Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/J4E9AJoPfOLqwulL3ftXL_IB9ag.roa
File: J4E9AJoPfOLqwulL3ftXL_IB9ag.roa (raw, json)
Hash identifier: tCCbubfsbpZEgpLfe3FdJwcnWVmPaXeFvjwGwjVIv9k=
Subject key identifier: 27:81:3D:00:9A:0F:7C:E2:EA:C2:E9:4B:DD:FB:57:2F:F2:01:F5:A8
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 019A4886C538B75C2C81C4CC5A33C8B6E47C
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/J4E9AJoPfOLqwulL3ftXL_IB9ag.roa
Signing time: Mon 03 Nov 2025 07:03:03 +0000
ROA not before: Mon 03 Nov 2025 07:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.38.25.0/24 maxlen: 24
194.31.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:86:c5:38:b7:5c:2c:81:c4:cc:5a:33:c8:b6:e4:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Nov 3 07:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27813d009a0f7ce2eac2e94bddfb572ff201f5a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c0:40:7d:54:f2:8e:18:fe:ee:b9:d8:85:a0:
e0:2c:d7:15:72:b4:63:f6:04:33:14:a2:2a:47:da:
73:4e:9d:6c:0e:1e:e5:b3:7f:8d:43:12:c5:27:58:
5d:99:a0:2b:62:5c:39:bc:d8:8c:04:40:ef:fa:25:
66:24:18:5d:0f:f9:05:dc:19:16:88:57:8f:75:27:
63:5c:cf:a8:6c:6c:9b:c8:26:6b:de:74:b4:9e:aa:
0b:b5:0c:57:97:1b:d1:ed:ca:9f:c4:9d:b0:28:3c:
7b:36:71:68:ab:22:08:1d:ad:d2:4e:3e:b3:9e:7f:
15:3a:ff:fd:c9:be:9a:97:07:fb:2e:e4:8f:fa:61:
a4:7c:d9:04:9f:c2:b8:77:2b:4a:81:b2:33:d5:63:
61:5e:10:44:c5:ec:86:fc:55:f1:dc:ec:9e:5c:6c:
f4:7f:5c:95:03:af:9c:c1:a1:40:73:51:8a:c2:10:
0d:b8:bb:b5:f3:e0:ef:9f:f5:85:1c:2d:d7:88:b0:
9f:d8:f5:58:b6:06:49:24:e3:f2:d8:9e:45:e7:b8:
0b:41:bd:30:10:68:0c:9f:5a:b2:06:64:4f:83:80:
60:b4:a0:03:1a:27:3e:fa:c9:0c:a2:21:62:a7:cc:
fd:73:83:96:b5:a3:2c:9c:b8:09:96:e8:e2:74:9e:
7a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:81:3D:00:9A:0F:7C:E2:EA:C2:E9:4B:DD:FB:57:2F:F2:01:F5:A8
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/J4E9AJoPfOLqwulL3ftXL_IB9ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.25.0/24
194.31.167.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:32:6d:02:7a:24:e2:d6:22:ba:c2:90:6e:f0:20:83:64:5f:
80:04:54:69:b2:46:36:3b:e1:df:29:e0:5e:c3:ec:df:8d:22:
9b:d6:f4:cd:52:76:85:81:07:12:21:bb:8f:24:8f:1e:f0:47:
e2:a3:09:5c:e2:94:a8:2d:45:d5:40:df:bd:93:23:19:8b:d3:
dd:d7:64:63:d9:3c:09:ca:4b:31:1c:80:4b:c2:04:c0:02:34:
41:b0:82:ad:48:4a:5a:25:f9:87:d1:ee:be:e3:3b:ce:07:4d:
74:8f:36:fe:1f:b5:6b:01:e4:ad:74:0c:0f:3f:17:2c:18:4e:
b1:09:35:4e:9b:f9:8e:a4:b9:89:5a:29:cb:26:d7:3a:6d:c1:
96:39:c6:26:0c:92:c1:e0:62:36:e9:15:cc:50:15:c7:71:8f:
b4:02:fb:65:47:d3:cd:33:c6:17:65:47:86:ca:b2:0b:7a:cf:
9a:f0:f0:b2:40:61:9c:2d:6d:18:65:f8:48:9c:76:00:c2:2d:
4a:61:c2:93:c3:ed:3d:c5:7b:42:23:56:fb:60:6d:22:07:69:
c7:4f:f8:03:d5:33:ba:49:3e:1d:80:2a:7d:82:1f:51:4e:7c:
21:fd:ba:75:d4:d0:dc:8f:1e:f0:82:c2:53:82:e2:2e:5a:46:
59:4e:35:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpIhsU4t1wsgcTMWjPItuR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUxMTAzMDcwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzgxM2QwMDlhMGY3Y2UyZWFjMmU5NGJkZGZiNTcyZmYyMDFmNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cBAfVTyjhj+7rnYhaDgLNcVcrRj
9gQzFKIqR9pzTp1sDh7ls3+NQxLFJ1hdmaArYlw5vNiMBEDv+iVmJBhdD/kF3BkW
iFePdSdjXM+obGybyCZr3nS0nqoLtQxXlxvR7cqfxJ2wKDx7NnFoqyIIHa3STj6z
nn8VOv/9yb6alwf7LuSP+mGkfNkEn8K4dytKgbIz1WNhXhBExeyG/FXx3OyeXGz0
f1yVA6+cwaFAc1GKwhANuLu18+Dvn/WFHC3XiLCf2PVYtgZJJOPy2J5F57gLQb0w
EGgMn1qyBmRPg4BgtKADGic++skMoiFip8z9c4OWtaMsnLgJlujidJ56bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCeBPQCaD3zi6sLpS937Vy/yAfWoMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvSjRFOUFKb1BmT0xxd3VsTDNmdFhMX0lCOWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSYZAwQA
wh+nMA0GCSqGSIb3DQEBCwUAA4IBAQANMm0CeiTi1iK6wpBu8CCDZF+ABFRpskY2
O+HfKeBew+zfjSKb1vTNUnaFgQcSIbuPJI8e8Efiowlc4pSoLUXVQN+9kyMZi9Pd
12Rj2TwJyksxHIBLwgTAAjRBsIKtSEpaJfmH0e6+4zvOB010jzb+H7VrAeStdAwP
PxcsGE6xCTVOm/mOpLmJWinLJtc6bcGWOcYmDJLB4GI26RXMUBXHcY+0AvtlR9PN
M8YXZUeGyrILes+a8PCyQGGcLW0YZfhInHYAwi1KYcKTw+09xXtCI1b7YG0iB2nH
T/gD1TO6ST4dgCp9gh9RTnwh/bp11NDcjx7wgsJTguIuWkZZTjV/
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:30:59 2025 by rpki-client