Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/vYedWlZNDof4aeqt7GH1ICmZ2c8.roa
File: vYedWlZNDof4aeqt7GH1ICmZ2c8.roa (raw, json)
Hash identifier: lu5tkHaFcw5lj7XFeRIq0l9w92PlIzSVK79nk1zVeJU=
Subject key identifier: BD:87:9D:5A:56:4D:0E:87:F8:69:EA:AD:EC:61:F5:20:29:99:D9:CF
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019909671D056F84D7D124B2F2F91AE888DC
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/vYedWlZNDof4aeqt7GH1ICmZ2c8.roa
Signing time: Tue 02 Sep 2025 07:49:36 +0000
ROA not before: Tue 02 Sep 2025 07:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197537
IP address blocks: 178.255.246.0/23 maxlen: 23
192.200.192.0/19 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:09:67:1d:05:6f:84:d7:d1:24:b2:f2:f9:1a:e8:88:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Sep 2 07:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd879d5a564d0e87f869eaadec61f5202999d9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:46:50:1d:bf:26:5e:63:4f:9b:04:a1:cb:99:
e9:29:86:8d:bf:54:66:cd:a9:1c:04:2d:6d:93:1a:
18:b2:49:af:82:64:34:9f:a9:fb:78:e4:cd:e2:d1:
f2:e7:dd:fe:d5:02:13:e8:9f:e1:60:b4:58:3b:57:
18:d4:87:c7:cc:1d:43:d8:4e:2b:6b:b6:bc:b2:b0:
73:2e:72:27:f1:d7:d8:0c:43:f8:e8:64:b4:05:28:
c0:2b:30:a4:eb:31:1b:42:e8:5c:5f:b5:f7:08:96:
79:c2:a6:8b:af:d2:66:72:dc:0d:64:c4:78:bf:41:
b8:e8:8e:5b:ba:89:c4:92:50:06:12:c8:b3:d4:12:
94:55:90:be:90:ad:5f:d5:38:36:66:61:2c:e2:37:
a2:66:d3:7c:ed:f5:9c:ba:b1:72:ff:df:e0:d1:8d:
4c:a3:ea:1d:be:e7:c6:77:73:e0:90:5d:a4:93:c0:
39:03:ae:d5:e7:a2:4a:e6:08:eb:42:42:ae:41:2c:
7f:7b:58:2c:24:1f:59:ea:4c:00:1a:f3:b6:95:b9:
21:a3:92:72:84:f1:d2:b7:fe:c6:06:03:98:20:2e:
03:1e:f2:c9:8a:a0:2e:c7:91:d1:a9:8b:b9:d6:da:
fd:08:c1:aa:45:bc:33:ab:a6:3d:1a:7b:c3:fe:7a:
ef:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:87:9D:5A:56:4D:0E:87:F8:69:EA:AD:EC:61:F5:20:29:99:D9:CF
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/vYedWlZNDof4aeqt7GH1ICmZ2c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.246.0/23
192.200.192.0/19
Signature Algorithm: sha256WithRSAEncryption
69:40:ea:0c:90:07:a1:1d:16:21:6d:da:3a:b5:26:5e:24:10:
ae:24:ce:71:32:2c:8a:40:9a:74:59:08:29:85:6b:77:3a:8e:
64:95:f9:55:ab:23:d1:31:b1:e8:d9:69:5b:3f:b0:f0:9e:ec:
59:54:5b:d7:1a:dc:0b:36:b8:83:ae:32:34:89:36:40:81:e4:
6d:71:d8:0f:4c:7a:a8:ed:74:c2:c8:5f:a0:16:f2:07:cd:34:
0d:38:fe:f4:f8:dd:90:c2:ac:15:2f:98:15:f6:c0:44:1c:0d:
bd:87:a8:d3:af:fe:89:a6:d7:2f:75:9d:2c:5b:99:b9:ef:9f:
45:f9:6b:d5:5c:97:e8:52:2f:90:c8:70:e3:41:29:b6:6f:9c:
8b:46:15:b6:55:18:12:f9:71:f3:a4:80:2a:85:34:da:e6:c4:
b1:ec:76:b0:21:6b:f1:fa:9d:ae:c4:3e:2f:da:b9:46:b9:a3:
1a:df:19:03:5c:92:ad:43:26:78:3e:ef:37:b4:c6:87:61:f3:
96:0a:16:4c:22:e8:30:bf:ae:d4:7c:f7:a9:cb:82:2a:8f:f5:
c2:5d:13:e7:42:8d:ba:00:57:fd:6c:86:7e:9f:8c:7d:ff:f6:
b4:ed:0d:d4:ae:49:aa:96:b7:6e:9e:39:bd:e1:91:7d:35:c1:
0d:19:bc:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkJZx0Fb4TX0SSy8vka6IjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwOTAyMDc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDg3OWQ1YTU2NGQwZTg3Zjg2OWVhYWRlYzYxZjUyMDI5OTlkOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEZQHb8mXmNPmwShy5npKYaNv1Rm
zakcBC1tkxoYskmvgmQ0n6n7eOTN4tHy593+1QIT6J/hYLRYO1cY1IfHzB1D2E4r
a7a8srBzLnIn8dfYDEP46GS0BSjAKzCk6zEbQuhcX7X3CJZ5wqaLr9JmctwNZMR4
v0G46I5buonEklAGEsiz1BKUVZC+kK1f1Tg2ZmEs4jeiZtN87fWcurFy/9/g0Y1M
o+odvufGd3PgkF2kk8A5A67V56JK5gjrQkKuQSx/e1gsJB9Z6kwAGvO2lbkho5Jy
hPHSt/7GBgOYIC4DHvLJiqAux5HRqYu51tr9CMGqRbwzq6Y9GnvD/nrvRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL2HnVpWTQ6H+Gnqrexh9SApmdnPMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvdlllZFdsWk5Eb2Y0YWVxdDdHSDFJQ21aMmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsv/2AwQF
wMjAMA0GCSqGSIb3DQEBCwUAA4IBAQBpQOoMkAehHRYhbdo6tSZeJBCuJM5xMiyK
QJp0WQgphWt3Oo5klflVqyPRMbHo2WlbP7DwnuxZVFvXGtwLNriDrjI0iTZAgeRt
cdgPTHqo7XTCyF+gFvIHzTQNOP70+N2QwqwVL5gV9sBEHA29h6jTr/6JptcvdZ0s
W5m5759F+WvVXJfoUi+QyHDjQSm2b5yLRhW2VRgS+XHzpIAqhTTa5sSx7HawIWvx
+p2uxD4v2rlGuaMa3xkDXJKtQyZ4Pu83tMaHYfOWChZMIugwv67UfPepy4Iqj/XC
XRPnQo26AFf9bIZ+n4x9//a07Q3Urkmqlrdunjm94ZF9NcENGbwl
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:55 2025 by rpki-client