
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/BRWfo7q6D0lMJM7hE-YIGw2NCYA.roa
File: BRWfo7q6D0lMJM7hE-YIGw2NCYA.roa (raw, json)
Hash identifier: jzPBiZpZ7XLNHJw0fZFvNdbjpilYs57dBBcGcV5ctNQ=
Subject key identifier: 05:15:9F:A3:BA:BA:0F:49:4C:24:CE:E1:13:E6:08:1B:0D:8D:09:80
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 01999FBA071F4F1D8D867E61A022D03032BF
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/BRWfo7q6D0lMJM7hE-YIGw2NCYA.roa
Signing time: Wed 01 Oct 2025 12:23:12 +0000
ROA not before: Wed 01 Oct 2025 12:23:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32787
IP address blocks: 193.120.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9f:ba:07:1f:4f:1d:8d:86:7e:61:a0:22:d0:30:32:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Oct 1 12:23:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05159fa3baba0f494c24cee113e6081b0d8d0980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f1:51:71:8f:eb:8a:44:ff:7e:3f:a6:aa:9b:
6e:ab:da:39:cf:c4:32:34:d6:21:98:24:4c:d6:82:
15:bd:7e:bd:e1:55:0f:04:4f:a6:fb:9e:03:7c:fc:
0a:d7:b4:2d:12:ed:77:43:11:29:52:57:6b:f1:9e:
1a:ae:c4:db:74:6c:14:c0:f2:ca:46:24:fa:9b:1f:
6f:29:c7:0d:55:86:c7:cb:08:61:31:15:61:e7:37:
09:90:64:cc:37:d1:6d:86:2c:8e:05:4e:c7:80:c6:
d7:d5:44:fd:44:f0:67:3e:56:13:08:ed:f8:f4:37:
1b:9c:36:83:b9:e9:ed:2a:c7:2c:d9:b0:ac:68:42:
ee:69:c5:4c:bd:fc:81:f4:eb:69:77:31:27:da:6d:
5f:0f:e7:3b:05:9b:bf:20:52:52:d4:2d:eb:03:31:
ad:5b:d2:54:98:49:c0:fe:c8:8b:28:82:1b:1a:4a:
40:aa:12:d4:19:68:e6:76:34:91:90:1b:bf:3f:c5:
40:3d:1b:26:f8:b3:28:c8:de:e6:e3:ee:29:9e:87:
95:2f:8c:da:48:fe:d8:86:68:66:5e:12:9c:66:39:
19:c0:2b:53:5d:de:cd:8e:11:5d:e2:6e:1f:fa:76:
4a:d1:03:a4:a5:ad:76:78:e9:d3:6d:2a:80:89:1d:
0d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:15:9F:A3:BA:BA:0F:49:4C:24:CE:E1:13:E6:08:1B:0D:8D:09:80
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/BRWfo7q6D0lMJM7hE-YIGw2NCYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.120.42.0/24
Signature Algorithm: sha256WithRSAEncryption
16:d1:df:1f:98:f4:cb:9e:fe:c8:1e:89:d7:61:7a:5f:22:3b:
78:d6:4c:d0:2b:24:d8:bf:d0:17:10:b3:0b:24:03:6d:90:64:
9f:27:45:ae:7d:f3:bc:37:97:75:fc:b9:98:1f:07:e6:b5:12:
f4:ef:62:1c:40:61:a6:bb:ca:e2:f7:eb:9b:63:95:36:45:36:
ad:6c:00:78:9e:9b:68:32:12:08:50:ae:a9:b0:12:26:f9:a5:
aa:0a:d5:c8:ff:45:78:22:a0:44:28:5f:8c:fb:70:d0:28:18:
de:17:72:47:29:b1:b5:32:28:84:3a:63:41:73:66:82:8f:18:
d5:af:4d:cb:bf:bf:ad:f4:2e:16:c5:94:3d:fb:0d:22:78:8f:
8e:81:81:fe:af:39:cb:41:0b:87:6c:3c:ca:d9:13:39:5d:f8:
22:c5:4e:5e:49:8f:d7:c0:89:21:bc:d9:d3:00:b9:e5:01:4f:
5e:68:7e:98:49:f8:3a:16:ee:2c:5c:e1:23:9c:2f:56:29:0d:
87:55:0f:02:5e:50:b5:e8:32:87:6b:92:c9:eb:a1:30:dd:87:
8a:6d:6e:9b:91:cd:d2:f6:54:85:38:f8:2c:2e:a8:39:25:8c:
53:b5:7b:41:77:b2:5c:d7:b1:95:e1:26:96:3a:9e:f0:c5:c2:
b8:68:f4:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmfugcfTx2Nhn5hoCLQMDK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTQzYTUxOTdlYjI1NDQ0NDdlOWQzNmIzZWJmMTQ0NTJj
Nzc3ZWIwHhcNMjUxMDAxMTIyMzEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE1OWZhM2JhYmEwZjQ5NGMyNGNlZTExM2U2MDgxYjBkOGQwOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovFRcY/rikT/fj+mqptuq9o5z8Qy
NNYhmCRM1oIVvX694VUPBE+m+54DfPwK17QtEu13QxEpUldr8Z4arsTbdGwUwPLK
RiT6mx9vKccNVYbHywhhMRVh5zcJkGTMN9FthiyOBU7HgMbX1UT9RPBnPlYTCO34
9DcbnDaDuentKscs2bCsaELuacVMvfyB9OtpdzEn2m1fD+c7BZu/IFJS1C3rAzGt
W9JUmEnA/siLKIIbGkpAqhLUGWjmdjSRkBu/P8VAPRsm+LMoyN7m4+4pnoeVL4za
SP7YhmhmXhKcZjkZwCtTXd7NjhFd4m4f+nZK0QOkpa12eOnTbSqAiR0NrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUVn6O6ug9JTCTO4RPmCBsNjQmAMB8GA1UdIwQY
MBaAFBBUOlGX6yVERH6dNrPr8URSx3frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmIt
ZjdlMGM1ZTI3MDJlLzEvQlJXZm83cTZEMGxNSk03aEUtWUlHdzJOQ1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmItZjdlMGM1ZTI3MDJl
LzEvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXgqMA0G
CSqGSIb3DQEBCwUAA4IBAQAW0d8fmPTLnv7IHonXYXpfIjt41kzQKyTYv9AXELML
JANtkGSfJ0WuffO8N5d1/LmYHwfmtRL072IcQGGmu8ri9+ubY5U2RTatbAB4npto
MhIIUK6psBIm+aWqCtXI/0V4IqBEKF+M+3DQKBjeF3JHKbG1MiiEOmNBc2aCjxjV
r03Lv7+t9C4WxZQ9+w0ieI+OgYH+rznLQQuHbDzK2RM5XfgixU5eSY/XwIkhvNnT
ALnlAU9eaH6YSfg6Fu4sXOEjnC9WKQ2HVQ8CXlC16DKHa5LJ66Ew3YeKbW6bkc3S
9lSFOPgsLqg5JYxTtXtBd7Jc17GV4SaWOp7wxcK4aPQS
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:32 2025 by rpki-client