Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DaFfbyszroCEsmzeA1DHmg6Wadg.roa
File: DaFfbyszroCEsmzeA1DHmg6Wadg.roa (raw, json)
Hash identifier: 5tbzyCWRPYTYmyACGD7XmUVnc7qAdgDm1aYrk2UYgTc=
Subject key identifier: 0D:A1:5F:6F:2B:33:AE:80:84:B2:6C:DE:03:50:C7:9A:0E:96:69:D8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0199A916BAFB74991C91581E5B444F79C5D1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DaFfbyszroCEsmzeA1DHmg6Wadg.roa
Signing time: Fri 03 Oct 2025 08:01:03 +0000
ROA not before: Fri 03 Oct 2025 08:01:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56755
IP address blocks: 45.148.118.0/23 maxlen: 24
45.148.118.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
139.28.99.0/24 maxlen: 24
193.58.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a9:16:ba:fb:74:99:1c:91:58:1e:5b:44:4f:79:c5:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 3 08:01:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0da15f6f2b33ae8084b26cde0350c79a0e9669d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:67:f7:7e:74:45:67:49:75:71:e4:8a:6c:91:
e5:c2:06:1a:97:41:3f:55:d0:27:33:fe:00:da:fe:
09:16:16:3d:bd:fc:32:3c:40:8e:31:64:ea:81:ce:
4b:09:e4:03:84:71:fe:42:d1:be:20:e7:9f:4d:b7:
51:00:af:ef:d3:0e:d8:24:a9:a6:fd:72:04:43:f2:
57:7f:c5:69:4b:58:da:5a:e7:16:ba:19:2f:d8:ce:
13:e4:4f:b9:1b:d4:e0:8b:49:86:c5:bb:e2:01:9c:
6c:9d:ab:09:d5:13:0f:76:5e:b4:92:ef:8c:4f:af:
fb:f1:64:f5:88:80:d3:84:d9:92:4c:63:3f:64:d3:
5e:8d:45:b2:2d:72:74:da:16:2a:1c:6d:c4:20:36:
98:f2:28:d5:0e:c9:96:5b:ed:5c:cf:1a:23:45:8a:
05:f7:43:9a:dc:e0:a9:74:e1:b9:37:b1:60:07:cd:
ff:9f:13:db:db:98:d0:96:74:8b:9a:b7:75:05:d4:
2d:75:5b:cf:59:f2:f8:50:e8:7c:62:7a:67:45:f5:
66:15:7d:b6:5a:73:ed:40:37:cf:00:78:15:d5:6b:
e7:0d:56:d8:1b:64:36:c3:f9:4b:e7:6f:ff:fa:d1:
fc:fa:98:48:22:4a:20:4c:c8:f5:ad:9e:a3:dd:6c:
89:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A1:5F:6F:2B:33:AE:80:84:B2:6C:DE:03:50:C7:9A:0E:96:69:D8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DaFfbyszroCEsmzeA1DHmg6Wadg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.118.0/23
139.28.99.0/24
193.58.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:9e:18:d3:83:5c:97:7f:d3:db:06:c0:aa:8a:21:d7:83:48:
a6:7c:a8:e4:84:b1:7d:ae:23:f9:87:2b:d9:5e:2e:d6:8c:5d:
71:54:78:97:5c:75:66:c7:1d:5a:51:ad:cd:3e:41:fb:1f:f3:
a7:6f:3f:74:81:0b:9a:67:10:c7:69:55:2e:82:b4:5e:9a:0f:
b6:21:ae:38:6a:44:e8:82:20:10:bf:13:dc:49:13:0c:d1:97:
9d:ec:3e:d0:5e:4b:0a:ad:2a:3e:9a:06:10:c4:7b:78:e9:aa:
e4:84:02:58:70:b4:f2:62:48:54:f8:42:92:34:e9:d0:71:12:
c9:32:7e:e5:74:98:95:d3:dc:e3:ef:4f:8f:c0:b4:05:58:1d:
4c:4c:c7:08:e5:b0:52:90:6b:f1:0b:cc:aa:e1:8d:bf:79:68:
34:a0:45:ba:43:14:9a:56:0b:b0:2a:fb:fa:51:e2:2c:e8:3a:
a7:30:79:aa:47:a4:cf:4a:fe:20:d6:dc:45:a1:99:56:f3:c5:
54:38:9f:dc:7b:cf:ed:31:09:68:db:84:93:2f:f6:94:21:98:
bb:2a:dc:9c:d7:a2:ea:49:c9:46:94:57:41:53:99:62:ea:35:
e1:30:f0:8d:81:11:ac:9d:4d:78:47:39:5d:c9:0d:c8:fb:25:
7b:0d:db:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmpFrr7dJkckVgeW0RPecXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUxMDAzMDgwMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGExNWY2ZjJiMzNhZTgwODRiMjZjZGUwMzUwYzc5YTBlOTY2OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmf3fnRFZ0l1ceSKbJHlwgYal0E/
VdAnM/4A2v4JFhY9vfwyPECOMWTqgc5LCeQDhHH+QtG+IOefTbdRAK/v0w7YJKmm
/XIEQ/JXf8VpS1jaWucWuhkv2M4T5E+5G9Tgi0mGxbviAZxsnasJ1RMPdl60ku+M
T6/78WT1iIDThNmSTGM/ZNNejUWyLXJ02hYqHG3EIDaY8ijVDsmWW+1czxojRYoF
90Oa3OCpdOG5N7FgB83/nxPb25jQlnSLmrd1BdQtdVvPWfL4UOh8YnpnRfVmFX22
WnPtQDfPAHgV1WvnDVbYG2Q2w/lL52//+tH8+phIIkogTMj1rZ6j3WyJ2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA2hX28rM66AhLJs3gNQx5oOlmnYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRGFGZmJ5c3pyb0NFc216ZUExREhtZzZXYWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLZR2AwQA
ixxjAwQAwTrvMA0GCSqGSIb3DQEBCwUAA4IBAQAvnhjTg1yXf9PbBsCqiiHXg0im
fKjkhLF9riP5hyvZXi7WjF1xVHiXXHVmxx1aUa3NPkH7H/Onbz90gQuaZxDHaVUu
grRemg+2Ia44akTogiAQvxPcSRMM0Zed7D7QXksKrSo+mgYQxHt46arkhAJYcLTy
YkhU+EKSNOnQcRLJMn7ldJiV09zj70+PwLQFWB1MTMcI5bBSkGvxC8yq4Y2/eWg0
oEW6QxSaVguwKvv6UeIs6DqnMHmqR6TPSv4g1txFoZlW88VUOJ/ce8/tMQlo24ST
L/aUIZi7Ktyc16LqSclGlFdBU5li6jXhMPCNgRGsnU14RzldyQ3I+yV7DdsX
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:12 2025 by rpki-client