Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/5Uboz5Qtd123t0J7PfOb2-c92kI.roa
File: 5Uboz5Qtd123t0J7PfOb2-c92kI.roa (raw, json)
Hash identifier: mZ6cIDuc1FkJRsYKoWBbHpFoMnLMR2Gp7Njyo2mcnFo=
Subject key identifier: E5:46:E8:CF:94:2D:77:5D:B7:B7:42:7B:3D:F3:9B:DB:E7:3D:DA:42
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 0199C8362E71D60129E8CDDCDEB21E904097
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/5Uboz5Qtd123t0J7PfOb2-c92kI.roa
Signing time: Thu 09 Oct 2025 09:03:37 +0000
ROA not before: Thu 09 Oct 2025 09:03:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43832
IP address blocks: 62.76.62.0/23 maxlen: 23
62.76.62.0/24 maxlen: 24
62.76.76.0/23 maxlen: 23
62.76.76.0/24 maxlen: 24
193.232.93.0/24 maxlen: 24
194.85.104.0/24 maxlen: 24
194.85.108.0/24 maxlen: 24
2001:67c:1442::/48 maxlen: 48
2001:67c:1444::/48 maxlen: 48
2001:6d0:d6::/48 maxlen: 48
2001:6d0:6d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.mft
rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:36:2e:71:d6:01:29:e8:cd:dc:de:b2:1e:90:40:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Oct 9 09:03:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e546e8cf942d775db7b7427b3df39bdbe73dda42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:10:4f:3e:c4:12:3a:d6:0c:3d:fc:03:f2:21:
dd:cb:33:95:e8:8c:38:05:43:84:a2:6a:28:af:50:
d0:57:f4:5d:0c:d4:42:27:75:b2:fa:e2:48:7f:f1:
8b:e9:2a:fe:6f:c9:59:ee:3c:33:de:60:ae:22:b4:
ba:65:a8:8b:7e:72:b4:4e:97:87:23:78:39:6e:53:
ef:8c:c1:c1:d9:3a:fe:23:91:86:31:a1:51:dc:1b:
fe:0a:3e:41:b8:b0:1a:84:60:1b:9a:e9:9d:29:3e:
28:6e:ae:ab:a9:77:3e:44:e9:be:7c:b7:59:4e:50:
92:fa:31:0b:3b:a8:c3:18:83:07:1d:a0:2e:33:fe:
15:31:88:22:1a:d4:e7:3b:7b:4b:ab:e5:d6:16:67:
23:ba:6a:f7:96:e9:1b:dd:ca:ad:1e:ef:66:d9:c8:
12:8d:45:96:1d:c5:39:6d:57:48:96:3a:39:37:be:
e3:ab:37:e9:e2:43:8d:cb:a5:59:3d:37:cb:7e:9f:
48:25:a9:04:47:ff:fe:7e:5d:dd:5e:19:91:6d:0d:
99:80:c8:1e:1e:6c:8a:55:87:10:ca:2a:5b:36:a1:
56:5c:e6:c4:52:ed:15:2a:b9:5a:97:d2:7c:29:08:
be:82:21:df:1e:1f:1c:89:5b:13:85:12:36:fd:de:
e5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:46:E8:CF:94:2D:77:5D:B7:B7:42:7B:3D:F3:9B:DB:E7:3D:DA:42
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/5Uboz5Qtd123t0J7PfOb2-c92kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.62.0/23
62.76.76.0/23
193.232.93.0/24
194.85.104.0/24
