Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/02b522-9f08-46fc-99ea-9f3e8f9efc99/1/iUluP9dzGEFPZV1QT7qhxKlYtLc.roa
File: iUluP9dzGEFPZV1QT7qhxKlYtLc.roa (raw, json)
Hash identifier: dqFbgrXc+CPp5bc1uUsZ9NzSqOeylcrCuwJIJApbIDI=
Subject key identifier: 89:49:6E:3F:D7:73:18:41:4F:65:5D:50:4F:BA:A1:C4:A9:58:B4:B7
Certificate issuer: /CN=61aedfdc7133e95f42498f7760f68fb80faa84ac
Certificate serial: 019928EE5CBECD8117A1D705169F97809BA4
Authority key identifier: 61:AE:DF:DC:71:33:E9:5F:42:49:8F:77:60:F6:8F:B8:0F:AA:84:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ya7f3HEz6V9CSY93YPaPuA-qhKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/02b522-9f08-46fc-99ea-9f3e8f9efc99/1/iUluP9dzGEFPZV1QT7qhxKlYtLc.roa
Signing time: Mon 08 Sep 2025 10:45:33 +0000
ROA not before: Mon 08 Sep 2025 10:45:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61276
IP address blocks: 91.190.156.0/24 maxlen: 24
193.47.41.0/24 maxlen: 24
2a11:6380::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/02b522-9f08-46fc-99ea-9f3e8f9efc99/1/Ya7f3HEz6V9CSY93YPaPuA-qhKw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/02b522-9f08-46fc-99ea-9f3e8f9efc99/1/Ya7f3HEz6V9CSY93YPaPuA-qhKw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ya7f3HEz6V9CSY93YPaPuA-qhKw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:28:ee:5c:be:cd:81:17:a1:d7:05:16:9f:97:80:9b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61aedfdc7133e95f42498f7760f68fb80faa84ac
Validity
Not Before: Sep 8 10:45:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89496e3fd77318414f655d504fbaa1c4a958b4b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3c:91:ad:80:0c:5b:53:14:be:52:06:f8:85:
a1:e4:8a:0d:fb:fd:c8:9d:15:9b:4c:2b:7a:7f:56:
4e:5e:67:1b:dd:64:03:f1:26:01:b5:8c:af:da:2e:
5c:96:88:9c:05:42:05:05:4e:22:bf:e2:7b:18:07:
7a:89:79:1d:24:88:6d:e5:81:78:1b:36:84:03:a0:
d9:bd:fe:11:ca:b1:a6:cc:1c:f8:08:50:f2:dc:cf:
4f:c7:4a:84:93:ce:93:ba:e6:99:bd:e3:af:d5:9a:
ab:83:5a:8f:0d:aa:85:a0:64:8f:32:fa:51:87:b9:
6d:16:1e:f6:e8:f1:99:8a:a3:6f:2a:29:4d:7f:a2:
e9:2c:59:0d:3e:fb:ca:bc:89:d2:e4:9e:ce:90:31:
a3:59:56:67:39:40:b7:e9:17:00:38:db:40:6b:85:
3b:91:6c:05:50:9f:04:84:6e:32:df:f0:4f:92:cb:
7a:f1:65:5d:84:3b:61:c1:5a:44:0c:70:e6:8f:3d:
b3:e5:f1:de:eb:9b:ed:31:03:d1:9b:08:a1:9e:ec:
14:80:c2:88:b9:ac:4a:36:28:82:8e:6f:48:46:24:
ae:3f:ba:c5:51:0f:d2:e1:f2:16:dc:58:8e:cb:cf:
0b:6f:cc:5e:ad:fa:42:08:e5:1e:e2:93:48:84:34:
8b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:49:6E:3F:D7:73:18:41:4F:65:5D:50:4F:BA:A1:C4:A9:58:B4:B7
X509v3 Authority Key Identifier:
keyid:61:AE:DF:DC:71:33:E9:5F:42:49:8F:77:60:F6:8F:B8:0F:AA:84:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ya7f3HEz6V9CSY93YPaPuA-qhKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/02b522-9f08-46fc-99ea-9f3e8f9efc99/1/iUluP9dzGEFPZV1QT7qhxKlYtLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/02b522-9f08-46fc-99ea-9f3e8f9efc99/1/Ya7f3HEz6V9CSY93YPaPuA-qhKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.156.0/24
