Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/003ca9-c390-4274-8fc6-7c504703bb02/1/rD8reJf-xFp9NkhhBOaHbdsK8CQ.roa
File: rD8reJf-xFp9NkhhBOaHbdsK8CQ.roa (raw, json)
Hash identifier: vWwQMoE/PcCmAMEjuRLL+8UidHSYOb6QmW8QLct4Gd8=
Subject key identifier: AC:3F:2B:78:97:FE:C4:5A:7D:36:48:61:04:E6:87:6D:DB:0A:F0:24
Certificate issuer: /CN=e5da8e9cfc8b160ec59b540f39d8973d4218312a
Certificate serial: 019A278D9CF062C585163EFCE7D3E78B24EF
Authority key identifier: E5:DA:8E:9C:FC:8B:16:0E:C5:9B:54:0F:39:D8:97:3D:42:18:31:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dqOnPyLFg7Fm1QPOdiXPUIYMSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/003ca9-c390-4274-8fc6-7c504703bb02/1/rD8reJf-xFp9NkhhBOaHbdsK8CQ.roa
Signing time: Mon 27 Oct 2025 21:23:03 +0000
ROA not before: Mon 27 Oct 2025 21:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42633
IP address blocks: 2a10:4780:4000::/36 maxlen: 36
2a10:4780:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/003ca9-c390-4274-8fc6-7c504703bb02/1/5dqOnPyLFg7Fm1QPOdiXPUIYMSo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/003ca9-c390-4274-8fc6-7c504703bb02/1/5dqOnPyLFg7Fm1QPOdiXPUIYMSo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dqOnPyLFg7Fm1QPOdiXPUIYMSo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Nov 2025 18:36:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:27:8d:9c:f0:62:c5:85:16:3e:fc:e7:d3:e7:8b:24:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5da8e9cfc8b160ec59b540f39d8973d4218312a
Validity
Not Before: Oct 27 21:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac3f2b7897fec45a7d36486104e6876ddb0af024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5a:da:76:9a:43:41:ea:cd:fc:0c:c4:e7:29:
e4:6a:a3:c4:0a:c0:7c:e1:74:ea:c7:9c:15:91:9b:
00:9b:fc:49:b3:74:90:93:d6:b2:a2:66:cc:b0:8f:
98:ea:3a:d2:6b:b3:ab:c5:37:60:7c:d4:40:63:7d:
b4:82:61:5f:16:6c:1e:c2:cc:0c:1e:8a:35:3f:7f:
fd:74:51:24:c8:01:52:01:57:28:4d:56:f8:d7:2b:
58:3a:75:a9:46:79:27:d7:5e:07:60:77:05:a3:fe:
57:7b:67:a4:84:e9:a1:aa:f7:14:30:d5:9a:f5:ed:
71:d8:8d:04:a8:ab:cb:29:70:76:55:45:86:ed:0a:
70:6a:71:84:63:d6:bd:08:2b:bb:35:49:5c:57:4c:
a4:b5:1c:59:6b:b9:1d:c4:fd:3c:3f:e6:06:b0:3e:
34:91:0d:97:84:60:ec:c4:f5:b8:c7:4b:db:eb:1d:
66:77:a5:ac:d8:6b:a9:9a:27:0d:15:5e:cc:ba:fe:
e7:39:63:c8:20:9a:0a:49:e6:6e:9c:ab:34:cc:8b:
4e:01:94:e5:ba:ec:6f:b6:92:29:57:ae:e7:79:88:
fe:eb:40:47:ff:31:4d:c1:b9:87:a0:1c:81:fd:c4:
69:d4:08:78:7a:9a:6f:a2:43:96:98:b6:87:63:92:
99:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3F:2B:78:97:FE:C4:5A:7D:36:48:61:04:E6:87:6D:DB:0A:F0:24
X509v3 Authority Key Identifier:
