Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/BxbiyrTa2KmVP8MJDnNvE4L1M8I.roa
File: BxbiyrTa2KmVP8MJDnNvE4L1M8I.roa (raw, json)
Hash identifier: fihL1h/kI4OpAJJZ9gtR+wrj5VlNpr/uxbRG0A/1OvE=
Subject key identifier: 07:16:E2:CA:B4:DA:D8:A9:95:3F:C3:09:0E:73:6F:13:82:F5:33:C2
Certificate issuer: /CN=51cf732a8a7439e9280f23ef57849814af195ae0
Certificate serial: 019A500123333667E8E4447682BBD5971AA8
Authority key identifier: 51:CF:73:2A:8A:74:39:E9:28:0F:23:EF:57:84:98:14:AF:19:5A:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uc9zKop0OekoDyPvV4SYFK8ZWuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/BxbiyrTa2KmVP8MJDnNvE4L1M8I.roa
Signing time: Tue 04 Nov 2025 17:54:03 +0000
ROA not before: Tue 04 Nov 2025 17:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49438
IP address blocks: 5.199.0.0/17 maxlen: 24
91.246.26.0/23 maxlen: 24
185.169.120.0/22 maxlen: 24
212.74.32.0/19 maxlen: 24
2a00:17f8::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Uc9zKop0OekoDyPvV4SYFK8ZWuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Uc9zKop0OekoDyPvV4SYFK8ZWuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uc9zKop0OekoDyPvV4SYFK8ZWuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 17:54:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:01:23:33:36:67:e8:e4:44:76:82:bb:d5:97:1a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51cf732a8a7439e9280f23ef57849814af195ae0
Validity
Not Before: Nov 4 17:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0716e2cab4dad8a9953fc3090e736f1382f533c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c3:e1:10:78:90:59:de:ab:c6:b9:40:1a:b8:
86:e7:21:ce:9a:6e:f1:e1:fe:75:33:47:0d:d6:c3:
39:8a:aa:78:73:ed:6c:a3:12:bd:65:50:34:79:c8:
6b:d4:58:87:19:96:ca:e7:d2:70:fb:ee:44:29:10:
80:35:26:08:b3:16:41:f1:44:24:ff:55:7f:d6:31:
bc:4c:6d:f7:05:73:b9:3c:f5:f3:12:65:dc:60:f0:
6b:45:e3:43:5a:69:c3:1d:b8:dc:04:c0:c2:22:0f:
fe:c7:d4:b3:7a:8f:e1:37:49:e3:86:99:4f:fc:61:
de:32:ed:b9:44:cf:f6:c0:2e:f2:85:ab:30:9c:52:
30:29:45:64:65:2a:a1:7e:c6:4a:8f:6e:ca:81:aa:
86:12:00:01:b0:6e:d9:bd:f0:48:ea:cd:01:46:5a:
a9:4d:a9:6e:1f:9c:fe:f1:3a:6a:3d:93:f0:eb:e4:
58:e8:ce:4d:cc:01:e8:06:4e:9e:8a:58:e0:a5:6e:
14:b6:70:28:4d:b8:73:2c:fd:70:2f:37:09:f7:34:
cd:56:fa:c1:18:95:23:68:92:d8:73:ab:96:ea:1f:
5e:ec:72:b1:2e:ad:7c:15:0a:ae:f2:14:f2:ea:38:
7b:94:a9:18:ee:09:72:cd:8d:42:9f:a2:6e:7a:28:
39:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:16:E2:CA:B4:DA:D8:A9:95:3F:C3:09:0E:73:6F:13:82:F5:33:C2
X509v3 Authority Key Identifier:
keyid:51:CF:73:2A:8A:74:39:E9:28:0F:23:EF:57:84:98:14:AF:19:5A:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uc9zKop0OekoDyPvV4SYFK8ZWuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/BxbiyrTa2KmVP8MJDnNvE4L1M8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Uc9zKop0OekoDyPvV4SYFK8ZWuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.0.0/17
