Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/4xxMaURQ6IADglTVk2St0bC5k2E.roa
File: 4xxMaURQ6IADglTVk2St0bC5k2E.roa (raw, json)
Hash identifier: Yadjh2IYdz4IzlLeUdcLgBY4JXTOO4MXda5WL/4Uk5U=
Subject key identifier: E3:1C:4C:69:44:50:E8:80:03:82:54:D5:93:64:AD:D1:B0:B9:93:61
Certificate issuer: /CN=05e9f9f78c2cbbc5fa08b9b89f0a11d2b0ba473c
Certificate serial: 01993A0CB7309DE7E8D283BD3F763DBEFC34
Authority key identifier: 05:E9:F9:F7:8C:2C:BB:C5:FA:08:B9:B8:9F:0A:11:D2:B0:BA:47:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben594wsu8X6CLm4nwoR0rC6Rzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/4xxMaURQ6IADglTVk2St0bC5k2E.roa
Signing time: Thu 11 Sep 2025 18:32:15 +0000
ROA not before: Thu 11 Sep 2025 18:32:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15461
IP address blocks: 91.219.220.0/22 maxlen: 22
193.93.12.0/22 maxlen: 22
2001:67c:f84::/48 maxlen: 48
2a0b:afc0::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/Ben594wsu8X6CLm4nwoR0rC6Rzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/Ben594wsu8X6CLm4nwoR0rC6Rzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ben594wsu8X6CLm4nwoR0rC6Rzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3a:0c:b7:30:9d:e7:e8:d2:83:bd:3f:76:3d:be:fc:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9f9f78c2cbbc5fa08b9b89f0a11d2b0ba473c
Validity
Not Before: Sep 11 18:32:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e31c4c694450e880038254d59364add1b0b99361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:55:16:a5:e5:72:c0:99:a0:c0:87:0b:65:b7:
d2:bc:33:d5:11:d7:54:9e:35:90:c8:fe:18:de:a4:
f4:03:02:96:00:e4:f7:1d:3a:90:10:1e:a4:11:39:
36:65:95:16:a5:9c:a0:be:7d:2d:1e:68:70:d6:21:
76:25:c8:ed:42:8d:d3:31:a7:f7:3f:29:30:17:5b:
b5:2d:e5:c2:c5:5d:1b:53:51:bd:50:99:f1:ce:64:
ff:53:21:b1:d8:84:c8:c4:b4:7e:a8:cc:d1:84:09:
87:4e:9d:27:65:55:9a:8b:50:9c:2e:4c:f4:40:fa:
bc:68:b0:70:7d:3b:0f:86:74:f2:b0:85:1f:fe:a7:
82:7d:4b:50:19:e9:0d:a8:b0:e0:67:94:80:39:4b:
3e:9e:56:bd:71:45:8b:bc:ae:f8:2b:d5:d4:44:0e:
b2:63:88:a6:f4:0c:b3:ea:b0:e9:a4:e5:bf:fa:ed:
99:4e:54:e3:68:6a:29:25:86:ca:b6:94:4a:04:51:
5a:08:98:35:6a:4c:2f:51:ba:04:ba:4d:19:5c:b2:
c2:ac:89:ea:01:48:64:49:a4:05:ed:bc:30:48:7c:
4f:92:34:ef:39:0e:ed:b3:09:64:e3:81:63:2f:a3:
e2:b0:6b:a8:36:64:5e:89:33:ed:16:11:48:bd:1a:
ca:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:1C:4C:69:44:50:E8:80:03:82:54:D5:93:64:AD:D1:B0:B9:93:61
X509v3 Authority Key Identifier:
keyid:05:E9:F9:F7:8C:2C:BB:C5:FA:08:B9:B8:9F:0A:11:D2:B0:BA:47:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben594wsu8X6CLm4nwoR0rC6Rzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/4xxMaURQ6IADglTVk2St0bC5k2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/76538c-df5a-4a6a-9b86-a6ab97a0f445/1/Ben594wsu8X6CLm4nwoR0rC6Rzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.220.0/22
