
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/v2gP_L7mOdlv0td2mrGDA7hw0_Q.roa
File: v2gP_L7mOdlv0td2mrGDA7hw0_Q.roa (raw, json)
Hash identifier: fU5eCiZuN0cnMylI3cPe13vdeQ6MK7KpvTfdAbqCesw=
Subject key identifier: BF:68:0F:FC:BE:E6:39:D9:6F:D2:D7:76:9A:B1:83:03:B8:70:D3:F4
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0199DE60A1D65DC91BF483AFA8C8081ABD1B
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/v2gP_L7mOdlv0td2mrGDA7hw0_Q.roa
Signing time: Mon 13 Oct 2025 16:21:38 +0000
ROA not before: Mon 13 Oct 2025 16:21:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51369
IP address blocks: 194.190.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:de:60:a1:d6:5d:c9:1b:f4:83:af:a8:c8:08:1a:bd:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Oct 13 16:21:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf680ffcbee639d96fd2d7769ab18303b870d3f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:53:4b:02:35:78:29:e8:f9:c8:ea:23:81:6e:
3f:ca:79:d1:a3:a1:ef:a7:df:0d:82:61:fa:b9:14:
88:26:a9:38:ae:ce:2f:45:3c:ef:08:53:ca:c8:15:
44:57:f6:e3:c9:dc:47:0f:80:71:c7:05:13:37:63:
ec:53:02:68:db:57:61:a7:2f:fc:de:83:03:c3:77:
f7:5c:8a:0d:12:27:64:4b:23:bc:ad:8b:e8:ad:ee:
c0:a6:c9:78:79:c6:d0:f2:bb:5f:47:70:6f:67:5a:
13:45:4e:e1:59:82:39:b8:53:7a:b0:fb:39:95:31:
b9:56:74:1c:2b:25:24:2e:42:0e:08:e4:96:47:b1:
0f:0b:d2:7c:ac:c0:ed:4a:d3:85:48:78:c1:3d:2e:
f9:3c:ce:ea:fa:15:62:04:a1:64:79:ff:06:52:c2:
61:3e:ce:7b:25:7e:ca:0a:e3:72:b1:85:0d:3a:34:
2d:97:1f:11:ba:e7:6f:1f:35:34:a1:79:92:24:33:
30:ac:10:aa:be:d3:9b:72:3a:a2:56:e0:0a:74:2d:
35:35:29:3b:e6:62:44:fe:f5:40:f7:2a:b7:58:47:
7f:9d:b7:2b:96:3a:91:26:81:74:93:dd:e6:54:76:
5d:2d:a3:3f:f3:be:25:10:9f:6b:e3:05:26:4b:39:
f4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:68:0F:FC:BE:E6:39:D9:6F:D2:D7:76:9A:B1:83:03:B8:70:D3:F4
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/v2gP_L7mOdlv0td2mrGDA7hw0_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.190.2.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:9f:46:8f:f0:8a:e1:05:e6:0f:bb:51:10:eb:65:53:12:b2:
16:7e:dd:c7:59:06:cd:ec:a3:14:f0:d3:c5:5b:8f:e8:e9:2d:
3b:a0:87:b6:bf:24:58:75:dd:02:1b:a6:bd:34:e2:fe:40:22:
3d:8c:ff:ba:a9:7e:58:6c:94:b8:1b:df:c5:c8:09:e4:47:0d:
5a:b7:c1:9b:11:82:ff:77:e8:69:d0:5a:79:0a:48:13:7e:44:
02:3b:a7:a9:63:2e:e1:d3:9b:c9:6f:ec:67:ce:1d:35:c5:c0:
f8:3e:02:16:57:d0:20:4d:78:96:73:9a:ca:67:e1:1a:08:b8:
45:5d:2d:08:77:4c:9e:5a:67:fe:78:6c:9a:68:cf:23:59:e4:
19:3c:36:2e:b6:dc:33:95:6b:78:e9:e0:c0:71:19:9a:59:be:
1e:6f:f5:97:b0:ac:08:ca:46:f1:5e:91:b6:a9:18:a1:fc:83:
69:d7:6d:62:1c:a7:05:9f:8f:c6:07:93:3e:99:1a:b2:1c:64:
53:5b:ea:d9:41:dc:e6:fc:e8:54:7c:77:c3:4d:f0:d3:d4:3e:
7a:86:a8:85:0d:eb:21:48:a6:f4:16:38:84:2f:ea:90:6f:ad:
25:da:41:23:76:4c:7b:41:bf:0b:77:d6:19:56:4e:28:e8:2a:
41:39:88:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZneYKHWXckb9IOvqMgIGr0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUxMDEzMTYyMTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY4MGZmY2JlZTYzOWQ5NmZkMmQ3NzY5YWIxODMwM2I4NzBkM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulNLAjV4Kej5yOojgW4/ynnRo6Hv
p98NgmH6uRSIJqk4rs4vRTzvCFPKyBVEV/bjydxHD4BxxwUTN2PsUwJo21dhpy/8
3oMDw3f3XIoNEidkSyO8rYvore7Apsl4ecbQ8rtfR3BvZ1oTRU7hWYI5uFN6sPs5
lTG5VnQcKyUkLkIOCOSWR7EPC9J8rMDtStOFSHjBPS75PM7q+hViBKFkef8GUsJh
Ps57JX7KCuNysYUNOjQtlx8RuudvHzU0oXmSJDMwrBCqvtObcjqiVuAKdC01NSk7
5mJE/vVA9yq3WEd/nbcrljqRJoF0k93mVHZdLaM/874lEJ9r4wUmSzn0eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9oD/y+5jnZb9LXdpqxgwO4cNP0MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvdjJnUF9MN21PZGx2MHRkMm1yR0RBN2h3MF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwr4CMA0G
CSqGSIb3DQEBCwUAA4IBAQAcn0aP8IrhBeYPu1EQ62VTErIWft3HWQbN7KMU8NPF
W4/o6S07oIe2vyRYdd0CG6a9NOL+QCI9jP+6qX5YbJS4G9/FyAnkRw1at8GbEYL/
d+hp0Fp5CkgTfkQCO6epYy7h05vJb+xnzh01xcD4PgIWV9AgTXiWc5rKZ+EaCLhF
XS0Id0yeWmf+eGyaaM8jWeQZPDYuttwzlWt46eDAcRmaWb4eb/WXsKwIykbxXpG2
qRih/INp121iHKcFn4/GB5M+mRqyHGRTW+rZQdzm/OhUfHfDTfDT1D56hqiFDesh
SKb0FjiEL+qQb60l2kEjdkx7Qb8Ld9YZVk4o6CpBOYi6
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:38 2025 by rpki-client