Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/a5UQ2z1RVywe791ih-JkkJe4oZw.roa
File: a5UQ2z1RVywe791ih-JkkJe4oZw.roa (raw, json)
Hash identifier: z7MPhCjNypY3ndHfuAxQLWPw6x9rN6BVeFB92z9Vk4Y=
Subject key identifier: 6B:95:10:DB:3D:51:57:2C:1E:EF:DD:62:87:E2:64:90:97:B8:A1:9C
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0197EF8C260655B413E34E091E144CA8EFE5
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/a5UQ2z1RVywe791ih-JkkJe4oZw.roa
Signing time: Wed 09 Jul 2025 14:17:08 +0000
ROA not before: Wed 09 Jul 2025 14:17:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213896
IP address blocks: 5.1.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ef:8c:26:06:55:b4:13:e3:4e:09:1e:14:4c:a8:ef:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jul 9 14:17:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b9510db3d51572c1eefdd6287e2649097b8a19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cc:cc:0e:57:f6:39:17:9f:b8:2c:15:14:02:
14:7f:ca:1f:73:c5:41:93:8a:4f:e3:82:01:38:30:
26:88:bd:6c:79:b5:0e:6c:2d:bb:8c:92:c3:df:14:
50:78:be:0d:b1:01:b7:f4:96:e3:e7:eb:9a:88:99:
c0:1f:2e:55:cd:6b:b2:85:10:2e:27:f5:96:a1:49:
13:5b:35:b4:73:2e:6d:25:15:a0:53:a4:31:a1:c1:
61:d9:d8:d4:c9:4c:08:d4:11:4d:4f:90:c8:5c:42:
86:03:32:6b:6d:58:1a:4d:46:cd:9c:b0:9a:6b:fc:
ef:45:87:06:43:cd:62:09:2c:56:30:83:38:ae:19:
a8:03:92:e8:c0:43:67:45:29:61:4a:d1:17:41:72:
6f:1f:7e:52:11:fe:74:ed:eb:31:e6:17:48:7e:62:
c8:44:34:d1:3c:35:c1:d7:8a:0a:da:70:51:ca:3b:
57:78:c4:dd:90:51:2d:11:86:45:22:f3:9b:40:27:
ff:c4:ee:96:63:7f:e0:b6:40:1a:12:1d:83:31:34:
dd:cc:e8:a2:0a:e2:78:41:8b:59:1d:6e:00:4f:db:
f7:bc:87:1b:68:f0:55:61:af:c7:34:cb:a1:31:4c:
9c:1b:23:70:ef:1a:64:68:8a:f6:ad:90:b1:c7:81:
91:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:95:10:DB:3D:51:57:2C:1E:EF:DD:62:87:E2:64:90:97:B8:A1:9C
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/a5UQ2z1RVywe791ih-JkkJe4oZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.40.0/24
Signature Algorithm: sha256WithRSAEncryption
49:61:a2:98:8a:cf:91:a0:c4:b7:89:77:7f:bb:d6:93:34:0f:
3c:65:66:e5:8b:93:1f:30:1b:71:35:14:22:7f:65:b6:67:a8:
8f:ab:8b:66:ac:fc:7f:24:26:29:36:b8:8e:a8:04:da:7c:49:
cd:2d:89:e7:c5:90:f9:7e:95:7b:5b:62:c3:fb:58:05:45:c9:
59:cc:e1:24:4d:ce:e0:14:cf:5a:fe:e6:b7:12:b2:f1:88:b4:
af:24:a9:16:bd:20:0b:8f:c9:2e:cb:22:38:fd:a7:f2:28:f5:
c2:73:46:4d:da:ef:22:ca:d9:9a:87:ce:18:10:74:1a:a1:7f:
0c:3f:d2:ca:99:8c:e5:55:43:46:f2:61:1d:b9:18:ab:96:7e:
cd:e4:da:31:53:b2:43:6d:62:cc:a3:a0:df:e9:6a:33:30:d8:
9f:bc:8a:5f:75:2f:6c:ad:f8:83:72:01:12:de:ed:dd:45:7d:
e8:f7:54:86:22:80:40:00:bf:14:15:2f:c4:cd:80:17:c7:71:
cd:4c:67:9d:fe:8e:21:c8:dc:8c:e9:7c:ef:8d:97:b4:44:21:
78:97:d8:18:f5:fe:89:88:fc:66:11:c9:d3:1c:e3:30:5d:ea:
47:54:5e:69:21:80:60:51:9d:da:f8:de:77:a4:54:c6:00:f8:
53:32:bd:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfvjCYGVbQT404JHhRMqO/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwNzA5MTQxNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjk1MTBkYjNkNTE1NzJjMWVlZmRkNjI4N2UyNjQ5MDk3YjhhMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvczMDlf2ORefuCwVFAIUf8ofc8VB
k4pP44IBODAmiL1sebUObC27jJLD3xRQeL4NsQG39Jbj5+uaiJnAHy5VzWuyhRAu
J/WWoUkTWzW0cy5tJRWgU6QxocFh2djUyUwI1BFNT5DIXEKGAzJrbVgaTUbNnLCa
a/zvRYcGQ81iCSxWMIM4rhmoA5LowENnRSlhStEXQXJvH35SEf507esx5hdIfmLI
RDTRPDXB14oK2nBRyjtXeMTdkFEtEYZFIvObQCf/xO6WY3/gtkAaEh2DMTTdzOii
CuJ4QYtZHW4AT9v3vIcbaPBVYa/HNMuhMUycGyNw7xpkaIr2rZCxx4GRmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuVENs9UVcsHu/dYofiZJCXuKGcMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvYTVVUTJ6MVJWeXdlNzkxaWgtSmtrSmU0b1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQEoMA0G
CSqGSIb3DQEBCwUAA4IBAQBJYaKYis+RoMS3iXd/u9aTNA88ZWbli5MfMBtxNRQi
f2W2Z6iPq4tmrPx/JCYpNriOqATafEnNLYnnxZD5fpV7W2LD+1gFRclZzOEkTc7g
FM9a/ua3ErLxiLSvJKkWvSALj8kuyyI4/afyKPXCc0ZN2u8iytmah84YEHQaoX8M
P9LKmYzlVUNG8mEduRirln7N5NoxU7JDbWLMo6Df6WozMNifvIpfdS9srfiDcgES
3u3dRX3o91SGIoBAAL8UFS/EzYAXx3HNTGed/o4hyNyM6XzvjZe0RCF4l9gY9f6J
iPxmEcnTHOMwXepHVF5pIYBgUZ3a+N53pFTGAPhTMr0c
-----END CERTIFICATE-----
Generated at Mon Jul 21 09:07:32 2025 by rpki-client