
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ox6BwYAQUNcz0KQLZt-81xUMsLE.roa
File: ox6BwYAQUNcz0KQLZt-81xUMsLE.roa (raw, json)
Hash identifier: 3EwMYZ3Z0vyCXEqIkK6tzxQdZcNp7fXnro33vJIjOVE=
Subject key identifier: A3:1E:81:C1:80:10:50:D7:33:D0:A4:0B:66:DF:BC:D7:15:0C:B0:B1
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0199737EF3DEDE0E77B08F71A392D3D0AAA6
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ox6BwYAQUNcz0KQLZt-81xUMsLE.roa
Signing time: Mon 22 Sep 2025 22:15:23 +0000
ROA not before: Mon 22 Sep 2025 22:15:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211673
IP address blocks: 5.181.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:11:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:73:7e:f3:de:de:0e:77:b0:8f:71:a3:92:d3:d0:aa:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Sep 22 22:15:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a31e81c1801050d733d0a40b66dfbcd7150cb0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:11:49:6a:5a:fa:bb:94:b9:f1:00:df:09:78:
77:8f:55:50:c2:29:f6:40:6b:bb:9a:cd:d3:4c:d6:
b8:8d:5f:06:2b:17:ca:e5:f3:8e:10:c5:d4:f4:3e:
a1:bd:78:d6:71:02:a5:d7:fe:7e:27:e8:1f:21:26:
31:a8:6a:06:69:d4:0b:64:e8:36:b0:64:7d:a1:42:
68:1f:21:96:5a:7d:d7:b8:64:68:78:db:6d:34:d6:
3f:f9:3d:31:11:be:af:9e:35:65:ff:3b:15:cd:ae:
2e:9a:1a:2e:18:a4:2c:ad:2a:c6:cc:28:3b:94:f9:
ff:7c:7d:0a:7c:ac:11:4f:05:82:58:28:eb:ec:68:
58:0f:9f:4a:0f:a5:c2:67:37:2d:2e:4f:7d:bb:82:
96:c5:7a:97:2c:2a:b7:93:c1:e6:fb:d2:e0:28:11:
b9:19:00:8d:44:bc:19:1e:1c:8e:87:cd:61:e9:e1:
4c:3e:02:9c:9a:c4:8a:7a:5c:f2:53:26:6a:ec:84:
79:b1:b1:73:a9:cd:6c:e2:1f:16:40:e9:44:0a:91:
56:35:e5:23:49:82:53:64:a0:39:68:cd:5f:f0:d5:
96:82:2b:78:f2:54:03:db:dd:de:c1:dd:f0:99:07:
8f:26:3b:75:ac:b5:ba:ee:c1:26:4e:c9:0e:e2:d5:
68:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1E:81:C1:80:10:50:D7:33:D0:A4:0B:66:DF:BC:D7:15:0C:B0:B1
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ox6BwYAQUNcz0KQLZt-81xUMsLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.181.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ce:fa:2c:75:78:b0:9d:a0:3c:bf:a9:89:37:d5:34:70:60:
e5:ec:88:63:fe:d0:1d:25:df:20:0b:25:d0:45:c6:41:aa:36:
99:06:10:11:31:a8:7b:19:79:5d:9d:c3:a8:76:b7:35:6e:b7:
4f:ac:f1:65:ea:9f:0e:92:27:fb:e9:a3:ea:cb:13:07:0b:ec:
7c:7a:3c:df:7e:7a:e9:6b:8a:15:ac:43:1f:e7:76:da:0c:d1:
3e:69:c6:40:32:2e:c8:a0:1e:28:ef:06:d0:8a:a2:e1:80:6b:
bd:16:b8:cf:7c:b2:db:1b:4a:ed:e1:d3:27:fb:55:82:83:83:
6b:b6:34:49:7f:9c:ec:27:0a:44:ce:24:26:4f:e3:f0:df:4f:
af:89:2e:40:7a:b6:f1:0d:ec:03:9e:23:cb:f0:5c:40:cf:91:
47:1d:7a:8c:fa:6a:a0:cd:a1:54:e3:d6:da:50:22:35:96:18:
7d:6b:8f:74:bf:93:36:c3:4e:60:9c:71:2e:fb:f5:fb:03:a6:
ab:5c:ae:63:66:cf:82:d5:30:53:75:6e:2f:14:fc:3d:14:05:
c2:77:3d:ae:bc:ab:cb:64:2f:d4:75:d2:71:a8:ec:a5:e4:bb:
d8:cb:7f:f6:b6:12:15:11:81:81:44:75:50:cd:ef:8d:b5:be:
84:ad:11:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlzfvPe3g53sI9xo5LT0KqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwOTIyMjIxNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzFlODFjMTgwMTA1MGQ3MzNkMGE0MGI2NmRmYmNkNzE1MGNiMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRFJalr6u5S58QDfCXh3j1VQwin2
QGu7ms3TTNa4jV8GKxfK5fOOEMXU9D6hvXjWcQKl1/5+J+gfISYxqGoGadQLZOg2
sGR9oUJoHyGWWn3XuGRoeNttNNY/+T0xEb6vnjVl/zsVza4umhouGKQsrSrGzCg7
lPn/fH0KfKwRTwWCWCjr7GhYD59KD6XCZzctLk99u4KWxXqXLCq3k8Hm+9LgKBG5
GQCNRLwZHhyOh81h6eFMPgKcmsSKelzyUyZq7IR5sbFzqc1s4h8WQOlECpFWNeUj
SYJTZKA5aM1f8NWWgit48lQD293ewd3wmQePJjt1rLW67sEmTskO4tVojwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKMegcGAEFDXM9CkC2bfvNcVDLCxMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvb3g2QndZQVFVTmN6MEtRTFp0LTgxeFVNc0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbW1MA0G
CSqGSIb3DQEBCwUAA4IBAQBMzvosdXiwnaA8v6mJN9U0cGDl7Ihj/tAdJd8gCyXQ
RcZBqjaZBhARMah7GXldncOodrc1brdPrPFl6p8Okif76aPqyxMHC+x8ejzffnrp
a4oVrEMf53baDNE+acZAMi7IoB4o7wbQiqLhgGu9FrjPfLLbG0rt4dMn+1WCg4Nr
tjRJf5zsJwpEziQmT+Pw30+viS5AerbxDewDniPL8FxAz5FHHXqM+mqgzaFU49ba
UCI1lhh9a490v5M2w05gnHEu+/X7A6arXK5jZs+C1TBTdW4vFPw9FAXCdz2uvKvL
ZC/UddJxqOyl5LvYy3/2thIVEYGBRHVQze+Ntb6ErRGr
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:28:24 2025 by rpki-client