Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/WqyCbDn3mH7Y8puLAdhhQtdufpc.roa
File: WqyCbDn3mH7Y8puLAdhhQtdufpc.roa (raw, json)
Hash identifier: J8A2x+0n1dpB8MrkkMN2gsBUUM1UPXbHfnJWBH/EHu0=
Subject key identifier: 5A:AC:82:6C:39:F7:98:7E:D8:F2:9B:8B:01:D8:61:42:D7:6E:7E:97
Certificate issuer: /CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579
Certificate serial: 019A274260EC95760BD174CCBA8F93F3F613
Authority key identifier: FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/WqyCbDn3mH7Y8puLAdhhQtdufpc.roa
Signing time: Mon 27 Oct 2025 20:00:52 +0000
ROA not before: Mon 27 Oct 2025 20:00:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 109.122.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:27:42:60:ec:95:76:0b:d1:74:cc:ba:8f:93:f3:f6:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579
Validity
Not Before: Oct 27 20:00:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5aac826c39f7987ed8f29b8b01d86142d76e7e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b1:48:1e:cb:60:18:89:b0:b2:f0:c8:c5:29:
3f:9b:20:51:37:4d:43:40:7e:e5:41:b9:ae:02:55:
b8:b4:f7:46:60:bc:fd:c3:4b:b4:d4:93:69:8a:64:
e6:d9:3b:c1:d3:ec:03:9c:c7:ab:ff:c6:56:81:e3:
cf:d9:db:f9:ac:a2:a5:99:1d:87:e2:12:e0:e8:ad:
b4:d3:25:8d:15:3c:da:60:19:5b:41:3d:7d:76:40:
5c:f4:c3:0e:cf:4e:a6:e2:d6:8f:6a:01:40:ad:df:
87:e4:be:2d:65:50:5a:6c:81:d6:0f:ef:4a:d1:87:
06:64:b9:b6:a6:6b:f1:5c:ae:36:8f:f8:b9:ea:b5:
0f:95:01:95:14:78:c7:ea:f0:a5:76:bf:05:26:de:
25:54:3c:5a:4b:b7:32:4e:ac:b4:53:f2:88:83:61:
67:8e:ea:a8:e8:c3:f9:03:d1:f7:b7:73:d8:75:0d:
b3:c1:a1:a9:b6:3d:09:ab:18:07:3b:45:f7:0d:19:
60:27:de:82:05:0a:0a:f4:9f:54:28:f7:50:fe:6d:
34:9c:80:c0:3e:8b:2b:68:01:a2:bc:e0:f6:c1:88:
88:29:87:fc:88:2d:13:0f:ca:af:e9:e3:24:79:1e:
ad:50:d7:64:7d:32:88:4a:cf:ec:1e:60:a8:7c:5e:
cb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:AC:82:6C:39:F7:98:7E:D8:F2:9B:8B:01:D8:61:42:D7:6E:7E:97
X509v3 Authority Key Identifier:
keyid:FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/WqyCbDn3mH7Y8puLAdhhQtdufpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.31.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:a0:2e:e0:f3:e3:9e:90:47:30:0c:c7:4e:76:30:03:1d:cb:
21:b8:09:b6:3e:f8:26:14:03:bb:7f:e2:07:ae:50:1e:ab:35:
90:76:1d:9c:98:aa:4a:66:41:a2:bd:66:fe:3b:69:77:a0:93:
5f:69:29:55:31:8f:38:77:bd:18:b1:94:83:91:83:02:d5:8a:
72:58:cd:27:28:23:78:d6:89:e0:b0:60:7a:a5:ac:c6:5a:e3:
2f:c1:76:03:66:3b:d6:d7:27:74:e0:30:54:31:21:8b:04:2c:
d6:5e:89:7f:11:f0:bc:df:ec:2b:07:77:74:01:d7:de:b5:03:
de:c0:9e:2b:cb:f1:a1:34:1b:ee:7e:2f:c6:c2:8b:81:20:22:
f5:de:42:db:65:ec:ec:0c:62:4e:21:59:80:cc:84:38:43:ca:
65:4a:67:ab:11:e1:46:8c:0c:59:10:a5:3f:ab:e3:90:58:d3:
cb:12:a2:dc:8f:6b:31:82:3d:f7:88:4b:55:6c:e7:c5:3e:b2:
10:11:7c:01:2c:c4:39:2a:b8:53:ed:17:f0:40:7c:a3:96:b5:
cc:f6:f6:3c:cd:fa:4e:42:d4:a5:b1:ef:da:45:d1:a5:7b:a9:
59:27:67:c2:36:a5:aa:c1:8c:f0:a3:b7:ac:90:6c:4f:55:41:
cb:a7:65:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZonQmDslXYL0XTMuo+T8/YTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYTNlNTUxNDFjMWExZjlmMmUyODgxMWVkN2U3N2ZhZDM3
OGE1NzkwHhcNMjUxMDI3MjAwMDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWFjODI2YzM5Zjc5ODdlZDhmMjliOGIwMWQ4NjE0MmQ3NmU3ZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLFIHstgGImwsvDIxSk/myBRN01D
QH7lQbmuAlW4tPdGYLz9w0u01JNpimTm2TvB0+wDnMer/8ZWgePP2dv5rKKlmR2H
4hLg6K200yWNFTzaYBlbQT19dkBc9MMOz06m4taPagFArd+H5L4tZVBabIHWD+9K
0YcGZLm2pmvxXK42j/i56rUPlQGVFHjH6vCldr8FJt4lVDxaS7cyTqy0U/KIg2Fn
juqo6MP5A9H3t3PYdQ2zwaGptj0JqxgHO0X3DRlgJ96CBQoK9J9UKPdQ/m00nIDA
PosraAGivOD2wYiIKYf8iC0TD8qv6eMkeR6tUNdkfTKISs/sHmCofF7LMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqsgmw595h+2PKbiwHYYULXbn6XMB8GA1UdIwQY
MBaAFP+j5VFBwaH58uKIEe1+d/rTeKV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUt
YTM5YWMyNTM5ZmM1LzEvV3F5Q2JEbjNtSDdZOHB1TEFkaGhRdGR1ZnBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUtYTM5YWMyNTM5ZmM1
LzEvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXofMA0G
CSqGSIb3DQEBCwUAA4IBAQCioC7g8+OekEcwDMdOdjADHcshuAm2PvgmFAO7f+IH
rlAeqzWQdh2cmKpKZkGivWb+O2l3oJNfaSlVMY84d70YsZSDkYMC1YpyWM0nKCN4
1ongsGB6pazGWuMvwXYDZjvW1yd04DBUMSGLBCzWXol/EfC83+wrB3d0AdfetQPe
wJ4ry/GhNBvufi/GwouBICL13kLbZezsDGJOIVmAzIQ4Q8plSmerEeFGjAxZEKU/
q+OQWNPLEqLcj2sxgj33iEtVbOfFPrIQEXwBLMQ5KrhT7RfwQHyjlrXM9vY8zfpO
QtSlse/aRdGle6lZJ2fCNqWqwYzwo7eskGxPVUHLp2VE
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:20:41 2025 by rpki-client