Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/sDw4_lTU4iQJOaN0yUvzocqZ23c.roa
File: sDw4_lTU4iQJOaN0yUvzocqZ23c.roa (raw, json)
Hash identifier: 9muZnI3+r+Noi3k3hRSo6GnSQDK9o1ZrpIfj14cPaHM=
Subject key identifier: B0:3C:38:FE:54:D4:E2:24:09:39:A3:74:C9:4B:F3:A1:CA:99:DB:77
Certificate issuer: /CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Certificate serial: 01995B85212FC481D81B40601C3C94AC676E
Authority key identifier: 62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/sDw4_lTU4iQJOaN0yUvzocqZ23c.roa
Signing time: Thu 18 Sep 2025 06:31:15 +0000
ROA not before: Thu 18 Sep 2025 06:31:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48269
IP address blocks: 194.169.198.0/24 maxlen: 24
2a0c:15c0::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.mft
rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5b:85:21:2f:c4:81:d8:1b:40:60:1c:3c:94:ac:67:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Validity
Not Before: Sep 18 06:31:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b03c38fe54d4e2240939a374c94bf3a1ca99db77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:72:13:43:b4:7c:60:ed:f0:34:f3:66:67:78:
8e:d9:d7:74:87:25:0e:5f:bc:f5:20:16:72:5a:39:
70:f7:e6:06:dd:e4:d0:ba:29:13:18:9f:53:db:4c:
cc:13:e9:93:4c:b3:7b:a8:7f:4a:50:ac:97:11:9d:
b0:51:fe:fc:6a:13:19:a5:f5:5d:34:86:e4:a0:b1:
ad:3b:da:26:ba:56:48:34:3d:ea:24:84:a7:79:54:
29:2b:ad:f5:db:fc:e9:89:f0:e2:14:8d:fa:bd:65:
d9:ef:0f:1c:54:6c:2c:64:77:3d:90:fc:eb:9c:ee:
8d:40:1a:f9:65:a8:f4:0b:51:8d:01:75:b8:cc:40:
ca:61:e1:a9:bd:6c:21:ba:5e:ba:e3:b7:ac:32:c0:
73:d9:f7:ca:60:e7:5b:84:b2:80:54:f1:31:01:2e:
66:0d:32:35:27:85:64:59:a8:5a:c5:73:9f:07:cf:
85:1e:4e:45:fa:21:f8:e3:0e:af:7d:11:9e:27:81:
9c:bd:7b:ab:43:05:19:38:dc:1c:9a:6f:18:07:9a:
f8:6d:63:7b:25:ac:34:b7:ad:f4:1f:db:e7:88:67:
b3:77:57:71:b6:00:9d:51:b3:7c:19:35:98:a1:df:
e1:e7:59:e9:2c:8f:18:50:81:1b:af:1c:52:17:9b:
9f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3C:38:FE:54:D4:E2:24:09:39:A3:74:C9:4B:F3:A1:CA:99:DB:77
X509v3 Authority Key Identifier:
keyid:62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/sDw4_lTU4iQJOaN0yUvzocqZ23c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.198.0/24
IPv6:
2a0c:15c0::/48
Signature Algorithm: sha256WithRSAEncryption
00:dc:eb:86:38:63:69:16:6a:8f:7f:28:a8:1b:f1:21:0c:84:
f3:81:79:b5:1d:55:71:d2:7c:92:3e:45:72:8f:7d:de:6a:4a:
2d:30:db:c9:70:77:67:3c:a9:97:d0:a0:45:38:4a:7a:ff:8a:
c5:f8:14:21:05:f5:2b:2d:b9:15:39:b8:1a:35:63:08:27:5d:
c1:84:9a:92:f9:7d:3c:ee:37:d1:3f:be:d0:fa:6b:06:f9:40:
40:7f:b2:95:b0:a6:c6:97:b7:78:0c:f3:27:43:a3:52:b1:fc:
31:44:e6:f7:bd:6f:79:05:16:03:67:93:cc:7b:db:e4:aa:7f:
7e:fd:33:ff:f3:2d:57:b5:8c:19:2c:52:5f:1c:35:b2:59:5d:
29:f8:3a:f8:95:5b:96:74:37:02:00:bc:91:92:1d:3f:6d:f7:
ea:55:7d:13:05:20:91:e0:50:e3:20:32:fe:df:d9:d1:ff:7f:
12:13:2a:83:8f:d1:69:5a:d0:b8:72:c8:2b:f1:de:7a:2e:77:
8b:20:9b:4a:44:15:da:31:09:60:e4:3d:b0:98:0f:65:bb:98:
db:81:ea:29:fa:f2:53:14:e7:b4:6f:17:82:18:cd:ac:cc:68:
13:d3:11:61:9c:4c:31:53:ad:86:a7:5a:b1:a4:74:7f:64:17:
96:b7:de:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZlbhSEvxIHYG0BgHDyUrGduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMzUyNmFkOWZiZWM1NzRmYTRlYzNkOWJhZGI1NDMzZmRh
YWNhN2IwHhcNMjUwOTE4MDYzMTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDNjMzhmZTU0ZDRlMjI0MDkzOWEzNzRjOTRiZjNhMWNhOTlkYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXITQ7R8YO3wNPNmZ3iO2dd0hyUO
X7z1IBZyWjlw9+YG3eTQuikTGJ9T20zME+mTTLN7qH9KUKyXEZ2wUf78ahMZpfVd
NIbkoLGtO9omulZIND3qJISneVQpK6312/zpifDiFI36vWXZ7w8cVGwsZHc9kPzr
nO6NQBr5Zaj0C1GNAXW4zEDKYeGpvWwhul6647esMsBz2ffKYOdbhLKAVPExAS5m
DTI1J4VkWahaxXOfB8+FHk5F+iH44w6vfRGeJ4GcvXurQwUZONwcmm8YB5r4bWN7
Jaw0t630H9vniGezd1dxtgCdUbN8GTWYod/h51npLI8YUIEbrxxSF5ufNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLA8OP5U1OIkCTmjdMlL86HKmdt3MB8GA1UdIwQY
MBaAFGI1Jq2fvsV0+k7D2brbVDP9qsp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2Yt
ODFjOGNlNzUwMTI0LzEvc0R3NF9sVFU0aVFKT2FOMHlVdnpvY3FaMjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2YtODFjOGNlNzUwMTI0
LzEvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwqnGMA8E
AgACMAkDBwAqDBXAAAAwDQYJKoZIhvcNAQELBQADggEBAADc64Y4Y2kWao9/KKgb
8SEMhPOBebUdVXHSfJI+RXKPfd5qSi0w28lwd2c8qZfQoEU4Snr/isX4FCEF9Sst
uRU5uBo1YwgnXcGEmpL5fTzuN9E/vtD6awb5QEB/spWwpsaXt3gM8ydDo1Kx/DFE
5ve9b3kFFgNnk8x72+Sqf379M//zLVe1jBksUl8cNbJZXSn4OviVW5Z0NwIAvJGS
HT9t9+pVfRMFIJHgUOMgMv7f2dH/fxITKoOP0Wla0LhyyCvx3noud4sgm0pEFdox
CWDkPbCYD2W7mNuB6in68lMU57RvF4IYzazMaBPTEWGcTDFTrYanWrGkdH9kF5a3
3ic=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:45 2025 by rpki-client