Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/alAqnpdWmlZswzu0_tz6FMnDdhY.roa
File: alAqnpdWmlZswzu0_tz6FMnDdhY.roa (raw, json)
Hash identifier: M7Rrc8n9kYkHNkPjYV4H2sgmRO3YC2Zds6sffNzRLow=
Subject key identifier: 6A:50:2A:9E:97:56:9A:56:6C:C3:3B:B4:FE:DC:FA:14:C9:C3:76:16
Certificate issuer: /CN=a4f6d657c0fa21828d313507354dec1481580ed6
Certificate serial: 019934419015189C17CB2E2B2A1C51583A7E
Authority key identifier: A4:F6:D6:57:C0:FA:21:82:8D:31:35:07:35:4D:EC:14:81:58:0E:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPbWV8D6IYKNMTUHNU3sFIFYDtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/alAqnpdWmlZswzu0_tz6FMnDdhY.roa
Signing time: Wed 10 Sep 2025 15:32:15 +0000
ROA not before: Wed 10 Sep 2025 15:32:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1267
IP address blocks: 62.98.0.0/16 maxlen: 16
81.81.0.0/16 maxlen: 16
151.3.0.0/16 maxlen: 16
151.4.0.0/16 maxlen: 16
151.5.0.0/16 maxlen: 16
151.6.0.0/16 maxlen: 16
151.7.0.0/16 maxlen: 16
151.8.0.0/16 maxlen: 16
151.9.0.0/16 maxlen: 16
151.10.0.0/16 maxlen: 16
151.12.0.0/16 maxlen: 16
151.13.0.0/16 maxlen: 16
151.14.0.0/16 maxlen: 16
151.15.0.0/16 maxlen: 16
151.16.0.0/16 maxlen: 16
151.17.0.0/16 maxlen: 16
151.18.0.0/16 maxlen: 16
151.19.0.0/16 maxlen: 16
151.20.0.0/16 maxlen: 16
151.21.0.0/16 maxlen: 16
151.22.0.0/16 maxlen: 16
151.23.0.0/16 maxlen: 16
151.24.0.0/16 maxlen: 16
151.25.0.0/16 maxlen: 16
151.26.0.0/16 maxlen: 16
151.27.0.0/16 maxlen: 16
151.28.0.0/16 maxlen: 16
151.29.0.0/16 maxlen: 16
151.30.0.0/16 maxlen: 16
151.31.0.0/16 maxlen: 16
151.32.0.0/16 maxlen: 16
151.33.0.0/16 maxlen: 16
151.34.0.0/16 maxlen: 16
151.35.0.0/16 maxlen: 16
151.36.0.0/16 maxlen: 16
151.37.0.0/16 maxlen: 16
151.38.0.0/16 maxlen: 16
151.39.0.0/16 maxlen: 16
151.40.0.0/16 maxlen: 16
151.41.0.0/16 maxlen: 16
151.42.0.0/16 maxlen: 16
151.43.0.0/16 maxlen: 16
151.44.0.0/16 maxlen: 16
151.45.0.0/16 maxlen: 16
151.46.0.0/16 maxlen: 16
151.47.0.0/16 maxlen: 16
151.48.0.0/16 maxlen: 16
151.49.0.0/16 maxlen: 16
151.50.0.0/16 maxlen: 16
151.51.0.0/16 maxlen: 16
151.52.0.0/16 maxlen: 16
151.53.0.0/16 maxlen: 16
151.54.0.0/16 maxlen: 16
151.55.0.0/16 maxlen: 16
151.56.0.0/16 maxlen: 16
151.57.0.0/16 maxlen: 16
151.58.0.0/16 maxlen: 16
151.60.0.0/16 maxlen: 16
151.61.0.0/16 maxlen: 16
151.62.0.0/16 maxlen: 16
151.63.0.0/16 maxlen: 16
151.64.0.0/16 maxlen: 16
151.65.0.0/16 maxlen: 16
151.66.0.0/16 maxlen: 16
151.67.0.0/16 maxlen: 16
