Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/bc1140-5086-41e2-b4cc-68c804b658e7/1/pSR-rZwOGiE17rW57fz_6H8OuhA.roa
File: pSR-rZwOGiE17rW57fz_6H8OuhA.roa (raw, json)
Hash identifier: hndxTaLME4hMNFfxFHRJ5PuHa6bS13FEZVnlx7XE/Wk=
Subject key identifier: A5:24:7E:AD:9C:0E:1A:21:35:EE:B5:B9:ED:FC:FF:E8:7F:0E:BA:10
Certificate issuer: /CN=753c6e0142aee7a9e5a27d15779b2eecb688dda7
Certificate serial: 0198756D38EB0E0D534859692BE09D0BCC1F
Authority key identifier: 75:3C:6E:01:42:AE:E7:A9:E5:A2:7D:15:77:9B:2E:EC:B6:88:DD:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTxuAUKu56nlon0Vd5su7LaI3ac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/bc1140-5086-41e2-b4cc-68c804b658e7/1/pSR-rZwOGiE17rW57fz_6H8OuhA.roa
Signing time: Mon 04 Aug 2025 14:12:28 +0000
ROA not before: Mon 04 Aug 2025 14:12:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216251
IP address blocks: 91.242.253.0/24 maxlen: 24
2a11:b440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/bc1140-5086-41e2-b4cc-68c804b658e7/1/dTxuAUKu56nlon0Vd5su7LaI3ac.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/bc1140-5086-41e2-b4cc-68c804b658e7/1/dTxuAUKu56nlon0Vd5su7LaI3ac.mft
rsync://rpki.ripe.net/repository/DEFAULT/dTxuAUKu56nlon0Vd5su7LaI3ac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:6d:38:eb:0e:0d:53:48:59:69:2b:e0:9d:0b:cc:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=753c6e0142aee7a9e5a27d15779b2eecb688dda7
Validity
Not Before: Aug 4 14:12:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5247ead9c0e1a2135eeb5b9edfcffe87f0eba10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ad:b0:78:bf:6b:fb:5f:14:7e:10:f1:94:ac:
fd:0f:0b:c4:62:71:3d:e6:d8:82:15:7c:44:7a:4f:
9d:90:76:85:08:19:20:43:0c:57:69:6e:54:3e:82:
f6:e6:03:3a:21:7b:6e:25:59:8d:e4:7a:f4:ab:95:
62:c6:06:4e:ef:a3:7b:9d:6b:b4:6c:d0:1c:fc:d6:
4d:5b:b7:13:f2:59:56:95:4b:5e:2f:ab:bd:ea:e6:
cf:d0:9d:36:d0:ef:94:67:f1:d2:de:4f:dc:7f:71:
e2:eb:ff:02:b5:08:5f:0b:af:37:b1:8f:10:88:0e:
7a:79:93:9b:1d:6a:0f:8f:17:7a:02:ec:08:38:d0:
72:61:f9:cb:a6:28:20:dc:4b:ea:a6:80:46:0d:a1:
22:1e:89:38:73:bb:7b:dd:0d:4f:91:ef:78:dd:b5:
54:57:e8:14:86:3d:68:7e:76:f3:67:0a:ba:89:86:
3f:44:07:b5:65:bc:93:41:83:28:fa:d9:71:81:18:
28:40:38:07:09:9e:32:db:77:86:8d:23:7b:00:9c:
7d:1c:16:71:00:37:e1:c1:01:82:b3:38:d0:df:22:
34:5a:14:62:99:54:59:76:04:79:0a:1a:aa:57:5c:
7e:ef:33:b0:61:b7:78:7b:6d:ff:3b:e0:df:79:e2:
53:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:24:7E:AD:9C:0E:1A:21:35:EE:B5:B9:ED:FC:FF:E8:7F:0E:BA:10
X509v3 Authority Key Identifier:
keyid:75:3C:6E:01:42:AE:E7:A9:E5:A2:7D:15:77:9B:2E:EC:B6:88:DD:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTxuAUKu56nlon0Vd5su7LaI3ac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc1140-5086-41e2-b4cc-68c804b658e7/1/pSR-rZwOGiE17rW57fz_6H8OuhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc1140-5086-41e2-b4cc-68c804b658e7/1/dTxuAUKu56nlon0Vd5su7LaI3ac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.253.0/24
