Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/1-5GxKRvo6BkB8tOCC2qIupzK7io.roa
File: 1-5GxKRvo6BkB8tOCC2qIupzK7io.roa (raw, json)
Hash identifier: 2II6H121oOCvXH+WhyfO5QhchJoUvGMO9QzyXZfIQPo=
Subject key identifier: FB:91:B1:29:1B:E8:E8:19:01:F2:D3:82:0B:6A:88:BA:9C:CA:EE:2A
Certificate issuer: /CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Certificate serial: 0199C3CD57496698E43FBB3C850AF8792DD5
Authority key identifier: 92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/1-5GxKRvo6BkB8tOCC2qIupzK7io.roa
Signing time: Wed 08 Oct 2025 12:30:38 +0000
ROA not before: Wed 08 Oct 2025 12:30:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211331
IP address blocks: 185.119.10.0/24 maxlen: 24
185.119.11.0/24 maxlen: 24
2a10:80c0::/48 maxlen: 48
2a10:80c0:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c3:cd:57:49:66:98:e4:3f:bb:3c:85:0a:f8:79:2d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Validity
Not Before: Oct 8 12:30:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb91b1291be8e81901f2d3820b6a88ba9ccaee2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9b:b0:17:70:9f:42:f4:8a:eb:d1:46:6f:2e:
5c:5e:db:23:41:44:bd:fb:c9:86:69:ea:34:56:cf:
02:fe:8d:23:41:e7:4b:bf:cf:70:cc:14:4c:30:e8:
5c:c6:65:f1:b2:5f:b2:cd:00:52:68:c5:ff:1c:85:
fe:28:ad:dd:1e:5b:8a:2a:3e:30:22:7c:94:9c:ab:
ce:3e:63:cc:5e:ea:93:e3:50:79:3a:37:7d:06:78:
d5:05:ca:91:a8:75:9f:29:1c:47:10:cc:4f:0e:7d:
41:0c:06:dc:40:24:6d:34:6d:e8:88:a4:ca:f5:26:
3e:3d:ab:ce:27:0e:11:0e:17:3f:80:06:5f:22:40:
35:51:9d:b4:45:5b:d8:7d:47:04:0c:d2:0c:d7:d7:
54:e5:63:7e:1d:85:c1:07:b6:be:35:3b:24:be:cb:
c8:4c:48:cf:05:f0:e4:12:89:b3:07:c9:ef:db:e4:
d6:57:ec:c8:8e:0e:c0:02:50:0f:7a:d1:ac:65:20:
1f:ff:5d:fa:64:23:54:c7:6c:4a:5e:f1:ba:db:7b:
a2:bc:3b:ca:1c:7a:63:da:4b:eb:26:f6:69:c6:c0:
da:c2:8f:07:45:ff:f2:86:04:f2:a2:fb:c7:ba:ca:
09:12:a8:11:46:aa:d1:bb:3e:0b:b9:37:ec:6c:de:
dd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:91:B1:29:1B:E8:E8:19:01:F2:D3:82:0B:6A:88:BA:9C:CA:EE:2A
X509v3 Authority Key Identifier:
keyid:92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/1-5GxKRvo6BkB8tOCC2qIupzK7io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.10.0/23
IPv6:
2a10:80c0::/48
2a10:80c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
7e:8e:46:fa:86:44:ac:52:73:b2:5e:11:49:6e:da:6d:f5:7d:
47:ce:be:8f:25:ce:ee:b9:df:70:81:6e:64:29:7f:31:d3:ee:
5e:dd:dc:ec:71:da:84:c9:fc:95:20:29:88:26:fa:47:b2:37:
25:29:a4:2f:b4:cf:1e:36:15:83:80:28:d6:9b:ea:9f:c5:b8:
8f:7a:4d:52:df:a4:c3:a3:a0:d5:6c:f9:60:78:1c:ae:b3:3c:
9a:af:87:d2:5b:2e:36:67:18:ef:70:7f:df:4e:92:6f:04:6e:
d4:53:40:27:f5:14:88:18:5c:c1:45:2a:47:d2:62:db:52:aa:
08:8a:e4:b2:67:f7:e5:96:0d:a8:53:5e:fa:5c:c3:61:ca:59:
6f:53:92:ec:04:69:74:f4:01:d0:be:0f:14:f7:4f:bb:00:bc:
c1:7b:0b:33:63:8d:73:ff:17:df:ea:ea:dd:af:d4:c0:c8:64:
76:30:2b:27:a5:ca:8e:5e:52:26:0a:f0:a5:63:97:42:54:a3:
4c:d2:07:e4:70:94:41:85:32:e7:b1:72:4b:77:74:21:b8:a1:
e1:4b:81:2a:d7:bc:75:50:71:ec:f9:7c:d3:08:bf:29:8e:f9:
2e:7a:c0:4e:c7:f1:05:0b:4a:9c:ab:f6:18:1b:e0:53:2d:d0:
d7:4f:c6:16
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZnDzVdJZpjkP7s8hQr4eS3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZmI4ZmExMGRmZjM0NzNlNjUzZGJmNjFjOWE4NjQzMjE4
MGE1YzcwHhcNMjUxMDA4MTIzMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjkxYjEyOTFiZThlODE5MDFmMmQzODIwYjZhODhiYTljY2FlZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZuwF3CfQvSK69FGby5cXtsjQUS9
+8mGaeo0Vs8C/o0jQedLv89wzBRMMOhcxmXxsl+yzQBSaMX/HIX+KK3dHluKKj4w
InyUnKvOPmPMXuqT41B5Ojd9BnjVBcqRqHWfKRxHEMxPDn1BDAbcQCRtNG3oiKTK
9SY+PavOJw4RDhc/gAZfIkA1UZ20RVvYfUcEDNIM19dU5WN+HYXBB7a+NTskvsvI
TEjPBfDkEomzB8nv2+TWV+zIjg7AAlAPetGsZSAf/136ZCNUx2xKXvG623uivDvK
HHpj2kvrJvZpxsDawo8HRf/yhgTyovvHusoJEqgRRqrRuz4LuTfsbN7ddwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPuRsSkb6OgZAfLTggtqiLqcyu4qMB8GA1UdIwQY
MBaAFJL7j6EN/zRz5lPb9hyahkMhgKXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDct
MjkzZjYxMjJhMTlkLzEvMS01R3hLUnZvNkJrQjh0T0NDMnFJdXB6Szdpby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDMvYzY0ZDUwLWZjZGQtNGE5Zi05MDQ3LTI5M2Y2MTIyYTE5
ZC8xL2t2dVBvUTNfTkhQbVU5djJISnFHUXlHQXBjYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAbl3CjAY
BAIAAjASAwcAKhCAwAAAAwcAKhCAwBAAMA0GCSqGSIb3DQEBCwUAA4IBAQB+jkb6
hkSsUnOyXhFJbtpt9X1Hzr6PJc7uud9wgW5kKX8x0+5e3dzscdqEyfyVICmIJvpH
sjclKaQvtM8eNhWDgCjWm+qfxbiPek1S36TDo6DVbPlgeByuszyar4fSWy42Zxjv
cH/fTpJvBG7UU0An9RSIGFzBRSpH0mLbUqoIiuSyZ/fllg2oU176XMNhyllvU5Ls
BGl09AHQvg8U90+7ALzBewszY41z/xff6urdr9TAyGR2MCsnpcqOXlImCvClY5dC
VKNM0gfkcJRBhTLnsXJLd3QhuKHhS4Eq17x1UHHs+XzTCL8pjvkuesBOx/EFC0qc
q/YYG+BTLdDXT8YW
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:03 2025 by rpki-client