Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/0yfwmVxTJLER4DUt2Vg6_khLCpA.roa
File: 0yfwmVxTJLER4DUt2Vg6_khLCpA.roa (raw, json)
Hash identifier: MKcDvWwqHVE9vZSHOg8w0ciXql+cjgazIARUal2yFTQ=
Subject key identifier: D3:27:F0:99:5C:53:24:B1:11:E0:35:2D:D9:58:3A:FE:48:4B:0A:90
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 019A0EF0F3264F46C84E1A25535AB6914DDA
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/0yfwmVxTJLER4DUt2Vg6_khLCpA.roa
Signing time: Thu 23 Oct 2025 02:41:03 +0000
ROA not before: Thu 23 Oct 2025 02:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216156
IP address blocks: 94.188.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 02:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0e:f0:f3:26:4f:46:c8:4e:1a:25:53:5a:b6:91:4d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Oct 23 02:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d327f0995c5324b111e0352dd9583afe484b0a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:97:19:94:3e:81:90:13:11:ec:8e:da:56:1a:
c3:5a:da:43:82:90:d7:2e:37:22:2f:d8:85:b8:5b:
a6:e1:09:b1:40:49:32:a1:97:13:04:e9:68:be:e0:
51:d8:73:64:20:42:3e:15:3e:c7:1c:76:20:b5:96:
d1:ab:44:86:f7:dd:b5:16:32:2c:03:87:f0:31:0c:
b0:c5:a9:3c:63:40:74:46:8f:08:79:dc:b5:52:4c:
ca:0c:d6:1c:4e:89:11:ef:de:22:d4:5a:67:c4:7a:
e4:09:e4:6e:a6:05:ac:02:b4:2f:2c:a7:bb:aa:ce:
a8:8f:5d:f1:c1:37:0e:6e:2d:75:88:04:ed:73:d7:
a7:09:c3:2c:6c:ae:43:21:7d:76:dc:ac:14:46:d2:
54:d0:0b:0f:dd:d0:ce:06:d6:4b:6c:da:ee:2b:dd:
0c:5a:f3:06:f7:0e:c7:8b:b4:95:c4:7d:cb:b0:6f:
62:26:5d:cc:45:7c:ad:15:93:fb:fd:9e:ca:58:29:
51:0c:43:84:80:e9:6a:58:5e:18:aa:ba:ed:d7:6c:
7b:10:eb:1d:07:41:c5:9d:e8:c0:02:26:27:b5:e3:
d8:c8:4c:61:98:7b:f6:cc:62:b4:f8:2c:24:82:01:
73:a6:6e:bf:83:ca:02:04:69:55:6e:4d:96:cc:8f:
4b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:27:F0:99:5C:53:24:B1:11:E0:35:2D:D9:58:3A:FE:48:4B:0A:90
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/0yfwmVxTJLER4DUt2Vg6_khLCpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.132.0/24
Signature Algorithm: sha256WithRSAEncryption
12:a8:46:f0:e8:ae:aa:19:43:ae:14:22:cc:0e:ca:2c:6c:2a:
f1:b3:3f:ec:e0:8a:9e:34:0a:9e:b9:9a:f6:66:61:fc:f0:a3:
07:d1:9c:c4:a5:bb:d2:fc:72:c7:97:d6:41:1d:ae:38:ab:6b:
47:0b:df:77:bf:b6:7c:4b:f4:bc:e1:8a:34:30:54:21:1b:08:
d9:06:b2:e9:f4:89:80:13:d0:f3:bd:38:9f:01:e8:31:27:1b:
b9:63:b2:a8:dd:ca:64:19:38:5d:30:20:ae:d1:af:9a:f4:7f:
98:c6:79:a5:20:55:06:0f:e3:f3:d7:39:6f:b1:1a:8c:50:0f:
86:4d:90:f6:2f:1e:bd:10:34:75:e7:0c:54:a2:a0:7d:d9:5f:
76:76:55:6e:6a:27:d3:7e:1f:cc:87:b4:1e:9a:19:29:72:5b:
0e:54:e1:44:23:3f:5a:7c:8a:67:d7:9b:e6:37:50:ae:90:85:
46:ce:41:23:f8:66:ee:5f:dc:22:0f:57:f5:e7:a2:bb:b6:c4:
8b:8d:32:e0:da:f6:5c:75:01:b3:e7:04:f4:ec:7e:5e:d0:fd:
79:f8:b0:09:60:59:74:c1:3a:f5:8b:a5:50:05:54:f1:45:12:
43:6d:eb:94:a2:ec:2f:1d:79:ec:86:fd:fc:d5:ec:d8:83:6e:
db:32:b5:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoO8PMmT0bITholU1q2kU3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjUxMDIzMDI0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzI3ZjA5OTVjNTMyNGIxMTFlMDM1MmRkOTU4M2FmZTQ4NGIwYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5cZlD6BkBMR7I7aVhrDWtpDgpDX
LjciL9iFuFum4QmxQEkyoZcTBOlovuBR2HNkIEI+FT7HHHYgtZbRq0SG9921FjIs
A4fwMQywxak8Y0B0Ro8Iedy1UkzKDNYcTokR794i1FpnxHrkCeRupgWsArQvLKe7
qs6oj13xwTcObi11iATtc9enCcMsbK5DIX123KwURtJU0AsP3dDOBtZLbNruK90M
WvMG9w7Hi7SVxH3LsG9iJl3MRXytFZP7/Z7KWClRDEOEgOlqWF4Yqrrt12x7EOsd
B0HFnejAAiYntePYyExhmHv2zGK0+CwkggFzpm6/g8oCBGlVbk2WzI9LnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMn8JlcUySxEeA1LdlYOv5ISwqQMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvMHlmd21WeFRKTEVSNERVdDJWZzZfa2hMQ3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXryEMA0G
CSqGSIb3DQEBCwUAA4IBAQASqEbw6K6qGUOuFCLMDsosbCrxsz/s4IqeNAqeuZr2
ZmH88KMH0ZzEpbvS/HLHl9ZBHa44q2tHC993v7Z8S/S84Yo0MFQhGwjZBrLp9ImA
E9DzvTifAegxJxu5Y7Ko3cpkGThdMCCu0a+a9H+YxnmlIFUGD+Pz1zlvsRqMUA+G
TZD2Lx69EDR15wxUoqB92V92dlVuaifTfh/Mh7QemhkpclsOVOFEIz9afIpn15vm
N1CukIVGzkEj+GbuX9wiD1f156K7tsSLjTLg2vZcdQGz5wT07H5e0P15+LAJYFl0
wTr1i6VQBVTxRRJDbeuUouwvHXnshv381ezYg27bMrUm
-----END CERTIFICATE-----
Generated at Sun Oct 26 09:31:10 2025 by rpki-client