194.85.108.0/24
IPv6:
2001:67c:1442::/48
2001:67c:1444::/48
2001:6d0:d6::/48
2001:6d0:6d0::/48
Signature Algorithm: sha256WithRSAEncryption
1e:4e:67:9b:53:37:9f:5b:57:8f:9c:b6:31:2e:29:fa:46:a2:
33:70:35:4c:8f:aa:20:73:b1:a4:d4:35:91:6f:a1:69:cb:73:
b4:e7:7b:a8:de:50:e1:54:f0:e5:e5:e7:ba:12:1d:b6:82:2c:
fc:63:10:a3:b6:e4:ff:6a:83:d4:8e:5c:40:bd:84:4f:e0:b0:
30:a7:fe:89:f7:13:e9:9c:46:77:0c:68:8b:dc:43:06:ab:87:
2f:1b:2b:20:69:31:e9:6d:0d:87:5e:9a:4a:5a:1f:e5:37:1c:
70:87:7b:bf:ae:d2:57:e6:2a:c5:a7:be:aa:8e:91:8a:ff:00:
44:8b:c1:e2:61:e3:c1:af:14:79:26:ff:63:28:01:59:14:67:
0d:19:03:bc:95:1c:79:a7:ff:f6:d2:bb:66:6a:6d:bb:af:e5:
43:70:ac:ab:62:76:e9:71:33:86:ae:5f:07:41:d9:49:15:54:
89:e6:77:5e:78:2a:a9:bf:aa:3a:f7:9d:f2:f0:d2:6d:31:a3:
73:76:26:fe:45:63:c7:27:5f:e7:44:9b:5a:8e:47:c3:18:15:
34:43:f8:28:23:6b:28:2c:90:4b:9a:33:6e:4a:51:1f:93:42:
05:13:a6:57:97:ea:ba:ae:76:07:af:2a:0d:29:28:6c:17:f1:
2b:c9:9b:0f
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZnINi5x1gEp6M3c3rIekECXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjUxMDA5MDkwMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQ2ZThjZjk0MmQ3NzVkYjdiNzQyN2IzZGYzOWJkYmU3M2RkYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthBPPsQSOtYMPfwD8iHdyzOV6Iw4
BUOEomoor1DQV/RdDNRCJ3Wy+uJIf/GL6Sr+b8lZ7jwz3mCuIrS6ZaiLfnK0TpeH
I3g5blPvjMHB2Tr+I5GGMaFR3Bv+Cj5BuLAahGAbmumdKT4obq6rqXc+ROm+fLdZ
TlCS+jELO6jDGIMHHaAuM/4VMYgiGtTnO3tLq+XWFmcjumr3lukb3cqtHu9m2cgS
jUWWHcU5bVdIljo5N77jqzfp4kONy6VZPTfLfp9IJakER//+fl3dXhmRbQ2ZgMge
HmyKVYcQyipbNqFWXObEUu0VKrlal9J8KQi+giHfHh8ciVsThRI2/d7l0wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFOVG6M+ULXddt7dCez3zm9vnPdpCMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvNVVib3o1UXRkMTIzdDBKN1BmT2IyLWM5MmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAkBAIAATAeAwQBPkw+AwQB
PkxMAwQAwehdAwQAwlVoAwQAwlVsMCoEAgACMCQDBwAgAQZ8FEIDBwAgAQZ8FEQD
BwAgAQbQANYDBwAgAQbQBtAwDQYJKoZIhvcNAQELBQADggEBAB5OZ5tTN59bV4+c
tjEuKfpGojNwNUyPqiBzsaTUNZFvoWnLc7Tne6jeUOFU8OXl57oSHbaCLPxjEKO2
5P9qg9SOXEC9hE/gsDCn/on3E+mcRncMaIvcQwarhy8bKyBpMeltDYdemkpaH+U3
HHCHe7+u0lfmKsWnvqqOkYr/AESLweJh48GvFHkm/2MoAVkUZw0ZA7yVHHmn//bS
u2Zqbbuv5UNwrKtidulxM4auXwdB2UkVVInmd154Kqm/qjr3nfLw0m0xo3N2Jv5F
Y8cnX+dEm1qOR8MYFTRD+CgjaygskEuaM25KUR+TQgUTpleX6rqudgevKg0pKGwX
8SvJmw8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:04:43 2025 by rpki-client