Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/pPT9mYyICtb5n_YmE-i-z8FboNk.roa
File: pPT9mYyICtb5n_YmE-i-z8FboNk.roa (raw, json)
Hash identifier: L1rDzYnw/K/P26JqWUlSKAL88oGG3Ri5ojFqbgYUqu8=
Subject key identifier: A4:F4:FD:99:8C:88:0A:D6:F9:9F:F6:26:13:E8:BE:CF:C1:5B:A0:D9
Certificate issuer: /CN=5bf81435ed13789895f375dc34d04ce91aca4744
Certificate serial: 01997594B4BD2983EC006989A84E31BCC24E
Authority key identifier: 5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/pPT9mYyICtb5n_YmE-i-z8FboNk.roa
Signing time: Tue 23 Sep 2025 07:58:23 +0000
ROA not before: Tue 23 Sep 2025 07:58:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 719
IP address blocks: 158.233.0.0/23 maxlen: 23
158.233.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:75:94:b4:bd:29:83:ec:00:69:89:a8:4e:31:bc:c2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf81435ed13789895f375dc34d04ce91aca4744
Validity
Not Before: Sep 23 07:58:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4f4fd998c880ad6f99ff62613e8becfc15ba0d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fb:f2:77:68:39:a5:a1:d9:9a:f6:4e:ec:28:
79:d8:91:b9:24:eb:43:61:5e:a3:26:c5:8f:5b:8d:
2d:08:5d:1b:d0:c7:a4:b8:b2:0a:fd:ea:f8:c9:34:
d8:e7:52:a5:27:ba:73:4f:3e:c2:77:5d:e1:fa:9f:
06:2b:2d:bf:cc:a8:41:7d:fb:57:d4:29:ae:4e:16:
14:21:e8:fe:7d:84:59:aa:2b:91:08:c1:a1:31:24:
49:21:dd:88:d0:79:68:bb:36:a3:06:54:15:3e:04:
c1:e4:b1:30:58:a4:e4:d5:f2:be:76:81:ef:dc:60:
db:c8:0a:c7:ef:fb:07:6e:08:86:0b:21:10:99:04:
6d:6f:1b:84:f2:29:c8:33:a5:57:61:6f:81:da:9f:
ba:d4:13:13:0b:31:9e:2f:2d:a8:3f:4c:fb:48:5f:
25:43:c0:e3:d1:59:48:7f:8c:ee:b2:64:5e:c1:d4:
78:63:43:74:cd:50:c7:b7:1a:8d:8a:c2:77:e1:d0:
41:12:fc:37:b4:75:f5:b0:83:a6:02:d9:bf:db:b1:
db:7c:30:17:84:89:ca:eb:df:e2:3b:f5:a0:b6:da:
02:32:14:85:be:1e:b0:6f:ba:01:e0:e3:f0:bc:6f:
5d:59:03:6b:9b:a0:b5:a9:4d:73:f1:df:71:a0:e9:
a4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F4:FD:99:8C:88:0A:D6:F9:9F:F6:26:13:E8:BE:CF:C1:5B:A0:D9
X509v3 Authority Key Identifier:
keyid:5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/pPT9mYyICtb5n_YmE-i-z8FboNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.233.0.0/22
Signature Algorithm: sha256WithRSAEncryption
18:b2:30:b3:6b:b5:74:db:47:95:e5:43:f0:13:33:89:7c:fc:
b1:f2:60:5f:33:26:36:af:8e:5a:97:75:db:4b:e2:5c:fd:0d:
3e:2b:95:eb:0a:bc:02:0e:2d:13:9a:30:73:e0:38:1c:69:51:
34:33:63:11:27:57:5f:31:41:05:71:d4:92:de:43:39:97:d0:
a2:82:5a:7e:a5:54:c8:6a:27:f3:12:29:12:ab:c4:0c:9b:41:
6d:76:ae:21:76:76:62:f9:c2:c8:66:d4:ef:c7:75:7c:8a:22:
a2:9a:54:e5:89:76:29:a5:f9:79:5a:15:da:73:c3:62:51:aa:
52:6e:10:c6:73:72:ba:b5:ca:8a:45:b2:78:61:78:4f:84:91:
3a:54:cb:ee:fd:bc:4b:c1:90:c3:25:7c:32:53:b4:3f:a8:12:
19:70:e8:0e:01:17:0d:9a:9c:86:f0:7d:f5:50:1d:49:f3:c1:
30:23:9b:66:b5:27:b5:cd:c5:41:05:db:d6:3e:53:39:69:1e:
4f:e7:1a:ef:21:db:6f:39:80:61:02:a5:34:4a:60:79:e0:3e:
c4:49:b1:1f:11:94:47:94:c8:ed:0b:5a:2d:83:8d:aa:c5:76:
47:8b:4a:7c:dc:e1:32:f6:1b:6f:a6:35:74:46:f6:50:b4:6f:
1e:a1:26:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZl1lLS9KYPsAGmJqE4xvMJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjgxNDM1ZWQxMzc4OTg5NWYzNzVkYzM0ZDA0Y2U5MWFj
YTQ3NDQwHhcNMjUwOTIzMDc1ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGY0ZmQ5OThjODgwYWQ2Zjk5ZmY2MjYxM2U4YmVjZmMxNWJhMGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPvyd2g5paHZmvZO7Ch52JG5JOtD
YV6jJsWPW40tCF0b0MekuLIK/er4yTTY51KlJ7pzTz7Cd13h+p8GKy2/zKhBfftX
1CmuThYUIej+fYRZqiuRCMGhMSRJId2I0HlouzajBlQVPgTB5LEwWKTk1fK+doHv
3GDbyArH7/sHbgiGCyEQmQRtbxuE8inIM6VXYW+B2p+61BMTCzGeLy2oP0z7SF8l
Q8Dj0VlIf4zusmRewdR4Y0N0zVDHtxqNisJ34dBBEvw3tHX1sIOmAtm/27HbfDAX
hInK69/iO/WgttoCMhSFvh6wb7oB4OPwvG9dWQNrm6C1qU1z8d9xoOmkdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKT0/ZmMiArW+Z/2JhPovs/BW6DZMB8GA1UdIwQY
MBaAFFv4FDXtE3iYlfN13DTQTOkaykdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEt
NDhlNGNjNmIzM2EzLzEvcFBUOW1ZeUlDdGI1bl9ZbUUtaS16OEZib05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEtNDhlNGNjNmIzM2Ez
LzEvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnukAMA0G
CSqGSIb3DQEBCwUAA4IBAQAYsjCza7V020eV5UPwEzOJfPyx8mBfMyY2r45al3Xb
S+Jc/Q0+K5XrCrwCDi0TmjBz4DgcaVE0M2MRJ1dfMUEFcdSS3kM5l9Ciglp+pVTI
aifzEikSq8QMm0Ftdq4hdnZi+cLIZtTvx3V8iiKimlTliXYppfl5WhXac8NiUapS
bhDGc3K6tcqKRbJ4YXhPhJE6VMvu/bxLwZDDJXwyU7Q/qBIZcOgOARcNmpyG8H31
UB1J88EwI5tmtSe1zcVBBdvWPlM5aR5P5xrvIdtvOYBhAqU0SmB54D7ESbEfEZRH
lMjtC1otg42qxXZHi0p83OEy9htvpjV0RvZQtG8eoSa8
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:20 2025 by rpki-client