Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/1a3e0a-902e-4c80-83c6-7bc2f9cc1851/1/1-DK7gQMR3zOiiYwp61HeTTqzJBE.roa
File: 1-DK7gQMR3zOiiYwp61HeTTqzJBE.roa (raw, json)
Hash identifier: 67WBQ3gib1UB5ugiA0n6m252R05HZIyEYElD2sa4klI=
Subject key identifier: F8:32:BB:81:03:11:DF:33:A2:89:8C:29:EB:51:DE:4D:3A:B3:24:11
Certificate issuer: /CN=a5cde204a3669f9281ee1fc1d5f248542a805e00
Certificate serial: 0199E3C27D1E54F09BE143195923ED33A774
Authority key identifier: A5:CD:E2:04:A3:66:9F:92:81:EE:1F:C1:D5:F2:48:54:2A:80:5E:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pc3iBKNmn5KB7h_B1fJIVCqAXgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/1a3e0a-902e-4c80-83c6-7bc2f9cc1851/1/1-DK7gQMR3zOiiYwp61HeTTqzJBE.roa
Signing time: Tue 14 Oct 2025 17:26:38 +0000
ROA not before: Tue 14 Oct 2025 17:26:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49140
IP address blocks: 193.200.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/1a3e0a-902e-4c80-83c6-7bc2f9cc1851/1/pc3iBKNmn5KB7h_B1fJIVCqAXgA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/1a3e0a-902e-4c80-83c6-7bc2f9cc1851/1/pc3iBKNmn5KB7h_B1fJIVCqAXgA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pc3iBKNmn5KB7h_B1fJIVCqAXgA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e3:c2:7d:1e:54:f0:9b:e1:43:19:59:23:ed:33:a7:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5cde204a3669f9281ee1fc1d5f248542a805e00
Validity
Not Before: Oct 14 17:26:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f832bb810311df33a2898c29eb51de4d3ab32411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d3:0f:f0:94:a6:3e:8d:fa:a4:32:86:81:37:
7b:4e:5f:8e:1a:79:35:91:25:8b:77:b5:d8:22:23:
56:a3:f2:20:a8:b6:4a:72:d1:03:d7:95:d8:84:0c:
1b:da:a9:3b:1d:14:27:88:c5:56:3a:cb:97:26:97:
03:0b:a4:fe:c4:7b:c9:8f:67:01:8e:1e:ec:e5:4f:
3e:81:7c:cb:0b:2a:b6:9e:33:32:1d:04:83:b0:24:
f7:0e:ea:f5:47:0b:09:ca:11:4e:ea:78:e5:8d:cd:
81:b7:e1:c3:cf:92:3e:b8:bc:3f:8a:9e:73:8e:dc:
a0:6e:0e:d9:55:93:e0:7c:c0:2d:11:ab:e8:0d:31:
57:0a:00:94:ba:98:fd:4d:35:7e:e3:59:f9:3f:36:
89:fd:cf:d7:05:52:b8:59:7e:26:c5:51:96:5d:a4:
5d:12:e3:35:18:85:ea:e1:78:6a:d6:18:ec:43:b9:
5b:32:6a:ac:37:a1:ff:50:a9:9e:4c:1e:b4:1b:21:
83:63:ae:85:02:26:41:07:dc:87:2f:ad:1a:1e:09:
b4:7a:64:7c:2b:d4:2c:08:8d:2c:6c:22:a7:6a:bd:
5d:8e:d3:86:56:7e:62:20:5e:97:b4:71:78:91:a8:
26:c7:7e:da:b2:88:cf:6a:d8:e7:58:c0:86:9a:86:
1c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:32:BB:81:03:11:DF:33:A2:89:8C:29:EB:51:DE:4D:3A:B3:24:11
X509v3 Authority Key Identifier:
keyid:A5:CD:E2:04:A3:66:9F:92:81:EE:1F:C1:D5:F2:48:54:2A:80:5E:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pc3iBKNmn5KB7h_B1fJIVCqAXgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1a3e0a-902e-4c80-83c6-7bc2f9cc1851/1/1-DK7gQMR3zOiiYwp61HeTTqzJBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1a3e0a-902e-4c80-83c6-7bc2f9cc1851/1/pc3iBKNmn5KB7h_B1fJIVCqAXgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.161.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:92:52:8d:18:2d:5d:a3:40:ed:9b:61:3e:76:16:71:ac:72:
dd:fc:0a:9f:5b:50:5d:28:d9:a0:79:b4:94:d5:c5:c7:1d:3c:
54:1c:aa:04:68:33:7d:67:46:69:c0:10:ac:fa:80:3e:ae:82:
36:27:b2:3f:0a:41:81:c8:9a:a7:8a:08:d9:bb:10:54:03:ab:
f9:67:4f:3f:fc:87:b9:57:e7:bd:4f:ba:b7:58:bb:48:2c:76:
7c:28:9d:95:b3:23:12:9c:5c:c3:e7:ea:81:2c:1e:2f:96:28:
e2:6b:b4:7f:55:bc:92:39:82:86:7b:32:40:0d:49:db:51:fc:
d7:20:99:35:5e:da:73:0f:94:d7:92:30:de:1e:ef:b5:08:45:
b9:37:2d:fe:a3:a8:1f:f1:5c:12:6c:3e:14:ac:ca:aa:1e:6c:
23:70:5d:aa:91:2e:92:bb:e7:2b:7c:6f:d4:8c:03:09:eb:1e:
ed:82:88:7d:60:77:14:6b:40:42:08:4f:34:79:41:e1:cb:c9:
f9:94:a8:37:94:4f:e2:3d:5f:8f:ef:2f:2d:a5:fe:ae:dd:11:
7c:61:a4:44:1e:76:b7:b6:09:e4:e4:0f:77:f9:34:97:ac:a8:
d0:5a:a6:b8:39:4b:bb:41:95:0e:d6:1f:94:ef:28:36:13:8c:
4a:c7:05:95
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZnjwn0eVPCb4UMZWSPtM6d0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1Y2RlMjA0YTM2NjlmOTI4MWVlMWZjMWQ1ZjI0ODU0MmE4
MDVlMDAwHhcNMjUxMDE0MTcyNjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODMyYmI4MTAzMTFkZjMzYTI4OThjMjllYjUxZGU0ZDNhYjMyNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9MP8JSmPo36pDKGgTd7Tl+OGnk1
kSWLd7XYIiNWo/IgqLZKctED15XYhAwb2qk7HRQniMVWOsuXJpcDC6T+xHvJj2cB
jh7s5U8+gXzLCyq2njMyHQSDsCT3Dur1RwsJyhFO6njljc2Bt+HDz5I+uLw/ip5z
jtygbg7ZVZPgfMAtEavoDTFXCgCUupj9TTV+41n5PzaJ/c/XBVK4WX4mxVGWXaRd
EuM1GIXq4Xhq1hjsQ7lbMmqsN6H/UKmeTB60GyGDY66FAiZBB9yHL60aHgm0emR8
K9QsCI0sbCKnar1djtOGVn5iIF6XtHF4kagmx37asojPatjnWMCGmoYccQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPgyu4EDEd8zoomMKetR3k06syQRMB8GA1UdIwQY
MBaAFKXN4gSjZp+Sge4fwdXySFQqgF4AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGMzaUJLTm1uNUtCN2hfQjFmSklWQ3FBWGdBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8xYTNlMGEtOTAyZS00YzgwLTgzYzYt
N2JjMmY5Y2MxODUxLzEvMS1ESzdnUU1SM3pPaWlZd3A2MUhlVFRxekpCRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvMWEzZTBhLTkwMmUtNGM4MC04M2M2LTdiYzJmOWNjMTg1
MS8xL3BjM2lCS05tbjVLQjdoX0IxZkpJVkNxQVhnQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHIoTAN
BgkqhkiG9w0BAQsFAAOCAQEADZJSjRgtXaNA7ZthPnYWcaxy3fwKn1tQXSjZoHm0
lNXFxx08VByqBGgzfWdGacAQrPqAPq6CNieyPwpBgciap4oI2bsQVAOr+WdPP/yH
uVfnvU+6t1i7SCx2fCidlbMjEpxcw+fqgSweL5Yo4mu0f1W8kjmChnsyQA1J21H8
1yCZNV7acw+U15Iw3h7vtQhFuTct/qOoH/FcEmw+FKzKqh5sI3BdqpEukrvnK3xv
1IwDCese7YKIfWB3FGtAQghPNHlB4cvJ+ZSoN5RP4j1fj+8vLaX+rt0RfGGkRB52
t7YJ5OQPd/k0l6yo0FqmuDlLu0GVDtYflO8oNhOMSscFlQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:32:18 2025 by rpki-client