Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/B5NbHpa4IA55Nk4URE55QOUgzdY.roa
File: B5NbHpa4IA55Nk4URE55QOUgzdY.roa (raw, json)
Hash identifier: mc8xwL/fwNYv2VKlykQLfqe6Pvz5P+Lx8ZUtrxGHOYk=
Subject key identifier: 07:93:5B:1E:96:B8:20:0E:79:36:4E:14:44:4E:79:40:E5:20:CD:D6
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019A4DC983B7F9459B02635B6A65B5C8D2AA
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/B5NbHpa4IA55Nk4URE55QOUgzdY.roa
Signing time: Tue 04 Nov 2025 07:34:03 +0000
ROA not before: Tue 04 Nov 2025 07:34:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 62.192.110.0/24 maxlen: 24
194.231.136.0/24 maxlen: 24
194.231.151.0/24 maxlen: 24
194.231.152.0/24 maxlen: 24
194.231.153.0/24 maxlen: 24
194.231.154.0/24 maxlen: 24
194.231.198.0/24 maxlen: 24
194.231.201.0/24 maxlen: 24
194.231.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:c9:83:b7:f9:45:9b:02:63:5b:6a:65:b5:c8:d2:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Nov 4 07:34:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07935b1e96b8200e79364e14444e7940e520cdd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6c:18:9d:9b:4d:9c:bf:18:b1:88:af:39:47:
c4:c1:bf:ff:32:0c:76:27:d1:55:f5:07:f2:f2:fb:
c7:43:ca:14:7c:06:e8:a8:18:50:ed:9f:3f:63:58:
01:5a:ff:a6:68:a5:0d:a5:6e:03:eb:dd:47:d2:3a:
89:ae:5d:07:17:cc:9e:90:95:25:92:0a:67:dd:d9:
6a:32:19:a6:27:cf:aa:4c:ba:76:43:90:08:53:98:
6d:28:91:c9:0f:ee:d9:43:b0:35:bc:3f:85:4b:d2:
99:e0:f5:2c:17:1d:a2:c4:03:b9:03:42:9d:a2:d2:
7a:55:35:6e:3f:77:34:6a:7d:65:53:ca:39:3a:cc:
99:32:7c:53:7b:33:31:fe:08:b7:83:6f:63:37:51:
d4:4c:b6:91:1a:9b:2d:a8:c5:e6:9a:f9:83:d5:bf:
ba:3b:9f:62:89:ee:56:c6:64:de:7b:23:bf:39:f2:
00:33:94:2d:0f:e8:c4:47:3f:4a:d8:87:f0:b6:cc:
40:0c:17:fe:51:25:bb:36:02:fd:b3:2d:67:97:f6:
ad:54:69:4b:56:25:ce:b2:60:40:3c:03:17:51:34:
b5:77:f0:ce:54:88:6c:3f:04:9b:60:d6:ff:89:6f:
7c:9b:db:6f:7b:72:2a:c9:a8:b0:8a:77:b1:e7:74:
93:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:93:5B:1E:96:B8:20:0E:79:36:4E:14:44:4E:79:40:E5:20:CD:D6
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/B5NbHpa4IA55Nk4URE55QOUgzdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.110.0/24
194.231.136.0/24
194.231.151.0-194.231.154.255
194.231.198.0/24
194.231.201.0/24
194.231.212.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:87:7c:58:9a:08:64:24:63:19:9e:cf:4c:15:b6:51:2d:b8:
9e:81:a9:db:ca:fc:85:19:0b:7b:de:73:1a:c5:16:fc:d2:5f:
f9:1a:34:cb:60:8a:bb:b7:a5:67:dc:69:61:6c:40:bd:d6:60:
34:93:54:7e:2b:77:e4:c8:c7:34:7b:a7:6d:fd:34:54:5e:56:
2b:01:07:aa:51:ff:2a:ec:2c:ac:ec:26:16:a9:6e:9b:e9:df:
ac:41:b6:44:ac:b4:60:4b:82:6d:64:e4:9a:2a:4f:71:ff:ac:
35:b8:08:0f:a9:d0:8a:16:45:55:ba:f1:a0:14:d5:52:57:8c:
e9:ac:ae:94:f0:80:7c:5d:fb:1c:6c:4b:cb:83:8d:01:5a:4b:
62:cd:58:9e:0a:01:b3:f0:17:3a:0d:cc:fa:cb:37:5a:c4:fb:
01:64:d7:ae:2c:1e:7a:0a:7b:d2:3c:d9:dc:5b:db:4f:43:26:
24:0c:f7:3d:0b:20:e0:e7:21:a5:cd:e0:a3:f0:dd:7e:39:9a:
f9:3a:a0:30:d2:17:57:69:0e:a2:65:50:2f:ec:68:8f:f8:77:
1e:d2:60:23:80:2d:97:58:be:1c:b8:bd:29:9a:35:40:1d:eb:
b4:bf:a8:b3:82:45:2f:ea:b8:e2:9e:33:72:58:3e:9c:e5:88:
1e:ea:89:62
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZpNyYO3+UWbAmNbamW1yNKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUxMTA0MDczNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzkzNWIxZTk2YjgyMDBlNzkzNjRlMTQ0NDRlNzk0MGU1MjBjZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2wYnZtNnL8YsYivOUfEwb//Mgx2
J9FV9Qfy8vvHQ8oUfAboqBhQ7Z8/Y1gBWv+maKUNpW4D691H0jqJrl0HF8yekJUl
kgpn3dlqMhmmJ8+qTLp2Q5AIU5htKJHJD+7ZQ7A1vD+FS9KZ4PUsFx2ixAO5A0Kd
otJ6VTVuP3c0an1lU8o5OsyZMnxTezMx/gi3g29jN1HUTLaRGpstqMXmmvmD1b+6
O59iie5WxmTeeyO/OfIAM5QtD+jERz9K2IfwtsxADBf+USW7NgL9sy1nl/atVGlL
ViXOsmBAPAMXUTS1d/DOVIhsPwSbYNb/iW98m9tve3Iqyaiwinex53STowIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAeTWx6WuCAOeTZOFEROeUDlIM3WMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvQjVOYkhwYTRJQTU1Tms0VVJFNTVRT1VnemRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAPsBuAwQA
wueIMAwDBADC55cDBADC55oDBADC58YDBADC58kDBADC59QwDQYJKoZIhvcNAQEL
BQADggEBADyHfFiaCGQkYxmez0wVtlEtuJ6BqdvK/IUZC3vecxrFFvzSX/kaNMtg
iru3pWfcaWFsQL3WYDSTVH4rd+TIxzR7p239NFReVisBB6pR/yrsLKzsJhapbpvp
36xBtkSstGBLgm1k5JoqT3H/rDW4CA+p0IoWRVW68aAU1VJXjOmsrpTwgHxd+xxs
S8uDjQFaS2LNWJ4KAbPwFzoNzPrLN1rE+wFk164sHnoKe9I82dxb209DJiQM9z0L
IODnIaXN4KPw3X45mvk6oDDSF1dpDqJlUC/saI/4dx7SYCOALZdYvhy4vSmaNUAd
67S/qLOCRS/quOKeM3JYPpzliB7qiWI=
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:22:27 2025 by rpki-client