Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/usTpPKxMaPGTVn2Gt9Z2vrsVmEw.roa
File: usTpPKxMaPGTVn2Gt9Z2vrsVmEw.roa (raw, json)
Hash identifier: OfwIWI2WJ2SLaRPrteA7Z6qydg3S7lkuEkpjvfuke28=
Subject key identifier: BA:C4:E9:3C:AC:4C:68:F1:93:56:7D:86:B7:D6:76:BE:BB:15:98:4C
Certificate issuer: /CN=61e10dac1f773c55a244753346719e899f4d4432
Certificate serial: 0199F8FE4C28537592EE1182AD9E875B34A4
Authority key identifier: 61:E1:0D:AC:1F:77:3C:55:A2:44:75:33:46:71:9E:89:9F:4D:44:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YeENrB93PFWiRHUzRnGeiZ9NRDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/usTpPKxMaPGTVn2Gt9Z2vrsVmEw.roa
Signing time: Sat 18 Oct 2025 20:23:59 +0000
ROA not before: Sat 18 Oct 2025 20:23:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31673
IP address blocks: 83.136.17.0/24 maxlen: 24
83.136.18.0/24 maxlen: 24
83.136.19.0/24 maxlen: 24
193.30.6.0/23 maxlen: 24
2a03:7000::/32 maxlen: 56
2a03:7000:c0c3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/YeENrB93PFWiRHUzRnGeiZ9NRDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/YeENrB93PFWiRHUzRnGeiZ9NRDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/YeENrB93PFWiRHUzRnGeiZ9NRDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f8:fe:4c:28:53:75:92:ee:11:82:ad:9e:87:5b:34:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61e10dac1f773c55a244753346719e899f4d4432
Validity
Not Before: Oct 18 20:23:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bac4e93cac4c68f193567d86b7d676bebb15984c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:89:b4:9d:65:d4:4c:b6:5a:5a:71:44:3c:eb:
87:c5:2b:cb:26:af:48:24:ee:8a:3e:98:71:be:a2:
b6:fd:f3:61:86:5e:c9:8b:fc:62:95:52:d7:92:37:
d7:3c:8d:2a:e1:7c:e6:e2:38:51:f5:83:0b:23:13:
7d:50:d7:01:4f:7f:ee:59:c5:67:2e:aa:1b:f7:ac:
3c:cc:61:0b:91:e7:2b:09:a3:77:14:9b:f1:5a:b9:
e1:de:69:80:7e:04:cd:cc:72:91:07:91:d2:fa:c1:
ec:c5:f5:2f:78:ed:59:0b:90:97:91:e4:b4:4c:7b:
ad:b4:b9:1e:c7:7e:34:e7:78:09:e3:9c:8c:17:fe:
2f:30:66:af:94:a7:0a:14:c8:5c:7c:a3:84:27:28:
e7:da:3c:d8:fb:48:de:90:04:f8:58:df:4e:79:04:
92:70:5c:da:c8:4c:e2:42:3d:b9:9d:1e:ce:2e:32:
73:8d:44:8e:85:23:54:a2:b6:68:73:b8:33:03:88:
3a:3f:c8:9b:54:39:b1:7b:82:06:b8:8f:87:0b:de:
75:18:79:f9:f6:54:c0:2e:27:9d:e2:23:5d:75:80:
fc:29:96:94:52:57:f0:d2:f8:61:df:72:3e:5e:30:
57:4d:c3:dc:b3:19:82:16:bf:73:e1:6d:16:4b:0b:
71:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C4:E9:3C:AC:4C:68:F1:93:56:7D:86:B7:D6:76:BE:BB:15:98:4C
X509v3 Authority Key Identifier:
keyid:61:E1:0D:AC:1F:77:3C:55:A2:44:75:33:46:71:9E:89:9F:4D:44:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YeENrB93PFWiRHUzRnGeiZ9NRDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/usTpPKxMaPGTVn2Gt9Z2vrsVmEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/YeENrB93PFWiRHUzRnGeiZ9NRDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.17.0-83.136.19.255
