Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/J4v4YctCHtP9auM56zAmzUwWL10.roa
File: J4v4YctCHtP9auM56zAmzUwWL10.roa (raw, json)
Hash identifier: xGnYJPVF4qZJGWiNqLP0c5sMi+0ZNyv5e7r0egNhiqo=
Subject key identifier: 27:8B:F8:61:CB:42:1E:D3:FD:6A:E3:39:EB:30:26:CD:4C:16:2F:5D
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019A5523D79DFD0712401039CE8CC921DC71
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/J4v4YctCHtP9auM56zAmzUwWL10.roa
Signing time: Wed 05 Nov 2025 17:50:03 +0000
ROA not before: Wed 05 Nov 2025 17:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215330
IP address blocks: 2a0e:19c5::/32 maxlen: 32
2a11:6040::/29 maxlen: 29
2a11:8bc0::/29 maxlen: 29
2a12:57c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 05:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:23:d7:9d:fd:07:12:40:10:39:ce:8c:c9:21:dc:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Nov 5 17:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=278bf861cb421ed3fd6ae339eb3026cd4c162f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3d:8c:ee:de:ff:05:4c:45:85:b8:1d:0b:dd:
f9:0f:e4:7c:d1:79:05:38:c2:65:db:51:2e:16:c5:
fc:2e:c2:b2:58:4d:77:9f:bb:03:eb:90:24:2b:91:
b4:fc:9a:e1:03:31:45:73:54:73:4f:bb:88:4e:3c:
c0:12:d1:7f:4e:4e:53:83:d2:42:6e:b4:53:41:68:
fc:6e:51:71:fd:38:6a:1e:d4:df:08:8a:6c:b7:06:
3a:7a:57:f5:fa:37:29:d8:68:8c:d0:e1:9b:20:66:
6e:55:8e:bf:af:79:9a:4a:88:5f:97:bd:8b:dc:17:
78:da:ce:c1:85:f4:b3:cd:8c:80:9f:3d:0e:7e:66:
65:d5:15:55:c0:84:2a:67:28:88:39:7b:c5:86:db:
64:99:0f:39:84:a5:c5:93:a5:26:07:33:11:bf:e8:
00:b3:dc:1e:10:3b:f4:d1:6a:ee:f6:ca:b7:86:65:
85:d4:f4:60:a6:01:32:f1:6b:6e:c0:e4:c0:3c:fe:
ba:c4:47:eb:02:d8:59:9a:82:2c:4a:2b:ca:db:48:
54:7d:c1:5e:a1:87:b5:32:26:b5:c3:66:c0:d9:66:
90:0a:0f:65:1f:4d:32:9c:ca:47:9b:c0:14:a1:ea:
b8:fb:51:4e:ec:4c:87:26:6f:c8:5c:73:b8:53:4a:
fd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8B:F8:61:CB:42:1E:D3:FD:6A:E3:39:EB:30:26:CD:4C:16:2F:5D
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/J4v4YctCHtP9auM56zAmzUwWL10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:19c5::/32
2a11:6040::/29
2a11:8bc0::/29
2a12:57c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:a6:c7:68:03:2f:a5:92:d2:09:ab:3f:24:ba:59:f8:d2:e0:
a8:b4:88:63:d6:56:8c:8c:32:13:bb:21:d9:e7:78:53:d7:00:
f8:00:d5:1a:29:41:2c:bb:a5:9e:47:52:41:58:43:c4:71:72:
8c:f9:63:37:d8:45:e4:6c:5f:3f:b9:a5:04:08:52:e7:95:c1:
da:51:f1:70:15:f2:10:f8:a0:5f:4d:91:b6:09:df:3d:f8:1a:
d5:53:00:ef:cb:03:12:f3:34:40:dd:a1:0b:78:e2:01:31:f9:
0d:d8:99:8b:0a:da:a4:82:6b:14:ad:8e:a2:f6:c7:ff:98:b5:
3d:bb:e9:86:f3:53:1b:54:ff:fa:df:f2:71:46:06:7a:bb:bd:
bb:13:42:b9:ff:10:0c:a0:42:92:bc:6f:e5:34:ee:63:60:e8:
2c:d9:82:29:03:e6:7f:17:10:a1:75:28:b1:af:a2:35:8c:1d:
0b:13:b4:de:4f:ba:09:0e:06:80:99:c4:3d:0d:8b:bf:97:3a:
9b:cc:de:12:37:00:02:40:85:65:f7:c5:73:2a:d5:54:7a:55:
1b:c4:fc:88:c5:29:d9:4f:24:0d:ca:1a:56:33:0a:49:c5:4a:
cc:8f:a0:17:47:45:e7:b0:c0:ea:29:82:dc:34:6d:8c:3e:cf:
5b:53:17:8b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZpVI9ed/QcSQBA5zozJIdxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUxMTA1MTc1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzhiZjg2MWNiNDIxZWQzZmQ2YWUzMzllYjMwMjZjZDRjMTYyZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT2M7t7/BUxFhbgdC935D+R80XkF
OMJl21EuFsX8LsKyWE13n7sD65AkK5G0/JrhAzFFc1RzT7uITjzAEtF/Tk5Tg9JC
brRTQWj8blFx/ThqHtTfCIpstwY6elf1+jcp2GiM0OGbIGZuVY6/r3maSohfl72L
3Bd42s7BhfSzzYyAnz0OfmZl1RVVwIQqZyiIOXvFhttkmQ85hKXFk6UmBzMRv+gA
s9weEDv00Wru9sq3hmWF1PRgpgEy8WtuwOTAPP66xEfrAthZmoIsSivK20hUfcFe
oYe1Mia1w2bA2WaQCg9lH00ynMpHm8AUoeq4+1FO7EyHJm/IXHO4U0r9BwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCeL+GHLQh7T/WrjOeswJs1MFi9dMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSjR2NFljdENIdFA5YXVNNTZ6QW16VXdXTDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg4ZxQMF
AyoRYEADBQMqEYvAAwUDKhJXwDANBgkqhkiG9w0BAQsFAAOCAQEAj6bHaAMvpZLS
Cas/JLpZ+NLgqLSIY9ZWjIwyE7sh2ed4U9cA+ADVGilBLLulnkdSQVhDxHFyjPlj
N9hF5GxfP7mlBAhS55XB2lHxcBXyEPigX02RtgnfPfga1VMA78sDEvM0QN2hC3ji
ATH5DdiZiwrapIJrFK2OovbH/5i1PbvphvNTG1T/+t/ycUYGeru9uxNCuf8QDKBC
krxv5TTuY2DoLNmCKQPmfxcQoXUosa+iNYwdCxO03k+6CQ4GgJnEPQ2Lv5c6m8ze
EjcAAkCFZffFcyrVVHpVG8T8iMUp2U8kDcoaVjMKScVKzI+gF0dF57DA6imC3DRt
jD7PW1MXiw==
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:21:27 2025 by rpki-client