Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/sLlY1jyLux_8WlPpVquZS_tXAMM.roa
File: sLlY1jyLux_8WlPpVquZS_tXAMM.roa (raw, json)
Hash identifier: Ac6aebIzojMJX90LbFh/1SpU6qfnR41Si25oQuBA8+c=
Subject key identifier: B0:B9:58:D6:3C:8B:BB:1F:FC:5A:53:E9:56:AB:99:4B:FB:57:00:C3
Certificate issuer: /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial: 019951FB6CC5AFACC5CFDF8CE1D8D7233AC1
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/sLlY1jyLux_8WlPpVquZS_tXAMM.roa
Signing time: Tue 16 Sep 2025 10:04:15 +0000
ROA not before: Tue 16 Sep 2025 10:04:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208100
IP address blocks: 185.104.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:51:fb:6c:c5:af:ac:c5:cf:df:8c:e1:d8:d7:23:3a:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Validity
Not Before: Sep 16 10:04:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0b958d63c8bbb1ffc5a53e956ab994bfb5700c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ec:9b:aa:7d:0c:7f:22:5a:33:c5:41:b5:26:
62:b0:2d:e8:4c:2f:1e:2e:db:8c:e9:3d:85:5a:19:
29:fd:af:da:20:9f:6a:2a:79:b0:14:9b:4c:c2:3c:
c2:d0:98:24:49:7f:a9:e3:b5:38:35:9f:0b:82:97:
50:0c:6a:d7:fe:f3:34:74:d0:bf:fd:c9:7d:e8:3a:
54:b0:11:d0:80:c9:4b:3a:2e:b4:79:e6:c4:35:b0:
ae:a0:b7:df:31:80:5a:ac:99:33:c2:7c:82:e1:e1:
7a:ab:0a:c9:39:64:c6:68:b9:ed:24:b3:c9:84:c2:
7b:85:2e:35:a6:8a:9e:e9:9b:d4:cd:1f:77:d2:00:
19:6b:56:ac:70:a6:91:ab:37:18:71:7b:21:12:e0:
38:f9:a8:a1:4e:08:06:c6:3e:88:8b:b2:db:68:db:
c7:d2:2f:48:8a:43:17:3c:e8:a0:30:24:23:00:16:
85:95:26:11:cb:76:1f:35:4d:a6:05:e6:27:a4:37:
14:a9:d6:a7:e7:51:eb:d7:3d:9b:eb:cf:ec:e7:11:
f7:aa:1c:11:87:1f:34:3c:82:e5:fe:b0:07:d9:e6:
89:b6:2b:c0:7d:0c:41:74:84:cb:fd:34:62:1c:e7:
b8:8a:ad:0a:9c:86:c5:93:80:b1:d5:b8:fe:db:eb:
97:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B9:58:D6:3C:8B:BB:1F:FC:5A:53:E9:56:AB:99:4B:FB:57:00:C3
X509v3 Authority Key Identifier:
keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/sLlY1jyLux_8WlPpVquZS_tXAMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.154.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:64:f4:58:55:e6:3b:ff:c0:6b:4d:27:19:03:6d:e2:df:e6:
a1:2e:2b:5c:93:cc:3f:e3:9f:17:04:a7:61:c1:e8:4d:5c:f8:
a6:e6:60:d7:3d:62:bd:16:58:19:9f:82:6c:f9:9d:41:a8:b1:
5d:fd:21:be:a2:51:1d:60:c7:b3:ba:8d:50:cf:82:7d:64:1b:
a8:a2:33:f1:1b:19:04:6c:0d:51:66:31:18:03:c4:38:06:94:
8e:99:42:44:55:d3:27:0f:63:89:97:8f:14:18:3f:c3:10:74:
4c:67:0a:55:66:4e:c5:13:e5:92:0a:6d:15:09:d0:2d:8f:08:
16:d0:57:b2:2f:e2:28:cd:c7:29:0d:8e:30:8b:c0:5c:6b:9d:
c4:c5:c7:4f:30:90:69:e6:47:61:66:ac:f7:d9:e7:45:33:7d:
8b:e1:0b:fe:dd:9d:50:4f:ff:9a:1e:59:d5:6d:7c:b7:c5:83:
62:98:f2:97:42:8a:b7:73:c8:4e:bc:04:0e:91:ff:dd:8b:ec:
08:69:c1:d0:84:c4:db:a6:7d:07:76:34:cf:c2:f2:c5:d6:2f:
4a:6a:9c:6a:9a:c2:3b:b6:b1:8e:8a:b7:88:d5:8d:4c:fa:0b:
b6:e3:ed:25:aa:5e:88:71:86:c8:b1:19:76:7a:3b:b1:5f:b6:
1a:11:3b:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlR+2zFr6zFz9+M4djXIzrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjUwOTE2MTAwNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGI5NThkNjNjOGJiYjFmZmM1YTUzZTk1NmFiOTk0YmZiNTcwMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eybqn0MfyJaM8VBtSZisC3oTC8e
LtuM6T2FWhkp/a/aIJ9qKnmwFJtMwjzC0JgkSX+p47U4NZ8LgpdQDGrX/vM0dNC/
/cl96DpUsBHQgMlLOi60eebENbCuoLffMYBarJkzwnyC4eF6qwrJOWTGaLntJLPJ
hMJ7hS41poqe6ZvUzR930gAZa1ascKaRqzcYcXshEuA4+aihTggGxj6Ii7LbaNvH
0i9IikMXPOigMCQjABaFlSYRy3YfNU2mBeYnpDcUqdan51Hr1z2b68/s5xH3qhwR
hx80PILl/rAH2eaJtivAfQxBdITL/TRiHOe4iq0KnIbFk4Cx1bj+2+uXvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLC5WNY8i7sf/FpT6VarmUv7VwDDMB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvc0xsWTFqeUx1eF84V2xQcFZxdVpTX3RYQU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWiaMA0G
CSqGSIb3DQEBCwUAA4IBAQAKZPRYVeY7/8BrTScZA23i3+ahLitck8w/458XBKdh
wehNXPim5mDXPWK9FlgZn4Js+Z1BqLFd/SG+olEdYMezuo1Qz4J9ZBuoojPxGxkE
bA1RZjEYA8Q4BpSOmUJEVdMnD2OJl48UGD/DEHRMZwpVZk7FE+WSCm0VCdAtjwgW
0FeyL+IozccpDY4wi8Bca53ExcdPMJBp5kdhZqz32edFM32L4Qv+3Z1QT/+aHlnV
bXy3xYNimPKXQoq3c8hOvAQOkf/di+wIacHQhMTbpn0HdjTPwvLF1i9KapxqmsI7
trGOireI1Y1M+gu24+0lql6IcYbIsRl2ejuxX7YaETvv
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:53:13 2025 by rpki-client