Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jLTmPSj4zEgxRlw1KhKTDWMMXEo.roa
File: jLTmPSj4zEgxRlw1KhKTDWMMXEo.roa (raw, json)
Hash identifier: vXomQi7u0GZu5xq8YRqDL4/QUzmpkB4SKv7uTWs7R1c=
Subject key identifier: 8C:B4:E6:3D:28:F8:CC:48:31:46:5C:35:2A:12:93:0D:63:0C:5C:4A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 019A3E6C682778AA84DF70A934995A3660EB
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jLTmPSj4zEgxRlw1KhKTDWMMXEo.roa
Signing time: Sat 01 Nov 2025 07:58:03 +0000
ROA not before: Sat 01 Nov 2025 07:58:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 835
IP address blocks: 92.42.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3e:6c:68:27:78:aa:84:df:70:a9:34:99:5a:36:60:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Nov 1 07:58:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cb4e63d28f8cc4831465c352a12930d630c5c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:83:d5:2b:ef:48:c8:3e:09:07:a7:79:26:f5:
4b:86:ee:10:08:21:8a:b7:90:a9:6c:e5:73:87:30:
89:6c:9f:ec:b9:83:4d:32:a3:7c:7e:6d:18:53:c1:
97:96:f3:cc:18:9f:80:da:6a:49:3f:e0:ea:3e:b5:
51:41:6a:9a:e3:ed:2d:a9:55:65:7e:ac:5e:9b:38:
ff:50:e9:32:a4:b2:2c:fe:a7:bb:e1:24:a3:ca:2f:
4b:00:39:8a:5e:85:d7:4f:0c:e2:79:07:0b:bd:c6:
f5:55:37:22:a8:8c:54:3c:27:4c:71:9d:3d:21:91:
c8:10:2f:ea:44:63:0f:bc:5b:8f:27:69:b0:d5:85:
1c:27:aa:b3:fb:94:47:fd:56:8e:bd:ef:9e:08:19:
fe:9b:73:74:d3:53:37:b8:40:05:25:99:39:aa:53:
31:9f:a0:e0:e2:3c:28:fb:d4:65:8b:0e:94:6f:8c:
b4:43:dd:5d:cf:8d:ad:34:88:51:ff:e7:62:e6:d6:
26:a5:fa:51:6e:01:3d:24:6c:89:7d:e6:6a:4e:e1:
51:b8:9d:fb:db:51:92:3a:a5:18:f5:ac:71:03:66:
13:af:f6:20:7c:b6:e8:53:79:94:84:70:73:ef:cd:
48:d0:66:46:e0:9a:6e:c2:d2:a3:be:88:39:b2:8c:
23:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B4:E6:3D:28:F8:CC:48:31:46:5C:35:2A:12:93:0D:63:0C:5C:4A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jLTmPSj4zEgxRlw1KhKTDWMMXEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:fc:cb:65:25:b8:e2:1f:ca:ef:02:03:17:60:e8:99:17:2a:
e1:45:d6:62:65:e0:ca:1d:d6:77:13:77:dc:35:47:9d:e6:5b:
8e:4e:c7:d8:1c:72:5f:70:23:ce:1c:41:19:17:18:ba:61:e9:
6f:80:23:a1:00:5d:45:32:a4:f1:ad:9d:2d:2f:fa:2d:cc:84:
45:98:03:a5:19:05:0d:82:c3:f7:43:b7:41:cf:b0:73:ce:e0:
f0:2c:5b:78:ed:e0:3a:26:e7:16:56:a7:b7:98:1b:a1:2b:38:
34:e9:9e:2a:63:df:61:3e:f7:f9:a9:e4:e2:e0:cc:e2:e8:3d:
98:06:68:37:ec:9e:4d:7f:77:24:3f:ab:de:af:0f:c2:a4:4e:
22:71:88:60:9f:e3:eb:a0:1b:5d:e1:eb:44:af:29:6f:cf:77:
0d:03:93:22:0b:d8:46:3e:fe:59:b8:57:ec:7c:1a:c7:5a:99:
f4:6d:1d:8c:6a:4e:5d:84:14:a7:b1:a1:d8:51:14:e1:1f:23:
c7:cc:c7:8e:49:67:32:e9:a7:3c:dc:6d:f4:87:94:a3:89:91:
1c:20:9c:77:01:b2:a1:19:27:0b:f1:94:ee:c4:3d:c3:85:fb:
94:29:31:16:c6:88:88:03:32:47:f5:73:05:ff:98:ae:84:2a:
2d:72:fa:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZo+bGgneKqE33CpNJlaNmDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUxMTAxMDc1ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2I0ZTYzZDI4ZjhjYzQ4MzE0NjVjMzUyYTEyOTMwZDYzMGM1YzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YPVK+9IyD4JB6d5JvVLhu4QCCGK
t5CpbOVzhzCJbJ/suYNNMqN8fm0YU8GXlvPMGJ+A2mpJP+DqPrVRQWqa4+0tqVVl
fqxemzj/UOkypLIs/qe74SSjyi9LADmKXoXXTwzieQcLvcb1VTciqIxUPCdMcZ09
IZHIEC/qRGMPvFuPJ2mw1YUcJ6qz+5RH/VaOve+eCBn+m3N001M3uEAFJZk5qlMx
n6Dg4jwo+9Rliw6Ub4y0Q91dz42tNIhR/+di5tYmpfpRbgE9JGyJfeZqTuFRuJ37
21GSOqUY9axxA2YTr/YgfLboU3mUhHBz781I0GZG4JpuwtKjvog5sowjgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIy05j0o+MxIMUZcNSoSkw1jDFxKMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvakxUbVBTajR6RWd4Umx3MUtoS1REV01NWEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXCrIMA0G
CSqGSIb3DQEBCwUAA4IBAQA7/MtlJbjiH8rvAgMXYOiZFyrhRdZiZeDKHdZ3E3fc
NUed5luOTsfYHHJfcCPOHEEZFxi6YelvgCOhAF1FMqTxrZ0tL/otzIRFmAOlGQUN
gsP3Q7dBz7BzzuDwLFt47eA6JucWVqe3mBuhKzg06Z4qY99hPvf5qeTi4Mzi6D2Y
Bmg37J5Nf3ckP6verw/CpE4icYhgn+ProBtd4etErylvz3cNA5MiC9hGPv5ZuFfs
fBrHWpn0bR2Mak5dhBSnsaHYURThHyPHzMeOSWcy6ac83G30h5SjiZEcIJx3AbKh
GScL8ZTuxD3DhfuUKTEWxoiIAzJH9XMF/5iuhCotcvqL
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:20:43 2025 by rpki-client