Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-l5e8RtWIfJ5HJu2aF-z-BrTlyo.roa
File: 1-l5e8RtWIfJ5HJu2aF-z-BrTlyo.roa (raw, json)
Hash identifier: liqIWUE1akuOGXSu36zEc8EFC/r3jfqhmZT/oLGXdSw=
Subject key identifier: FA:5E:5E:F1:1B:56:21:F2:79:1C:9B:B6:68:5F:B3:F8:1A:D3:97:2A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199E71B8783506ADE51F50E0CA61EA984C5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-l5e8RtWIfJ5HJu2aF-z-BrTlyo.roa
Signing time: Wed 15 Oct 2025 09:02:45 +0000
ROA not before: Wed 15 Oct 2025 09:02:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 82.153.80.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
217.144.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e7:1b:87:83:50:6a:de:51:f5:0e:0c:a6:1e:a9:84:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 15 09:02:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa5e5ef11b5621f2791c9bb6685fb3f81ad3972a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:40:77:94:cf:fa:5a:d9:5c:40:ac:ab:2c:cd:
5e:02:41:fa:9d:8a:05:42:44:cc:b6:c5:a0:20:22:
24:7b:93:40:1a:2d:e1:47:f6:a7:86:a1:9c:7c:f0:
15:d3:46:7b:fe:5a:93:66:50:fa:1e:7e:a5:24:b4:
38:8b:a9:1a:17:4a:e5:48:7c:7e:c4:00:b7:33:80:
af:5f:4f:1f:da:ed:2f:7e:de:ac:89:2f:ea:02:e2:
87:dc:75:f4:30:9b:b1:30:86:37:03:02:50:c4:f2:
15:77:d8:e1:a8:6b:15:94:60:c9:2c:9e:d6:eb:ea:
d5:57:11:e0:8a:d3:b0:50:f8:bb:c9:f1:b3:64:32:
e8:d4:c4:72:b7:b8:a7:96:9e:ca:ea:81:79:b8:60:
a4:2f:2b:b5:26:45:0d:9e:8b:91:ee:c1:ec:0e:ab:
85:aa:1c:d7:8e:8a:a4:2a:32:09:39:36:e9:8e:e1:
8b:bc:24:30:be:89:1b:63:16:e1:4d:37:b6:cb:80:
79:90:9a:d7:0f:0c:7f:2d:0a:df:5e:ac:aa:90:68:
ca:a4:a6:fc:aa:e8:4a:c2:20:54:d7:4d:8e:c6:dc:
a5:25:84:37:ec:81:6b:29:83:20:64:68:37:42:24:
24:cf:f1:bd:77:e3:0f:8a:b2:da:60:45:9c:f6:90:
f2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5E:5E:F1:1B:56:21:F2:79:1C:9B:B6:68:5F:B3:F8:1A:D3:97:2A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-l5e8RtWIfJ5HJu2aF-z-BrTlyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.80.0/24
109.176.244.0/24
217.144.156.0/24
Signature Algorithm: sha256WithRSAEncryption
79:10:c5:91:fb:e2:b4:e6:14:f9:95:91:3d:66:30:49:14:a7:
1a:40:53:83:12:64:03:d1:3a:1a:43:92:61:75:db:d9:e6:b0:
4d:46:1e:38:28:bb:96:76:ff:32:a2:0f:20:63:50:6a:13:d0:
09:f8:78:49:1f:21:dd:ca:28:31:7d:ff:0a:40:f0:8d:05:7f:
4c:ac:69:76:30:df:20:d9:3a:de:29:08:d0:13:54:37:26:b7:
8b:74:5c:6d:f4:95:43:77:df:f2:eb:61:fb:bd:d7:1d:67:39:
7c:af:85:88:74:73:1e:d0:4f:11:69:a1:8f:c9:60:27:ee:f0:
2e:fc:f5:4d:ec:35:7d:b3:f3:40:74:3b:72:96:e2:76:30:88:
d1:12:be:7d:a4:6d:4c:a7:1e:d3:db:c2:84:62:f0:5f:3e:59:
c5:cf:9b:92:89:a2:ab:ea:30:77:f8:c4:33:d6:01:69:3a:21:
db:77:db:0f:62:f6:8e:16:af:50:c6:b0:e3:7d:c7:5f:c9:79:
0a:2e:7b:85:06:89:9f:4a:99:de:d3:9c:ee:b8:00:63:d1:3a:
92:e6:c5:c8:21:01:46:3c:64:18:99:b0:1c:b5:d5:e8:e0:fa:
37:b8:4c:42:af:d4:8a:5b:1a:fe:3a:74:34:16:19:6a:e0:88:
85:cc:22:e4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZnnG4eDUGreUfUODKYeqYTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDE1MDkwMjQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVlNWVmMTFiNTYyMWYyNzkxYzliYjY2ODVmYjNmODFhZDM5NzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUB3lM/6WtlcQKyrLM1eAkH6nYoF
QkTMtsWgICIke5NAGi3hR/anhqGcfPAV00Z7/lqTZlD6Hn6lJLQ4i6kaF0rlSHx+
xAC3M4CvX08f2u0vft6siS/qAuKH3HX0MJuxMIY3AwJQxPIVd9jhqGsVlGDJLJ7W
6+rVVxHgitOwUPi7yfGzZDLo1MRyt7inlp7K6oF5uGCkLyu1JkUNnouR7sHsDquF
qhzXjoqkKjIJOTbpjuGLvCQwvokbYxbhTTe2y4B5kJrXDwx/LQrfXqyqkGjKpKb8
quhKwiBU102OxtylJYQ37IFrKYMgZGg3QiQkz/G9d+MPirLaYEWc9pDyRQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPpeXvEbViHyeRybtmhfs/ga05cqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1sNWU4UnRXSWZKNUhKdTJhRi16LUJyVGx5by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFKZUAME
AG2w9AMEANmQnDANBgkqhkiG9w0BAQsFAAOCAQEAeRDFkfvitOYU+ZWRPWYwSRSn
GkBTgxJkA9E6GkOSYXXb2eawTUYeOCi7lnb/MqIPIGNQahPQCfh4SR8h3cooMX3/
CkDwjQV/TKxpdjDfINk63ikI0BNUNya3i3RcbfSVQ3ff8uth+73XHWc5fK+FiHRz
HtBPEWmhj8lgJ+7wLvz1Tew1fbPzQHQ7cpbidjCI0RK+faRtTKce09vChGLwXz5Z
xc+bkomiq+owd/jEM9YBaToh23fbD2L2jhavUMaw433HX8l5Ci57hQaJn0qZ3tOc
7rgAY9E6kubFyCEBRjxkGJmwHLXV6OD6N7hMQq/Uilsa/jp0NBYZauCIhcwi5A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:14 2025 by rpki-client