151.68.0.0/16 maxlen: 16
151.69.0.0/16 maxlen: 16
151.70.0.0/16 maxlen: 16
151.71.0.0/16 maxlen: 16
151.72.0.0/16 maxlen: 16
151.73.0.0/16 maxlen: 16
151.74.0.0/16 maxlen: 16
151.75.0.0/16 maxlen: 16
151.76.0.0/16 maxlen: 16
151.77.0.0/16 maxlen: 16
151.78.0.0/16 maxlen: 16
151.79.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/pPbWV8D6IYKNMTUHNU3sFIFYDtY.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/pPbWV8D6IYKNMTUHNU3sFIFYDtY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPbWV8D6IYKNMTUHNU3sFIFYDtY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:41:90:15:18:9c:17:cb:2e:2b:2a:1c:51:58:3a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f6d657c0fa21828d313507354dec1481580ed6
Validity
Not Before: Sep 10 15:32:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a502a9e97569a566cc33bb4fedcfa14c9c37616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:30:08:9f:e6:19:8b:6d:0f:8d:b1:b8:44:
61:bd:b6:f5:78:91:8a:08:c8:2f:a5:1d:9d:90:d2:
bc:6d:b4:0b:31:eb:34:0d:91:5f:5a:6b:bf:d6:a0:
d9:11:97:2c:d8:67:f1:9a:9b:25:79:af:f7:2e:07:
17:db:9c:95:dd:72:93:94:67:29:4b:68:6b:70:dd:
2c:7b:81:f6:18:6c:70:df:1d:5c:78:c6:9d:85:19:
aa:9f:e5:de:dc:c1:a9:49:5f:ed:75:ae:75:3d:fc:
38:12:fd:ad:41:49:c6:98:ea:3d:f3:39:90:39:9f:
37:c5:86:6e:d1:50:d1:5b:bb:04:98:98:97:a1:82:
1e:43:1d:86:94:df:c9:75:26:03:ae:97:89:be:cb:
8e:51:ce:32:78:cd:20:3e:b2:bf:04:aa:81:85:b6:
ac:6b:53:d5:18:d3:8e:51:85:bb:5d:aa:e6:ac:9a:
39:a1:d6:f9:f8:bb:55:f3:d0:b3:21:ef:05:44:0a:
77:de:47:c8:86:39:2c:39:ed:f7:5a:d7:dd:98:46:
ec:81:f0:bd:cb:f6:df:cd:49:b2:c6:a4:37:93:f9:
08:59:7f:d1:fa:e8:76:f0:13:67:46:7f:7a:8a:9f:
b1:c1:e9:13:85:31:59:58:f2:7a:74:b2:1d:d6:ad:
3f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:50:2A:9E:97:56:9A:56:6C:C3:3B:B4:FE:DC:FA:14:C9:C3:76:16
X509v3 Authority Key Identifier:
keyid:A4:F6:D6:57:C0:FA:21:82:8D:31:35:07:35:4D:EC:14:81:58:0E:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPbWV8D6IYKNMTUHNU3sFIFYDtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/alAqnpdWmlZswzu0_tz6FMnDdhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/pPbWV8D6IYKNMTUHNU3sFIFYDtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.98.0.0/16
81.81.0.0/16
151.3.0.0-151.10.255.255
151.12.0.0-151.58.255.255
151.60.0.0-151.79.255.255
Signature Algorithm: sha256WithRSAEncryption
79:71:57:26:da:39:ab:dd:37:74:63:43:41:de:9f:66:05:84:
73:8c:e4:69:01:a0:96:3b:68:42:e9:cf:5b:78:d8:7d:f1:61:
