Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/urBSbMAYWiUVjS4RHFmzGqwvjpw.roa
File: urBSbMAYWiUVjS4RHFmzGqwvjpw.roa (raw, json)
Hash identifier: rG62D9ZHzopifBP96CZirceLJDCthMyab0aYX69q+Bo=
Subject key identifier: BA:B0:52:6C:C0:18:5A:25:15:8D:2E:11:1C:59:B3:1A:AC:2F:8E:9C
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 0199757EBB49BBB6D31CA58965CC4D7D732F
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/urBSbMAYWiUVjS4RHFmzGqwvjpw.roa
Signing time: Tue 23 Sep 2025 07:34:23 +0000
ROA not before: Tue 23 Sep 2025 07:34:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213423
IP address blocks: 2a04:5b81:2060::/44 maxlen: 48
2a04:5b81:21d0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:75:7e:bb:49:bb:b6:d3:1c:a5:89:65:cc:4d:7d:73:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Sep 23 07:34:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bab0526cc0185a25158d2e111c59b31aac2f8e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cf:19:9e:9d:2a:7d:bd:18:19:46:48:85:6a:
3a:20:e8:3c:8c:cf:18:89:5b:b7:a6:0b:9e:a5:05:
a5:fd:6a:d4:66:65:a2:a4:cb:19:2a:43:f2:f9:65:
d1:0c:04:96:3a:1d:0a:22:99:e5:dd:70:b5:5e:eb:
72:79:a7:70:6c:27:a9:4b:e7:60:07:1b:97:b4:6e:
7b:da:60:f5:f4:42:3f:53:ec:03:ae:e6:4c:c7:fc:
80:4c:05:cc:3b:9b:27:f5:b6:fc:da:26:a3:36:b4:
45:a1:9c:f1:85:f4:50:d5:e8:d0:8a:63:eb:df:84:
f7:84:fe:3a:70:d9:36:c4:6a:7f:be:c7:a3:a7:db:
fb:db:ca:e3:93:d9:e2:1f:48:64:e9:94:e3:40:58:
30:29:b6:c1:88:c2:07:50:7c:a9:99:4c:8b:1d:29:
e0:3c:8b:a8:79:c7:fd:20:37:2f:52:df:b7:4c:a6:
49:7c:1a:50:4b:75:ad:73:17:5a:f4:0f:58:0a:aa:
83:09:dd:72:6e:c1:c1:ef:ba:50:45:84:32:54:6b:
3a:ff:04:12:fc:c9:7c:9a:3f:78:ed:f8:f3:2d:be:
bb:68:ac:34:dc:f3:dd:d9:a1:cc:1f:c5:cd:8d:b9:
f3:bd:6f:13:29:cd:ef:fb:0c:b0:5f:d2:fa:d2:76:
b3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B0:52:6C:C0:18:5A:25:15:8D:2E:11:1C:59:B3:1A:AC:2F:8E:9C
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/urBSbMAYWiUVjS4RHFmzGqwvjpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5b81:2060::/44
2a04:5b81:21d0::/44
Signature Algorithm: sha256WithRSAEncryption
1e:32:fe:e4:14:76:36:12:a1:47:8b:2b:a8:0a:7e:87:7f:8b:
b6:fa:8b:13:83:e4:a7:42:c7:80:05:c7:bf:b1:56:22:81:83:
3a:a3:86:7e:c3:9f:22:77:3e:39:77:b6:e5:81:cf:93:c4:87:
2e:3a:b9:c3:a9:dd:60:2d:69:db:d9:62:3d:f6:64:e3:0c:08:
13:aa:ad:f6:1a:1b:5a:33:04:da:91:49:16:21:25:09:c6:8b:
07:76:5b:7b:cc:49:f4:25:a1:ac:d4:95:0d:48:f6:37:2c:c0:
77:26:d4:0e:91:81:93:5e:80:27:80:e5:66:88:35:a5:18:d7:
c2:2b:7f:c1:a6:41:67:8a:a3:6e:5f:44:b6:03:47:51:33:c3:
f0:ee:c5:16:89:77:78:af:8f:23:cf:9a:58:ec:52:07:e3:98:
ef:15:5b:64:b5:f1:7b:0d:2f:37:b4:af:d7:14:2a:26:2a:16:
91:18:6a:12:97:52:aa:fd:a7:00:48:52:34:65:62:c1:c7:c9:
f4:ea:25:d7:cf:03:c7:de:d2:60:ee:6d:bb:61:0a:22:b4:40:
0f:85:c9:aa:d8:03:23:e8:3a:6e:9f:e5:83:f6:58:96:cc:0d:
e4:20:0f:db:94:73:53:14:e3:c5:a3:b8:3a:db:75:70:c1:5d:
1e:a8:d9:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZl1frtJu7bTHKWJZcxNfXMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjUwOTIzMDczNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWIwNTI2Y2MwMTg1YTI1MTU4ZDJlMTExYzU5YjMxYWFjMmY4ZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus8Znp0qfb0YGUZIhWo6IOg8jM8Y
iVu3pguepQWl/WrUZmWipMsZKkPy+WXRDASWOh0KIpnl3XC1XutyeadwbCepS+dg
BxuXtG572mD19EI/U+wDruZMx/yATAXMO5sn9bb82iajNrRFoZzxhfRQ1ejQimPr
34T3hP46cNk2xGp/vsejp9v728rjk9niH0hk6ZTjQFgwKbbBiMIHUHypmUyLHSng
PIuoecf9IDcvUt+3TKZJfBpQS3Wtcxda9A9YCqqDCd1ybsHB77pQRYQyVGs6/wQS
/Ml8mj947fjzLb67aKw03PPd2aHMH8XNjbnzvW8TKc3v+wywX9L60nazBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLqwUmzAGFolFY0uERxZsxqsL46cMB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEvdXJCU2JNQVlXaVVWalM0UkhGbXpHcXd2anB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgRbgSBg
AwcEKgRbgSHQMA0GCSqGSIb3DQEBCwUAA4IBAQAeMv7kFHY2EqFHiyuoCn6Hf4u2
+osTg+SnQseABce/sVYigYM6o4Z+w58idz45d7blgc+TxIcuOrnDqd1gLWnb2WI9
9mTjDAgTqq32GhtaMwTakUkWISUJxosHdlt7zEn0JaGs1JUNSPY3LMB3JtQOkYGT
XoAngOVmiDWlGNfCK3/BpkFniqNuX0S2A0dRM8Pw7sUWiXd4r48jz5pY7FIH45jv
FVtktfF7DS83tK/XFComKhaRGGoSl1Kq/acASFI0ZWLBx8n06iXXzwPH3tJg7m27
YQoitEAPhcmq2AMj6Dpun+WD9liWzA3kIA/blHNTFOPFo7g623VwwV0eqNm4
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:23:05 2025 by rpki-client