Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/145943-651f-46ff-93b2-949662b271b2/1/xXaP2eDNgG4DZ5MWiMVfRW19g2s.roa
File: xXaP2eDNgG4DZ5MWiMVfRW19g2s.roa (raw, json)
Hash identifier: NRx5nwi4HBO5MYl0mHSa1UutEw1DMYe/lbcn2V85lZA=
Subject key identifier: C5:76:8F:D9:E0:CD:80:6E:03:67:93:16:88:C5:5F:45:6D:7D:83:6B
Certificate issuer: /CN=bff76a06eaa2a03c7991347509b8608f4a71071f
Certificate serial: 019A3729E1FEB8836F8FD58A03291069AA1F
Authority key identifier: BF:F7:6A:06:EA:A2:A0:3C:79:91:34:75:09:B8:60:8F:4A:71:07:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v_dqBuqioDx5kTR1Cbhgj0pxBx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/145943-651f-46ff-93b2-949662b271b2/1/xXaP2eDNgG4DZ5MWiMVfRW19g2s.roa
Signing time: Thu 30 Oct 2025 22:08:02 +0000
ROA not before: Thu 30 Oct 2025 22:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210083
IP address blocks: 203.12.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/145943-651f-46ff-93b2-949662b271b2/1/v_dqBuqioDx5kTR1Cbhgj0pxBx8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/145943-651f-46ff-93b2-949662b271b2/1/v_dqBuqioDx5kTR1Cbhgj0pxBx8.mft
rsync://rpki.ripe.net/repository/DEFAULT/v_dqBuqioDx5kTR1Cbhgj0pxBx8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:37:29:e1:fe:b8:83:6f:8f:d5:8a:03:29:10:69:aa:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bff76a06eaa2a03c7991347509b8608f4a71071f
Validity
Not Before: Oct 30 22:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5768fd9e0cd806e0367931688c55f456d7d836b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:28:a5:6e:ac:c5:b0:a6:82:b0:b9:fa:53:
1a:99:ec:33:67:67:7c:db:51:c6:15:e8:64:6e:06:
e0:8d:e7:00:be:ec:28:1d:23:92:d4:88:56:7d:75:
63:0e:e8:aa:08:02:1b:d4:99:c3:31:ac:0d:53:7f:
d4:c4:e1:3a:56:4a:4a:4e:cb:2b:d1:c7:ea:8f:fc:
f4:58:12:59:1c:12:a6:ce:34:a3:d0:11:5e:fa:30:
5c:a6:b6:a5:c4:f5:2e:69:ed:59:f8:00:41:78:e3:
f0:34:d9:05:f6:ba:40:6a:7d:fe:ee:06:43:83:12:
1c:e8:d6:52:d3:79:b6:79:53:a0:fd:a7:e1:c2:3e:
a3:55:28:10:68:4b:3e:85:65:bd:d7:a7:1a:97:55:
d7:3f:45:9b:fc:44:32:bb:ea:66:02:b1:91:aa:9c:
eb:c5:fb:af:37:66:34:77:0b:67:8a:0b:2e:16:3a:
a3:04:0f:e3:0f:ab:4e:f5:8c:6d:13:de:dc:ff:28:
c6:87:c8:1c:32:0e:6b:da:94:be:4e:dd:08:ae:0b:
32:bd:88:c7:d7:dd:f0:5c:9e:5f:5c:69:55:4c:95:
50:b3:49:97:03:1b:e9:8d:bd:a6:e0:59:6a:94:12:
77:d9:4c:79:02:35:cd:15:1d:86:e4:5d:72:ea:4a:
b5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:76:8F:D9:E0:CD:80:6E:03:67:93:16:88:C5:5F:45:6D:7D:83:6B
X509v3 Authority Key Identifier:
