Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1eQYY4zw6BHTedgOY9nUUktL4Wo.roa
File: 1eQYY4zw6BHTedgOY9nUUktL4Wo.roa (raw, json)
Hash identifier: 1GSk8VZgzdgKxh/A+wdRhyo5q1wO2hZsCTmMQzU4Ni8=
Subject key identifier: D5:E4:18:63:8C:F0:E8:11:D3:79:D8:0E:63:D9:D4:52:4B:4B:E1:6A
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019A3486398B89386FDAD33CC78EDBDF9E47
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1eQYY4zw6BHTedgOY9nUUktL4Wo.roa
Signing time: Thu 30 Oct 2025 09:50:03 +0000
ROA not before: Thu 30 Oct 2025 09:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51699
IP address blocks: 5.1.64.0/24 maxlen: 24
5.1.65.0/24 maxlen: 24
2a07:6fc0:5::/48 maxlen: 48
2a0f:b80:4::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:34:86:39:8b:89:38:6f:da:d3:3c:c7:8e:db:df:9e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Oct 30 09:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5e418638cf0e811d379d80e63d9d4524b4be16a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a4:2e:d1:73:49:80:46:52:1b:a9:42:0c:34:
10:3c:60:96:6f:05:f3:76:05:09:76:27:6a:97:a3:
9b:62:95:c1:3a:bb:73:be:3b:45:08:49:d3:e3:b9:
56:90:7c:1c:f8:85:cf:66:6c:d5:31:b1:92:1a:76:
5a:84:5f:7e:4f:bf:89:1d:87:83:66:b7:70:18:cb:
17:72:00:89:6b:10:11:2b:00:94:b7:6a:2e:75:5b:
82:8f:2a:5d:38:4f:10:07:12:b0:39:86:98:d7:ff:
5f:e2:73:43:48:5c:bd:62:da:5f:72:c2:03:79:f1:
27:2e:3a:cf:10:7c:a0:06:6f:c7:b3:5d:bd:b7:d1:
00:f9:87:5d:c1:15:28:e5:51:02:d5:16:5d:96:da:
9f:15:c0:1f:31:8b:54:23:85:29:13:3d:fb:d0:51:
28:3f:e8:b8:f5:31:cc:20:cc:ac:d1:c9:86:36:bf:
f6:2c:ef:38:13:47:24:42:d3:75:fb:46:1c:f2:db:
7f:de:a4:43:78:2c:64:50:96:25:58:bc:b0:5b:89:
f9:ea:22:5b:20:d2:5a:a6:7d:ed:42:03:de:78:9a:
d9:c5:02:6e:f6:66:5b:52:71:eb:a0:25:00:42:1b:
0a:d7:2b:cf:f8:4e:5e:71:ad:f8:6e:18:57:24:90:
31:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E4:18:63:8C:F0:E8:11:D3:79:D8:0E:63:D9:D4:52:4B:4B:E1:6A
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1eQYY4zw6BHTedgOY9nUUktL4Wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.64.0/23
IPv6:
2a07:6fc0:5::/48
2a0f:b80:4::/46
Signature Algorithm: sha256WithRSAEncryption
7d:8f:7c:08:62:7f:e3:7a:2b:be:f7:20:f4:70:65:c6:cc:60:
2d:c1:c9:54:5f:be:84:9f:0f:53:06:45:53:ec:97:e5:e5:8b:
2e:2c:83:61:e1:5b:e5:1b:8d:cd:02:f9:96:aa:2d:61:82:0b:
f1:d2:2d:e5:c8:9a:8a:ea:7d:ea:0b:f6:64:71:70:2b:04:d9:
dc:55:03:c1:86:ae:e7:f3:d8:8c:12:0d:a5:a2:6e:a2:40:f4:
1f:f7:bc:f6:9a:a1:f4:a1:34:ed:03:c0:52:5c:ec:5f:93:07:
75:55:49:fe:12:4d:f6:9a:62:9f:2e:37:0d:6e:18:be:ea:01:
e6:6c:a4:e7:b4:33:b6:c7:a2:90:e2:40:12:9b:6a:2f:c8:03:
66:16:53:5f:fe:c7:99:24:29:e4:9b:6e:68:a9:2c:b8:93:c2:
af:1d:ea:09:50:21:27:85:45:fe:0c:c5:90:10:e2:9f:b3:dd:
4a:3b:00:3e:22:69:1e:4c:6b:50:d3:96:f7:6b:86:11:3e:b1:
09:8b:c6:fe:97:c6:d6:ad:25:27:1d:94:ad:93:85:74:34:8f:
e9:71:e2:63:fc:6a:f4:d8:41:69:27:87:13:f4:06:33:82:a9:
ca:ca:0e:2c:6d:75:d5:bf:d9:cc:02:0b:8f:2c:b7:eb:ec:c6:
12:5b:70:34
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZo0hjmLiThv2tM8x47b355HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUxMDMwMDk1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWU0MTg2MzhjZjBlODExZDM3OWQ4MGU2M2Q5ZDQ1MjRiNGJlMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KQu0XNJgEZSG6lCDDQQPGCWbwXz
dgUJdidql6ObYpXBOrtzvjtFCEnT47lWkHwc+IXPZmzVMbGSGnZahF9+T7+JHYeD
ZrdwGMsXcgCJaxARKwCUt2oudVuCjypdOE8QBxKwOYaY1/9f4nNDSFy9YtpfcsID
efEnLjrPEHygBm/Hs129t9EA+YddwRUo5VEC1RZdltqfFcAfMYtUI4UpEz370FEo
P+i49THMIMys0cmGNr/2LO84E0ckQtN1+0Yc8tt/3qRDeCxkUJYlWLywW4n56iJb
INJapn3tQgPeeJrZxQJu9mZbUnHroCUAQhsK1yvP+E5eca34bhhXJJAxWwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNXkGGOM8OgR03nYDmPZ1FJLS+FqMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvMWVRWVk0enc2QkhUZWRnT1k5blVVa3RMNFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBBQFAMBgE
AgACMBIDBwAqB2/AAAUDBwIqDwuAAAQwDQYJKoZIhvcNAQELBQADggEBAH2PfAhi
f+N6K773IPRwZcbMYC3ByVRfvoSfD1MGRVPsl+Xliy4sg2HhW+Ubjc0C+ZaqLWGC
C/HSLeXImorqfeoL9mRxcCsE2dxVA8GGrufz2IwSDaWibqJA9B/3vPaaofShNO0D
wFJc7F+TB3VVSf4STfaaYp8uNw1uGL7qAeZspOe0M7bHopDiQBKbai/IA2YWU1/+
x5kkKeSbbmipLLiTwq8d6glQISeFRf4MxZAQ4p+z3Uo7AD4iaR5Ma1DTlvdrhhE+
sQmLxv6XxtatJScdlK2ThXQ0j+lx4mP8avTYQWknhxP0BjOCqcrKDixtddW/2cwC
C48st+vsxhJbcDQ=
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:20:37 2025 by rpki-client