193.47.41.0/24
IPv6:
2a11:6380::/29
Signature Algorithm: sha256WithRSAEncryption
53:24:4a:15:c2:83:94:44:38:88:ab:e5:a7:30:3f:d9:dc:ea:
a1:87:bb:06:dc:33:18:7b:1a:3b:2b:91:1f:4a:89:b1:c4:72:
da:6e:56:ca:e9:02:45:8c:6c:8b:94:9d:12:ee:1d:e2:81:d9:
16:4c:03:95:3f:1a:9c:01:58:3f:db:0a:54:7d:c4:95:e1:c9:
da:97:11:c5:7f:ca:78:3e:45:ed:d3:24:9e:a0:a3:e6:f8:16:
c4:bf:4e:9b:31:21:f2:cc:02:34:93:c8:c1:aa:5a:93:3a:1e:
18:16:39:d8:d5:87:50:fc:9c:ae:eb:72:34:a6:58:90:2e:63:
05:d3:25:3b:b4:2d:13:70:59:0d:28:01:bc:02:e3:f2:33:3f:
da:fe:34:91:1c:7f:9d:3d:d3:35:f3:8e:2f:9a:a3:50:a0:66:
3a:74:4c:5c:1d:2d:ea:2e:00:a0:14:8e:73:b4:6c:25:26:ae:
df:bc:4c:ea:7a:da:6f:e1:de:c2:f0:04:ed:f2:82:ef:2c:64:
bf:65:16:21:1f:73:77:bc:0f:5b:37:16:ca:06:92:cf:45:bd:
fe:f1:e8:3c:c0:f4:cd:43:82:a8:99:ae:45:8c:db:64:7b:99:
57:49:87:c3:3e:fb:7c:7d:61:0e:f5:8f:bf:9c:f4:b0:94:ee:
5a:ad:a8:30
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZko7ly+zYEXodcFFp+XgJukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYWVkZmRjNzEzM2U5NWY0MjQ5OGY3NzYwZjY4ZmI4MGZh
YTg0YWMwHhcNMjUwOTA4MTA0NTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQ5NmUzZmQ3NzMxODQxNGY2NTVkNTA0ZmJhYTFjNGE5NThiNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujyRrYAMW1MUvlIG+IWh5IoN+/3I
nRWbTCt6f1ZOXmcb3WQD8SYBtYyv2i5cloicBUIFBU4iv+J7GAd6iXkdJIht5YF4
GzaEA6DZvf4RyrGmzBz4CFDy3M9Px0qEk86TuuaZveOv1Zqrg1qPDaqFoGSPMvpR
h7ltFh726PGZiqNvKilNf6LpLFkNPvvKvInS5J7OkDGjWVZnOUC36RcAONtAa4U7
kWwFUJ8EhG4y3/BPkst68WVdhDthwVpEDHDmjz2z5fHe65vtMQPRmwihnuwUgMKI
uaxKNiiCjm9IRiSuP7rFUQ/S4fIW3FiOy88Lb8xerfpCCOUe4pNIhDSL9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIlJbj/XcxhBT2VdUE+6ocSpWLS3MB8GA1UdIwQY
MBaAFGGu39xxM+lfQkmPd2D2j7gPqoSsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWE3ZjNIRXo2VjlDU1k5M1lQYVB1QS1xaEt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8wMmI1MjItOWYwOC00NmZjLTk5ZWEt
OWYzZThmOWVmYzk5LzEvaVVsdVA5ZHpHRUZQWlYxUVQ3cWh4S2xZdExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8wMmI1MjItOWYwOC00NmZjLTk5ZWEtOWYzZThmOWVmYzk5
LzEvWWE3ZjNIRXo2VjlDU1k5M1lQYVB1QS1xaEt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW76cAwQA
wS8pMA0EAgACMAcDBQMqEWOAMA0GCSqGSIb3DQEBCwUAA4IBAQBTJEoVwoOURDiI
q+WnMD/Z3Oqhh7sG3DMYexo7K5EfSomxxHLablbK6QJFjGyLlJ0S7h3igdkWTAOV
PxqcAVg/2wpUfcSV4cnalxHFf8p4PkXt0ySeoKPm+BbEv06bMSHyzAI0k8jBqlqT
Oh4YFjnY1YdQ/Jyu63I0pliQLmMF0yU7tC0TcFkNKAG8AuPyMz/a/jSRHH+dPdM1
844vmqNQoGY6dExcHS3qLgCgFI5ztGwlJq7fvEzqetpv4d7C8ATt8oLvLGS/ZRYh
H3N3vA9bNxbKBpLPRb3+8eg8wPTNQ4Koma5FjNtke5lXSYfDPvt8fWEO9Y+/nPSw
lO5aragw
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:01 2025 by rpki-client