Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/Red5pkskUAFA8WcL1YOe9BUuOZM.roa
File: Red5pkskUAFA8WcL1YOe9BUuOZM.roa (raw, json)
Hash identifier: S6qOREc3I0Eo71LK+o2EBPNiAlQAC2CgwyQqhyD99Xg=
Subject key identifier: 45:E7:79:A6:4B:24:50:01:40:F1:67:0B:D5:83:9E:F4:15:2E:39:93
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 01997AC178F33AC968FCA7516F74C958B5E2
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/Red5pkskUAFA8WcL1YOe9BUuOZM.roa
Signing time: Wed 24 Sep 2025 08:05:23 +0000
ROA not before: Wed 24 Sep 2025 08:05:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214123
IP address blocks: 192.140.229.0/24 maxlen: 24
192.140.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7a:c1:78:f3:3a:c9:68:fc:a7:51:6f:74:c9:58:b5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: Sep 24 08:05:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45e779a64b24500140f1670bd5839ef4152e3993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c2:06:56:e9:f0:79:63:0b:69:13:b9:26:7d:
94:fb:ee:ad:40:d3:bd:34:ae:ed:35:af:d8:42:30:
bf:2e:4b:7b:09:12:45:1c:8b:28:c5:51:a5:ce:52:
df:2d:b0:50:01:2c:a5:5a:ac:07:a3:32:ad:7a:f4:
5c:39:a7:1a:c4:55:28:63:ca:06:10:66:08:80:86:
37:b1:5b:64:0e:4d:5d:17:c0:49:66:42:80:6d:8c:
3b:ae:10:9f:86:b2:7a:25:14:6a:bb:66:4b:a7:d0:
d7:d5:cd:fe:c4:45:be:1c:5f:71:88:f5:ee:ab:02:
5e:fc:ef:c1:ca:91:b9:3f:db:a0:5c:11:b2:9b:95:
ec:48:3d:2a:83:0c:22:01:d6:6d:3b:ff:01:20:ce:
ad:da:f7:5d:c5:a9:75:52:d1:28:4d:03:64:0a:8a:
d4:b4:5a:de:27:01:07:0a:be:99:06:52:bf:a3:04:
66:88:3a:75:fd:20:c9:11:42:dc:00:a1:6e:fc:df:
a1:82:b1:e9:e8:1b:9a:fa:51:dd:b3:75:18:04:a1:
f1:53:16:55:00:65:e3:10:9a:c6:7e:d1:a6:8e:bc:
fa:59:7b:25:6e:94:be:bc:fd:78:89:2d:e1:08:c1:
0e:1e:d2:8e:1a:05:b5:cc:79:9f:e9:bd:f0:0c:6b:
d5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E7:79:A6:4B:24:50:01:40:F1:67:0B:D5:83:9E:F4:15:2E:39:93
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/Red5pkskUAFA8WcL1YOe9BUuOZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.140.229.0-192.140.230.255
Signature Algorithm: sha256WithRSAEncryption
1d:05:77:5a:6d:f6:a0:df:67:86:a4:b9:ba:40:e2:6d:65:c7:
4b:0c:ef:eb:2c:19:e1:21:24:32:b8:b5:61:70:7c:98:42:a9:
77:69:bf:9d:dd:6c:1e:18:56:51:99:65:3c:38:79:a0:ea:ea:
fb:ac:ac:e1:61:d1:f6:66:39:48:0f:a7:0a:7d:25:ca:cc:d2:
41:66:9d:6a:ac:54:55:20:e4:f6:49:c0:46:66:91:62:4e:62:
f8:97:70:7b:a1:3b:de:7b:af:2c:70:ad:07:c5:08:4b:87:bb:
ab:fd:c8:6a:de:88:44:e4:7b:84:f4:72:8c:02:33:6a:63:d4:
b5:41:fa:bd:20:79:8d:c2:bf:b8:e6:2b:ae:62:12:67:a3:97:
58:78:55:1b:45:db:b9:ff:a3:9c:0e:4b:26:55:8e:6f:32:61:
0d:74:d5:4d:f8:08:0c:f5:9e:33:c2:74:b5:a3:8d:df:0c:d5:
4c:86:14:7b:ea:ee:0c:71:5a:33:7f:7d:a9:7c:94:ad:94:4e:
91:c8:52:62:7a:02:94:1f:ab:92:4d:37:05:7c:91:a3:cf:0b:
1b:81:67:98:a5:50:a8:d5:b0:2a:3d:8b:15:e2:98:43:93:0d:
a6:72:0b:14:0d:b9:74:ed:e2:9c:b1:4b:af:12:51:ca:5c:f1:
fb:02:84:2c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZl6wXjzOslo/KdRb3TJWLXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjUwOTI0MDgwNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWU3NzlhNjRiMjQ1MDAxNDBmMTY3MGJkNTgzOWVmNDE1MmUzOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMIGVunweWMLaRO5Jn2U++6tQNO9
NK7tNa/YQjC/Lkt7CRJFHIsoxVGlzlLfLbBQASylWqwHozKtevRcOacaxFUoY8oG
EGYIgIY3sVtkDk1dF8BJZkKAbYw7rhCfhrJ6JRRqu2ZLp9DX1c3+xEW+HF9xiPXu
qwJe/O/BypG5P9ugXBGym5XsSD0qgwwiAdZtO/8BIM6t2vddxal1UtEoTQNkCorU
tFreJwEHCr6ZBlK/owRmiDp1/SDJEULcAKFu/N+hgrHp6Bua+lHds3UYBKHxUxZV
AGXjEJrGftGmjrz6WXslbpS+vP14iS3hCMEOHtKOGgW1zHmf6b3wDGvVdwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEXneaZLJFABQPFnC9WDnvQVLjmTMB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvUmVkNXBrc2tVQUZBOFdjTDFZT2U5QlV1T1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADAjOUD
BADAjOYwDQYJKoZIhvcNAQELBQADggEBAB0Fd1pt9qDfZ4akubpA4m1lx0sM7+ss
GeEhJDK4tWFwfJhCqXdpv53dbB4YVlGZZTw4eaDq6vusrOFh0fZmOUgPpwp9JcrM
0kFmnWqsVFUg5PZJwEZmkWJOYviXcHuhO957ryxwrQfFCEuHu6v9yGreiETke4T0
cowCM2pj1LVB+r0geY3Cv7jmK65iEmejl1h4VRtF27n/o5wOSyZVjm8yYQ101U34
CAz1njPCdLWjjd8M1UyGFHvq7gxxWjN/fal8lK2UTpHIUmJ6ApQfq5JNNwV8kaPP
CxuBZ5ilUKjVsCo9ixXimEOTDaZyCxQNuXTt4pyxS68SUcpc8fsChCw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:40:38 2025 by rpki-client