Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/p7T39ptlXkI2Sj7_4UHerFc2ydg.roa
File: p7T39ptlXkI2Sj7_4UHerFc2ydg.roa (raw, json)
Hash identifier: qzLpNT9BMSDBwvGH+Geqegf/ZUm8N4tZ6wNOSiRS4gY=
Subject key identifier: A7:B4:F7:F6:9B:65:5E:42:36:4A:3E:FF:E1:41:DE:AC:57:36:C9:D8
Certificate issuer: /CN=32010f70276e418d58f08c56a79a82b99aca1763
Certificate serial: 01998044E4C115A9A74EDE8C28C96B298506
Authority key identifier: 32:01:0F:70:27:6E:41:8D:58:F0:8C:56:A7:9A:82:B9:9A:CA:17:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MgEPcCduQY1Y8IxWp5qCuZrKF2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/p7T39ptlXkI2Sj7_4UHerFc2ydg.roa
Signing time: Thu 25 Sep 2025 09:47:02 +0000
ROA not before: Thu 25 Sep 2025 09:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57365
IP address blocks: 45.88.249.0/24 maxlen: 24
128.140.200.0/21 maxlen: 21
128.140.200.0/24 maxlen: 24
128.140.201.0/24 maxlen: 24
128.140.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/MgEPcCduQY1Y8IxWp5qCuZrKF2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/MgEPcCduQY1Y8IxWp5qCuZrKF2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/MgEPcCduQY1Y8IxWp5qCuZrKF2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 20:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:80:44:e4:c1:15:a9:a7:4e:de:8c:28:c9:6b:29:85:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32010f70276e418d58f08c56a79a82b99aca1763
Validity
Not Before: Sep 25 09:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7b4f7f69b655e42364a3effe141deac5736c9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:aa:ae:52:56:a8:18:73:b2:59:33:e6:95:dd:
1b:eb:87:b1:b8:8a:ed:ce:35:9e:0d:c1:46:eb:7a:
6f:b4:f1:b6:da:25:36:01:dc:99:2f:10:39:1b:87:
43:67:5f:99:76:26:a3:ea:8b:a4:99:0c:53:8e:4e:
72:7d:f2:c3:02:38:3f:99:cd:1e:0a:c5:60:ca:48:
97:71:a6:5d:5f:26:5b:e9:03:ee:06:7d:93:4a:76:
19:29:1b:53:8b:29:aa:00:13:64:0b:7f:cb:15:a4:
ae:65:9d:43:be:8b:a8:67:03:b2:31:7a:a7:7e:e9:
79:d1:86:ef:c6:99:19:e2:61:67:f4:6e:7e:50:b2:
ad:f0:27:f3:68:55:56:e8:ff:42:c5:d6:e5:d6:3e:
e5:70:0d:fa:aa:f2:90:9d:dd:e1:8e:60:a8:33:03:
0c:41:e1:4c:23:6d:d0:0a:14:b1:f3:71:60:45:11:
81:26:9a:b9:43:c2:5d:1f:08:d3:7e:75:5c:04:13:
b6:a6:bd:b6:30:24:e2:20:78:1e:76:76:e9:3e:76:
1a:7c:6c:60:ca:df:59:f1:5a:0b:a1:ac:e1:8c:09:
8c:f9:cf:53:70:6f:a0:32:80:29:f6:b1:f2:c4:2b:
c3:d3:1a:ba:f9:a5:19:f8:b0:bf:8f:63:f9:ad:ed:
ce:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:B4:F7:F6:9B:65:5E:42:36:4A:3E:FF:E1:41:DE:AC:57:36:C9:D8
X509v3 Authority Key Identifier:
keyid:32:01:0F:70:27:6E:41:8D:58:F0:8C:56:A7:9A:82:B9:9A:CA:17:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MgEPcCduQY1Y8IxWp5qCuZrKF2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/p7T39ptlXkI2Sj7_4UHerFc2ydg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b648fb-f50b-4cc2-a2b1-2f68216b7424/1/MgEPcCduQY1Y8IxWp5qCuZrKF2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.249.0/24
