Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/K0UekIqjR-B4QFvYqyuisPoIQxw.roa
File: K0UekIqjR-B4QFvYqyuisPoIQxw.roa (raw, json)
Hash identifier: 3citoMQ7WPnfAIuUtz455F9SJlw4amcf7l2KAPTkKyU=
Subject key identifier: 2B:45:1E:90:8A:A3:47:E0:78:40:5B:D8:AB:2B:A2:B0:FA:08:43:1C
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0198C77276DD451B76C5CBCE401B34498DE2
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/K0UekIqjR-B4QFvYqyuisPoIQxw.roa
Signing time: Wed 20 Aug 2025 12:27:04 +0000
ROA not before: Wed 20 Aug 2025 12:27:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:72:76:dd:45:1b:76:c5:cb:ce:40:1b:34:49:8d:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 20 12:27:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b451e908aa347e078405bd8ab2ba2b0fa08431c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:09:e8:d8:0e:3a:bd:8b:0b:f6:19:df:0f:
5f:68:97:f6:fb:b3:01:b7:b6:0b:2c:ab:ab:ca:52:
1c:6b:6e:75:4b:c3:9c:6f:fd:fc:52:71:02:51:00:
1d:4e:d2:3f:2a:6a:64:52:59:b0:e4:76:6d:7c:70:
90:03:56:02:db:dc:0f:46:e5:b5:d9:74:eb:de:af:
c1:56:df:df:4d:ab:17:fb:07:39:c0:9c:c2:53:e7:
cd:ab:d4:49:68:51:e7:05:87:62:d6:b1:97:83:15:
b2:59:c0:4f:e0:f0:c0:fa:46:fb:f4:ed:bb:3b:5f:
ac:3b:9f:af:9c:9d:39:61:d3:98:4c:f3:98:c5:55:
14:86:33:0a:b8:56:cf:fd:85:2a:a7:d5:47:c8:78:
40:d0:7f:ba:aa:89:3d:46:58:31:35:7a:37:50:08:
0d:fd:9b:ee:2b:23:b7:a9:ad:0f:71:6c:c0:4c:62:
bb:74:8c:97:0c:a0:67:59:36:c7:35:5d:59:cc:b7:
dd:b5:30:63:70:aa:c3:2a:9e:08:fa:33:61:a8:03:
60:92:77:d2:c7:74:26:65:23:a1:80:57:9a:9c:e0:
ec:f8:58:56:c0:68:51:f9:fc:ab:00:3d:d2:0d:da:
72:1c:2d:e6:1e:66:ef:e9:d1:1c:b7:60:9c:54:b3:
05:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:45:1E:90:8A:A3:47:E0:78:40:5B:D8:AB:2B:A2:B0:FA:08:43:1C
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/K0UekIqjR-B4QFvYqyuisPoIQxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.35.0/24
91.92.40.0/24
91.92.42.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:43:42:44:52:67:de:ff:eb:8d:92:72:96:09:57:29:e3:20:
22:97:ff:36:50:cd:6a:94:40:10:fc:c5:c3:20:fa:8f:2e:bf:
2d:46:30:73:92:42:39:1c:0b:1f:f4:d6:a8:72:e8:76:ac:a3:
f3:5c:14:6e:a4:bb:a8:79:61:57:f0:51:c7:60:ac:17:45:df:
f8:b7:76:f3:46:9d:1d:28:8f:e8:aa:d0:92:14:f7:7c:f8:6a:
83:e3:d7:e2:9c:64:c2:ec:12:71:97:cd:5f:0c:be:65:a3:67:
2f:56:dc:e7:09:5e:ed:1a:52:c0:68:2e:9d:94:96:e1:e2:95:
a4:02:cf:e6:b1:b6:df:7e:24:09:d8:ac:17:b3:9e:45:50:ed:
e7:da:87:1b:80:83:f2:80:79:93:be:85:0c:df:81:23:b7:5a:
41:4e:c7:1d:e2:7d:f1:9c:0b:2d:41:29:5a:9a:c3:b2:1f:c1:
71:8b:f9:ec:a2:5d:5d:f8:23:a5:e0:41:c5:a3:24:9a:9a:39:
42:55:55:8e:07:b2:98:3f:2c:d5:4e:83:30:39:cb:0f:14:69:
40:67:e2:d8:11:c2:2e:d6:29:e0:02:b1:69:c7:e4:33:3a:b3:
9d:87:1e:ad:58:8f:52:8f:5d:17:2e:17:22:4d:5d:55:ab:c6:
d9:69:e5:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZjHcnbdRRt2xcvOQBs0SY3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwODIwMTIyNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQ1MWU5MDhhYTM0N2UwNzg0MDViZDhhYjJiYTJiMGZhMDg0MzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCoJ6NgOOr2LC/YZ3w9faJf2+7MB
t7YLLKurylIca251S8Ocb/38UnECUQAdTtI/KmpkUlmw5HZtfHCQA1YC29wPRuW1
2XTr3q/BVt/fTasX+wc5wJzCU+fNq9RJaFHnBYdi1rGXgxWyWcBP4PDA+kb79O27
O1+sO5+vnJ05YdOYTPOYxVUUhjMKuFbP/YUqp9VHyHhA0H+6qok9RlgxNXo3UAgN
/ZvuKyO3qa0PcWzATGK7dIyXDKBnWTbHNV1ZzLfdtTBjcKrDKp4I+jNhqANgknfS
x3QmZSOhgFeanODs+FhWwGhR+fyrAD3SDdpyHC3mHmbv6dEct2CcVLMFNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCtFHpCKo0fgeEBb2KsrorD6CEMcMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvSzBVZWtJcWpSLUI0UUZ2WXF5dWlzUG9JUXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW1wjAwQA
W1woAwQBW1wqMA0GCSqGSIb3DQEBCwUAA4IBAQBeQ0JEUmfe/+uNknKWCVcp4yAi
l/82UM1qlEAQ/MXDIPqPLr8tRjBzkkI5HAsf9Naocuh2rKPzXBRupLuoeWFX8FHH
YKwXRd/4t3bzRp0dKI/oqtCSFPd8+GqD49finGTC7BJxl81fDL5lo2cvVtznCV7t
GlLAaC6dlJbh4pWkAs/msbbffiQJ2KwXs55FUO3n2ocbgIPygHmTvoUM34Ejt1pB
Tscd4n3xnAstQSlamsOyH8Fxi/nsol1d+COl4EHFoySamjlCVVWOB7KYPyzVToMw
OcsPFGlAZ+LYEcIu1ingArFpx+QzOrOdhx6tWI9Sj10XLhciTV1Vq8bZaeUg
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:15:43 2025 by rpki-client