Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/URAxay4SIxZTfqbnIfZtg4mAOJE.roa
File: URAxay4SIxZTfqbnIfZtg4mAOJE.roa (raw, json)
Hash identifier: Aq05xurddyvtwsj+/MrgusuGixdi+KLzxI90ytrvoT8=
Subject key identifier: 51:10:31:6B:2E:12:23:16:53:7E:A6:E7:21:F6:6D:83:89:80:38:91
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019985A145806E33451C9B674395E82425EA
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/URAxay4SIxZTfqbnIfZtg4mAOJE.roa
Signing time: Fri 26 Sep 2025 10:46:02 +0000
ROA not before: Fri 26 Sep 2025 10:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 272409
IP address blocks: 194.32.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:85:a1:45:80:6e:33:45:1c:9b:67:43:95:e8:24:25:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Sep 26 10:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5110316b2e122316537ea6e721f66d8389803891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:c5:58:83:7c:b1:45:5e:0c:0f:45:fb:44:
c9:26:e8:a7:d5:a7:5c:05:f6:b3:f6:b7:7d:f8:52:
00:89:b9:b1:f5:80:41:06:c1:73:c6:64:b3:6b:ef:
e8:e1:90:ec:fb:8d:c1:87:14:93:d6:b6:2c:07:f8:
28:a4:7c:ed:21:e2:09:92:23:96:c7:54:b2:d0:ad:
e8:ce:19:2c:72:8b:b9:eb:45:6a:7b:2b:02:e8:14:
d3:c0:47:20:4c:d0:4e:af:2b:f8:4a:73:5f:9b:3e:
01:41:23:aa:1c:30:52:40:2e:f3:dc:2b:b7:a9:5d:
e7:68:9e:d3:ff:e7:90:a0:e0:43:50:9b:ef:87:60:
f2:89:4c:e7:d4:03:ea:e9:33:29:26:82:42:00:bc:
7c:1b:06:d3:bf:9c:ca:e8:ff:50:8b:ff:89:ea:0b:
67:14:6e:b7:ef:6c:1d:42:f4:a8:40:51:b9:c9:74:
b0:3a:51:f1:74:0f:65:d3:ff:e9:fb:3b:ce:32:bd:
ac:31:75:bf:5f:da:e9:4d:5e:e0:b8:8d:e0:6a:8d:
0f:b2:c7:72:9c:e3:75:b1:f7:03:a0:67:8b:83:70:
97:3a:59:fe:8e:f7:45:4a:c1:4b:41:53:dd:51:8d:
41:5c:18:70:ad:d0:b5:94:60:17:80:cb:46:17:29:
f4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:10:31:6B:2E:12:23:16:53:7E:A6:E7:21:F6:6D:83:89:80:38:91
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/URAxay4SIxZTfqbnIfZtg4mAOJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.113.0/24
Signature Algorithm: sha256WithRSAEncryption
21:74:d7:c5:45:51:f0:bf:aa:58:35:b2:0d:6d:49:93:4a:99:
f5:30:6f:c6:c4:af:1b:8b:86:93:72:9f:20:21:f5:9e:f7:e7:
85:78:37:b5:73:ea:e6:6d:d2:a3:db:de:ad:db:45:2f:5d:56:
47:78:be:f9:b8:8f:db:65:23:e5:ab:ad:a1:88:9c:c2:19:96:
72:ce:f4:1d:5d:67:f5:b4:19:41:49:df:39:51:4e:7b:72:ce:
44:e5:37:30:4f:ae:5b:80:c0:87:c3:e8:86:03:a7:21:78:62:
69:7e:cd:f7:4f:55:a1:b3:c3:a2:24:20:4c:bd:3c:50:6e:7d:
1a:86:f9:ff:e0:a8:b7:ae:9b:08:ec:5a:10:3c:4d:d9:52:06:
4c:cc:29:4d:d3:e7:aa:94:3a:43:45:14:73:56:8d:25:df:c7:
2c:f2:4a:5f:29:69:4b:b1:7c:70:20:26:ed:c7:9c:1f:9e:40:
02:39:41:d3:b0:64:d1:36:bf:0e:dd:9e:c7:19:0c:c4:3e:93:
8a:1c:0f:bb:29:c2:56:8b:79:d8:e3:ee:2c:47:30:6c:f7:5e:
e0:c5:3e:d3:47:5d:d4:c8:df:df:88:67:b4:74:7a:12:83:74:
27:58:19:5f:d6:02:d0:4f:67:b2:c3:40:f0:c1:27:0c:8f:b2:
b0:33:82:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmFoUWAbjNFHJtnQ5XoJCXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwOTI2MTA0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTEwMzE2YjJlMTIyMzE2NTM3ZWE2ZTcyMWY2NmQ4Mzg5ODAzODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo17FWIN8sUVeDA9F+0TJJuin1adc
Bfaz9rd9+FIAibmx9YBBBsFzxmSza+/o4ZDs+43BhxST1rYsB/gopHztIeIJkiOW
x1Sy0K3ozhkscou560VqeysC6BTTwEcgTNBOryv4SnNfmz4BQSOqHDBSQC7z3Cu3
qV3naJ7T/+eQoOBDUJvvh2DyiUzn1APq6TMpJoJCALx8GwbTv5zK6P9Qi/+J6gtn
FG6372wdQvSoQFG5yXSwOlHxdA9l0//p+zvOMr2sMXW/X9rpTV7guI3gao0Pssdy
nON1sfcDoGeLg3CXOln+jvdFSsFLQVPdUY1BXBhwrdC1lGAXgMtGFyn0nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEQMWsuEiMWU36m5yH2bYOJgDiRMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvVVJBeGF5NFNJeFpUZnFibklmWnRnNG1BT0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiBxMA0G
CSqGSIb3DQEBCwUAA4IBAQAhdNfFRVHwv6pYNbINbUmTSpn1MG/GxK8bi4aTcp8g
IfWe9+eFeDe1c+rmbdKj296t20UvXVZHeL75uI/bZSPlq62hiJzCGZZyzvQdXWf1
tBlBSd85UU57cs5E5TcwT65bgMCHw+iGA6cheGJpfs33T1Whs8OiJCBMvTxQbn0a
hvn/4Ki3rpsI7FoQPE3ZUgZMzClN0+eqlDpDRRRzVo0l38cs8kpfKWlLsXxwICbt
x5wfnkACOUHTsGTRNr8O3Z7HGQzEPpOKHA+7KcJWi3nY4+4sRzBs917gxT7TR13U
yN/fiGe0dHoSg3QnWBlf1gLQT2eyw0DwwScMj7KwM4Ii
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:34:28 2025 by rpki-client