128.140.200.0/21
Signature Algorithm: sha256WithRSAEncryption
0d:fc:b1:62:9d:05:b7:0d:72:e7:e1:bc:f2:fd:be:60:ef:5a:
52:25:9d:5a:fe:a9:c7:5a:6e:ff:ad:fe:4d:51:1f:17:50:9c:
a3:a1:52:f5:f1:2b:9c:6c:4a:9c:12:98:23:07:5c:ad:ba:c4:
3b:6c:ba:26:46:7c:83:78:27:89:8e:20:ca:19:76:23:2f:6f:
4a:74:1a:d6:08:5a:80:e6:bf:d4:c1:7a:64:af:f6:22:e3:28:
ad:67:4d:97:3e:5e:73:5e:ea:ac:65:81:71:04:51:49:b5:a2:
1c:8d:fc:bb:c3:af:52:2c:37:13:d2:c5:88:68:da:25:a0:1b:
9c:37:be:93:10:ac:22:cc:d8:71:2c:3e:27:fc:6a:36:3b:93:
30:4c:83:2a:0b:5d:b3:64:28:30:f8:85:b4:2b:75:36:59:ef:
76:33:b8:34:4b:74:5a:36:d3:bd:4d:56:98:57:b2:c4:76:9e:
bf:85:14:40:f0:e4:b8:e1:bc:b1:af:25:5c:90:db:97:f3:32:
af:6b:71:02:da:a5:83:25:73:7a:91:0f:87:ea:34:20:cf:67:
10:e1:2a:82:e3:7e:0f:f6:19:78:06:23:dd:a1:b5:8a:4f:b3:
7a:eb:16:63:5b:ad:32:db:e5:b1:34:96:75:1a:1a:89:1e:ab:
8d:e2:d6:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmAROTBFamnTt6MKMlrKYUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMDEwZjcwMjc2ZTQxOGQ1OGYwOGM1NmE3OWE4MmI5OWFj
YTE3NjMwHhcNMjUwOTI1MDk0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2I0ZjdmNjliNjU1ZTQyMzY0YTNlZmZlMTQxZGVhYzU3MzZjOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaquUlaoGHOyWTPmld0b64exuIrt
zjWeDcFG63pvtPG22iU2AdyZLxA5G4dDZ1+Zdiaj6oukmQxTjk5yffLDAjg/mc0e
CsVgykiXcaZdXyZb6QPuBn2TSnYZKRtTiymqABNkC3/LFaSuZZ1DvouoZwOyMXqn
ful50YbvxpkZ4mFn9G5+ULKt8CfzaFVW6P9Cxdbl1j7lcA36qvKQnd3hjmCoMwMM
QeFMI23QChSx83FgRRGBJpq5Q8JdHwjTfnVcBBO2pr22MCTiIHgednbpPnYafGxg
yt9Z8VoLoazhjAmM+c9TcG+gMoAp9rHyxCvD0xq6+aUZ+LC/j2P5re3OoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKe09/abZV5CNko+/+FB3qxXNsnYMB8GA1UdIwQY
MBaAFDIBD3AnbkGNWPCMVqeagrmayhdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdFUGNDZHVRWTFZOEl4V3A1cUN1WnJLRjJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNjQ4ZmItZjUwYi00Y2MyLWEyYjEt
MmY2ODIxNmI3NDI0LzEvcDdUMzlwdGxYa0kyU2o3XzRVSGVyRmMyeWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iNjQ4ZmItZjUwYi00Y2MyLWEyYjEtMmY2ODIxNmI3NDI0
LzEvTWdFUGNDZHVRWTFZOEl4V3A1cUN1WnJLRjJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVj5AwQD
gIzIMA0GCSqGSIb3DQEBCwUAA4IBAQAN/LFinQW3DXLn4bzy/b5g71pSJZ1a/qnH
Wm7/rf5NUR8XUJyjoVL18SucbEqcEpgjB1ytusQ7bLomRnyDeCeJjiDKGXYjL29K
dBrWCFqA5r/UwXpkr/Yi4yitZ02XPl5zXuqsZYFxBFFJtaIcjfy7w69SLDcT0sWI
aNoloBucN76TEKwizNhxLD4n/Go2O5MwTIMqC12zZCgw+IW0K3U2We92M7g0S3Ra
NtO9TVaYV7LEdp6/hRRA8OS44byxryVckNuX8zKva3EC2qWDJXN6kQ+H6jQgz2cQ
4SqC434P9hl4BiPdobWKT7N66xZjW60y2+WxNJZ1GhqJHquN4tbQ
-----END CERTIFICATE-----
Generated at Thu Oct 9 03:30:08 2025 by rpki-client