Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kmDbjd5UpantoxTAJ9RojoHyudU.roa
File: kmDbjd5UpantoxTAJ9RojoHyudU.roa (raw, json)
Hash identifier: xQWMgy+8pJuPEPYlbebv/GxQdCkxC8h5+ThqO8R5FaM=
Subject key identifier: 92:60:DB:8D:DE:54:A5:A9:ED:A3:14:C0:27:D4:68:8E:81:F2:B9:D5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01990AADF706C10C2A3D123574F01645A238
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kmDbjd5UpantoxTAJ9RojoHyudU.roa
Signing time: Tue 02 Sep 2025 13:46:37 +0000
ROA not before: Tue 02 Sep 2025 13:46:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48014
IP address blocks: 80.76.51.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
93.123.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 22:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0a:ad:f7:06:c1:0c:2a:3d:12:35:74:f0:16:45:a2:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 2 13:46:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9260db8dde54a5a9eda314c027d4688e81f2b9d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c5:79:f9:ef:d2:24:86:9c:74:c6:20:0d:6f:
c0:99:bd:92:40:21:37:75:e4:86:d8:5a:8f:52:11:
30:eb:05:01:79:af:c5:20:ba:69:75:7d:b1:cc:db:
05:df:27:38:30:fa:e4:93:4b:cc:94:a9:53:64:29:
19:20:80:50:13:d6:02:ed:ab:9f:1e:2b:6b:2d:63:
42:0a:03:82:50:01:bb:3c:64:f0:d5:16:ee:e1:5f:
39:4d:ff:20:5c:19:9f:1a:2c:7c:ad:44:a1:20:c5:
0e:f5:c3:43:a8:f5:50:92:b8:17:82:4a:ce:81:bd:
59:85:24:b1:84:6f:98:6b:00:23:a6:56:8e:23:9a:
91:5a:a2:a2:4b:3b:8c:49:ed:d0:c4:e7:db:8e:6e:
a2:fa:4b:9d:59:9c:bd:bf:fb:78:50:5a:47:d0:f9:
66:8b:0e:fb:c0:0e:7c:29:eb:a5:be:4a:59:13:ec:
07:ac:c0:b6:9f:19:e9:71:2c:d3:a7:91:5b:7d:95:
ef:f7:06:ca:4e:ba:4a:3b:fb:7a:b0:37:56:4b:ad:
5d:6e:5f:d2:d0:3a:27:7a:28:99:77:d8:76:96:27:
b5:08:99:f3:0c:24:75:d6:81:88:52:8f:b7:a3:b7:
c0:8d:3a:e9:4c:a7:15:09:a4:a9:16:7d:dd:36:13:
f1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:60:DB:8D:DE:54:A5:A9:ED:A3:14:C0:27:D4:68:8E:81:F2:B9:D5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kmDbjd5UpantoxTAJ9RojoHyudU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.51.0/24
84.54.48.0/24
87.121.162.0/24
93.123.46.0/24
Signature Algorithm: sha256WithRSAEncryption
37:04:bb:11:6d:00:a1:6c:ee:95:f3:5e:a1:3a:1e:fc:26:c7:
41:7f:3b:39:49:4b:48:15:8a:f9:06:b9:6b:76:a1:b5:88:60:
0a:56:67:fc:17:8b:78:d8:0d:b5:59:3f:e4:40:38:bc:46:73:
24:a0:ff:27:2f:73:92:23:a6:da:16:c2:65:6b:63:f3:c1:5f:
6a:70:75:62:52:db:2a:16:c2:17:f6:f9:0b:6b:9d:41:30:da:
7f:cd:9a:4e:04:3f:4a:a6:9b:75:6d:d0:4d:05:30:2e:d3:47:
42:e2:83:81:bc:61:9d:d1:ec:70:ec:c5:2f:77:8f:de:f3:6b:
3b:84:c0:04:b0:dc:ad:95:b3:a3:44:7c:e0:43:90:33:ee:58:
a8:15:50:84:5b:bb:22:47:d8:1f:fd:d3:df:a3:d7:73:08:fb:
df:73:f5:02:98:b9:19:14:65:d0:0a:3f:34:57:ae:28:95:ae:
17:80:c5:59:b8:22:ce:16:b1:85:de:6a:c0:96:c5:2e:19:7b:
7c:d4:00:03:77:42:8d:e5:90:2b:1d:39:2e:74:1b:73:3e:af:
c4:fd:63:80:d8:22:ca:49:d4:99:65:27:f7:71:a8:46:2e:00:
c2:4e:62:07:ee:b5:0e:99:19:58:6f:8e:5e:af:b7:2f:23:8c:
a1:6f:ff:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkKrfcGwQwqPRI1dPAWRaI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwOTAyMTM0NjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjYwZGI4ZGRlNTRhNWE5ZWRhMzE0YzAyN2Q0Njg4ZTgxZjJiOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8V5+e/SJIacdMYgDW/Amb2SQCE3
deSG2FqPUhEw6wUBea/FILppdX2xzNsF3yc4MPrkk0vMlKlTZCkZIIBQE9YC7auf
HitrLWNCCgOCUAG7PGTw1Rbu4V85Tf8gXBmfGix8rUShIMUO9cNDqPVQkrgXgkrO
gb1ZhSSxhG+YawAjplaOI5qRWqKiSzuMSe3QxOfbjm6i+kudWZy9v/t4UFpH0Plm
iw77wA58KeulvkpZE+wHrMC2nxnpcSzTp5FbfZXv9wbKTrpKO/t6sDdWS61dbl/S
0DoneiiZd9h2lie1CJnzDCR11oGIUo+3o7fAjTrpTKcVCaSpFn3dNhPx/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJJg243eVKWp7aMUwCfUaI6B8rnVMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva21EYmpkNVVwYW50b3hUQUo5Um9qb0h5dWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEwzAwQA
VDYwAwQAV3miAwQAXXsuMA0GCSqGSIb3DQEBCwUAA4IBAQA3BLsRbQChbO6V816h
Oh78JsdBfzs5SUtIFYr5BrlrdqG1iGAKVmf8F4t42A21WT/kQDi8RnMkoP8nL3OS
I6baFsJla2PzwV9qcHViUtsqFsIX9vkLa51BMNp/zZpOBD9Kppt1bdBNBTAu00dC
4oOBvGGd0exw7MUvd4/e82s7hMAEsNytlbOjRHzgQ5Az7lioFVCEW7siR9gf/dPf
o9dzCPvfc/UCmLkZFGXQCj80V64ola4XgMVZuCLOFrGF3mrAlsUuGXt81AADd0KN
5ZArHTkudBtzPq/E/WOA2CLKSdSZZSf3cahGLgDCTmIH7rUOmRlYb45er7cvI4yh
b//c
-----END CERTIFICATE-----
Generated at Tue Sep 9 01:26:25 2025 by rpki-client