Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/Q9uvUMUGF4tW9TpLUtXmiB_YDYU.roa
File: Q9uvUMUGF4tW9TpLUtXmiB_YDYU.roa (raw, json)
Hash identifier: 6w5t2feWmLv2FpcZk6E6i1f0DCsFUL0L2nW9iOpOGYo=
Subject key identifier: 43:DB:AF:50:C5:06:17:8B:56:F5:3A:4B:52:D5:E6:88:1F:D8:0D:85
Certificate issuer: /CN=f7b143f64d510ba31297cbae5682fd41b2c81196
Certificate serial: 0199380FB29F12C43232E92813FDDFC8F092
Authority key identifier: F7:B1:43:F6:4D:51:0B:A3:12:97:CB:AE:56:82:FD:41:B2:C8:11:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97FD9k1RC6MSl8uuVoL9QbLIEZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/Q9uvUMUGF4tW9TpLUtXmiB_YDYU.roa
Signing time: Thu 11 Sep 2025 09:16:16 +0000
ROA not before: Thu 11 Sep 2025 09:16:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25400
IP address blocks: 5.153.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/97FD9k1RC6MSl8uuVoL9QbLIEZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:0f:b2:9f:12:c4:32:32:e9:28:13:fd:df:c8:f0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7b143f64d510ba31297cbae5682fd41b2c81196
Validity
Not Before: Sep 11 09:16:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43dbaf50c506178b56f53a4b52d5e6881fd80d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:32:3e:af:dc:8e:71:b7:59:06:85:d9:e4:2c:
fb:af:53:08:b3:0e:ca:81:29:53:c7:a7:09:04:84:
47:20:5b:28:ed:cc:3d:08:3b:e5:66:f9:96:11:a3:
25:e9:66:1e:d8:ee:93:7e:14:73:f9:d8:40:f1:43:
30:f2:a8:0c:d6:27:92:e3:ed:18:5e:18:fc:fa:e0:
c5:b1:53:86:c9:fa:0a:ac:38:65:7d:64:c2:71:d2:
61:0a:47:5c:70:8b:8c:87:cf:01:dd:29:40:56:0d:
29:ce:7d:c2:46:dd:9e:46:a9:0e:18:c9:56:af:f2:
a2:06:34:5c:b4:56:ff:de:da:70:e4:57:4f:4c:9f:
c2:10:f3:a0:74:7f:e5:94:19:df:36:07:fe:89:51:
48:fb:ec:30:47:89:0a:85:86:77:5b:4a:64:00:06:
6d:6b:cf:a6:6c:28:11:f7:89:cd:47:ea:33:e4:50:
8e:16:a7:46:30:b4:34:24:04:98:c8:44:e2:52:e1:
a6:32:f6:4c:67:a3:5c:dd:60:e7:b9:e6:7b:9b:a6:
62:79:99:e2:a1:bb:f3:fc:3a:01:89:7f:fa:9f:f5:
a2:08:86:ca:b5:5b:1b:ea:3d:37:8c:b3:6e:bf:0e:
e9:c0:46:4f:32:80:33:b8:a3:35:18:aa:3d:60:a4:
4a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DB:AF:50:C5:06:17:8B:56:F5:3A:4B:52:D5:E6:88:1F:D8:0D:85
X509v3 Authority Key Identifier:
keyid:F7:B1:43:F6:4D:51:0B:A3:12:97:CB:AE:56:82:FD:41:B2:C8:11:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97FD9k1RC6MSl8uuVoL9QbLIEZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/Q9uvUMUGF4tW9TpLUtXmiB_YDYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.104.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:0a:9e:d7:e3:3b:69:59:55:de:43:c2:dd:18:d3:fb:77:ef:
78:fa:69:f9:06:b8:79:81:72:02:a5:23:7f:35:0e:0e:66:f4:
75:3a:34:78:0e:03:7f:12:dd:16:3c:94:42:2b:b8:20:5e:c4:
e2:d8:64:56:26:3d:d1:b3:5c:e6:a7:85:96:2c:30:86:57:3d:
76:ad:11:7c:b7:b8:d3:e0:7b:6e:57:6d:b4:bb:ca:99:03:fb:
02:86:cf:4e:38:43:be:61:b5:2f:82:ef:cf:c1:aa:3d:25:fe:
95:63:aa:c1:b2:cd:2a:1c:ee:47:94:ee:c7:70:33:db:cb:0b:
15:40:28:20:d5:a4:1c:bc:2b:bd:f5:0a:4f:64:bb:c1:a5:81:
b0:ac:96:89:c8:b0:56:5f:8e:b6:4d:3f:12:8e:50:d7:06:48:
e6:13:8f:f5:17:be:c6:31:64:de:b1:bc:12:ba:d5:27:a6:d0:
f5:6b:15:a3:31:66:50:ef:6b:f9:51:1b:47:f8:d4:d2:ae:b6:
7c:fe:0f:9c:42:0e:52:a6:95:d5:2a:3d:4b:be:5c:b3:36:b6:
86:0b:5f:0a:3a:d5:97:c7:4c:02:bd:57:f7:5b:1d:9e:85:37:
8d:b0:24:fc:e7:b0:d0:d2:c6:83:40:35:d1:ae:b1:70:c8:6f:
23:94:cd:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZk4D7KfEsQyMukoE/3fyPCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjE0M2Y2NGQ1MTBiYTMxMjk3Y2JhZTU2ODJmZDQxYjJj
ODExOTYwHhcNMjUwOTExMDkxNjE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2RiYWY1MGM1MDYxNzhiNTZmNTNhNGI1MmQ1ZTY4ODFmZDgwZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDI+r9yOcbdZBoXZ5Cz7r1MIsw7K
gSlTx6cJBIRHIFso7cw9CDvlZvmWEaMl6WYe2O6TfhRz+dhA8UMw8qgM1ieS4+0Y
Xhj8+uDFsVOGyfoKrDhlfWTCcdJhCkdccIuMh88B3SlAVg0pzn3CRt2eRqkOGMlW
r/KiBjRctFb/3tpw5FdPTJ/CEPOgdH/llBnfNgf+iVFI++wwR4kKhYZ3W0pkAAZt
a8+mbCgR94nNR+oz5FCOFqdGMLQ0JASYyETiUuGmMvZMZ6Nc3WDnueZ7m6ZieZni
obvz/DoBiX/6n/WiCIbKtVsb6j03jLNuvw7pwEZPMoAzuKM1GKo9YKRKaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPbr1DFBheLVvU6S1LV5ogf2A2FMB8GA1UdIwQY
MBaAFPexQ/ZNUQujEpfLrlaC/UGyyBGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdGRDlrMVJDNk1TbDh1dVZvTDlRYkxJRVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9iOTJkOWQtMjFhOC00NTIyLTk3ZGUt
MGZiZTJkZTA2MzZkLzEvUTl1dlVNVUdGNHRXOVRwTFV0WG1pQl9ZRFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9iOTJkOWQtMjFhOC00NTIyLTk3ZGUtMGZiZTJkZTA2MzZk
LzEvOTdGRDlrMVJDNk1TbDh1dVZvTDlRYkxJRVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBZloMA0G
CSqGSIb3DQEBCwUAA4IBAQAbCp7X4ztpWVXeQ8LdGNP7d+94+mn5Brh5gXICpSN/
NQ4OZvR1OjR4DgN/Et0WPJRCK7ggXsTi2GRWJj3Rs1zmp4WWLDCGVz12rRF8t7jT
4HtuV220u8qZA/sChs9OOEO+YbUvgu/Pwao9Jf6VY6rBss0qHO5HlO7HcDPbywsV
QCgg1aQcvCu99QpPZLvBpYGwrJaJyLBWX462TT8SjlDXBkjmE4/1F77GMWTesbwS
utUnptD1axWjMWZQ72v5URtH+NTSrrZ8/g+cQg5SppXVKj1LvlyzNraGC18KOtWX
x0wCvVf3Wx2ehTeNsCT857DQ0saDQDXRrrFwyG8jlM3V
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:54 2025 by rpki-client