keyid:E5:DA:8E:9C:FC:8B:16:0E:C5:9B:54:0F:39:D8:97:3D:42:18:31:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dqOnPyLFg7Fm1QPOdiXPUIYMSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/003ca9-c390-4274-8fc6-7c504703bb02/1/rD8reJf-xFp9NkhhBOaHbdsK8CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/003ca9-c390-4274-8fc6-7c504703bb02/1/5dqOnPyLFg7Fm1QPOdiXPUIYMSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4780:4000::/35
Signature Algorithm: sha256WithRSAEncryption
9c:9a:e4:d3:fe:24:ad:9b:3c:ea:75:89:a3:11:07:f9:62:fd:
ab:1f:55:1b:1c:4a:a2:1b:67:7d:06:5e:66:ec:d6:08:80:78:
8b:a2:05:fe:2f:77:4e:eb:de:87:89:16:af:9c:c1:d3:51:f1:
13:d6:76:ed:fb:37:b4:ef:1e:d6:35:7a:d9:cf:ee:8b:fe:26:
96:59:b9:ec:70:83:9e:17:0f:67:4b:29:fa:bf:80:46:3a:df:
04:52:9c:bd:ec:09:e9:56:c3:9c:1f:a6:cf:94:84:ab:ba:58:
61:34:f1:9e:39:14:4d:aa:2d:00:db:c2:b4:b4:16:1d:33:90:
5d:04:0e:69:54:b6:30:46:27:21:6b:c3:04:bd:4a:6c:b1:9c:
be:e2:58:8c:e3:cd:21:59:b6:e8:69:73:32:64:8b:dc:be:06:
79:0f:70:f6:05:a9:d1:a5:a9:a9:a9:23:c0:1f:d5:71:b8:a9:
3c:c2:65:04:35:e1:70:13:f5:f9:d1:b7:c9:b9:0d:58:22:89:
21:78:b9:75:b6:c8:5b:d0:cb:2c:3e:49:7c:a4:2c:ed:f6:99:
bd:6c:6d:02:ed:65:12:a4:55:d3:dd:ee:49:be:10:6c:79:c2:
d9:e8:3e:3a:3d:41:ee:c8:c6:cb:7b:d1:22:8d:05:e1:e8:dd:
2b:25:b9:2b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZonjZzwYsWFFj7859PniyTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZGE4ZTljZmM4YjE2MGVjNTliNTQwZjM5ZDg5NzNkNDIx
ODMxMmEwHhcNMjUxMDI3MjEyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzNmMmI3ODk3ZmVjNDVhN2QzNjQ4NjEwNGU2ODc2ZGRiMGFmMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFradppDQerN/AzE5ynkaqPECsB8
4XTqx5wVkZsAm/xJs3SQk9ayombMsI+Y6jrSa7OrxTdgfNRAY320gmFfFmwewswM
Hoo1P3/9dFEkyAFSAVcoTVb41ytYOnWpRnkn114HYHcFo/5Xe2ekhOmhqvcUMNWa
9e1x2I0EqKvLKXB2VUWG7QpwanGEY9a9CCu7NUlcV0yktRxZa7kdxP08P+YGsD40
kQ2XhGDsxPW4x0vb6x1md6Ws2GupmicNFV7Muv7nOWPIIJoKSeZunKs0zItOAZTl
uuxvtpIpV67neYj+60BH/zFNwbmHoByB/cRp1Ah4eppvokOWmLaHY5KZxwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKw/K3iX/sRafTZIYQTmh23bCvAkMB8GA1UdIwQY
MBaAFOXajpz8ixYOxZtUDznYlz1CGDEqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRxT25QeUxGZzdGbTFRUE9kaVhQVUlZTVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wMDNjYTktYzM5MC00Mjc0LThmYzYt
N2M1MDQ3MDNiYjAyLzEvckQ4cmVKZi14RnA5TmtoaEJPYUhiZHNLOENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wMDNjYTktYzM5MC00Mjc0LThmYzYtN2M1MDQ3MDNiYjAy
LzEvNWRxT25QeUxGZzdGbTFRUE9kaVhQVUlZTVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKhBHgEAw
DQYJKoZIhvcNAQELBQADggEBAJya5NP+JK2bPOp1iaMRB/li/asfVRscSqIbZ30G
Xmbs1giAeIuiBf4vd07r3oeJFq+cwdNR8RPWdu37N7TvHtY1etnP7ov+JpZZuexw
g54XD2dLKfq/gEY63wRSnL3sCelWw5wfps+UhKu6WGE08Z45FE2qLQDbwrS0Fh0z
kF0EDmlUtjBGJyFrwwS9SmyxnL7iWIzjzSFZtuhpczJki9y+BnkPcPYFqdGlqamp
I8Af1XG4qTzCZQQ14XAT9fnRt8m5DVgiiSF4uXW2yFvQyyw+SXykLO32mb1sbQLt
ZRKkVdPd7km+EGx5wtnoPjo9Qe7Ixst70SKNBeHo3SsluSs=
-----END CERTIFICATE-----
Generated at Sat Nov 8 23:25:04 2025 by rpki-client