Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/SN5BTYTNTFuSG-XV8Eq1EVBgxqo.roa
File: SN5BTYTNTFuSG-XV8Eq1EVBgxqo.roa (raw, json)
Hash identifier: LJ6KxYfmF4geK0eP2B+fQuqJaneWWfaKHDJbXYR5Gw0=
Subject key identifier: 48:DE:41:4D:84:CD:4C:5B:92:1B:E5:D5:F0:4A:B5:11:50:60:C6:AA
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019A01D49FD578AB1F13087B3E7DCA0C2DF8
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/SN5BTYTNTFuSG-XV8Eq1EVBgxqo.roa
Signing time: Mon 20 Oct 2025 13:35:03 +0000
ROA not before: Mon 20 Oct 2025 13:35:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43991
IP address blocks: 170.168.64.0/24 maxlen: 24
170.168.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 15:16:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:d4:9f:d5:78:ab:1f:13:08:7b:3e:7d:ca:0c:2d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Oct 20 13:35:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48de414d84cd4c5b921be5d5f04ab5115060c6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:fe:c9:d9:81:aa:d1:a0:d0:64:d8:2c:28:df:
93:85:ba:42:d2:c6:75:42:6a:cc:8b:15:5b:52:e2:
6d:15:74:9a:f2:66:3b:9e:83:e0:a0:ef:4e:74:e3:
d1:2f:9b:04:83:5f:41:1c:2a:4e:c9:89:2b:e1:b6:
b0:6d:9b:ec:0e:56:ca:d0:92:17:b8:39:e6:21:d1:
62:3b:5e:0c:cb:4a:87:09:1e:ac:ca:2a:9f:4e:98:
63:49:05:ac:8d:9b:b1:7d:a0:bf:31:5d:a5:bb:47:
a9:33:8f:6e:24:f5:fa:f8:d1:f1:20:bf:ee:d5:17:
10:81:2c:6b:34:4a:84:66:68:2b:e3:4f:75:0c:60:
85:88:7c:af:72:34:cc:eb:5d:1f:cd:68:a0:f6:95:
87:70:2e:3d:71:b3:bd:d8:36:d9:a6:93:cd:cf:5f:
4e:6a:5a:78:3e:09:d1:51:f9:66:e9:34:c9:da:5b:
2f:bd:23:a6:c8:08:b3:b6:d9:48:03:63:a7:7a:ee:
80:3b:0e:81:8d:94:28:f4:a0:ea:a6:bb:1c:b3:2f:
59:91:91:79:72:a4:d0:95:83:7d:c8:8b:16:6a:f4:
ae:21:81:b9:d0:56:23:d1:c5:0c:c7:03:0e:c7:75:
a3:8d:d4:c0:7e:8c:54:d7:de:01:f2:aa:80:27:bf:
06:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:DE:41:4D:84:CD:4C:5B:92:1B:E5:D5:F0:4A:B5:11:50:60:C6:AA
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/SN5BTYTNTFuSG-XV8Eq1EVBgxqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.64.0/24
170.168.75.0/24
Signature Algorithm: sha256WithRSAEncryption
36:11:e9:3c:56:a9:31:04:73:6b:7e:ec:4e:eb:20:fb:aa:9a:
96:c5:d5:9a:e8:be:89:cc:0d:36:28:ee:4e:77:76:84:6c:62:
01:30:35:3a:1e:7c:11:a6:0d:0b:61:dc:0c:45:1d:e6:dc:1c:
f8:0e:3b:d0:52:60:3e:69:9d:9c:07:b7:51:1b:e0:25:b1:01:
2d:8b:ee:63:6e:c7:ba:00:b7:57:71:c6:85:7c:da:1c:f9:a8:
bf:db:44:0c:85:9c:31:0d:aa:04:21:46:fb:d0:77:ef:a7:70:
41:d1:34:d5:25:46:bd:b0:fc:97:02:8c:2b:59:0c:92:e9:ba:
30:41:ab:1e:cd:58:c2:66:92:7a:7b:66:a9:e5:c2:1a:b2:96:
21:0b:6b:75:05:23:96:c0:07:b2:56:02:a9:27:03:11:c7:ec:
e9:71:3c:3e:39:ec:15:8d:42:91:ed:b4:5d:e4:d8:41:2d:cc:
eb:0e:bd:29:f9:5b:ce:77:20:2e:55:84:b2:e9:59:36:31:e4:
d6:d0:54:16:d8:8a:73:23:bb:44:c8:09:59:4c:74:43:89:ea:
14:95:c8:13:54:3f:fb:80:d7:0b:dc:62:c1:46:71:12:14:54:
23:e3:b3:39:ca:73:bd:28:97:b8:d1:32:fb:b5:20:34:8a:c0:
0d:34:ff:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZoB1J/VeKsfEwh7Pn3KDC34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUxMDIwMTMzNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGRlNDE0ZDg0Y2Q0YzViOTIxYmU1ZDVmMDRhYjUxMTUwNjBjNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8f7J2YGq0aDQZNgsKN+ThbpC0sZ1
QmrMixVbUuJtFXSa8mY7noPgoO9OdOPRL5sEg19BHCpOyYkr4bawbZvsDlbK0JIX
uDnmIdFiO14My0qHCR6syiqfTphjSQWsjZuxfaC/MV2lu0epM49uJPX6+NHxIL/u
1RcQgSxrNEqEZmgr4091DGCFiHyvcjTM610fzWig9pWHcC49cbO92DbZppPNz19O
alp4PgnRUflm6TTJ2lsvvSOmyAizttlIA2Oneu6AOw6BjZQo9KDqprscsy9ZkZF5
cqTQlYN9yIsWavSuIYG50FYj0cUMxwMOx3WjjdTAfoxU194B8qqAJ78GbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEjeQU2EzUxbkhvl1fBKtRFQYMaqMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvU041QlRZVE5URnVTRy1YVjhFcTFFVkJneHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAqqhAAwQA
qqhLMA0GCSqGSIb3DQEBCwUAA4IBAQA2Eek8VqkxBHNrfuxO6yD7qpqWxdWa6L6J
zA02KO5Od3aEbGIBMDU6HnwRpg0LYdwMRR3m3Bz4DjvQUmA+aZ2cB7dRG+AlsQEt
i+5jbse6ALdXccaFfNoc+ai/20QMhZwxDaoEIUb70Hfvp3BB0TTVJUa9sPyXAowr
WQyS6bowQasezVjCZpJ6e2ap5cIaspYhC2t1BSOWwAeyVgKpJwMRx+zpcTw+OewV
jUKR7bRd5NhBLczrDr0p+VvOdyAuVYSy6Vk2MeTW0FQW2IpzI7tEyAlZTHRDieoU
lcgTVD/7gNcL3GLBRnESFFQj47M5ynO9KJe40TL7tSA0isANNP84
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:04:53 2025 by rpki-client