Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/4o-wPw4Ynf0h1BoxC1fvHbONSvA.roa
File: 4o-wPw4Ynf0h1BoxC1fvHbONSvA.roa (raw, json)
Hash identifier: tiDaODRy5w9tozgqOg2LpStik670A6Jk8Q3uVbFTurY=
Subject key identifier: E2:8F:B0:3F:0E:18:9D:FD:21:D4:1A:31:0B:57:EF:1D:B3:8D:4A:F0
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0199A3E735993C516D7B813A3E086CDB795A
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/4o-wPw4Ynf0h1BoxC1fvHbONSvA.roa
Signing time: Thu 02 Oct 2025 07:51:02 +0000
ROA not before: Thu 02 Oct 2025 07:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214943
IP address blocks: 78.159.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a3:e7:35:99:3c:51:6d:7b:81:3a:3e:08:6c:db:79:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Oct 2 07:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e28fb03f0e189dfd21d41a310b57ef1db38d4af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6a:ef:d5:aa:c2:2c:81:fe:3d:0a:04:c5:0a:
7a:29:2c:f3:17:76:b7:6a:e5:ff:d3:c3:f3:d0:c0:
9c:d6:53:be:f1:8c:26:74:11:ee:91:a6:bf:91:8f:
79:e3:5b:d5:1d:42:f0:a7:26:c3:ac:d8:ca:84:01:
6b:bc:ee:05:ef:2f:35:3b:6e:9e:63:2b:3c:62:9f:
ff:64:e4:2c:9c:50:60:7c:f4:c4:3b:97:89:3b:cd:
df:b4:a3:a3:7e:50:8c:be:07:89:91:18:dd:fd:5a:
64:f2:dd:d2:7a:54:c8:ba:ca:89:ed:c1:21:04:9a:
55:69:71:1e:cd:0f:7a:21:7a:72:f1:43:07:cd:f5:
2e:1a:82:de:24:bf:b9:6b:f6:5b:9c:09:f4:9d:fe:
40:f6:92:71:b9:4e:82:1c:aa:d9:43:51:3d:85:a6:
46:53:8f:c8:d2:d9:f8:e6:ca:be:c0:80:fb:d1:0e:
e7:e8:60:a0:36:ce:f4:a6:c5:9e:2f:7d:e7:bd:16:
94:55:25:ca:42:76:22:38:aa:da:d0:3d:9f:7b:67:
bb:81:85:4b:ca:4f:8e:e8:81:f7:52:ba:42:de:ae:
8d:d7:c6:be:be:59:d1:18:7c:aa:18:9d:28:28:fa:
60:d4:fe:b6:1a:23:0c:df:8e:58:af:da:5f:2c:41:
91:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8F:B0:3F:0E:18:9D:FD:21:D4:1A:31:0B:57:EF:1D:B3:8D:4A:F0
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/4o-wPw4Ynf0h1BoxC1fvHbONSvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.156.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:3f:73:68:77:08:90:cf:28:cb:dc:60:d9:49:f0:92:45:1e:
26:9c:5e:84:ce:7b:9f:4d:79:83:86:05:b2:e7:30:76:25:c6:
c0:31:25:30:b8:c7:30:76:6d:f9:85:c2:72:9e:d2:4d:1b:31:
1d:37:c6:f4:cc:0d:35:f9:4d:93:47:0f:22:e9:1e:1a:1a:00:
2d:61:1e:0f:83:e1:6f:37:e8:5c:f2:3e:f1:b3:10:0a:fd:dc:
29:c4:90:45:e4:ce:59:3b:1c:77:e7:9c:17:18:6c:6c:c8:9d:
c2:ad:61:09:b0:f6:0a:38:29:de:9a:09:a1:88:96:16:24:f4:
bb:5e:62:1f:a5:92:5c:01:c2:b1:c0:d3:60:4e:ea:59:e6:46:
11:cc:dc:81:88:2e:df:70:93:ae:1a:5e:6e:51:fd:11:95:6f:
ad:96:2f:55:46:d3:cf:44:aa:f6:02:4a:dc:7f:bb:4a:51:b3:
87:0e:08:26:8e:4f:dc:6c:17:36:44:b3:0c:8f:f5:2a:34:2d:
ee:a2:15:2e:03:27:76:2d:6c:00:e8:e5:5f:06:cd:0f:a6:2e:
17:3f:87:be:7e:58:df:70:8b:12:f9:e3:7a:d8:7a:73:1e:8a:
df:33:5d:76:cd:23:a4:af:33:e2:67:fe:f4:82:cd:1a:44:4f:
8d:02:b1:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmj5zWZPFFte4E6Pghs23laMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUxMDAyMDc1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjhmYjAzZjBlMTg5ZGZkMjFkNDFhMzEwYjU3ZWYxZGIzOGQ0YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGrv1arCLIH+PQoExQp6KSzzF3a3
auX/08Pz0MCc1lO+8YwmdBHukaa/kY9541vVHULwpybDrNjKhAFrvO4F7y81O26e
Yys8Yp//ZOQsnFBgfPTEO5eJO83ftKOjflCMvgeJkRjd/Vpk8t3SelTIusqJ7cEh
BJpVaXEezQ96IXpy8UMHzfUuGoLeJL+5a/ZbnAn0nf5A9pJxuU6CHKrZQ1E9haZG
U4/I0tn45sq+wID70Q7n6GCgNs70psWeL33nvRaUVSXKQnYiOKra0D2fe2e7gYVL
yk+O6IH3UrpC3q6N18a+vlnRGHyqGJ0oKPpg1P62GiMM345Yr9pfLEGRhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKPsD8OGJ39IdQaMQtX7x2zjUrwMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvNG8td1B3NFluZjBoMUJveEMxZnZIYk9OU3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATp+cMA0G
CSqGSIb3DQEBCwUAA4IBAQC2P3NodwiQzyjL3GDZSfCSRR4mnF6EznufTXmDhgWy
5zB2JcbAMSUwuMcwdm35hcJyntJNGzEdN8b0zA01+U2TRw8i6R4aGgAtYR4Pg+Fv
N+hc8j7xsxAK/dwpxJBF5M5ZOxx355wXGGxsyJ3CrWEJsPYKOCnemgmhiJYWJPS7
XmIfpZJcAcKxwNNgTupZ5kYRzNyBiC7fcJOuGl5uUf0RlW+tli9VRtPPRKr2Akrc
f7tKUbOHDggmjk/cbBc2RLMMj/UqNC3uohUuAyd2LWwA6OVfBs0Ppi4XP4e+fljf
cIsS+eN62HpzHorfM112zSOkrzPiZ/70gs0aRE+NArEM
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:45:58 2025 by rpki-client