Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/2LtUkcgkIuZhBK0wGfDHXpO90Fg.roa
File: 2LtUkcgkIuZhBK0wGfDHXpO90Fg.roa (raw, json)
Hash identifier: fHYbhPRLNrvgqYDM43jt9s30bh16kQSVsBZ1CH2USmQ=
Subject key identifier: D8:BB:54:91:C8:24:22:E6:61:04:AD:30:19:F0:C7:5E:93:BD:D0:58
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019A4F90876D65247665CE80EC0367127CCC
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/2LtUkcgkIuZhBK0wGfDHXpO90Fg.roa
Signing time: Tue 04 Nov 2025 15:51:03 +0000
ROA not before: Tue 04 Nov 2025 15:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42689
IP address blocks: 80.174.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:90:87:6d:65:24:76:65:ce:80:ec:03:67:12:7c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Nov 4 15:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8bb5491c82422e66104ad3019f0c75e93bdd058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:af:66:74:0d:5c:34:26:41:71:9e:98:53:a7:
bc:57:10:f6:46:68:e7:de:ba:1e:22:eb:31:af:72:
dc:61:c4:49:f5:b1:a2:77:b4:3d:6c:95:92:8b:46:
09:c6:37:08:b0:41:59:a6:33:c5:5f:a7:f4:0b:be:
77:e7:51:da:05:f2:5f:22:ea:19:c1:98:67:33:da:
b5:a4:a3:0a:25:e8:09:ac:a0:c2:8e:3a:e3:a0:69:
08:2c:cf:a2:8e:f9:1a:aa:46:02:fb:88:f2:6f:1b:
2f:d1:98:ae:25:50:55:1c:0a:e1:0c:54:a1:ff:3c:
47:1f:8d:c8:c7:b4:8d:72:8b:98:8d:91:7e:a9:f0:
2e:06:1a:ff:ae:37:d8:66:25:0f:3d:a2:b5:e8:0b:
a6:a2:12:6a:ae:d7:9c:d3:2e:ad:52:c5:59:8c:aa:
6a:7a:17:35:44:6c:da:f7:c0:29:43:a0:43:b9:90:
55:a3:b7:e8:18:ed:1d:ab:33:3c:ed:84:e6:d4:4f:
46:bc:ba:33:26:99:d6:25:63:68:3a:2b:4a:5c:4e:
7c:af:dd:17:7a:22:9c:ba:12:fe:62:5a:d0:7c:9d:
c1:f8:9b:b0:94:15:20:e8:b6:b6:ce:d0:09:08:24:
a8:40:e6:4b:eb:3a:71:7d:20:79:59:08:b5:11:9b:
8e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BB:54:91:C8:24:22:E6:61:04:AD:30:19:F0:C7:5E:93:BD:D0:58
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/2LtUkcgkIuZhBK0wGfDHXpO90Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.115.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:85:31:c5:c3:ee:76:0c:a0:57:04:36:eb:81:b2:3f:33:9d:
59:3c:7a:80:5c:9a:40:c8:d7:d3:84:cd:e2:e3:96:bc:89:26:
9f:22:aa:e6:0a:37:f5:8e:7d:b4:0a:8c:a5:93:72:6b:81:fd:
5b:1e:93:b8:db:01:4c:49:a5:a4:8c:bb:2d:6a:40:89:41:50:
76:a3:49:fb:55:96:1d:24:89:a9:68:3e:9f:49:f5:9f:c4:80:
c2:2b:77:ed:48:e2:c9:f9:f8:c2:72:85:78:0f:df:2c:17:30:
70:b1:c4:7b:c7:f8:21:47:a9:fe:ca:9a:06:0a:06:fe:42:35:
98:e6:60:6c:68:8c:ed:4d:7c:67:b5:84:81:10:77:ae:3f:fc:
1d:68:71:52:ce:83:b0:34:02:22:b4:a1:8b:54:c2:09:d5:0c:
e3:8c:f5:94:d2:93:71:63:07:21:29:ed:3a:9b:78:8a:e3:30:
aa:58:09:ce:f1:0d:a1:51:b9:c3:9f:8c:12:2a:23:38:04:35:
c7:a7:c2:34:9f:61:96:7b:1c:42:cb:bb:f9:2b:d6:b2:08:05:
c4:e6:c7:e3:d8:5e:59:ef:ed:09:c5:5f:0b:41:5a:c3:b0:1e:
53:4f:f2:96:fb:2f:0d:14:77:5c:e9:64:06:57:52:1f:f6:65:
50:7a:bc:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZpPkIdtZSR2Zc6A7ANnEnzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjUxMTA0MTU1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGJiNTQ5MWM4MjQyMmU2NjEwNGFkMzAxOWYwYzc1ZTkzYmRkMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK9mdA1cNCZBcZ6YU6e8VxD2Rmjn
3roeIusxr3LcYcRJ9bGid7Q9bJWSi0YJxjcIsEFZpjPFX6f0C75351HaBfJfIuoZ
wZhnM9q1pKMKJegJrKDCjjrjoGkILM+ijvkaqkYC+4jybxsv0ZiuJVBVHArhDFSh
/zxHH43Ix7SNcouYjZF+qfAuBhr/rjfYZiUPPaK16AumohJqrtec0y6tUsVZjKpq
ehc1RGza98ApQ6BDuZBVo7foGO0dqzM87YTm1E9GvLozJpnWJWNoOitKXE58r90X
eiKcuhL+YlrQfJ3B+JuwlBUg6La2ztAJCCSoQOZL6zpxfSB5WQi1EZuOTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNi7VJHIJCLmYQStMBnwx16TvdBYMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvMkx0VWtjZ2tJdVpoQkswd0dmREhYcE85MEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUK5zMA0G
CSqGSIb3DQEBCwUAA4IBAQDUhTHFw+52DKBXBDbrgbI/M51ZPHqAXJpAyNfThM3i
45a8iSafIqrmCjf1jn20Coylk3Jrgf1bHpO42wFMSaWkjLstakCJQVB2o0n7VZYd
JImpaD6fSfWfxIDCK3ftSOLJ+fjCcoV4D98sFzBwscR7x/ghR6n+ypoGCgb+QjWY
5mBsaIztTXxntYSBEHeuP/wdaHFSzoOwNAIitKGLVMIJ1QzjjPWU0pNxYwchKe06
m3iK4zCqWAnO8Q2hUbnDn4wSKiM4BDXHp8I0n2GWexxCy7v5K9ayCAXE5sfj2F5Z
7+0JxV8LQVrDsB5TT/KW+y8NFHdc6WQGV1If9mVQerw9
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:58:37 2025 by rpki-client