Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/UXot0y7NcTulPHd9qDfq0dGMJfU.roa
File: UXot0y7NcTulPHd9qDfq0dGMJfU.roa (raw, json)
Hash identifier: CdK4PRmgbO2cxg5azIBFyAa1AtokT3d6hqZhIbAAoX0=
Subject key identifier: 51:7A:2D:D3:2E:CD:71:3B:A5:3C:77:7D:A8:37:EA:D1:D1:8C:25:F5
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019A3FECECD66C5E517DA333863196262FB7
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/UXot0y7NcTulPHd9qDfq0dGMJfU.roa
Signing time: Sat 01 Nov 2025 14:58:03 +0000
ROA not before: Sat 01 Nov 2025 14:58:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 95.155.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3f:ec:ec:d6:6c:5e:51:7d:a3:33:86:31:96:26:2f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Nov 1 14:58:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=517a2dd32ecd713ba53c777da837ead1d18c25f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d5:35:39:b1:96:9b:12:14:26:31:3c:9c:79:
3a:e8:a2:52:ac:d3:a2:a9:4a:90:43:cb:dc:a2:eb:
e6:e1:65:c1:23:c6:73:40:33:23:ff:58:86:01:1c:
ae:59:75:b1:91:a0:18:94:6c:96:2c:87:49:ad:cf:
5c:9d:81:97:51:c2:b5:17:aa:92:ef:b5:9c:ab:e3:
60:49:82:f7:66:a9:2f:83:1e:bb:e9:7d:6c:f2:93:
8c:74:6f:e1:e1:c2:7a:75:85:c8:b7:ad:7c:7c:fd:
e5:1b:3e:9d:8c:63:a4:f6:41:ab:79:b8:78:27:2a:
b5:28:8c:59:e2:a9:f9:fc:aa:07:01:e5:27:24:b7:
70:a0:7e:d6:f4:fe:d0:15:37:da:87:d3:9f:c8:e6:
b1:61:98:49:1a:63:15:19:a7:60:27:d9:fd:79:69:
e9:f6:fd:02:dd:7a:96:35:d9:38:76:79:a6:d0:86:
12:39:73:9b:ac:80:49:e3:20:c3:7d:73:44:a3:86:
96:a8:84:44:e2:22:71:0a:d9:bc:76:f1:8f:7f:c1:
18:a3:c7:18:62:5c:eb:29:72:c0:d1:e7:42:e4:25:
54:5e:3c:a8:59:ce:41:8d:cb:f3:99:0a:a8:03:fd:
72:b1:b1:7c:6e:32:08:42:3a:aa:8e:b5:28:04:e6:
eb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:7A:2D:D3:2E:CD:71:3B:A5:3C:77:7D:A8:37:EA:D1:D1:8C:25:F5
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/UXot0y7NcTulPHd9qDfq0dGMJfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.130.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:09:11:83:4f:6e:ee:d0:96:47:12:6e:a6:62:1c:d7:31:02:
7d:9d:a5:52:87:77:09:30:76:26:98:ba:a1:36:8b:7c:09:30:
75:fb:be:a2:7e:bc:e3:b9:78:70:9d:74:28:c4:09:c1:e7:01:
76:62:44:93:42:76:80:fa:f5:17:e8:f5:ef:be:c5:d8:af:76:
5a:c8:d8:de:83:45:dc:57:c5:69:02:3f:ff:bd:69:24:b1:78:
38:c3:f4:27:c2:d1:a7:b1:c3:43:4e:41:8f:c8:8f:f0:20:d9:
9e:11:31:62:12:ac:f6:33:ef:c6:b6:8c:c6:ac:e9:ad:72:cc:
a5:c5:21:c3:55:bf:c9:c1:4b:41:2d:15:31:f7:87:6d:86:fa:
64:6b:bb:02:16:57:4a:eb:96:a0:aa:1d:43:5c:50:af:4f:98:
7d:0d:2b:ac:15:94:b4:ac:86:29:33:26:41:d0:19:67:50:c7:
14:fe:e6:80:6d:b2:e7:12:ad:26:93:0a:5d:8b:77:77:df:36:
24:91:b7:ef:f8:68:e3:de:88:8b:6e:b7:e4:f5:0e:6c:52:11:
8b:44:f4:a2:ad:0c:f3:43:52:50:c6:20:43:30:6c:dd:84:a5:
bb:6b:02:ec:74:c3:9d:fc:a5:be:78:9a:a1:d5:05:d7:67:99:
4d:a1:6f:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZo/7OzWbF5RfaMzhjGWJi+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUxMTAxMTQ1ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTdhMmRkMzJlY2Q3MTNiYTUzYzc3N2RhODM3ZWFkMWQxOGMyNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNU1ObGWmxIUJjE8nHk66KJSrNOi
qUqQQ8vcouvm4WXBI8ZzQDMj/1iGARyuWXWxkaAYlGyWLIdJrc9cnYGXUcK1F6qS
77Wcq+NgSYL3Zqkvgx676X1s8pOMdG/h4cJ6dYXIt618fP3lGz6djGOk9kGrebh4
Jyq1KIxZ4qn5/KoHAeUnJLdwoH7W9P7QFTfah9OfyOaxYZhJGmMVGadgJ9n9eWnp
9v0C3XqWNdk4dnmm0IYSOXObrIBJ4yDDfXNEo4aWqIRE4iJxCtm8dvGPf8EYo8cY
YlzrKXLA0edC5CVUXjyoWc5BjcvzmQqoA/1ysbF8bjIIQjqqjrUoBObrfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFF6LdMuzXE7pTx3fag36tHRjCX1MB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvVVhvdDB5N05jVHVsUEhkOXFEZnEwZEdNSmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX5uCMA0G
CSqGSIb3DQEBCwUAA4IBAQBPCRGDT27u0JZHEm6mYhzXMQJ9naVSh3cJMHYmmLqh
Not8CTB1+76ifrzjuXhwnXQoxAnB5wF2YkSTQnaA+vUX6PXvvsXYr3ZayNjeg0Xc
V8VpAj//vWkksXg4w/QnwtGnscNDTkGPyI/wINmeETFiEqz2M+/GtozGrOmtcsyl
xSHDVb/JwUtBLRUx94dthvpka7sCFldK65agqh1DXFCvT5h9DSusFZS0rIYpMyZB
0BlnUMcU/uaAbbLnEq0mkwpdi3d33zYkkbfv+Gjj3oiLbrfk9Q5sUhGLRPSirQzz
Q1JQxiBDMGzdhKW7awLsdMOd/KW+eJqh1QXXZ5lNoW8F
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:35:39 2025 by rpki-client