
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/a7clVcf7Mcv_qJSO5qDvQ3LcnVQ.roa
File: a7clVcf7Mcv_qJSO5qDvQ3LcnVQ.roa (raw, json)
Hash identifier: 38jbVqYOXElIoD9S/EjUyB0D8z6sldWD32qy7lRuw68=
Subject key identifier: 6B:B7:25:55:C7:FB:31:CB:FF:A8:94:8E:E6:A0:EF:43:72:DC:9D:54
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0199BF27E15546F32CB5531A00A0DDBB0717
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/a7clVcf7Mcv_qJSO5qDvQ3LcnVQ.roa
Signing time: Tue 07 Oct 2025 14:51:25 +0000
ROA not before: Tue 07 Oct 2025 14:51:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42728
IP address blocks: 193.232.241.0/24 maxlen: 24
2a0c:a9c7:241::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bf:27:e1:55:46:f3:2c:b5:53:1a:00:a0:dd:bb:07:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Oct 7 14:51:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bb72555c7fb31cbffa8948ee6a0ef4372dc9d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:77:69:c0:a0:56:90:7a:79:e0:28:6a:be:2b:
ca:6f:7f:fc:68:b2:5a:50:5c:d0:9e:fa:d1:77:69:
b0:15:a6:41:e8:71:24:e0:d5:5f:46:1b:6d:33:79:
77:68:8b:c7:64:88:aa:52:2a:16:44:a8:30:7b:f1:
d7:cd:09:78:36:74:62:ce:a5:92:33:c5:1c:36:44:
4e:01:d6:28:28:40:ea:a3:45:b7:0c:30:23:8d:37:
17:db:a6:d0:d0:39:71:86:25:ba:97:95:62:de:d2:
ad:c2:4b:91:db:87:d4:f3:d6:c7:64:6f:3e:55:51:
15:67:9f:7c:ce:6d:7d:09:9b:7d:5d:09:6f:b9:43:
1d:1a:e2:43:de:d6:2b:ef:6d:a5:73:af:b7:c3:65:
da:be:2c:e0:61:32:da:d4:94:13:3d:b0:9a:ad:b4:
d6:97:e8:38:80:50:a4:be:14:df:c6:6f:1a:12:45:
38:27:5e:6e:cb:7c:2a:08:33:48:67:00:aa:98:25:
f2:09:b4:ff:71:8f:75:c5:81:a1:e7:24:90:50:f4:
90:c7:17:bd:d2:19:c5:f7:e1:a2:da:0b:f6:ab:3a:
fb:b3:87:dd:83:e7:97:b4:ba:af:e7:ad:75:40:96:
c6:67:4e:a7:6f:de:1d:c1:0f:4c:b5:76:bf:f4:e2:
1a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B7:25:55:C7:FB:31:CB:FF:A8:94:8E:E6:A0:EF:43:72:DC:9D:54
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/a7clVcf7Mcv_qJSO5qDvQ3LcnVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.241.0/24
IPv6:
2a0c:a9c7:241::/48
Signature Algorithm: sha256WithRSAEncryption
2a:72:cf:58:8d:ec:4b:43:16:0e:52:64:0b:58:ee:fd:de:87:
25:3e:67:3e:0a:77:c8:0a:c6:2f:7c:df:a1:c2:d6:68:74:fc:
25:4f:04:04:22:f4:35:71:1b:fe:85:10:39:c2:5e:e1:c7:07:
1c:19:a7:1c:85:4c:f7:8c:88:f4:47:aa:f0:e8:0d:a0:a0:91:
b9:79:5f:48:09:70:fd:0d:76:9a:c5:88:55:b5:d6:ea:33:93:
94:61:ae:33:78:f0:25:17:d9:6c:e3:a8:47:71:ca:0c:91:90:
43:b6:21:c5:4a:79:f3:0f:bf:cf:b9:cc:95:7b:ed:6b:17:f8:
e1:a5:a6:68:d3:11:93:06:29:58:4b:68:00:aa:ce:23:56:37:
bc:44:69:5e:f5:2f:0f:3d:6b:ff:a6:34:51:41:de:13:f2:14:
44:a8:74:08:ed:6d:a7:4e:e4:f1:6f:60:c6:97:5c:e5:2b:55:
89:00:70:64:6c:0e:63:66:72:26:37:e8:c7:e7:da:8c:7f:e6:
07:19:55:4c:94:b3:66:ad:38:15:80:48:fd:31:40:6e:c1:cd:
dd:b8:92:83:d8:9f:a0:2b:dd:84:e6:20:7a:08:00:60:85:36:
b6:e9:a5:5c:2b:27:31:89:5a:c7:7e:f6:8d:80:b3:db:81:df:
fb:34:ee:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZm/J+FVRvMstVMaAKDduwcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUxMDA3MTQ1MTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmI3MjU1NWM3ZmIzMWNiZmZhODk0OGVlNmEwZWY0MzcyZGM5ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ndpwKBWkHp54ChqvivKb3/8aLJa
UFzQnvrRd2mwFaZB6HEk4NVfRhttM3l3aIvHZIiqUioWRKgwe/HXzQl4NnRizqWS
M8UcNkROAdYoKEDqo0W3DDAjjTcX26bQ0DlxhiW6l5Vi3tKtwkuR24fU89bHZG8+
VVEVZ598zm19CZt9XQlvuUMdGuJD3tYr722lc6+3w2XavizgYTLa1JQTPbCarbTW
l+g4gFCkvhTfxm8aEkU4J15uy3wqCDNIZwCqmCXyCbT/cY91xYGh5ySQUPSQxxe9
0hnF9+Gi2gv2qzr7s4fdg+eXtLqv5611QJbGZ06nb94dwQ9MtXa/9OIa2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGu3JVXH+zHL/6iUjuag70Ny3J1UMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvYTdjbFZjZjdNY3ZfcUpTTzVxRHZRM0xjblZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwejxMA8E
AgACMAkDBwAqDKnHAkEwDQYJKoZIhvcNAQELBQADggEBACpyz1iN7EtDFg5SZAtY
7v3ehyU+Zz4Kd8gKxi9836HC1mh0/CVPBAQi9DVxG/6FEDnCXuHHBxwZpxyFTPeM
iPRHqvDoDaCgkbl5X0gJcP0NdprFiFW11uozk5RhrjN48CUX2WzjqEdxygyRkEO2
IcVKefMPv8+5zJV77WsX+OGlpmjTEZMGKVhLaACqziNWN7xEaV71Lw89a/+mNFFB
3hPyFESodAjtbadO5PFvYMaXXOUrVYkAcGRsDmNmciY36Mfn2ox/5gcZVUyUs2at
OBWASP0xQG7Bzd24koPYn6Ar3YTmIHoIAGCFNrbppVwrJzGJWsd+9o2As9uB3/s0
7qs=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:29:07 2025 by rpki-client