193.93.12.0/22
IPv6:
2001:67c:f84::/48
2a0b:afc0::/36
Signature Algorithm: sha256WithRSAEncryption
3b:33:46:f6:7f:df:c7:0b:45:b2:fd:8a:1e:a6:a4:89:db:3b:
6e:1b:9b:76:84:c7:d4:af:a9:46:8d:7f:67:62:6a:7b:30:46:
5c:16:4b:4f:ae:82:58:56:29:24:36:58:ee:ab:0f:7d:82:de:
37:21:1a:7e:dc:3d:b9:45:44:2f:bc:dd:4c:22:9f:5e:40:d7:
20:91:7b:69:8d:45:f4:fb:70:7b:8b:77:09:27:01:20:a0:0f:
5d:94:ba:22:1a:fc:b7:f3:82:74:14:ad:bf:d4:d3:41:4d:8b:
51:25:2d:6f:56:1c:5e:14:24:90:d8:13:7b:62:ea:08:e2:75:
7e:51:e8:82:e7:85:c0:0e:33:3d:9b:fa:13:b3:a3:38:ba:e8:
e3:77:28:b4:20:29:cb:04:8e:7f:0a:00:87:54:89:e0:01:26:
9e:fe:e0:93:a0:ac:14:31:26:60:61:0a:b9:c8:4c:61:67:11:
46:96:f2:ea:c4:34:c1:d3:ae:22:a5:4c:56:a2:a0:77:bd:a0:
0b:34:5e:13:6d:37:68:6b:e7:d7:99:1c:76:13:d7:2a:b6:8a:
b1:59:61:56:b1:26:15:ae:78:06:3c:6e:7b:48:28:28:5d:e7:
a7:c3:e1:95:1d:86:ac:63:50:c3:1b:80:f3:a9:61:1c:f2:66:
8a:cf:f1:08
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZk6DLcwnefo0oO9P3Y9vvw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmOWY3OGMyY2JiYzVmYTA4YjliODlmMGExMWQyYjBi
YTQ3M2MwHhcNMjUwOTExMTgzMjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzFjNGM2OTQ0NTBlODgwMDM4MjU0ZDU5MzY0YWRkMWIwYjk5MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1UWpeVywJmgwIcLZbfSvDPVEddU
njWQyP4Y3qT0AwKWAOT3HTqQEB6kETk2ZZUWpZygvn0tHmhw1iF2JcjtQo3TMaf3
PykwF1u1LeXCxV0bU1G9UJnxzmT/UyGx2ITIxLR+qMzRhAmHTp0nZVWai1CcLkz0
QPq8aLBwfTsPhnTysIUf/qeCfUtQGekNqLDgZ5SAOUs+nla9cUWLvK74K9XURA6y
Y4im9Ayz6rDppOW/+u2ZTlTjaGopJYbKtpRKBFFaCJg1akwvUboEuk0ZXLLCrInq
AUhkSaQF7bwwSHxPkjTvOQ7tswlk44FjL6PisGuoNmReiTPtFhFIvRrK7QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFOMcTGlEUOiAA4JU1ZNkrdGwuZNhMB8GA1UdIwQY
MBaAFAXp+feMLLvF+gi5uJ8KEdKwukc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuNTk0d3N1OFg2Q0xtNG53b1IwckM2Unp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83NjUzOGMtZGY1YS00YTZhLTliODYt
YTZhYjk3YTBmNDQ1LzEvNHh4TWFVUlE2SUFEZ2xUVmsyU3QwYkM1azJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83NjUzOGMtZGY1YS00YTZhLTliODYtYTZhYjk3YTBmNDQ1
LzEvQmVuNTk0d3N1OFg2Q0xtNG53b1IwckM2Unp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQCW9vcAwQC
wV0MMBcEAgACMBEDBwAgAQZ8D4QDBgQqC6/AADANBgkqhkiG9w0BAQsFAAOCAQEA
OzNG9n/fxwtFsv2KHqakids7bhubdoTH1K+pRo1/Z2JqezBGXBZLT66CWFYpJDZY
7qsPfYLeNyEaftw9uUVEL7zdTCKfXkDXIJF7aY1F9Ptwe4t3CScBIKAPXZS6Ihr8
t/OCdBStv9TTQU2LUSUtb1YcXhQkkNgTe2LqCOJ1flHogueFwA4zPZv6E7OjOLro
43cotCApywSOfwoAh1SJ4AEmnv7gk6CsFDEmYGEKuchMYWcRRpby6sQ0wdOuIqVM
VqKgd72gCzReE203aGvn15kcdhPXKraKsVlhVrEmFa54Bjxue0goKF3np8PhlR2G
rGNQwxuA86lhHPJmis/xCA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:24:27 2025 by rpki-client