Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/46h5nobx_zR8KXOiTeHjAzknwIs.roa
File: 46h5nobx_zR8KXOiTeHjAzknwIs.roa (raw, json)
Hash identifier: O2dP2kId8I+XUB/uQTATNRSAFFIduq37hWbnlUze7lA=
Subject key identifier: E3:A8:79:9E:86:F1:FF:34:7C:29:73:A2:4D:E1:E3:03:39:27:C0:8B
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019A4B9B0AEAAF8BC9B4E06F13131F757A34
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/46h5nobx_zR8KXOiTeHjAzknwIs.roa
Signing time: Mon 03 Nov 2025 21:24:03 +0000
ROA not before: Mon 03 Nov 2025 21:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 79.172.254.0/24 maxlen: 24
87.229.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 08:03:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4b:9b:0a:ea:af:8b:c9:b4:e0:6f:13:13:1f:75:7a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Nov 3 21:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3a8799e86f1ff347c2973a24de1e3033927c08b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1d:de:bc:dd:37:86:77:b7:3b:b5:8c:f0:b3:
0f:00:c2:41:8d:55:10:ee:88:bc:02:c7:ca:dc:c7:
c1:85:bc:54:26:d3:55:a9:d2:4f:b1:4c:9d:06:2a:
23:cf:80:7b:87:ee:cf:13:41:e0:e6:0e:77:53:ee:
bb:21:2a:03:08:ce:e3:e4:80:95:f2:ef:9d:f6:3d:
20:9b:75:bf:e4:d3:19:7c:eb:23:4f:b5:e6:7c:25:
f2:84:b0:10:30:25:b5:5d:74:bf:1c:f8:43:a5:ee:
23:b8:03:94:2e:d0:ab:97:df:c2:11:15:72:49:7f:
3e:9e:5b:7f:8f:45:ba:f9:24:61:9b:8d:5a:2a:e5:
27:e8:a1:3b:aa:c0:2b:51:d0:e0:c6:19:e7:91:78:
4b:a2:83:36:23:82:d7:83:c4:00:32:be:d2:b9:7d:
34:6b:3f:68:0d:41:f8:85:bb:0d:df:fb:a0:53:00:
9e:96:e5:f1:a0:34:5f:8d:a2:0b:7d:d5:0a:f0:dd:
1b:d5:2d:d9:93:c3:59:b8:d6:f8:b4:8a:f9:73:d3:
5b:27:58:c7:bd:6e:43:85:a5:db:67:81:71:a0:d2:
41:36:35:b1:af:cd:c2:0c:b1:1e:84:cb:fa:33:d1:
ad:db:78:6c:56:2d:3f:6d:b1:46:cc:e2:32:6f:49:
f0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A8:79:9E:86:F1:FF:34:7C:29:73:A2:4D:E1:E3:03:39:27:C0:8B
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/46h5nobx_zR8KXOiTeHjAzknwIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.254.0/24
87.229.10.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:f5:32:4a:dd:37:5f:0d:a5:91:16:02:44:6f:80:01:30:78:
d6:45:28:7a:94:e0:f0:d2:30:c9:4b:0c:c2:95:10:19:2c:2b:
ed:b8:97:22:17:ef:7f:d0:1e:13:f0:51:08:90:af:b0:fa:27:
29:3f:0a:21:ad:b2:93:86:44:d2:3d:e5:59:e7:80:17:94:fa:
85:46:72:98:21:c4:88:2d:51:ef:9c:6e:37:e7:ed:19:80:8f:
f7:61:de:12:d9:7e:65:ed:01:a4:95:d5:95:5d:8a:83:c0:61:
ae:55:38:7d:f9:77:46:22:ba:6c:68:c5:35:e5:ae:4a:de:0c:
6d:5d:f0:da:42:db:fa:47:9c:e2:76:ec:2f:ae:33:81:78:da:
58:e6:6f:29:78:17:e0:bd:61:1d:7c:9c:ec:b8:33:66:f6:6e:
37:30:a1:ca:e9:2a:47:61:a8:5f:5c:86:c2:f6:02:ff:6d:c6:
a4:1f:5a:42:e1:f1:4f:83:cb:a8:29:56:1c:2a:00:14:fc:17:
75:e5:69:0a:d7:17:62:2d:5c:ee:9b:e1:89:f8:81:b8:e1:3e:
7a:4c:06:7b:ec:11:84:d9:23:f2:16:6c:5c:51:13:e4:44:82:
5a:26:75:fb:37:00:35:14:d5:ef:83:f1:ae:3c:07:3d:6f:ef:
21:a0:64:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpLmwrqr4vJtOBvExMfdXo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUxMTAzMjEyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2E4Nzk5ZTg2ZjFmZjM0N2MyOTczYTI0ZGUxZTMwMzM5MjdjMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2B3evN03hne3O7WM8LMPAMJBjVUQ
7oi8AsfK3MfBhbxUJtNVqdJPsUydBiojz4B7h+7PE0Hg5g53U+67ISoDCM7j5ICV
8u+d9j0gm3W/5NMZfOsjT7XmfCXyhLAQMCW1XXS/HPhDpe4juAOULtCrl9/CERVy
SX8+nlt/j0W6+SRhm41aKuUn6KE7qsArUdDgxhnnkXhLooM2I4LXg8QAMr7SuX00
az9oDUH4hbsN3/ugUwCeluXxoDRfjaILfdUK8N0b1S3Zk8NZuNb4tIr5c9NbJ1jH
vW5DhaXbZ4FxoNJBNjWxr83CDLEehMv6M9Gt23hsVi0/bbFGzOIyb0nw4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOOoeZ6G8f80fClzok3h4wM5J8CLMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvNDZoNW5vYnhfelI4S1hPaVRlSGpBemtud0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT6z+AwQA
V+UKMA0GCSqGSIb3DQEBCwUAA4IBAQAa9TJK3TdfDaWRFgJEb4ABMHjWRSh6lODw
0jDJSwzClRAZLCvtuJciF+9/0B4T8FEIkK+w+icpPwohrbKThkTSPeVZ54AXlPqF
RnKYIcSILVHvnG435+0ZgI/3Yd4S2X5l7QGkldWVXYqDwGGuVTh9+XdGIrpsaMU1
5a5K3gxtXfDaQtv6R5ziduwvrjOBeNpY5m8peBfgvWEdfJzsuDNm9m43MKHK6SpH
YahfXIbC9gL/bcakH1pC4fFPg8uoKVYcKgAU/Bd15WkK1xdiLVzum+GJ+IG44T56
TAZ77BGE2SPyFmxcURPkRIJaJnX7NwA1FNXvg/GuPAc9b+8hoGQA
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:00:06 2025 by rpki-client