Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/s5g-qMY2DPQbPs-vJE-wBex3Yv4.roa
File: s5g-qMY2DPQbPs-vJE-wBex3Yv4.roa (raw, json)
Hash identifier: VrwCJyMIT/Ba5OOALbfVM8cSGeibLJlkNY1h+iO6RIA=
Subject key identifier: B3:98:3E:A8:C6:36:0C:F4:1B:3E:CF:AF:24:4F:B0:05:EC:77:62:FE
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0199D7BB91F59AB851DAA73A41EFDAB8847E
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/s5g-qMY2DPQbPs-vJE-wBex3Yv4.roa
Signing time: Sun 12 Oct 2025 09:23:38 +0000
ROA not before: Sun 12 Oct 2025 09:23:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213665
IP address blocks: 46.38.137.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
212.80.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d7:bb:91:f5:9a:b8:51:da:a7:3a:41:ef:da:b8:84:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Oct 12 09:23:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3983ea8c6360cf41b3ecfaf244fb005ec7762fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ac:6a:c0:12:a7:97:29:c0:6d:d5:62:5c:21:
e4:da:2a:39:44:29:79:07:a9:60:65:e8:11:04:9b:
26:fe:fa:5a:ec:b1:03:7a:71:1a:99:45:41:d3:75:
5c:2d:a1:fd:5c:19:b9:d9:6a:11:00:fd:a6:19:b9:
c6:24:8f:ef:22:c6:e6:7c:92:a5:1a:b9:89:32:2e:
de:d5:fb:a8:75:d2:7e:6b:f4:b1:f2:16:f4:0a:ab:
75:59:74:d4:e9:43:43:03:14:ac:c0:1a:48:7c:81:
7d:2a:cf:4d:29:d0:d2:d6:87:56:9b:59:eb:9f:84:
85:42:1a:c0:8e:6b:72:f9:2d:ec:ac:6b:5b:32:15:
76:60:f6:0e:9f:53:4c:5e:01:f2:0b:70:89:9a:d6:
35:d0:77:0c:2a:78:07:5a:c0:94:7f:22:07:52:cf:
c3:fe:bf:df:10:7a:07:b0:73:06:c5:73:58:c3:8d:
28:65:b4:c8:3d:8e:62:f6:1f:18:68:e5:13:bf:a0:
ff:e7:39:69:06:fc:e9:b6:96:df:81:cd:8d:c1:6b:
52:d5:46:45:04:74:ab:73:04:fc:11:13:b7:4b:bc:
03:84:fd:76:66:02:78:7d:20:7f:01:a4:f1:64:b5:
e3:33:40:ce:e5:32:2a:dc:81:8f:00:52:fb:ae:92:
b0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:98:3E:A8:C6:36:0C:F4:1B:3E:CF:AF:24:4F:B0:05:EC:77:62:FE
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/s5g-qMY2DPQbPs-vJE-wBex3Yv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.137.0/24
109.94.165.0/24
212.80.24.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:65:ab:d8:ce:b7:37:7d:89:2c:76:29:13:17:67:12:c8:44:
dd:04:45:4d:84:42:75:83:de:74:f7:2d:c2:bd:5e:21:5d:e9:
4c:21:4c:fc:ab:d8:5a:f8:a0:29:41:60:bc:57:11:92:ad:6d:
b4:13:44:fb:0b:8d:f9:ef:ae:33:5b:62:41:ce:06:56:b3:48:
9a:e5:cb:5f:45:b9:10:07:5a:dd:3d:14:ce:da:64:16:a8:22:
06:0d:a7:07:c5:c4:ea:58:87:09:b7:fc:8d:72:49:f4:a4:68:
ae:b2:b3:74:4a:55:8f:91:6d:b9:fd:e1:4b:0c:82:ec:a9:7b:
3b:6e:50:d5:9b:28:30:53:35:e7:7d:aa:b1:b5:42:1c:5b:d0:
7e:1e:d3:cf:3e:03:d1:1d:f1:2d:f1:8f:b7:dd:55:2d:38:6f:
6a:c0:a9:6f:5e:4b:40:66:58:40:25:17:48:b2:b8:9c:1f:a1:
2a:50:09:50:df:1e:35:29:d0:bf:25:55:15:01:ea:00:db:36:
eb:dc:d9:bf:ee:ad:25:82:35:c2:a0:65:7a:d5:72:35:a0:13:
3d:1f:be:6e:bf:3b:54:50:ee:7e:dd:72:e1:e9:12:ae:eb:6c:
41:c5:e2:21:5b:76:02:63:4c:82:d5:6a:0a:74:90:3f:ca:46:
8e:6c:47:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnXu5H1mrhR2qc6Qe/auIR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUxMDEyMDkyMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzk4M2VhOGM2MzYwY2Y0MWIzZWNmYWYyNDRmYjAwNWVjNzc2MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqxqwBKnlynAbdViXCHk2io5RCl5
B6lgZegRBJsm/vpa7LEDenEamUVB03VcLaH9XBm52WoRAP2mGbnGJI/vIsbmfJKl
GrmJMi7e1fuoddJ+a/Sx8hb0Cqt1WXTU6UNDAxSswBpIfIF9Ks9NKdDS1odWm1nr
n4SFQhrAjmty+S3srGtbMhV2YPYOn1NMXgHyC3CJmtY10HcMKngHWsCUfyIHUs/D
/r/fEHoHsHMGxXNYw40oZbTIPY5i9h8YaOUTv6D/5zlpBvzptpbfgc2NwWtS1UZF
BHSrcwT8ERO3S7wDhP12ZgJ4fSB/AaTxZLXjM0DO5TIq3IGPAFL7rpKwvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLOYPqjGNgz0Gz7PryRPsAXsd2L+MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvczVnLXFNWTJEUFFiUHMtdkpFLXdCZXgzWXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiaJAwQA
bV6lAwQA1FAYMA0GCSqGSIb3DQEBCwUAA4IBAQC2ZavYzrc3fYksdikTF2cSyETd
BEVNhEJ1g9509y3CvV4hXelMIUz8q9ha+KApQWC8VxGSrW20E0T7C435764zW2JB
zgZWs0ia5ctfRbkQB1rdPRTO2mQWqCIGDacHxcTqWIcJt/yNckn0pGiusrN0SlWP
kW25/eFLDILsqXs7blDVmygwUzXnfaqxtUIcW9B+HtPPPgPRHfEt8Y+33VUtOG9q
wKlvXktAZlhAJRdIsricH6EqUAlQ3x41KdC/JVUVAeoA2zbr3Nm/7q0lgjXCoGV6
1XI1oBM9H75uvztUUO5+3XLh6RKu62xBxeIhW3YCY0yC1WoKdJA/ykaObEcl
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:27 2025 by rpki-client