Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/42e19a-e13a-4998-99ae-ea9619beb56e/1/PpWQe7F60cQV0dh2AIuIGDWQfQM.roa
File: PpWQe7F60cQV0dh2AIuIGDWQfQM.roa (raw, json)
Hash identifier: TyQK8tYggX3AsMsFVzO7P3WPFl/RmPxqQqZ+a02rkMQ=
Subject key identifier: 3E:95:90:7B:B1:7A:D1:C4:15:D1:D8:76:00:8B:88:18:35:90:7D:03
Certificate issuer: /CN=3eced3d386accd5569ffb17ab63139ba6d47b5ea
Certificate serial: 01997B038C841E986E850182F1004F9EA058
Authority key identifier: 3E:CE:D3:D3:86:AC:CD:55:69:FF:B1:7A:B6:31:39:BA:6D:47:B5:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ps7T04aszVVp_7F6tjE5um1Hteo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/42e19a-e13a-4998-99ae-ea9619beb56e/1/PpWQe7F60cQV0dh2AIuIGDWQfQM.roa
Signing time: Wed 24 Sep 2025 09:17:34 +0000
ROA not before: Wed 24 Sep 2025 09:17:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39675
IP address blocks: 195.5.102.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/42e19a-e13a-4998-99ae-ea9619beb56e/1/Ps7T04aszVVp_7F6tjE5um1Hteo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/42e19a-e13a-4998-99ae-ea9619beb56e/1/Ps7T04aszVVp_7F6tjE5um1Hteo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ps7T04aszVVp_7F6tjE5um1Hteo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7b:03:8c:84:1e:98:6e:85:01:82:f1:00:4f:9e:a0:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eced3d386accd5569ffb17ab63139ba6d47b5ea
Validity
Not Before: Sep 24 09:17:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e95907bb17ad1c415d1d876008b881835907d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:75:1f:6b:1d:0e:9b:aa:c0:09:87:03:85:30:
d3:54:17:a3:af:6a:4c:b8:ae:61:48:f8:1c:d8:77:
e7:97:f6:b6:c9:4c:20:dd:b8:57:03:77:7c:fe:bc:
30:aa:dd:ff:62:94:0e:5b:92:dd:e8:27:1b:d1:1a:
c7:85:87:f0:aa:88:eb:a2:c1:39:8b:a1:be:eb:48:
2e:1d:10:ba:45:d8:57:ab:e5:1d:df:80:20:5a:63:
75:a9:29:e7:17:80:1e:d1:1e:c2:69:10:a3:f8:81:
c3:a1:d6:55:38:c5:cc:88:15:c3:e5:ec:5f:9d:bb:
5b:3b:b0:00:cd:c9:d3:a4:67:72:40:2f:47:10:0c:
69:0a:a4:82:67:d9:e5:5a:e6:32:0f:2e:ae:5f:60:
cf:68:eb:96:34:c5:d1:f6:ef:62:ac:df:96:e0:68:
1f:00:e2:d9:ad:cb:9e:3b:bf:05:3e:bd:e0:16:2f:
3d:14:2b:c5:18:aa:b8:db:db:a9:de:cd:55:af:0c:
b3:88:95:6d:16:2f:9b:4f:e7:a1:c7:b6:20:d6:c4:
48:17:b7:b8:94:11:88:20:fd:d9:03:77:7e:b4:6b:
29:df:a6:b5:2c:04:78:20:88:15:ae:2f:6e:3c:c4:
28:a7:ff:f9:df:f9:e3:48:ec:4b:72:a4:a1:eb:9a:
b0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:95:90:7B:B1:7A:D1:C4:15:D1:D8:76:00:8B:88:18:35:90:7D:03
X509v3 Authority Key Identifier:
keyid:3E:CE:D3:D3:86:AC:CD:55:69:FF:B1:7A:B6:31:39:BA:6D:47:B5:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ps7T04aszVVp_7F6tjE5um1Hteo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/42e19a-e13a-4998-99ae-ea9619beb56e/1/PpWQe7F60cQV0dh2AIuIGDWQfQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/42e19a-e13a-4998-99ae-ea9619beb56e/1/Ps7T04aszVVp_7F6tjE5um1Hteo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.102.0/23
