Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/eC50Tjr8BXSvc4oxm2DLYwTY1Zs.roa
File: eC50Tjr8BXSvc4oxm2DLYwTY1Zs.roa (raw, json)
Hash identifier: rtWUKkTDPRPsMUD0SVGxmUAo9zw5BtLbRAhLy1ejZ30=
Subject key identifier: 78:2E:74:4E:3A:FC:05:74:AF:73:8A:31:9B:60:CB:63:04:D8:D5:9B
Certificate issuer: /CN=089bbb09a5fbef6135c2d920bf27bb61f5c2e09d
Certificate serial: 019A541DFE5A09B9D9BC677721B5A74F31C7
Authority key identifier: 08:9B:BB:09:A5:FB:EF:61:35:C2:D9:20:BF:27:BB:61:F5:C2:E0:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/eC50Tjr8BXSvc4oxm2DLYwTY1Zs.roa
Signing time: Wed 05 Nov 2025 13:04:02 +0000
ROA not before: Wed 05 Nov 2025 13:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49820
IP address blocks: 5.35.176.0/21 maxlen: 21
195.93.224.0/23 maxlen: 23
2001:67c:1e8::/48 maxlen: 48
2a10:87c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/CJu7CaX772E1wtkgvye7YfXC4J0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/CJu7CaX772E1wtkgvye7YfXC4J0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:1d:fe:5a:09:b9:d9:bc:67:77:21:b5:a7:4f:31:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089bbb09a5fbef6135c2d920bf27bb61f5c2e09d
Validity
Not Before: Nov 5 13:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=782e744e3afc0574af738a319b60cb6304d8d59b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a6:35:00:1c:df:c9:7e:43:d1:51:13:fe:5f:
85:e9:01:b3:e9:e0:5c:80:32:18:be:2a:e6:7d:d9:
7a:13:88:d4:54:58:44:e3:9e:19:77:dc:40:24:89:
c5:ee:78:8f:8a:f3:ff:53:db:9b:91:19:08:9a:dc:
2e:54:0b:ec:b6:23:41:c9:59:d7:66:38:fe:0f:bd:
4f:7f:70:63:8a:6f:55:f4:56:3e:3c:ec:b6:98:e1:
fd:af:42:4a:ac:78:08:47:30:d1:49:ef:f9:ca:44:
0a:5a:d8:8b:ce:1b:8c:5a:f1:42:95:2d:2f:bb:30:
7b:cb:c9:72:a9:b7:ed:45:3b:cd:fe:a7:45:7d:40:
48:a6:1f:2a:8f:e8:fb:4f:9d:b1:dd:73:e0:07:c3:
01:39:2f:1d:1d:1b:d1:72:f5:c7:4c:4b:8c:c0:21:
1a:61:52:c8:d3:1d:f7:cf:27:d1:00:cf:21:b7:9b:
9c:f7:41:dc:c0:40:a3:3a:05:a5:a1:7b:22:02:d9:
eb:45:34:aa:65:49:7a:64:ea:5a:20:9d:44:a7:f4:
24:f9:00:86:dd:b4:04:9a:4c:d8:ca:40:ce:1b:7a:
1e:39:d0:43:96:cd:3b:32:c9:c9:c2:11:1e:f0:c7:
60:24:ae:ea:fd:86:1c:3f:37:80:b5:68:e1:df:b8:
89:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:2E:74:4E:3A:FC:05:74:AF:73:8A:31:9B:60:CB:63:04:D8:D5:9B
X509v3 Authority Key Identifier:
keyid:08:9B:BB:09:A5:FB:EF:61:35:C2:D9:20:BF:27:BB:61:F5:C2:E0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/eC50Tjr8BXSvc4oxm2DLYwTY1Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/CJu7CaX772E1wtkgvye7YfXC4J0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.176.0/21
195.93.224.0/23
IPv6:
2001:67c:1e8::/48
