Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/dTGUVm0ZrIzwKRyWbL6NbJOPx1Q.roa
File: dTGUVm0ZrIzwKRyWbL6NbJOPx1Q.roa (raw, json)
Hash identifier: RPTvRkUlZkqh3fbuLZ6reC0SCKA0OsgzpyZM/iS5ClM=
Subject key identifier: 75:31:94:56:6D:19:AC:8C:F0:29:1C:96:6C:BE:8D:6C:93:8F:C7:54
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 019A103C5DFFE1699F737744D1C763924248
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/dTGUVm0ZrIzwKRyWbL6NbJOPx1Q.roa
Signing time: Thu 23 Oct 2025 08:43:02 +0000
ROA not before: Thu 23 Oct 2025 08:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32787
IP address blocks: 193.120.17.0/24 maxlen: 24
193.120.42.0/24 maxlen: 24
193.120.52.0/24 maxlen: 24
193.120.98.0/24 maxlen: 24
193.120.216.0/24 maxlen: 24
212.2.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:10:3c:5d:ff:e1:69:9f:73:77:44:d1:c7:63:92:42:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Oct 23 08:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=753194566d19ac8cf0291c966cbe8d6c938fc754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:69:9f:17:d9:79:2c:76:a0:2b:12:d6:50:81:
d5:be:de:d7:b1:37:00:25:2d:a3:9b:b4:53:39:1d:
8b:b4:05:65:18:98:62:c8:18:6f:90:a2:d7:86:c0:
8d:d6:63:07:b7:b2:da:75:2f:21:4b:d7:ce:2c:fd:
b3:41:e1:ed:28:83:77:07:3e:bc:cc:e6:7f:8c:54:
52:c4:77:71:3d:96:98:ee:b6:7f:10:68:0d:6c:5d:
bb:c7:18:a4:e7:0d:fa:4f:54:a8:ef:4a:60:21:c1:
6a:a0:87:aa:e5:6b:0a:a7:88:bb:37:5f:ed:94:81:
c1:36:ec:d3:58:1c:ad:4e:1b:8e:46:22:ae:06:24:
94:11:ce:87:f7:69:d8:a8:46:f0:35:e7:8f:d9:d3:
b6:a5:67:f4:6f:a4:77:70:4b:ed:33:bc:41:2b:a5:
dc:cf:46:33:76:46:e9:d7:f2:c5:1a:a7:a4:73:20:
74:2a:4d:69:a2:77:26:74:58:85:31:2c:34:1b:0e:
92:38:93:d2:e8:6e:30:48:fd:e1:93:d7:14:ae:5e:
84:cd:b3:f7:b1:15:23:fb:d9:a3:b6:c7:ad:b1:76:
13:d1:8d:31:6f:47:ba:ed:cc:6a:73:45:73:ed:de:
1e:03:53:9c:8b:d7:36:9a:bc:0e:9e:47:4a:a9:e9:
42:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:31:94:56:6D:19:AC:8C:F0:29:1C:96:6C:BE:8D:6C:93:8F:C7:54
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/dTGUVm0ZrIzwKRyWbL6NbJOPx1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.120.17.0/24
193.120.42.0/24
193.120.52.0/24
193.120.98.0/24
193.120.216.0/24
212.2.187.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:b2:a5:c1:7f:fa:58:5d:71:8d:8f:21:bc:f5:88:c7:22:88:
92:fa:b8:a8:59:ac:f6:60:eb:83:4a:2e:1d:f7:b2:2a:a9:8f:
d6:3a:7b:21:4b:23:50:34:56:2e:17:68:6e:32:aa:69:b1:3c:
b1:7f:96:70:b2:bd:cb:17:46:48:e8:1f:cb:6f:03:9b:7e:6e:
bd:91:1b:df:a1:45:33:fb:31:7b:9c:54:32:ed:c0:d8:7e:bb:
50:af:04:ed:bc:67:d7:21:a2:c9:74:42:12:a6:fa:0d:e7:87:
f5:f5:ce:1d:04:1c:c6:52:3f:84:57:6b:9e:07:67:cf:fc:8a:
fa:35:be:af:36:97:4a:b5:b0:82:e2:91:0e:81:e9:6e:49:a8:
87:bd:4a:6f:de:a7:34:6e:8e:69:5c:ab:b5:e4:37:57:52:66:
b6:f8:88:2e:4d:ac:09:85:a4:14:e5:dd:47:5e:0b:b5:87:eb:
2f:45:55:85:78:f3:59:e5:ca:a7:ce:83:77:83:69:28:8d:06:
ad:cd:bf:00:06:26:71:e9:92:97:5e:62:c2:d1:e2:33:62:a6:
eb:0f:34:47:62:96:2e:1c:41:96:5e:b6:dc:1c:f5:6f:d5:de:
3f:12:d5:97:9d:f5:70:c6:de:09:a2:12:63:0c:17:f2:37:39:
76:22:69:20
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZoQPF3/4Wmfc3dE0cdjkkJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTQzYTUxOTdlYjI1NDQ0NDdlOWQzNmIzZWJmMTQ0NTJj
Nzc3ZWIwHhcNMjUxMDIzMDg0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTMxOTQ1NjZkMTlhYzhjZjAyOTFjOTY2Y2JlOGQ2YzkzOGZjNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGmfF9l5LHagKxLWUIHVvt7XsTcA
JS2jm7RTOR2LtAVlGJhiyBhvkKLXhsCN1mMHt7LadS8hS9fOLP2zQeHtKIN3Bz68
zOZ/jFRSxHdxPZaY7rZ/EGgNbF27xxik5w36T1So70pgIcFqoIeq5WsKp4i7N1/t
lIHBNuzTWBytThuORiKuBiSUEc6H92nYqEbwNeeP2dO2pWf0b6R3cEvtM7xBK6Xc
z0Yzdkbp1/LFGqekcyB0Kk1poncmdFiFMSw0Gw6SOJPS6G4wSP3hk9cUrl6EzbP3
sRUj+9mjtsetsXYT0Y0xb0e67cxqc0Vz7d4eA1Oci9c2mrwOnkdKqelCOQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHUxlFZtGayM8Ckclmy+jWyTj8dUMB8GA1UdIwQY
MBaAFBBUOlGX6yVERH6dNrPr8URSx3frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmIt
ZjdlMGM1ZTI3MDJlLzEvZFRHVVZtMFpySXp3S1J5V2JMNk5iSk9QeDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmItZjdlMGM1ZTI3MDJl
LzEvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXgRAwQA
wXgqAwQAwXg0AwQAwXhiAwQAwXjYAwQA1AK7MA0GCSqGSIb3DQEBCwUAA4IBAQBa
sqXBf/pYXXGNjyG89YjHIoiS+rioWaz2YOuDSi4d97IqqY/WOnshSyNQNFYuF2hu
MqppsTyxf5Zwsr3LF0ZI6B/LbwObfm69kRvfoUUz+zF7nFQy7cDYfrtQrwTtvGfX
IaLJdEISpvoN54f19c4dBBzGUj+EV2ueB2fP/Ir6Nb6vNpdKtbCC4pEOgeluSaiH
vUpv3qc0bo5pXKu15DdXUma2+IguTawJhaQU5d1HXgu1h+svRVWFePNZ5cqnzoN3
g2kojQatzb8ABiZx6ZKXXmLC0eIzYqbrDzRHYpYuHEGWXrbcHPVv1d4/EtWXnfVw
xt4JohJjDBfyNzl2Imkg
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:12:13 2025 by rpki-client