Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/3e2663-1fb3-436d-ae75-214f87530baf/1/2WniE5dL7byWUDCeGxHoMJMqczE.roa
File: 2WniE5dL7byWUDCeGxHoMJMqczE.roa (raw, json)
Hash identifier: IjkZ5kKZt7FJQZkAKdTzI1e8SsDRi0qw3ixu7BVqjpk=
Subject key identifier: D9:69:E2:13:97:4B:ED:BC:96:50:30:9E:1B:11:E8:30:93:2A:73:31
Certificate issuer: /CN=f91647e547c4af4e5bdc659e4c14f91ff9ce8a05
Certificate serial: 0199B618775191D39B708F0A2FD0001FF08D
Authority key identifier: F9:16:47:E5:47:C4:AF:4E:5B:DC:65:9E:4C:14:F9:1F:F9:CE:8A:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-RZH5UfEr05b3GWeTBT5H_nOigU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/3e2663-1fb3-436d-ae75-214f87530baf/1/2WniE5dL7byWUDCeGxHoMJMqczE.roa
Signing time: Sun 05 Oct 2025 20:38:00 +0000
ROA not before: Sun 05 Oct 2025 20:38:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43431
IP address blocks: 185.1.150.0/24 maxlen: 24
2001:7f8:e4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/3e2663-1fb3-436d-ae75-214f87530baf/1/1-RZH5UfEr05b3GWeTBT5H_nOigU.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/3e2663-1fb3-436d-ae75-214f87530baf/1/1-RZH5UfEr05b3GWeTBT5H_nOigU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-RZH5UfEr05b3GWeTBT5H_nOigU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b6:18:77:51:91:d3:9b:70:8f:0a:2f:d0:00:1f:f0:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f91647e547c4af4e5bdc659e4c14f91ff9ce8a05
Validity
Not Before: Oct 5 20:38:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d969e213974bedbc9650309e1b11e830932a7331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:af:53:79:94:a4:81:85:30:f5:52:4f:12:d1:
99:92:38:6e:44:d4:ec:3b:56:cc:a5:ba:7a:c2:95:
9f:fc:8c:49:d5:5d:ba:98:c2:a1:88:62:9e:2b:27:
68:f2:c0:72:62:fd:27:1c:ba:04:96:ff:dc:98:38:
7a:b2:67:fb:a3:51:05:07:93:b1:8c:4b:dd:1b:bb:
e7:97:13:3b:45:50:68:3f:93:d4:2b:7d:86:93:fb:
a5:b2:5b:d8:e4:3b:ef:e0:27:0b:90:27:59:b0:eb:
89:d9:1a:de:28:e8:f2:41:bb:07:6e:64:ad:71:4e:
c1:2c:04:82:b8:af:0f:0f:f6:ea:4a:14:16:d8:7c:
ff:75:57:b5:52:d4:f3:a5:c7:ac:47:03:e1:36:58:
ce:f6:08:eb:bc:51:c7:fc:2f:6e:82:d3:35:47:fd:
39:d6:c0:e8:79:55:55:71:04:bd:72:43:ed:ed:fa:
9d:2f:eb:68:d5:42:d0:56:ab:e7:b4:35:f2:2e:70:
88:1f:58:e4:87:6b:26:c9:90:6b:8f:cc:bb:ce:ef:
b3:e3:f5:88:cf:3a:4c:4d:b9:31:7e:27:8f:9b:61:
f0:70:9c:35:84:05:ab:cc:fe:66:da:0c:2f:c1:c0:
9f:f8:43:b6:39:40:4d:3b:4f:19:19:11:b7:e7:20:
14:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:69:E2:13:97:4B:ED:BC:96:50:30:9E:1B:11:E8:30:93:2A:73:31
X509v3 Authority Key Identifier:
keyid:F9:16:47:E5:47:C4:AF:4E:5B:DC:65:9E:4C:14:F9:1F:F9:CE:8A:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-RZH5UfEr05b3GWeTBT5H_nOigU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3e2663-1fb3-436d-ae75-214f87530baf/1/2WniE5dL7byWUDCeGxHoMJMqczE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3e2663-1fb3-436d-ae75-214f87530baf/1/1-RZH5UfEr05b3GWeTBT5H_nOigU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.150.0/24