keyid:BF:F7:6A:06:EA:A2:A0:3C:79:91:34:75:09:B8:60:8F:4A:71:07:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v_dqBuqioDx5kTR1Cbhgj0pxBx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/145943-651f-46ff-93b2-949662b271b2/1/xXaP2eDNgG4DZ5MWiMVfRW19g2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/145943-651f-46ff-93b2-949662b271b2/1/v_dqBuqioDx5kTR1Cbhgj0pxBx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.12.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:93:06:c1:84:48:3f:a2:f6:b0:40:b1:35:99:d9:fe:64:1b:
95:71:ae:1f:03:0b:1f:37:f3:8d:5d:15:bd:44:cb:77:83:d8:
78:dc:1c:3b:5f:98:c1:d4:69:89:36:af:d3:97:db:1b:b1:a4:
fd:3e:6e:56:34:6a:0e:de:a9:49:8d:db:a9:96:4e:cd:3f:3e:
98:32:3d:53:88:a2:83:a4:2b:46:bc:b0:f9:6d:de:f1:59:ad:
61:c9:a5:a5:f2:c5:95:20:9c:cc:28:e0:75:ec:f9:44:c2:c4:
6c:9e:e4:87:43:ef:d3:75:a8:17:f1:e3:ce:f0:f2:ab:f6:2f:
4e:e7:6f:c6:6a:37:c1:1d:bd:b2:b7:3b:27:c4:8d:74:7a:32:
d3:d3:ae:06:c7:cd:07:23:be:ca:21:26:e7:05:29:4f:d8:06:
9b:9a:67:1c:17:61:b9:27:2a:f7:4a:80:4b:8a:52:5a:bb:a8:
ae:4f:db:4c:60:45:cb:53:65:8d:c8:14:e2:ed:22:54:b8:00:
c6:dd:10:0f:97:41:be:46:7c:9b:21:19:b4:19:5e:5c:bd:14:
b3:b4:0f:2a:a8:e6:e9:5d:63:10:1e:d2:1c:68:5c:2d:c7:78:
27:c3:3e:60:4e:e8:14:56:73:af:ca:ee:a1:6e:bb:98:39:e7:
a7:01:0f:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZo3KeH+uINvj9WKAykQaaofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZjc2YTA2ZWFhMmEwM2M3OTkxMzQ3NTA5Yjg2MDhmNGE3
MTA3MWYwHhcNMjUxMDMwMjIwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTc2OGZkOWUwY2Q4MDZlMDM2NzkzMTY4OGM1NWY0NTZkN2Q4MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuoopW6sxbCmgrC5+lMamewzZ2d8
21HGFehkbgbgjecAvuwoHSOS1IhWfXVjDuiqCAIb1JnDMawNU3/UxOE6VkpKTssr
0cfqj/z0WBJZHBKmzjSj0BFe+jBcpralxPUuae1Z+ABBeOPwNNkF9rpAan3+7gZD
gxIc6NZS03m2eVOg/afhwj6jVSgQaEs+hWW916cal1XXP0Wb/EQyu+pmArGRqpzr
xfuvN2Y0dwtnigsuFjqjBA/jD6tO9YxtE97c/yjGh8gcMg5r2pS+Tt0IrgsyvYjH
193wXJ5fXGlVTJVQs0mXAxvpjb2m4FlqlBJ32Ux5AjXNFR2G5F1y6kq1gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMV2j9ngzYBuA2eTFojFX0VtfYNrMB8GA1UdIwQY
MBaAFL/3agbqoqA8eZE0dQm4YI9KcQcfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdl9kcUJ1cWlvRHg1a1RSMUNiaGdqMHB4Qng4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xNDU5NDMtNjUxZi00NmZmLTkzYjIt
OTQ5NjYyYjI3MWIyLzEveFhhUDJlRE5nRzREWjVNV2lNVmZSVzE5ZzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xNDU5NDMtNjUxZi00NmZmLTkzYjItOTQ5NjYyYjI3MWIy
LzEvdl9kcUJ1cWlvRHg1a1RSMUNiaGdqMHB4Qng4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAywwfMA0G
CSqGSIb3DQEBCwUAA4IBAQAOkwbBhEg/ovawQLE1mdn+ZBuVca4fAwsfN/ONXRW9
RMt3g9h43Bw7X5jB1GmJNq/Tl9sbsaT9Pm5WNGoO3qlJjduplk7NPz6YMj1TiKKD
pCtGvLD5bd7xWa1hyaWl8sWVIJzMKOB17PlEwsRsnuSHQ+/TdagX8ePO8PKr9i9O
52/GajfBHb2ytzsnxI10ejLT064Gx80HI77KISbnBSlP2AabmmccF2G5Jyr3SoBL
ilJau6iuT9tMYEXLU2WNyBTi7SJUuADG3RAPl0G+RnybIRm0GV5cvRSztA8qqObp
XWMQHtIcaFwtx3gnwz5gTugUVnOvyu6hbruYOeenAQ+V
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:49:01 2025 by rpki-client