Signature Algorithm: sha256WithRSAEncryption
52:6c:c6:5e:cb:a0:5d:4b:36:01:c3:af:c1:44:81:49:94:78:
ee:cc:86:7d:c2:6b:a2:e6:e5:ff:c3:18:98:3b:a4:52:b8:aa:
0c:18:79:3e:4e:6b:20:3a:8e:00:fe:23:24:dd:c3:ec:fc:48:
b4:26:b7:56:c9:5f:4a:c8:21:c7:f6:81:b3:bb:0f:f2:8a:c5:
1a:8a:12:99:e9:74:77:53:0b:29:4c:1f:01:52:9a:e1:37:fb:
9b:8d:5c:b4:6a:df:86:76:24:ee:b7:1f:f2:b3:c7:74:69:fd:
14:ac:bf:80:e9:09:00:8f:03:83:ae:b4:96:dd:52:7b:e8:a7:
f8:5d:b4:80:8b:55:c0:28:30:0d:de:4b:81:7c:d4:21:8b:40:
a2:33:ce:35:51:dd:a4:f0:a5:06:82:39:19:bb:0b:33:8e:64:
95:fe:8f:9a:83:1e:ae:51:d1:23:98:65:57:82:d2:c8:1b:de:
e0:a0:cc:04:42:25:00:36:e8:53:22:9e:54:23:08:d1:8a:0a:
65:5a:0e:c0:fd:3d:a4:6b:8c:9e:aa:79:b2:4a:68:e5:5d:68:
9a:f2:7d:3a:c4:57:13:37:30:ff:af:64:f1:3d:84:3b:dd:f0:
cf:89:17:e9:23:42:47:fc:ae:21:45:76:fd:f2:7b:bd:0a:b8:
a9:d7:dc:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZl7A4yEHphuhQGC8QBPnqBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlY2VkM2QzODZhY2NkNTU2OWZmYjE3YWI2MzEzOWJhNmQ0
N2I1ZWEwHhcNMjUwOTI0MDkxNzM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTk1OTA3YmIxN2FkMWM0MTVkMWQ4NzYwMDhiODgxODM1OTA3ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXUfax0Om6rACYcDhTDTVBejr2pM
uK5hSPgc2Hfnl/a2yUwg3bhXA3d8/rwwqt3/YpQOW5Ld6Ccb0RrHhYfwqojrosE5
i6G+60guHRC6RdhXq+Ud34AgWmN1qSnnF4Ae0R7CaRCj+IHDodZVOMXMiBXD5exf
nbtbO7AAzcnTpGdyQC9HEAxpCqSCZ9nlWuYyDy6uX2DPaOuWNMXR9u9irN+W4Ggf
AOLZrcueO78FPr3gFi89FCvFGKq429up3s1VrwyziJVtFi+bT+ehx7Yg1sRIF7e4
lBGIIP3ZA3d+tGsp36a1LAR4IIgVri9uPMQop//53/njSOxLcqSh65qwxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6VkHuxetHEFdHYdgCLiBg1kH0DMB8GA1UdIwQY
MBaAFD7O09OGrM1Vaf+xerYxObptR7XqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHM3VDA0YXN6VlZwXzdGNnRqRTV1bTFIdGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy80MmUxOWEtZTEzYS00OTk4LTk5YWUt
ZWE5NjE5YmViNTZlLzEvUHBXUWU3RjYwY1FWMGRoMkFJdUlHRFdRZlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy80MmUxOWEtZTEzYS00OTk4LTk5YWUtZWE5NjE5YmViNTZl
LzEvUHM3VDA0YXN6VlZwXzdGNnRqRTV1bTFIdGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwVmMA0G
CSqGSIb3DQEBCwUAA4IBAQBSbMZey6BdSzYBw6/BRIFJlHjuzIZ9wmui5uX/wxiY
O6RSuKoMGHk+TmsgOo4A/iMk3cPs/Ei0JrdWyV9KyCHH9oGzuw/yisUaihKZ6XR3
UwspTB8BUprhN/ubjVy0at+GdiTutx/ys8d0af0UrL+A6QkAjwODrrSW3VJ76Kf4
XbSAi1XAKDAN3kuBfNQhi0CiM841Ud2k8KUGgjkZuwszjmSV/o+agx6uUdEjmGVX
gtLIG97goMwEQiUANuhTIp5UIwjRigplWg7A/T2ka4yeqnmySmjlXWia8n06xFcT
NzD/r2TxPYQ73fDPiRfpI0JH/K4hRXb98nu9Crip19wa
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:24:28 2025 by rpki-client