Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/vmUBBf1TcvR2yAWlv0oGVdOA2cg.roa
File: vmUBBf1TcvR2yAWlv0oGVdOA2cg.roa (raw, json)
Hash identifier: YFIKrMFvfaR22V4pTroOMwn6JkreXEZJ3z4MNVZcegE=
Subject key identifier: BE:65:01:05:FD:53:72:F4:76:C8:05:A5:BF:4A:06:55:D3:80:D9:C8
Certificate issuer: /CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Certificate serial: 019A4A141D41663151F9AA2343D01A2A9AA7
Authority key identifier: 3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/vmUBBf1TcvR2yAWlv0oGVdOA2cg.roa
Signing time: Mon 03 Nov 2025 14:17:03 +0000
ROA not before: Mon 03 Nov 2025 14:17:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216472
IP address blocks: 89.43.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 23:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4a:14:1d:41:66:31:51:f9:aa:23:43:d0:1a:2a:9a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Validity
Not Before: Nov 3 14:17:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be650105fd5372f476c805a5bf4a0655d380d9c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:87:52:4f:68:41:c6:8b:dc:17:c7:6d:e1:41:
8a:c2:17:38:54:63:3b:0d:fe:8f:45:b3:b8:12:c8:
77:77:62:3e:8b:21:4b:25:7e:c6:5f:e6:00:64:8f:
7c:5b:69:e4:62:31:76:b1:b2:e5:ad:74:7a:c9:a1:
3a:1b:0c:2b:47:f6:d7:6c:4a:31:64:01:98:0a:fe:
15:17:be:31:fe:81:d3:44:b4:29:7a:62:98:c5:5a:
5a:85:4a:38:32:ff:32:13:b2:0f:38:ae:4d:56:2e:
cd:77:18:67:b3:d2:83:c8:c3:02:63:c3:40:33:63:
0c:af:d9:1e:5c:51:03:56:bf:ad:a1:0f:70:89:40:
58:d7:b0:e7:55:60:6f:d7:19:38:fe:4f:84:a2:2c:
66:d4:cc:93:3a:fd:65:9d:1a:a9:c5:7d:bc:c0:51:
37:ea:4d:0d:26:ac:d3:3b:c0:8c:b6:e1:dc:25:42:
7b:7d:c9:d5:92:de:cf:65:02:68:25:d9:cd:de:3e:
bc:ec:e0:a6:1d:78:57:07:c7:48:47:73:c1:8b:76:
1b:3d:2f:ab:2f:21:a0:6f:89:63:2b:66:56:fa:86:
a9:25:ab:ab:a1:50:e2:cf:73:d8:01:91:47:66:30:
c8:62:75:93:16:eb:b3:1a:26:75:10:27:50:d9:80:
57:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:65:01:05:FD:53:72:F4:76:C8:05:A5:BF:4A:06:55:D3:80:D9:C8
X509v3 Authority Key Identifier:
keyid:3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/vmUBBf1TcvR2yAWlv0oGVdOA2cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.132.0/24
Signature Algorithm: sha256WithRSAEncryption
62:97:39:36:d0:20:ef:f1:9d:aa:50:6a:64:b0:2d:49:85:d0:
e0:5c:b7:9f:df:1e:9f:b9:22:45:ce:3b:c2:45:40:e9:22:03:
18:01:09:a2:41:c7:8d:27:c0:56:f0:89:3d:53:46:e1:43:54:
35:07:96:21:e9:c2:ea:93:9d:09:57:fc:fc:34:77:67:02:1b:
62:64:59:7a:fe:43:14:d9:87:7f:24:89:ef:03:2c:64:2e:6d:
18:5b:24:e7:8d:b3:46:61:25:ad:82:88:65:da:4e:0a:41:4a:
85:c9:5a:6c:52:68:6a:f5:0e:3b:9f:c0:0a:6e:f1:29:6b:4a:
a8:60:98:29:b5:82:41:69:6d:b5:e2:f6:aa:f9:e6:02:73:3e:
ac:af:9d:42:33:9c:93:c0:77:8f:85:15:c7:79:76:c2:82:08:
a2:37:5d:1d:55:ef:cd:e5:5f:75:75:10:a8:64:21:b9:de:2f:
9a:96:aa:fb:18:00:02:c0:85:2b:50:e0:6d:f0:62:c6:1b:e7:
4a:20:c0:55:37:47:7a:f4:7e:3d:b0:21:88:1c:90:5e:50:c5:
3a:d6:2e:d2:58:e5:8d:bf:78:f7:38:6f:0e:2f:18:f7:ff:89:
92:58:e7:43:2c:b2:cc:50:f2:ab:95:b9:f0:b8:20:c8:39:02:
a1:13:04:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZpKFB1BZjFR+aojQ9AaKpqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzVkNDlkZWQyMDU2NmNhNzQ1YzI4ZjgwY2ZkOWE5MmY0
YjdkNDcwHhcNMjUxMTAzMTQxNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTY1MDEwNWZkNTM3MmY0NzZjODA1YTViZjRhMDY1NWQzODBkOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArodST2hBxovcF8dt4UGKwhc4VGM7
Df6PRbO4Esh3d2I+iyFLJX7GX+YAZI98W2nkYjF2sbLlrXR6yaE6GwwrR/bXbEox
ZAGYCv4VF74x/oHTRLQpemKYxVpahUo4Mv8yE7IPOK5NVi7Ndxhns9KDyMMCY8NA
M2MMr9keXFEDVr+toQ9wiUBY17DnVWBv1xk4/k+Eoixm1MyTOv1lnRqpxX28wFE3
6k0NJqzTO8CMtuHcJUJ7fcnVkt7PZQJoJdnN3j687OCmHXhXB8dIR3PBi3YbPS+r
LyGgb4ljK2ZW+oapJauroVDiz3PYAZFHZjDIYnWTFuuzGiZ1ECdQ2YBXXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5lAQX9U3L0dsgFpb9KBlXTgNnIMB8GA1UdIwQY
MBaAFD511J3tIFZsp0XCj4DP2akvS31HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2Qt
ODM2Mzg0NzVkOGFiLzEvdm1VQkJmMVRjdlIyeUFXbHYwb0dWZE9BMmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2QtODM2Mzg0NzVkOGFi
LzEvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSuEMA0G
CSqGSIb3DQEBCwUAA4IBAQBilzk20CDv8Z2qUGpksC1JhdDgXLef3x6fuSJFzjvC
RUDpIgMYAQmiQceNJ8BW8Ik9U0bhQ1Q1B5Yh6cLqk50JV/z8NHdnAhtiZFl6/kMU
2Yd/JInvAyxkLm0YWyTnjbNGYSWtgohl2k4KQUqFyVpsUmhq9Q47n8AKbvEpa0qo
YJgptYJBaW214vaq+eYCcz6sr51CM5yTwHePhRXHeXbCggiiN10dVe/N5V91dRCo
ZCG53i+alqr7GAACwIUrUOBt8GLGG+dKIMBVN0d69H49sCGIHJBeUMU61i7SWOWN
v3j3OG8OLxj3/4mSWOdDLLLMUPKrlbnwuCDIOQKhEwRT
-----END CERTIFICATE-----
Generated at Tue Nov 4 07:20:25 2025 by rpki-client