Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/0TepxYDRCJ_5cWsq1YkkvURL6hE.roa
File: 0TepxYDRCJ_5cWsq1YkkvURL6hE.roa (raw, json)
Hash identifier: jbUg3WZRyt3dAqtU/8wDqNaiICIVnpJ/MOPNwEWZYpE=
Subject key identifier: D1:37:A9:C5:80:D1:08:9F:F9:71:6B:2A:D5:89:24:BD:44:4B:EA:11
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 01993D2DCB7283BA996BE853444FAB2FC444
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/0TepxYDRCJ_5cWsq1YkkvURL6hE.roa
Signing time: Fri 12 Sep 2025 09:07:15 +0000
ROA not before: Fri 12 Sep 2025 09:07:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9583
IP address blocks: 159.151.196.0/24 maxlen: 24
192.109.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3d:2d:cb:72:83:ba:99:6b:e8:53:44:4f:ab:2f:c4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Sep 12 09:07:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d137a9c580d1089ff9716b2ad58924bd444bea11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4a:2b:2c:86:4e:d6:55:ee:a1:c3:58:40:57:
18:6e:6c:b8:e6:bb:8a:9e:b5:cd:e1:6d:58:ec:e9:
fa:f7:7c:d8:2a:7a:66:55:42:4a:e4:82:ed:d5:df:
8f:ec:a7:aa:ed:16:94:1c:46:9f:f5:40:c1:a1:ea:
01:42:51:b5:16:7a:37:73:31:bf:a0:84:4c:85:27:
27:2d:f9:c6:0d:f4:a1:d3:c5:28:bd:db:e4:db:f1:
e8:6f:a3:b4:fd:60:92:63:03:fd:ae:4d:ad:75:45:
aa:10:84:06:f7:ef:8a:63:12:58:2c:08:f3:82:40:
af:b9:4e:cd:e4:e4:91:d8:a5:36:ab:47:38:dd:df:
ed:2a:3e:72:84:c5:9b:59:01:6d:26:20:47:0a:96:
38:91:c2:e8:b2:46:ea:e0:cf:71:ab:c3:c9:45:d3:
6f:1d:a6:4c:e0:ac:55:bf:a4:bd:e4:0e:1f:c7:c1:
51:bb:57:d2:bb:89:10:85:a6:aa:1d:2c:16:f1:70:
77:4d:6c:3c:39:9f:d7:20:92:af:ae:b0:1a:62:ff:
92:63:1d:35:93:67:26:2a:21:ba:7e:0c:28:a6:ac:
14:c1:b9:72:f4:5e:ca:92:58:4b:a9:f5:3f:ad:f8:
2a:76:d0:3f:46:82:1a:72:23:5f:b5:fd:12:3a:0d:
fd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:37:A9:C5:80:D1:08:9F:F9:71:6B:2A:D5:89:24:BD:44:4B:EA:11
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/0TepxYDRCJ_5cWsq1YkkvURL6hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.196.0/24
192.109.146.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:7f:2d:f7:20:98:53:dc:38:e4:19:89:d3:65:66:f7:b4:cf:
76:ac:ba:a4:dd:cb:fc:9f:a6:03:89:ec:b9:9e:8c:fe:a5:05:
82:75:27:d9:20:cb:ff:7e:25:7a:f0:fd:e3:f0:b2:73:98:16:
ae:45:e9:33:93:1b:78:13:36:1a:1c:17:7c:8c:af:8e:6d:8f:
f0:26:5f:ec:fd:6a:3f:b6:a7:e5:5c:60:f2:d0:85:95:e3:9d:
4d:36:0b:6c:dc:b7:44:9f:06:65:88:ef:b5:03:6a:83:0e:4b:
c6:f2:c7:cd:74:87:2c:06:f7:47:1a:09:a4:2c:b1:b9:56:89:
92:cc:6f:e4:02:50:83:ae:03:75:da:1d:11:68:3c:da:2c:9b:
2f:83:1e:70:24:f0:06:84:18:a1:f4:59:4b:c6:08:72:90:3e:
39:0b:db:34:e9:ab:31:64:17:27:e3:8b:38:ba:5d:df:14:06:
a9:15:cd:85:24:d5:b0:9b:ee:b1:e0:22:22:1f:20:ca:a5:40:
e8:7f:42:a9:58:70:ec:bd:87:3f:10:3d:e7:9a:66:1b:3c:cf:
e5:4e:5a:48:fb:f4:d1:40:37:10:5f:1f:d9:42:89:c5:49:53:
8d:6e:16:7d:f4:de:bd:6a:19:2e:b3:6f:30:03:4f:99:e0:31:
3c:03:7c:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZk9Lctyg7qZa+hTRE+rL8REMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjUwOTEyMDkwNzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTM3YTljNTgwZDEwODlmZjk3MTZiMmFkNTg5MjRiZDQ0NGJlYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEorLIZO1lXuocNYQFcYbmy45ruK
nrXN4W1Y7On693zYKnpmVUJK5ILt1d+P7Keq7RaUHEaf9UDBoeoBQlG1Fno3czG/
oIRMhScnLfnGDfSh08Uovdvk2/Hob6O0/WCSYwP9rk2tdUWqEIQG9++KYxJYLAjz
gkCvuU7N5OSR2KU2q0c43d/tKj5yhMWbWQFtJiBHCpY4kcLoskbq4M9xq8PJRdNv
HaZM4KxVv6S95A4fx8FRu1fSu4kQhaaqHSwW8XB3TWw8OZ/XIJKvrrAaYv+SYx01
k2cmKiG6fgwopqwUwbly9F7KklhLqfU/rfgqdtA/RoIaciNftf0SOg39owIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNE3qcWA0Qif+XFrKtWJJL1ES+oRMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvMFRlcHhZRFJDSl81Y1dzcTFZa2t2VVJMNmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAn5fEAwQA
wG2SMA0GCSqGSIb3DQEBCwUAA4IBAQCwfy33IJhT3DjkGYnTZWb3tM92rLqk3cv8
n6YDiey5noz+pQWCdSfZIMv/fiV68P3j8LJzmBauRekzkxt4EzYaHBd8jK+ObY/w
Jl/s/Wo/tqflXGDy0IWV451NNgts3LdEnwZliO+1A2qDDkvG8sfNdIcsBvdHGgmk
LLG5VomSzG/kAlCDrgN12h0RaDzaLJsvgx5wJPAGhBih9FlLxghykD45C9s06asx
ZBcn44s4ul3fFAapFc2FJNWwm+6x4CIiHyDKpUDof0KpWHDsvYc/ED3nmmYbPM/l
TlpI+/TRQDcQXx/ZQonFSVONbhZ99N69ahkus28wA0+Z4DE8A3yR
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:15 2025 by rpki-client