9c:61:f0:3e:34:0c:de:30:af:5f:a8:7e:a7:20:3c:bc:eb:e1:
f6:b8:38:36:68:59:24:00:a6:a1:18:1a:61:20:0f:a6:e9:88:
d1:fb:63:6b:32:49:7a:ac:f4:34:ae:df:9c:c1:0b:2b:ae:a1:
f4:7d:52:76:8d:8e:cd:8d:bc:78:20:6c:07:95:a2:2d:29:c2:
c0:9b:35:f7:49:f0:56:5f:fe:a3:1e:11:95:7c:b6:0f:d2:e6:
88:ef:92:9c:ed:07:22:b2:48:42:49:cc:dc:4b:24:dd:80:68:
fe:2d:d2:a3:28:19:39:f9:d8:a2:d3:7a:e9:59:b7:f7:a5:c1:
72:46:3e:0c:7a:ee:10:bb:3d:bc:9a:38:fc:e4:24:90:91:5e:
a7:11:58:bd:d8:49:84:1c:d0:8d:a5:6d:98:9f:98:f8:b2:00:
63:2a:0d:be:5b:0a:36:9e:7a:76:25:de:a5:30:90:e5:2d:d9:
a6:39:6f:2b:7c:e5:82:c1:9b:87:9a:1b:b6:46:87:16:a6:2a:
f3:a3:a2:8d:da:da:bf:a2:d3:f4:de:06:29:3d:b8:e4:75:d5:
b3:a2:f5:85
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZk0QZAVGJwXyy4rKhxRWDp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjZkNjU3YzBmYTIxODI4ZDMxMzUwNzM1NGRlYzE0ODE1
ODBlZDYwHhcNMjUwOTEwMTUzMjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTUwMmE5ZTk3NTY5YTU2NmNjMzNiYjRmZWRjZmExNGM5YzM3NjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYowCJ/mGYttD42xuERhvbb1eJGK
CMgvpR2dkNK8bbQLMes0DZFfWmu/1qDZEZcs2Gfxmpslea/3LgcX25yV3XKTlGcp
S2hrcN0se4H2GGxw3x1ceMadhRmqn+Xe3MGpSV/tda51Pfw4Ev2tQUnGmOo98zmQ
OZ83xYZu0VDRW7sEmJiXoYIeQx2GlN/JdSYDrpeJvsuOUc4yeM0gPrK/BKqBhbas
a1PVGNOOUYW7XarmrJo5odb5+LtV89CzIe8FRAp33kfIhjksOe33WtfdmEbsgfC9
y/bfzUmyxqQ3k/kIWX/R+uh28BNnRn96ip+xwekThTFZWPJ6dLId1q0/HQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGpQKp6XVppWbMM7tP7c+hTJw3YWMB8GA1UdIwQY
MBaAFKT21lfA+iGCjTE1BzVN7BSBWA7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBiV1Y4RDZJWUtOTVRVSE5VM3NGSUZZRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8yMzkzOTctMzQ3Ny00Mzc5LWFjNDYt
NWMyNzYzNjQ4ZjFjLzEvYWxBcW5wZFdtbFpzd3p1MF90ejZGTW5EZGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8yMzkzOTctMzQ3Ny00Mzc5LWFjNDYtNWMyNzYzNjQ4ZjFj
LzEvcFBiV1Y4RDZJWUtOTVRVSE5VM3NGSUZZRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwMAPmIDAwBR
UTAKAwMAlwMDAwCXCjAKAwMClwwDAwCXOjAKAwMClzwDAwSXQDANBgkqhkiG9w0B
AQsFAAOCAQEAeXFXJto5q903dGNDQd6fZgWEc4zkaQGgljtoQunPW3jYffFhnGHw
PjQM3jCvX6h+pyA8vOvh9rg4NmhZJACmoRgaYSAPpumI0ftjazJJeqz0NK7fnMEL
K66h9H1Sdo2OzY28eCBsB5WiLSnCwJs190nwVl/+ox4RlXy2D9LmiO+SnO0HIrJI
QknM3Esk3YBo/i3SoygZOfnYotN66Vm396XBckY+DHruELs9vJo4/OQkkJFepxFY
vdhJhBzQjaVtmJ+Y+LIAYyoNvlsKNp56diXepTCQ5S3ZpjlvK3zlgsGbh5obtkaH
FqYq86Oijdrav6LT9N4GKT245HXVs6L1hQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:35:36 2025 by rpki-client