Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/H9PIBfamuPDglIKfIi9ylpcOFCc.roa
File: H9PIBfamuPDglIKfIi9ylpcOFCc.roa (raw, json)
Hash identifier: ps2X1AK8Sg9a9/WTOjGyw4ack7+S82g3PuLXzJjbXl4=
Subject key identifier: 1F:D3:C8:05:F6:A6:B8:F0:E0:94:82:9F:22:2F:72:96:97:0E:14:27
Certificate issuer: /CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Certificate serial: 019A0C139D255E4CC6DC08EAC295B6F1F1BA
Authority key identifier: 96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/H9PIBfamuPDglIKfIi9ylpcOFCc.roa
Signing time: Wed 22 Oct 2025 13:20:03 +0000
ROA not before: Wed 22 Oct 2025 13:20:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60703
IP address blocks: 2a02:a10::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 15:57:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:13:9d:25:5e:4c:c6:dc:08:ea:c2:95:b6:f1:f1:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Validity
Not Before: Oct 22 13:20:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fd3c805f6a6b8f0e094829f222f7296970e1427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:53:3e:e6:7d:bd:37:10:43:8a:5d:a1:1b:5c:
83:36:ce:f2:46:b9:4d:46:fe:cf:40:93:be:05:07:
b1:07:f9:45:17:e5:31:14:84:c2:e9:96:0a:c2:db:
ba:df:c6:81:ea:69:5f:bd:08:f3:74:20:c6:70:4f:
93:a6:dd:1d:15:07:ee:23:97:09:3c:2f:d9:8a:36:
a5:ab:93:71:06:3d:de:3f:21:fc:3f:5c:7f:bb:17:
c5:44:03:ef:83:2d:15:4a:bf:70:e9:fc:75:7f:01:
f4:1c:ba:2e:91:e5:e1:24:4d:62:e6:42:f0:93:55:
bc:79:35:41:a7:49:ee:ff:d5:a1:91:8d:fc:1b:3f:
81:0e:fd:68:a6:0e:71:09:d2:11:90:23:ca:18:c6:
75:ad:b0:88:c9:45:0b:de:76:d3:90:db:7a:e7:e5:
46:b2:2f:49:76:8e:44:83:bc:95:e8:15:0e:f8:2e:
c7:07:61:94:38:3b:29:3c:0d:26:a5:9d:41:70:9c:
b2:39:c1:c9:13:d9:08:8e:ab:0f:cf:1c:5f:de:de:
6d:0c:56:9f:51:25:5b:d2:92:65:de:3b:dc:a4:cc:
b8:b5:6d:76:ee:3e:42:84:8c:13:ef:2f:29:09:53:
08:44:90:dd:8a:63:0a:ff:6a:66:6c:4f:43:10:47:
28:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D3:C8:05:F6:A6:B8:F0:E0:94:82:9F:22:2F:72:96:97:0E:14:27
X509v3 Authority Key Identifier:
keyid:96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/H9PIBfamuPDglIKfIi9ylpcOFCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:a10::/32
Signature Algorithm: sha256WithRSAEncryption
5e:63:a5:4a:e3:9f:8b:c1:01:ef:0e:60:1a:a5:69:b5:fe:ab:
57:36:84:ac:2f:b4:dd:2c:d5:72:7d:17:1a:c5:a6:32:08:1e:
45:2b:14:c0:4e:b9:64:4e:8c:6a:72:72:90:53:ea:f4:a7:1f:
31:df:36:2b:c9:41:11:00:63:22:d5:46:ce:ef:0f:ab:11:2e:
92:94:2f:ce:d6:f7:1a:96:23:96:ee:d9:1a:2d:36:0d:02:48:
f8:be:fc:ce:aa:e0:62:f9:8b:11:b1:17:82:dd:8e:6b:51:43:
79:64:d2:6c:29:f8:e5:5e:d2:75:d2:c7:6a:92:b5:e4:c3:97:
eb:57:59:eb:0e:45:bc:c4:f9:85:06:31:da:2c:1f:cd:c5:13:
3a:08:17:eb:80:59:3d:81:83:0a:ad:7d:dd:73:80:02:cc:cb:
0a:41:60:86:c8:1c:d7:5e:8e:88:5f:51:16:cc:3f:67:e3:a9:
de:6e:64:c2:60:b0:c7:99:e4:2e:bb:8e:96:91:f1:9b:f4:a9:
d9:c9:d1:ff:91:99:ba:31:4a:26:2b:74:fe:5d:35:78:70:89:
b2:e1:a8:c1:8f:6f:c1:1b:d3:99:36:d0:b8:9c:04:76:9b:9b:
86:f3:9e:98:f0:37:05:17:82:1a:61:4a:1e:65:83:58:b9:27:
c9:8d:df:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZoME50lXkzG3AjqwpW28fG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmJkNzZhNWNhYzI4M2VjZTBhMGY4ZWFiMmM5NzAyMTQw
MWZiODkwHhcNMjUxMDIyMTMyMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmQzYzgwNWY2YTZiOGYwZTA5NDgyOWYyMjJmNzI5Njk3MGUxNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVM+5n29NxBDil2hG1yDNs7yRrlN
Rv7PQJO+BQexB/lFF+UxFITC6ZYKwtu638aB6mlfvQjzdCDGcE+Tpt0dFQfuI5cJ
PC/Zijalq5NxBj3ePyH8P1x/uxfFRAPvgy0VSr9w6fx1fwH0HLoukeXhJE1i5kLw
k1W8eTVBp0nu/9WhkY38Gz+BDv1opg5xCdIRkCPKGMZ1rbCIyUUL3nbTkNt65+VG
si9Jdo5Eg7yV6BUO+C7HB2GUODspPA0mpZ1BcJyyOcHJE9kIjqsPzxxf3t5tDFaf
USVb0pJl3jvcpMy4tW127j5ChIwT7y8pCVMIRJDdimMK/2pmbE9DEEcovQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB/TyAX2prjw4JSCnyIvcpaXDhQnMB8GA1UdIwQY
MBaAFJYr12pcrCg+zgoPjqsslwIUAfuJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMt
NmFiMTExNTVmNmZiLzEvSDlQSUJmYW11UERnbElLZklpOXlscGNPRkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMtNmFiMTExNTVmNmZi
LzEvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIKEDAN
BgkqhkiG9w0BAQsFAAOCAQEAXmOlSuOfi8EB7w5gGqVptf6rVzaErC+03SzVcn0X
GsWmMggeRSsUwE65ZE6ManJykFPq9KcfMd82K8lBEQBjItVGzu8PqxEukpQvztb3
GpYjlu7ZGi02DQJI+L78zqrgYvmLEbEXgt2Oa1FDeWTSbCn45V7SddLHapK15MOX
61dZ6w5FvMT5hQYx2iwfzcUTOggX64BZPYGDCq193XOAAszLCkFghsgc116OiF9R
Fsw/Z+Op3m5kwmCwx5nkLruOlpHxm/Sp2cnR/5GZujFKJit0/l01eHCJsuGowY9v
wRvTmTbQuJwEdpubhvOemPA3BReCGmFKHmWDWLknyY3f5Q==
-----END CERTIFICATE-----
Generated at Mon Oct 27 23:02:20 2025 by rpki-client