IPv6:
2a11:b440::/29
Signature Algorithm: sha256WithRSAEncryption
23:60:3d:74:bb:81:59:9d:6d:66:7b:a3:9a:7e:77:f5:e1:5c:
d3:ec:da:9f:2b:bb:ed:8e:40:a9:0b:b3:25:ad:f4:a9:ad:3c:
46:91:09:5b:ec:1b:d6:65:a0:7e:dd:b7:ef:92:2b:97:4a:a9:
e8:36:68:c4:a4:14:67:bc:98:17:b1:16:8d:3c:f3:e2:56:74:
ce:68:79:e8:b3:77:2d:8a:65:51:e4:c2:2d:54:09:c0:41:49:
6a:5f:ef:bf:c0:55:c7:19:eb:47:4e:88:89:b0:08:74:c3:b1:
01:38:ce:64:a5:fa:d0:19:87:77:0e:d9:dd:59:61:7e:88:75:
ef:ed:fc:d6:b2:77:15:c8:bd:7c:85:16:26:a4:30:5d:44:1d:
fd:8a:89:c7:59:6d:36:80:a5:60:34:2f:6b:f2:60:02:c5:13:
49:22:e4:7f:72:5f:0d:47:cb:54:f3:81:1f:d6:5b:fb:19:85:
6a:61:78:12:6a:25:36:12:50:f8:41:ca:20:65:c8:c3:e6:1a:
fc:41:6b:af:42:82:8f:e7:34:66:04:a0:00:dd:af:4b:31:4f:
18:07:aa:ce:e5:97:55:b3:49:2d:94:71:99:9b:dd:64:9f:12:
c8:72:11:d9:f2:0f:53:0e:9e:12:f8:4f:b3:e2:f2:b5:1d:a2:
f7:23:20:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZh1bTjrDg1TSFlpK+CdC8wfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1M2M2ZTAxNDJhZWU3YTllNWEyN2QxNTc3OWIyZWVjYjY4
OGRkYTcwHhcNMjUwODA0MTQxMjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI0N2VhZDljMGUxYTIxMzVlZWI1YjllZGZjZmZlODdmMGViYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3a2weL9r+18UfhDxlKz9DwvEYnE9
5tiCFXxEek+dkHaFCBkgQwxXaW5UPoL25gM6IXtuJVmN5Hr0q5VixgZO76N7nWu0
bNAc/NZNW7cT8llWlUteL6u96ubP0J020O+UZ/HS3k/cf3Hi6/8CtQhfC683sY8Q
iA56eZObHWoPjxd6AuwIONByYfnLpigg3EvqpoBGDaEiHok4c7t73Q1Pke943bVU
V+gUhj1ofnbzZwq6iYY/RAe1ZbyTQYMo+tlxgRgoQDgHCZ4y23eGjSN7AJx9HBZx
ADfhwQGCszjQ3yI0WhRimVRZdgR5ChqqV1x+7zOwYbd4e23/O+DfeeJTDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKUkfq2cDhohNe61ue38/+h/DroQMB8GA1UdIwQY
MBaAFHU8bgFCruep5aJ9FXebLuy2iN2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFR4dUFVS3U1Nm5sb24wVmQ1c3U3TGFJM2FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9iYzExNDAtNTA4Ni00MWUyLWI0Y2Mt
NjhjODA0YjY1OGU3LzEvcFNSLXJad09HaUUxN3JXNTdmel82SDhPdWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9iYzExNDAtNTA4Ni00MWUyLWI0Y2MtNjhjODA0YjY1OGU3
LzEvZFR4dUFVS3U1Nm5sb24wVmQ1c3U3TGFJM2FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW/L9MA0E
AgACMAcDBQMqEbRAMA0GCSqGSIb3DQEBCwUAA4IBAQAjYD10u4FZnW1me6Oafnf1
4VzT7NqfK7vtjkCpC7MlrfSprTxGkQlb7BvWZaB+3bfvkiuXSqnoNmjEpBRnvJgX
sRaNPPPiVnTOaHnos3ctimVR5MItVAnAQUlqX++/wFXHGetHToiJsAh0w7EBOM5k
pfrQGYd3DtndWWF+iHXv7fzWsncVyL18hRYmpDBdRB39ionHWW02gKVgNC9r8mAC
xRNJIuR/cl8NR8tU84Ef1lv7GYVqYXgSaiU2ElD4QcogZcjD5hr8QWuvQoKP5zRm
BKAA3a9LMU8YB6rO5ZdVs0ktlHGZm91knxLIchHZ8g9TDp4S+E+z4vK1HaL3IyAJ
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:08:54 2025 by rpki-client