
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/mfVSR44fIY6bkhiOSueC1ITxv6w.roa
File: mfVSR44fIY6bkhiOSueC1ITxv6w.roa (raw, json)
Hash identifier: xZqOi81DoSglCV29EBbiUSqFQDxJr7C1mJvYXhv2Pug=
Subject key identifier: 99:F5:52:47:8E:1F:21:8E:9B:92:18:8E:4A:E7:82:D4:84:F1:BF:AC
Certificate issuer: /CN=f58e0c3b9333cb6fd4139e455a5abbafd569532a
Certificate serial: 019934C0D023BC959A61DD79812D5006E22D
Authority key identifier: F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/mfVSR44fIY6bkhiOSueC1ITxv6w.roa
Signing time: Wed 10 Sep 2025 17:51:15 +0000
ROA not before: Wed 10 Sep 2025 17:51:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 193.143.16.0/23 maxlen: 24
2a14:b000::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 08:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:c0:d0:23:bc:95:9a:61:dd:79:81:2d:50:06:e2:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58e0c3b9333cb6fd4139e455a5abbafd569532a
Validity
Not Before: Sep 10 17:51:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99f552478e1f218e9b92188e4ae782d484f1bfac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:fb:8b:ee:e8:c5:df:9f:be:d7:c7:f4:62:03:
8c:8d:84:db:09:6f:8e:ec:61:40:f6:f2:77:7a:cf:
3c:7b:6b:7d:9c:86:df:3b:3a:46:32:8a:02:08:e4:
3c:0f:90:01:a5:0b:15:cc:9f:77:21:ff:54:fc:8c:
ed:63:29:9d:8f:20:05:e7:54:14:b5:e8:c2:89:55:
83:46:ef:92:28:aa:c1:ff:43:df:92:b5:d0:6e:02:
8f:a7:45:de:1e:7c:9a:52:72:00:32:38:61:84:a9:
22:06:49:c6:0b:4b:32:ee:5a:9b:ac:0d:3c:29:b2:
0d:1a:f4:bb:18:9c:b3:96:6e:4f:c0:43:07:64:8b:
1e:c4:1f:a7:d6:48:62:60:e1:fa:29:6f:30:ec:1d:
d5:04:78:49:82:68:58:21:a9:83:9c:11:58:50:c0:
c2:e7:1e:ae:5b:b1:57:a7:44:dc:fe:ed:b8:75:22:
96:85:44:f2:3c:1d:f7:bf:12:fc:07:6a:81:75:78:
30:4e:1d:64:db:56:d2:f1:7f:85:a0:f4:14:d4:4f:
b9:18:ed:41:5a:92:b8:cd:39:6e:24:a3:af:1c:f3:
eb:08:61:ca:b0:94:74:c9:a9:fa:ab:a3:34:5a:71:
34:fc:85:47:3a:91:b0:6a:58:6c:66:20:e3:28:ef:
03:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F5:52:47:8E:1F:21:8E:9B:92:18:8E:4A:E7:82:D4:84:F1:BF:AC
X509v3 Authority Key Identifier:
keyid:F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/mfVSR44fIY6bkhiOSueC1ITxv6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.16.0/23
IPv6:
2a14:b000::/29
Signature Algorithm: sha256WithRSAEncryption
5d:9e:1c:a0:36:b7:1d:ff:99:d2:d3:c2:d4:60:63:ea:2b:32:
37:c7:92:f5:76:bd:a7:fd:3e:07:11:ff:c8:c1:aa:7f:9a:23:
4c:43:0e:ad:68:06:b9:58:22:1c:93:84:b6:94:8a:32:cd:fd:
c4:09:03:52:32:9d:f1:63:71:7a:ff:32:03:21:7c:12:cc:d1:
90:a5:2a:dc:45:07:a8:5f:0a:12:35:17:30:8a:63:5d:0f:f5:
de:ae:6c:3e:29:73:b0:79:a5:3e:79:7f:22:01:b2:ad:dd:c3:
ff:85:ee:3a:b1:a4:f0:3c:4c:d9:f6:04:4a:3c:9e:ef:73:8f:
8a:4f:8d:2e:74:26:85:7b:7d:b0:43:54:bf:cb:68:ad:b6:71:
2c:35:23:fa:05:20:0e:a5:b3:8a:b4:f4:4e:f2:ce:4d:3c:74:
53:8d:f1:9f:3a:44:54:89:ec:90:98:0a:ea:e9:2a:fa:b4:8f:
23:d8:eb:d7:d6:ca:59:2d:69:65:d9:e3:5d:9f:b6:14:74:58:
21:5e:39:ac:97:fc:ea:06:40:98:e9:b1:73:37:0a:74:25:e4:
eb:6a:9e:ac:da:00:75:1d:18:b2:3f:3b:97:0d:6f:7e:68:6c:
bd:7b:ea:d6:1e:12:1e:a1:bb:c1:10:d0:46:37:71:a7:8f:fe:
85:14:cb:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZk0wNAjvJWaYd15gS1QBuItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGUwYzNiOTMzM2NiNmZkNDEzOWU0NTVhNWFiYmFmZDU2
OTUzMmEwHhcNMjUwOTEwMTc1MTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY1NTI0NzhlMWYyMThlOWI5MjE4OGU0YWU3ODJkNDg0ZjFiZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/uL7ujF35++18f0YgOMjYTbCW+O
7GFA9vJ3es88e2t9nIbfOzpGMooCCOQ8D5ABpQsVzJ93If9U/IztYymdjyAF51QU
tejCiVWDRu+SKKrB/0PfkrXQbgKPp0XeHnyaUnIAMjhhhKkiBknGC0sy7lqbrA08
KbINGvS7GJyzlm5PwEMHZIsexB+n1khiYOH6KW8w7B3VBHhJgmhYIamDnBFYUMDC
5x6uW7FXp0Tc/u24dSKWhUTyPB33vxL8B2qBdXgwTh1k21bS8X+FoPQU1E+5GO1B
WpK4zTluJKOvHPPrCGHKsJR0yan6q6M0WnE0/IVHOpGwalhsZiDjKO8DewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJn1UkeOHyGOm5IYjkrngtSE8b+sMB8GA1UdIwQY
MBaAFPWODDuTM8tv1BOeRVpau6/VaVMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVk0TU81TXp5Ml9VRTU1RldscTdyOVZwVXlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iMWNhNTEtNzVkZC00MWM5LTk0ODQt
MmJjMWFlM2RiZGJlLzEvbWZWU1I0NGZJWTZia2hpT1N1ZUMxSVR4djZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iMWNhNTEtNzVkZC00MWM5LTk0ODQtMmJjMWFlM2RiZGJl
LzEvOVk0TU81TXp5Ml9VRTU1RldscTdyOVZwVXlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwY8QMA0E
AgACMAcDBQMqFLAAMA0GCSqGSIb3DQEBCwUAA4IBAQBdnhygNrcd/5nS08LUYGPq
KzI3x5L1dr2n/T4HEf/Iwap/miNMQw6taAa5WCIck4S2lIoyzf3ECQNSMp3xY3F6
/zIDIXwSzNGQpSrcRQeoXwoSNRcwimNdD/Xermw+KXOweaU+eX8iAbKt3cP/he46
saTwPEzZ9gRKPJ7vc4+KT40udCaFe32wQ1S/y2ittnEsNSP6BSAOpbOKtPRO8s5N
PHRTjfGfOkRUieyQmArq6Sr6tI8j2OvX1spZLWll2eNdn7YUdFghXjmsl/zqBkCY
6bFzNwp0JeTrap6s2gB1HRiyPzuXDW9+aGy9e+rWHhIeobvBENBGN3Gnj/6FFMsl
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:50:52 2025 by rpki-client