91.246.26.0/23
185.169.120.0/22
212.74.32.0/19
IPv6:
2a00:17f8::/32
Signature Algorithm: sha256WithRSAEncryption
90:24:1f:8b:9d:09:8e:51:8c:11:c2:00:0e:dd:d3:da:5d:3b:
10:df:9e:f7:54:d0:0e:aa:34:42:8b:85:e5:d6:5c:08:89:12:
92:95:26:93:db:0d:73:62:96:d2:0d:b4:81:87:40:30:04:69:
4c:a9:e8:e6:f5:b1:f7:ea:40:52:fe:90:1f:a7:b2:a9:f8:35:
41:43:62:a1:86:9c:70:2d:f4:7b:fb:e0:86:ea:c9:54:47:0a:
0d:d5:02:d0:7c:c9:12:f6:9e:25:31:44:50:f4:f4:97:65:42:
7d:f4:23:3e:68:e6:56:e6:71:60:1d:b5:2c:71:eb:e2:a0:b4:
b9:68:05:73:8a:ff:d4:58:66:ac:19:18:15:c2:5e:52:59:a4:
cc:7d:24:52:6c:f7:56:7d:70:06:b6:b6:95:e5:77:fe:51:5d:
4d:a6:5a:f6:93:cd:ed:b1:6b:b5:2f:aa:37:94:91:68:2f:ea:
3c:5a:0d:60:9b:4f:12:9d:96:54:12:74:2d:7e:6d:64:49:0e:
e3:90:25:d3:95:7c:23:19:16:bb:ed:d4:d4:ae:72:f0:d9:0c:
37:8e:44:73:3f:ed:d2:f4:c1:f7:54:0a:5d:d2:3a:46:6e:3c:
7e:41:bd:f3:b2:2c:89:99:79:0f:74:3e:13:e0:26:56:3e:07:
c9:7a:24:1b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZpQASMzNmfo5ER2grvVlxqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxY2Y3MzJhOGE3NDM5ZTkyODBmMjNlZjU3ODQ5ODE0YWYx
OTVhZTAwHhcNMjUxMTA0MTc1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzE2ZTJjYWI0ZGFkOGE5OTUzZmMzMDkwZTczNmYxMzgyZjUzM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucPhEHiQWd6rxrlAGriG5yHOmm7x
4f51M0cN1sM5iqp4c+1soxK9ZVA0echr1FiHGZbK59Jw++5EKRCANSYIsxZB8UQk
/1V/1jG8TG33BXO5PPXzEmXcYPBrReNDWmnDHbjcBMDCIg/+x9Szeo/hN0njhplP
/GHeMu25RM/2wC7yhaswnFIwKUVkZSqhfsZKj27KgaqGEgABsG7ZvfBI6s0BRlqp
TaluH5z+8TpqPZPw6+RY6M5NzAHoBk6eiljgpW4UtnAoTbhzLP1wLzcJ9zTNVvrB
GJUjaJLYc6uW6h9e7HKxLq18FQqu8hTy6jh7lKkY7glyzY1Cn6Jueig5/QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAcW4sq02tiplT/DCQ5zbxOC9TPCMB8GA1UdIwQY
MBaAFFHPcyqKdDnpKA8j71eEmBSvGVrgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWM5ektvcDBPZWtvRHlQdlY0U1lGSzhaV3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy85YTY2MzgtYzhmZC00M2NmLWIxYzQt
YjA3MWM3ZWZkOTE1LzEvQnhiaXlyVGEyS21WUDhNSkRuTnZFNEwxTThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy85YTY2MzgtYzhmZC00M2NmLWIxYzQtYjA3MWM3ZWZkOTE1
LzEvVWM5ektvcDBPZWtvRHlQdlY0U1lGSzhaV3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHBccAAwQB
W/YaAwQCual4AwQF1EogMA0EAgACMAcDBQAqABf4MA0GCSqGSIb3DQEBCwUAA4IB
AQCQJB+LnQmOUYwRwgAO3dPaXTsQ3573VNAOqjRCi4Xl1lwIiRKSlSaT2w1zYpbS
DbSBh0AwBGlMqejm9bH36kBS/pAfp7Kp+DVBQ2KhhpxwLfR7++CG6slURwoN1QLQ
fMkS9p4lMURQ9PSXZUJ99CM+aOZW5nFgHbUscevioLS5aAVziv/UWGasGRgVwl5S
WaTMfSRSbPdWfXAGtraV5Xf+UV1Nplr2k83tsWu1L6o3lJFoL+o8Wg1gm08SnZZU
EnQtfm1kSQ7jkCXTlXwjGRa77dTUrnLw2Qw3jkRzP+3S9MH3VApd0jpGbjx+Qb3z
siyJmXkPdD4T4CZWPgfJeiQb
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:45:43 2025 by rpki-client