Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/C5aQpvui4sZoextRorOM2s4-tus.roa
File: C5aQpvui4sZoextRorOM2s4-tus.roa (raw, json)
Hash identifier: +uHoqMeakur3FJ2A7KIKBKK6VappFgcU8wtIWqkzb60=
Subject key identifier: 0B:96:90:A6:FB:A2:E2:C6:68:7B:1B:51:A2:B3:8C:DA:CE:3E:B6:EB
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 019A255F23B782A5B9552B719C5844ECEF81
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/C5aQpvui4sZoextRorOM2s4-tus.roa
Signing time: Mon 27 Oct 2025 11:13:03 +0000
ROA not before: Mon 27 Oct 2025 11:13:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197476
IP address blocks: 5.157.176.0/21 maxlen: 21
5.157.184.0/21 maxlen: 21
37.35.56.0/21 maxlen: 21
178.157.106.0/23 maxlen: 23
188.74.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:5f:23:b7:82:a5:b9:55:2b:71:9c:58:44:ec:ef:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Oct 27 11:13:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b9690a6fba2e2c6687b1b51a2b38cdace3eb6eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f9:00:8d:08:6e:ef:b2:a1:3e:e4:4d:52:10:
df:1a:7a:b5:0a:bb:46:84:bb:23:60:c2:a3:fa:63:
79:66:01:47:35:8e:5d:cc:62:a2:1a:87:6d:af:03:
01:54:53:c2:c9:a5:54:9f:af:22:56:59:1a:df:02:
04:ba:36:dc:e0:77:02:62:37:c9:d7:16:fd:e0:9c:
3f:98:d7:78:d1:b3:b1:71:84:c6:b7:35:d8:68:3d:
dc:aa:24:93:72:4b:d0:f4:81:a9:51:a5:e7:5a:33:
65:61:88:11:d5:43:4a:a7:38:57:50:56:b2:b0:c4:
79:ab:17:c4:1c:d6:2e:80:ab:8f:87:0b:84:e3:51:
9f:f6:1b:7f:27:f8:d9:72:78:28:2e:12:51:19:94:
15:af:a0:71:9e:fb:29:1f:7e:28:2f:9b:8a:9a:22:
51:cf:f7:83:84:f5:3c:35:51:38:b6:31:af:96:34:
5e:60:b6:05:ba:71:28:22:9b:10:71:a7:0d:0b:4f:
fa:67:99:f5:4b:75:5b:38:58:ad:09:47:31:5e:a1:
72:cf:0d:9f:da:ca:15:aa:51:12:58:57:9c:30:52:
ec:d8:e2:f2:88:88:46:8b:95:32:e4:48:b1:d7:18:
c2:b3:38:a5:c6:81:07:ec:ae:e8:97:b2:b8:72:ee:
95:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:96:90:A6:FB:A2:E2:C6:68:7B:1B:51:A2:B3:8C:DA:CE:3E:B6:EB
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/C5aQpvui4sZoextRorOM2s4-tus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.176.0/20
37.35.56.0/21
178.157.106.0/23
188.74.176.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:93:e3:a7:40:5c:30:2d:dd:d9:0d:e0:7a:06:52:1b:62:10:
1b:25:7a:47:2c:d4:e3:36:b0:83:06:2c:da:c1:75:58:97:8e:
9e:fe:b4:50:e2:24:34:59:0d:3e:79:09:95:2d:b1:dc:33:53:
1a:e6:f7:bc:7d:f5:de:1c:87:c8:87:f6:20:d0:5b:5d:b5:82:
45:1f:ea:77:23:b1:80:0d:ed:98:4c:30:18:3b:8c:a5:6d:be:
eb:34:e0:9d:cf:36:fa:cb:f5:57:ab:89:67:cc:d7:4d:7d:0b:
a6:b3:89:a1:95:f5:e9:9a:40:ca:57:80:69:af:1c:78:01:77:
f8:7b:62:aa:ed:72:87:7e:f4:7c:d7:46:95:48:fd:51:41:62:
eb:f5:66:39:88:80:89:7b:71:f7:55:0a:70:87:14:57:d9:af:
85:be:00:56:ca:80:97:93:4a:2d:3d:a7:dc:75:d4:b5:46:e8:
f2:82:98:87:4e:d4:1a:13:05:b3:7a:be:32:61:d5:70:f6:39:
6a:07:9d:9f:8e:be:61:2d:68:1d:74:a8:ba:41:21:c4:6d:51:
da:71:40:2a:44:ae:32:fe:a5:c4:42:01:80:83:b2:02:81:da:
c0:b4:a0:e4:ec:f2:71:9f:36:ef:be:4c:68:11:54:b4:60:bc:
ee:9c:40:f8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZolXyO3gqW5VStxnFhE7O+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUxMDI3MTExMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjk2OTBhNmZiYTJlMmM2Njg3YjFiNTFhMmIzOGNkYWNlM2ViNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPkAjQhu77KhPuRNUhDfGnq1CrtG
hLsjYMKj+mN5ZgFHNY5dzGKiGodtrwMBVFPCyaVUn68iVlka3wIEujbc4HcCYjfJ
1xb94Jw/mNd40bOxcYTGtzXYaD3cqiSTckvQ9IGpUaXnWjNlYYgR1UNKpzhXUFay
sMR5qxfEHNYugKuPhwuE41Gf9ht/J/jZcngoLhJRGZQVr6BxnvspH34oL5uKmiJR
z/eDhPU8NVE4tjGvljReYLYFunEoIpsQcacNC0/6Z5n1S3VbOFitCUcxXqFyzw2f
2soVqlESWFecMFLs2OLyiIhGi5Uy5Eix1xjCszilxoEH7K7ol7K4cu6VIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAuWkKb7ouLGaHsbUaKzjNrOPrbrMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvQzVhUXB2dWk0c1pvZXh0Um9yT00yczQtdHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBZ2wAwQD
JSM4AwQBsp1qAwQCvEqwMA0GCSqGSIb3DQEBCwUAA4IBAQBKk+OnQFwwLd3ZDeB6
BlIbYhAbJXpHLNTjNrCDBizawXVYl46e/rRQ4iQ0WQ0+eQmVLbHcM1Ma5ve8ffXe
HIfIh/Yg0FtdtYJFH+p3I7GADe2YTDAYO4ylbb7rNOCdzzb6y/VXq4lnzNdNfQum
s4mhlfXpmkDKV4Bprxx4AXf4e2Kq7XKHfvR810aVSP1RQWLr9WY5iICJe3H3VQpw
hxRX2a+FvgBWyoCXk0otPafcddS1RujygpiHTtQaEwWzer4yYdVw9jlqB52fjr5h
LWgddKi6QSHEbVHacUAqRK4y/qXEQgGAg7ICgdrAtKDk7PJxnzbvvkxoEVS0YLzu
nED4
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:05:12 2025 by rpki-client