r437g/XY0H35BicbjwqWCIiTM
6rx1AHsWkCaqx2xH8mxQpkZ4OGBvNCUpcUFFEkQBemROUFWhCiT34znnKK2IUU3G
la/uue0CaGknxU/LGa4kF6m6z4ueHXvXpK19DwQRUG1BgbsD6tZ6knc9AY9vefTz
ki1JPYUX5D/o0QhYzZRsZfCE86+XCqLnUrQ0DXPkoXLbFmBZjyDHbbcyoaLLHHYv
UNE2SQacBdmEn3HPLVqcW4ZLgY+luT4AfOc+VhhJA+brcKaOGuT/
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:33 2025 by rpki-client