Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/U6Qxy1oNmDM-lMlcIuV-tkZ5i3M.roa
File: U6Qxy1oNmDM-lMlcIuV-tkZ5i3M.roa (raw, json)
Hash identifier: HGuuwSy4hXJni083ZaeJiwdIjM8A91FA5TQ0qlaoCh4=
Subject key identifier: 53:A4:31:CB:5A:0D:98:33:3E:94:C9:5C:22:E5:7E:B6:46:79:8B:73
Certificate issuer: /CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Certificate serial: 01999F90AC563200FE1A6DA4D10FEE3EE726
Authority key identifier: 9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/U6Qxy1oNmDM-lMlcIuV-tkZ5i3M.roa
Signing time: Wed 01 Oct 2025 11:38:02 +0000
ROA not before: Wed 01 Oct 2025 11:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39074
IP address blocks: 45.15.200.0/24 maxlen: 24
45.15.201.0/24 maxlen: 24
45.15.202.0/24 maxlen: 24
45.15.203.0/24 maxlen: 24
2a0e:3180::/64 maxlen: 64
2a0e:3180:0:1::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9f:90:ac:56:32:00:fe:1a:6d:a4:d1:0f:ee:3e:e7:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Validity
Not Before: Oct 1 11:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53a431cb5a0d98333e94c95c22e57eb646798b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b8:f9:fe:37:21:7f:d3:95:a2:4a:02:79:9a:
d8:a6:d7:4c:dd:8d:35:01:9a:86:de:9c:f9:9a:1c:
16:7c:52:ea:4b:60:b3:21:d7:c5:ff:ec:e1:15:c6:
76:9a:f3:90:0e:18:cb:47:4b:b1:8f:fc:f2:ef:af:
4e:9d:28:73:7c:6b:3c:1e:fc:75:f8:c0:ca:53:81:
f3:92:66:5a:5e:ae:7d:3d:17:29:f3:45:f5:70:37:
fe:e5:9f:22:a6:26:c0:26:36:76:5d:46:f3:2a:8b:
d0:f9:49:a0:db:e6:bd:e5:3c:0d:53:55:14:2e:6f:
df:a7:a5:c1:9a:c1:4b:5a:89:3f:14:2f:18:b7:84:
6d:79:39:15:78:57:44:95:1d:5e:46:5f:1b:34:25:
1f:4d:91:3c:ee:6d:39:99:fb:e7:c6:a9:47:04:5e:
a0:02:5c:36:d3:7c:aa:ac:b7:47:fc:61:e4:99:5a:
25:ea:67:3b:35:52:50:45:89:96:fe:83:85:ab:9e:
0b:dc:e8:2c:75:3e:d7:2b:29:c1:19:f9:3d:90:16:
88:8a:f2:22:90:41:cd:5c:2c:3c:df:5e:40:6b:bc:
da:28:62:04:15:b9:7b:a3:6a:c5:f7:37:5e:43:d3:
bb:a9:66:83:0c:42:57:81:cb:f9:88:19:16:89:ee:
69:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A4:31:CB:5A:0D:98:33:3E:94:C9:5C:22:E5:7E:B6:46:79:8B:73
X509v3 Authority Key Identifier:
keyid:9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/U6Qxy1oNmDM-lMlcIuV-tkZ5i3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.200.0/22
IPv6:
2a0e:3180::/63
Signature Algorithm: sha256WithRSAEncryption
65:60:cb:34:49:65:6f:d9:06:52:a9:61:54:89:bf:43:62:3c:
cc:3a:ac:b5:80:7f:18:b3:d3:85:d7:bf:92:6f:93:79:7a:e2:
9a:46:b1:fb:e6:c5:55:56:b1:99:59:60:2f:b4:86:63:eb:ae:
0b:70:d1:16:d7:af:0e:1e:e7:ec:f5:26:6a:ba:c2:bb:ca:e3:
11:37:09:02:22:55:d2:25:09:86:b9:b4:34:cd:ba:61:f8:9e:
32:13:fb:88:85:ce:9c:42:08:23:ce:7b:3a:c2:7f:75:fb:88:
03:e8:de:46:9f:99:bc:a4:06:c7:48:d7:4d:1a:f8:df:40:44:
80:6d:8b:7e:53:c1:5e:38:d0:d3:2b:e1:6b:af:d3:85:15:2c:
f4:f7:82:bb:f7:4d:1a:bd:7b:82:e4:37:47:05:27:5c:51:1f:
83:f2:bc:33:2f:d8:71:aa:22:18:ea:34:27:a9:d4:fb:9f:c1:
d5:1e:37:c1:39:de:7f:b8:7b:ce:a8:ec:4b:47:39:f5:77:e8:
b1:7d:86:81:ff:49:90:07:90:31:9f:d7:ea:82:68:87:9f:bb:
ac:9a:75:12:a5:a0:ba:f0:06:45:28:ca:62:94:ea:ab:f0:df:
55:73:02:22:c1:5f:fb:7b:0b:d3:0c:3a:b4:1f:2a:7c:39:75:
9b:62:70:81
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZmfkKxWMgD+Gm2k0Q/uPucmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzJhMmU4ZmNiZWVlNjMwMjBiYTkzZGFhYjkwNzZjMzdi
Yzk5OTEwHhcNMjUxMDAxMTEzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E0MzFjYjVhMGQ5ODMzM2U5NGM5NWMyMmU1N2ViNjQ2Nzk4YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLj5/jchf9OVokoCeZrYptdM3Y01
AZqG3pz5mhwWfFLqS2CzIdfF/+zhFcZ2mvOQDhjLR0uxj/zy769OnShzfGs8Hvx1
+MDKU4HzkmZaXq59PRcp80X1cDf+5Z8ipibAJjZ2XUbzKovQ+Umg2+a95TwNU1UU
Lm/fp6XBmsFLWok/FC8Yt4RteTkVeFdElR1eRl8bNCUfTZE87m05mfvnxqlHBF6g
Alw203yqrLdH/GHkmVol6mc7NVJQRYmW/oOFq54L3OgsdT7XKynBGfk9kBaIivIi
kEHNXCw8315Aa7zaKGIEFbl7o2rF9zdeQ9O7qWaDDEJXgcv5iBkWie5puQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFFOkMctaDZgzPpTJXCLlfrZGeYtzMB8GA1UdIwQY
MBaAFJsyouj8vu5jAgupPaq5B2w3vJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQt
ZTNhYjkwODdkNDAzLzEvVTZReHkxb05tRE0tbE1sY0l1Vi10a1o1aTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQtZTNhYjkwODdkNDAz
LzEvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQCLQ/IMBEE
AgACMAsDCQEqDjGAAAAAADANBgkqhkiG9w0BAQsFAAOCAQEAZWDLNEllb9kGUqlh
VIm/Q2I8zDqstYB/GLPThde/km+TeXrimkax++bFVVaxmVlgL7SGY+uuC3DRFtev
Dh7n7PUmarrCu8rjETcJAiJV0iUJhrm0NM26YfieMhP7iIXOnEIII857OsJ/dfuI
A+jeRp+ZvKQGx0jXTRr430BEgG2LflPBXjjQ0yvha6/ThRUs9PeCu/dNGr17guQ3
RwUnXFEfg/K8My/YcaoiGOo0J6nU+5/B1R43wTnef7h7zqjsS0c59XfosX2Ggf9J
kAeQMZ/X6oJoh5+7rJp1EqWguvAGRSjKYpTqq/DfVXMCIsFf+3sL0ww6tB8qfDl1
m2JwgQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:49:24 2025 by rpki-client