IPv6:
2001:7f8:e4::/48
Signature Algorithm: sha256WithRSAEncryption
a0:7b:f6:f4:40:a8:56:48:c2:80:e9:2c:35:0b:07:45:a3:c2:
df:2e:2d:9c:d7:a4:64:29:0c:cd:7b:c7:19:76:ea:9d:dc:3a:
8d:2f:6a:26:52:d3:49:e0:3e:d7:da:8b:61:db:e9:6c:1f:f1:
42:08:3b:f0:64:54:26:38:76:b2:eb:f0:d8:bd:2c:b8:72:b1:
76:b4:42:b2:d5:8e:a6:4e:4a:f5:1d:49:9f:91:28:45:21:c9:
8f:25:0c:a7:80:35:36:ca:19:55:6f:3c:68:b1:9c:e2:bc:b9:
97:6a:d3:0b:60:80:30:32:57:3a:c9:86:45:db:b5:6a:71:83:
c4:08:36:c7:ff:73:90:71:5a:63:f9:92:e8:d3:23:a9:f1:35:
4e:61:c9:f7:0a:f7:00:65:e0:0a:94:f2:61:87:1a:fb:b6:ae:
13:e1:2d:bf:f5:8f:f4:6d:9d:78:61:98:4d:09:ad:b7:e1:b9:
03:ac:36:b0:27:f4:5b:26:3a:9d:8c:bc:47:9a:7e:80:31:8b:
14:6f:ac:15:be:1d:ba:e0:f6:63:de:04:46:35:29:a9:2f:a7:
1f:0a:09:43:3d:85:e9:6b:2d:ad:9b:b2:f1:f3:54:44:69:90:
af:df:5a:31:73:bc:8d:87:d0:22:2a:5e:1f:d6:14:fd:bd:65:
da:14:35:01
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZm2GHdRkdObcI8KL9AAH/CNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTY0N2U1NDdjNGFmNGU1YmRjNjU5ZTRjMTRmOTFmZjlj
ZThhMDUwHhcNMjUxMDA1MjAzODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTY5ZTIxMzk3NGJlZGJjOTY1MDMwOWUxYjExZTgzMDkzMmE3MzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa9TeZSkgYUw9VJPEtGZkjhuRNTs
O1bMpbp6wpWf/IxJ1V26mMKhiGKeKydo8sByYv0nHLoElv/cmDh6smf7o1EFB5Ox
jEvdG7vnlxM7RVBoP5PUK32Gk/ulslvY5Dvv4CcLkCdZsOuJ2RreKOjyQbsHbmSt
cU7BLASCuK8PD/bqShQW2Hz/dVe1UtTzpcesRwPhNljO9gjrvFHH/C9ugtM1R/05
1sDoeVVVcQS9ckPt7fqdL+to1ULQVqvntDXyLnCIH1jkh2smyZBrj8y7zu+z4/WI
zzpMTbkxfiePm2HwcJw1hAWrzP5m2gwvwcCf+EO2OUBNO08ZGRG35yAUaQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFNlp4hOXS+28llAwnhsR6DCTKnMxMB8GA1UdIwQY
MBaAFPkWR+VHxK9OW9xlnkwU+R/5zooFMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1SWkg1VWZFcjA1YjNHV2VUQlQ1SF9uT2lnVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQvM2UyNjYzLTFmYjMtNDM2ZC1hZTc1
LTIxNGY4NzUzMGJhZi8xLzJXbmlFNWRMN2J5V1VEQ2VHeEhvTUpNcWN6RS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjQvM2UyNjYzLTFmYjMtNDM2ZC1hZTc1LTIxNGY4NzUzMGJh
Zi8xLzEtUlpINVVmRXIwNWIzR1dlVEJUNUhfbk9pZ1UuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAC5AZYw
DwQCAAIwCQMHACABB/gA5DANBgkqhkiG9w0BAQsFAAOCAQEAoHv29ECoVkjCgOks
NQsHRaPC3y4tnNekZCkMzXvHGXbqndw6jS9qJlLTSeA+19qLYdvpbB/xQgg78GRU
Jjh2suvw2L0suHKxdrRCstWOpk5K9R1Jn5EoRSHJjyUMp4A1NsoZVW88aLGc4ry5
l2rTC2CAMDJXOsmGRdu1anGDxAg2x/9zkHFaY/mS6NMjqfE1TmHJ9wr3AGXgCpTy
YYca+7auE+Etv/WP9G2deGGYTQmtt+G5A6w2sCf0WyY6nYy8R5p+gDGLFG+sFb4d
uuD2Y94ERjUpqS+nHwoJQz2F6WstrZuy8fNURGmQr99aMXO8jYfQIipeH9YU/b1l
2hQ1AQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:35:57 2025 by rpki-client