193.30.6.0/23
IPv6:
2a03:7000::/32
Signature Algorithm: sha256WithRSAEncryption
83:7f:96:85:cc:63:d4:fc:d3:2a:d1:19:8b:01:8e:4f:03:de:
49:8b:df:61:0e:22:20:29:43:5f:2b:90:04:08:2f:09:8f:61:
53:5f:24:49:92:5b:ca:60:91:99:d1:f6:12:b1:0e:8c:ce:36:
53:c6:0e:fb:24:4f:60:41:2d:f3:7f:49:9e:8a:92:01:c5:8c:
4e:a9:79:f8:d0:5c:cd:91:b9:0c:ee:79:50:29:a3:23:cc:ca:
93:de:90:a3:2d:23:4f:a2:5b:85:ba:3a:b6:1a:e6:c2:93:ee:
f3:c8:61:98:ce:05:01:5f:f0:6c:ec:fb:dd:d8:9f:03:0b:b8:
67:b9:29:8d:45:7f:b1:91:9c:f8:b4:00:53:e3:fb:82:c4:c5:
34:d4:c3:cc:5b:a3:5c:4c:56:38:08:8a:ae:e8:13:eb:b1:1c:
cd:cf:9f:b1:ca:b0:c8:a6:b9:87:91:40:b2:5b:bc:74:70:cd:
12:16:0d:ff:21:e0:49:c7:fc:52:f3:a1:ea:e8:79:b5:11:ad:
a3:4e:34:fd:98:f8:03:f7:cf:dd:f1:dd:17:86:b5:69:0f:9c:
93:e4:68:ba:e8:96:cb:cd:8d:6a:e2:6d:cb:d2:18:d0:08:f0:
ea:ad:35:06:08:30:11:f7:01:dc:df:86:72:58:6c:34:a5:5a:
99:88:5f:b1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZn4/kwoU3WS7hGCrZ6HWzSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTEwZGFjMWY3NzNjNTVhMjQ0NzUzMzQ2NzE5ZTg5OWY0
ZDQ0MzIwHhcNMjUxMDE4MjAyMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWM0ZTkzY2FjNGM2OGYxOTM1NjdkODZiN2Q2NzZiZWJiMTU5ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIm0nWXUTLZaWnFEPOuHxSvLJq9I
JO6KPphxvqK2/fNhhl7Ji/xilVLXkjfXPI0q4Xzm4jhR9YMLIxN9UNcBT3/uWcVn
Lqob96w8zGELkecrCaN3FJvxWrnh3mmAfgTNzHKRB5HS+sHsxfUveO1ZC5CXkeS0
THuttLkex34053gJ45yMF/4vMGavlKcKFMhcfKOEJyjn2jzY+0jekAT4WN9OeQSS
cFzayEziQj25nR7OLjJzjUSOhSNUorZoc7gzA4g6P8ibVDmxe4IGuI+HC951GHn5
9lTALied4iNddYD8KZaUUlfw0vhh33I+XjBXTcPcsxmCFr9z4W0WSwtxrwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLrE6TysTGjxk1Z9hrfWdr67FZhMMB8GA1UdIwQY
MBaAFGHhDawfdzxVokR1M0ZxnomfTUQyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVFTnJCOTNQRldpUkhVelJuR2VpWjlOUkRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS84NWVmMzUtNjQ3YS00MTcyLThjNjQt
NmRiM2NhZWY3M2Q5LzEvdXNUcFBLeE1hUEdUVm4yR3Q5WjJ2cnNWbUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS84NWVmMzUtNjQ3YS00MTcyLThjNjQtNmRiM2NhZWY3M2Q5
LzEvWWVFTnJCOTNQRldpUkhVelJuR2VpWjlOUkRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBABTiBED
BAJTiBADBAHBHgYwDQQCAAIwBwMFACoDcAAwDQYJKoZIhvcNAQELBQADggEBAIN/
loXMY9T80yrRGYsBjk8D3kmL32EOIiApQ18rkAQILwmPYVNfJEmSW8pgkZnR9hKx
DozONlPGDvskT2BBLfN/SZ6KkgHFjE6pefjQXM2RuQzueVApoyPMypPekKMtI0+i
W4W6OrYa5sKT7vPIYZjOBQFf8Gzs+93YnwMLuGe5KY1Ff7GRnPi0AFPj+4LExTTU
w8xbo1xMVjgIiq7oE+uxHM3Pn7HKsMimuYeRQLJbvHRwzRIWDf8h4EnH/FLzoero
ebURraNONP2Y+AP3z93x3ReGtWkPnJPkaLrolsvNjWribcvSGNAI8OqtNQYIMBH3
AdzfhnJYbDSlWpmIX7E=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:28:45 2025 by rpki-client