2a10:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:8f:32:85:a3:52:bd:4d:f5:f1:7e:01:65:6a:82:77:78:a1:
22:75:5f:ed:48:d9:ba:4f:b0:ca:a1:89:75:50:7d:3d:f4:d6:
fb:c5:e2:8d:f2:a6:e9:5e:2f:cb:d2:cb:d2:f6:3e:fb:2f:25:
81:e8:53:a3:f1:1d:62:ff:cb:16:a8:12:82:73:03:84:11:14:
71:db:88:1f:79:65:4b:c8:29:05:38:83:ef:e3:ff:61:2e:31:
31:b1:64:2e:d7:bb:0d:a0:f7:34:37:0e:75:b4:57:4b:aa:90:
df:d6:bb:7c:e3:ec:aa:3f:1a:b7:e2:e7:dd:b6:89:cd:a1:ba:
39:ea:22:03:2e:f6:21:ec:9b:a0:23:81:e2:c4:d1:04:57:7c:
d3:20:95:32:b7:6b:8f:00:c0:09:27:f2:88:c8:75:63:5a:a5:
22:87:7e:76:4c:77:20:46:98:5d:a2:b5:07:20:9d:82:b4:16:
31:b0:c9:26:eb:df:cb:6b:b1:86:94:48:02:90:4b:7a:e7:ea:
40:96:60:98:ac:6c:1f:5e:c3:2b:b3:b2:45:d8:35:a0:84:ce:
70:23:47:92:07:99:8f:ea:8c:c9:ea:bc:56:7e:a5:a7:6c:0a:
c8:b3:01:e0:2c:8d:d8:01:40:cd:f0:b2:96:9f:d2:31:7e:9c:
2d:69:e8:81
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZpUHf5aCbnZvGd3IbWnTzHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWJiYjA5YTVmYmVmNjEzNWMyZDkyMGJmMjdiYjYxZjVj
MmUwOWQwHhcNMjUxMTA1MTMwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODJlNzQ0ZTNhZmMwNTc0YWY3MzhhMzE5YjYwY2I2MzA0ZDhkNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6Y1ABzfyX5D0VET/l+F6QGz6eBc
gDIYvirmfdl6E4jUVFhE454Zd9xAJInF7niPivP/U9ubkRkImtwuVAvstiNByVnX
Zjj+D71Pf3Bjim9V9FY+POy2mOH9r0JKrHgIRzDRSe/5ykQKWtiLzhuMWvFClS0v
uzB7y8lyqbftRTvN/qdFfUBIph8qj+j7T52x3XPgB8MBOS8dHRvRcvXHTEuMwCEa
YVLI0x33zyfRAM8ht5uc90HcwECjOgWloXsiAtnrRTSqZUl6ZOpaIJ1Ep/Qk+QCG
3bQEmkzYykDOG3oeOdBDls07MsnJwhEe8MdgJK7q/YYcPzeAtWjh37iJuQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHgudE46/AV0r3OKMZtgy2ME2NWbMB8GA1UdIwQY
MBaAFAibuwml++9hNcLZIL8nu2H1wuCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p1N0NhWDc3MkUxd3RrZ3Z5ZTdZZlhDNEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC81Y2NiOGYtNTE0OC00NzA2LWEwNDAt
MmY5YjAwZmRjNWQzLzEvZUM1MFRqcjhCWFN2YzRveG0yRExZd1RZMVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC81Y2NiOGYtNTE0OC00NzA2LWEwNDAtMmY5YjAwZmRjNWQz
LzEvQ0p1N0NhWDc3MkUxd3RrZ3Z5ZTdZZlhDNEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQDBSOwAwQB
w13gMBYEAgACMBADBwAgAQZ8AegDBQMqEIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAe
jzKFo1K9TfXxfgFlaoJ3eKEidV/tSNm6T7DKoYl1UH099Nb7xeKN8qbpXi/L0svS
9j77LyWB6FOj8R1i/8sWqBKCcwOEERRx24gfeWVLyCkFOIPv4/9hLjExsWQu17sN
oPc0Nw51tFdLqpDf1rt84+yqPxq34ufdtonNobo56iIDLvYh7JugI4HixNEEV3zT
IJUyt2uPAMAJJ/KIyHVjWqUih352THcgRphdorUHIJ2CtBYxsMkm69/La7GGlEgC
kEt65+pAlmCYrGwfXsMrs7JF2DWghM5wI0eSB5mP6ozJ6rxWfqWnbArIswHgLI3Y
AUDN8LKWn9IxfpwtaeiB
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:16:07 2025 by rpki-client