Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5UT7HajoqO1VliKQVsCLI27qH-E.roa
File: 5UT7HajoqO1VliKQVsCLI27qH-E.roa (raw, json)
Hash identifier: QSGNtznyJZn4CsaZ/6JCaIiNV4sYNP2txeOH1gYo+xQ=
Subject key identifier: E5:44:FB:1D:A8:E8:A8:ED:55:96:22:90:56:C0:8B:23:6E:EA:1F:E1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01988F804B27D0C23D051EA35720FF1AA6C8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5UT7HajoqO1VliKQVsCLI27qH-E.roa
Signing time: Sat 09 Aug 2025 15:43:26 +0000
ROA not before: Sat 09 Aug 2025 15:43:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215614
IP address blocks: 85.202.203.0/24 maxlen: 24
2a0e:97c1::/48 maxlen: 48
2a10:2f00:167::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8f:80:4b:27:d0:c2:3d:05:1e:a3:57:20:ff:1a:a6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 9 15:43:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e544fb1da8e8a8ed5596229056c08b236eea1fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e2:2a:81:11:ee:99:a1:67:7b:12:1a:91:82:
c8:f9:06:72:16:81:0f:0d:89:a5:3c:db:f8:ba:0c:
5b:4a:82:99:d9:ef:2d:35:01:f5:04:41:9f:16:f9:
ae:cb:3e:78:1c:42:e9:0f:f8:b0:29:40:60:f4:b9:
73:31:dc:4e:09:bb:91:2a:17:42:0a:bb:e8:85:90:
54:e2:b1:f2:82:1e:df:12:11:87:80:02:75:71:e5:
d2:eb:57:da:fa:0e:be:fb:8b:e3:88:ae:19:08:69:
58:22:71:6c:29:be:a8:24:b2:63:e9:7f:1d:0f:23:
bd:cc:7c:87:0a:d4:0b:d2:ca:21:d9:a4:03:fb:1c:
e7:86:03:4f:86:40:ec:2f:22:c4:fb:68:e1:5a:36:
a0:df:9a:0f:c4:2d:be:5f:25:f6:8c:2e:ed:06:32:
78:40:51:35:e9:df:87:0c:77:ae:8a:90:10:e4:1e:
8f:89:a8:19:28:dc:6a:8c:c8:94:ec:18:83:4c:60:
41:e8:8d:8e:c2:8c:8d:4e:26:b2:5b:a5:16:34:23:
d9:c2:8a:51:40:8a:cf:da:72:6e:a5:a3:69:2d:b5:
70:58:47:77:e6:64:fc:69:d1:35:f5:6b:7b:a8:26:
40:5d:31:8e:91:14:08:b9:b9:8e:d0:4e:8c:f6:55:
05:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:44:FB:1D:A8:E8:A8:ED:55:96:22:90:56:C0:8B:23:6E:EA:1F:E1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5UT7HajoqO1VliKQVsCLI27qH-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.203.0/24
IPv6:
2a0e:97c1::/48
2a10:2f00:167::/48
Signature Algorithm: sha256WithRSAEncryption
03:c5:60:23:6b:3e:b1:e3:22:00:ed:3e:ea:57:ad:d4:50:7d:
8e:8d:81:e9:b8:2b:1e:e4:a8:92:34:69:50:5d:c0:b8:72:2d:
ee:c7:a8:09:65:50:f8:42:0e:38:db:64:57:f5:df:7d:9b:e3:
79:e5:83:5d:44:8f:8a:7c:39:3a:76:04:e2:56:20:8a:22:f1:
8e:3e:22:57:7d:fe:46:b4:a1:9f:0c:e2:f6:44:f7:5c:ea:ba:
b4:ef:8d:7e:8a:7e:f2:53:d6:3c:2b:50:bc:5b:60:af:5f:a2:
40:2f:a9:4f:26:d6:cd:1c:3a:dd:d2:09:61:87:91:8f:44:f4:
aa:3e:14:0f:d4:38:c7:91:d8:d1:bc:4a:4b:8a:41:1b:03:b6:
46:be:a0:60:b4:68:7a:ab:7f:85:81:3e:a8:93:ed:ab:e6:f4:
2d:54:f9:b1:d0:a4:98:f9:b7:46:4b:5b:7f:61:3d:eb:28:75:
3e:4f:ed:01:49:c0:b1:fd:8f:2b:7b:b1:7e:de:de:fe:e0:e0:
70:97:9f:1d:f4:45:b5:81:af:f6:bb:80:8c:e5:41:8e:97:43:
69:6e:4a:78:82:c2:3e:d8:60:f1:d9:22:f9:2a:d6:84:8e:63:
4a:c3:10:07:07:b4:00:e6:50:b0:c2:2d:a2:d1:e4:32:d4:3d:
54:9c:51:3d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZiPgEsn0MI9BR6jVyD/GqbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwODA5MTU0MzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQ0ZmIxZGE4ZThhOGVkNTU5NjIyOTA1NmMwOGIyMzZlZWExZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+IqgRHumaFnexIakYLI+QZyFoEP
DYmlPNv4ugxbSoKZ2e8tNQH1BEGfFvmuyz54HELpD/iwKUBg9LlzMdxOCbuRKhdC
CrvohZBU4rHygh7fEhGHgAJ1ceXS61fa+g6++4vjiK4ZCGlYInFsKb6oJLJj6X8d
DyO9zHyHCtQL0soh2aQD+xznhgNPhkDsLyLE+2jhWjag35oPxC2+XyX2jC7tBjJ4
QFE16d+HDHeuipAQ5B6PiagZKNxqjMiU7BiDTGBB6I2OwoyNTiayW6UWNCPZwopR
QIrP2nJupaNpLbVwWEd35mT8adE19Wt7qCZAXTGOkRQIubmO0E6M9lUFcwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOVE+x2o6KjtVZYikFbAiyNu6h/hMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNVVUN0hham9xTzFWbGlLUVZzQ0xJMjdxSC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAVcrLMBgE
AgACMBIDBwAqDpfBAAADBwAqEC8AAWcwDQYJKoZIhvcNAQELBQADggEBAAPFYCNr
PrHjIgDtPupXrdRQfY6Ngem4Kx7kqJI0aVBdwLhyLe7HqAllUPhCDjjbZFf1332b
43nlg11Ej4p8OTp2BOJWIIoi8Y4+Ild9/ka0oZ8M4vZE91zqurTvjX6KfvJT1jwr
ULxbYK9fokAvqU8m1s0cOt3SCWGHkY9E9Ko+FA/UOMeR2NG8SkuKQRsDtka+oGC0
aHqrf4WBPqiT7avm9C1U+bHQpJj5t0ZLW39hPesodT5P7QFJwLH9jyt7sX7e3v7g
4HCXnx30RbWBr/a7gIzlQY6XQ2luSniCwj7YYPHZIvkq1oSOY0rDEAcHtADmULDC
LaLR5DLUPVScUT0=
-----END CERTIFICATE-----
Generated at Mon Aug 11 05:57:14 2025 by rpki-client