Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/69b08d-7c97-432f-b4bf-51e821d23141/1/sE91ctBdm3kzx0I7-m7yHueFH5A.roa
File: sE91ctBdm3kzx0I7-m7yHueFH5A.roa (raw, json)
Hash identifier: HtV6VQdFZQnYaynfJSwRsmPpRxjtON9Gz0gIZegT1ec=
Subject key identifier: B0:4F:75:72:D0:5D:9B:79:33:C7:42:3B:FA:6E:F2:1E:E7:85:1F:90
Certificate issuer: /CN=311445353a0823edaef12a3a3356fa8098e15eac
Certificate serial: 01990FD699B6580969CF02CC87C4E143BD32
Authority key identifier: 31:14:45:35:3A:08:23:ED:AE:F1:2A:3A:33:56:FA:80:98:E1:5E:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MRRFNToII-2u8So6M1b6gJjhXqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/69b08d-7c97-432f-b4bf-51e821d23141/1/sE91ctBdm3kzx0I7-m7yHueFH5A.roa
Signing time: Wed 03 Sep 2025 13:49:06 +0000
ROA not before: Wed 03 Sep 2025 13:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205037
IP address blocks: 161.51.255.0/24 maxlen: 24
193.23.163.0/24 maxlen: 24
2001:67c:2c6c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/69b08d-7c97-432f-b4bf-51e821d23141/1/MRRFNToII-2u8So6M1b6gJjhXqw.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/69b08d-7c97-432f-b4bf-51e821d23141/1/MRRFNToII-2u8So6M1b6gJjhXqw.mft
rsync://rpki.ripe.net/repository/DEFAULT/MRRFNToII-2u8So6M1b6gJjhXqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:d6:99:b6:58:09:69:cf:02:cc:87:c4:e1:43:bd:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311445353a0823edaef12a3a3356fa8098e15eac
Validity
Not Before: Sep 3 13:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b04f7572d05d9b7933c7423bfa6ef21ee7851f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fc:75:cf:90:eb:4c:33:34:81:bd:b0:55:9b:
6a:ad:06:95:d5:8d:84:f7:a8:7c:f3:3d:8d:35:9f:
2d:e8:28:f7:7e:1a:11:7c:68:59:24:76:8b:b8:85:
3f:15:3a:55:a5:7a:8d:d7:ca:a7:13:41:8a:f8:53:
4e:d5:90:18:df:88:98:b9:1a:f8:44:47:e5:9b:53:
cf:14:74:52:24:61:8c:a7:d5:d1:33:56:34:f7:41:
24:92:ec:81:91:6b:10:af:cb:48:63:db:05:45:1b:
9c:eb:2b:8c:2d:05:7f:75:6c:17:1e:ae:d1:c0:f6:
8c:56:b5:eb:c6:7e:c4:be:87:97:00:ce:a2:b9:e1:
54:23:d5:32:8f:4f:9e:f3:7c:4f:fb:18:dd:35:f9:
f3:d9:e6:54:f0:72:76:ee:74:7e:4e:d9:82:da:89:
ba:e3:ae:91:95:9d:87:9c:bb:dc:10:06:20:28:b8:
a6:57:b1:bb:4e:7e:c5:e8:2c:d0:30:2d:4b:35:c9:
2f:73:ca:0a:da:fa:61:e4:c7:b7:76:60:16:31:b0:
6d:43:ce:4b:24:02:df:17:bf:08:27:6c:ef:73:e1:
e6:bf:bc:7d:92:cd:86:83:4b:df:97:5c:9c:aa:5c:
b3:96:3b:e8:b4:57:80:54:f4:31:20:4e:87:b3:2b:
f3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:4F:75:72:D0:5D:9B:79:33:C7:42:3B:FA:6E:F2:1E:E7:85:1F:90
X509v3 Authority Key Identifier:
keyid:31:14:45:35:3A:08:23:ED:AE:F1:2A:3A:33:56:FA:80:98:E1:5E:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MRRFNToII-2u8So6M1b6gJjhXqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/69b08d-7c97-432f-b4bf-51e821d23141/1/sE91ctBdm3kzx0I7-m7yHueFH5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/69b08d-7c97-432f-b4bf-51e821d23141/1/MRRFNToII-2u8So6M1b6gJjhXqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.51.255.0/24
193.23.163.0/24
IPv6:
2001:67c:2c6c::/48
Signature Algorithm: sha256WithRSAEncryption
2e:f2:c7:b8:3f:f9:3d:8f:59:7e:58:91:8e:83:d5:72:81:11:
10:e2:a5:e4:4a:07:31:ca:9e:f1:36:e2:ac:de:b3:0c:58:e6:
59:22:7c:38:48:0e:34:57:47:bc:7f:c9:71:d3:46:12:a2:20:
dc:b1:13:74:a9:3a:34:a7:44:b5:5e:80:c9:aa:de:28:99:86:
55:a4:99:89:ac:b8:e3:28:8c:95:52:33:56:d2:4a:62:38:94:
ce:21:ae:23:90:92:a5:3b:ce:aa:ed:53:88:5b:fa:ab:dc:b4:
42:73:b6:94:46:d0:81:db:6f:ca:2c:7e:e8:d6:da:fd:39:2f:
b8:ad:bb:de:1f:68:78:e2:06:d9:da:06:39:44:74:72:a7:1d:
f7:81:8d:2b:1c:8a:22:89:ba:70:75:fb:eb:8e:61:cf:af:0e:
d0:ba:f9:1d:c4:6f:5c:17:59:44:8e:d8:63:ff:b9:9b:9c:55:
56:e3:c0:da:a6:e2:a9:ef:b4:59:4e:96:ac:76:63:7e:cd:0a:
50:a7:14:59:d9:61:d7:42:f8:32:9a:5d:2c:ff:6f:78:33:d6:
bc:91:93:3d:af:c9:13:96:7f:61:23:5c:6c:a5:ed:00:82:0d:
be:fe:86:f0:35:df:55:ec:b6:0b:3d:2e:da:a4:66:93:15:32:
46:38:cb:6e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZkP1pm2WAlpzwLMh8ThQ70yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMTQ0NTM1M2EwODIzZWRhZWYxMmEzYTMzNTZmYTgwOThl
MTVlYWMwHhcNMjUwOTAzMTM0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDRmNzU3MmQwNWQ5Yjc5MzNjNzQyM2JmYTZlZjIxZWU3ODUxZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPx1z5DrTDM0gb2wVZtqrQaV1Y2E
96h88z2NNZ8t6Cj3fhoRfGhZJHaLuIU/FTpVpXqN18qnE0GK+FNO1ZAY34iYuRr4
REflm1PPFHRSJGGMp9XRM1Y090EkkuyBkWsQr8tIY9sFRRuc6yuMLQV/dWwXHq7R
wPaMVrXrxn7EvoeXAM6iueFUI9Uyj0+e83xP+xjdNfnz2eZU8HJ27nR+TtmC2om6
466RlZ2HnLvcEAYgKLimV7G7Tn7F6CzQMC1LNckvc8oK2vph5Me3dmAWMbBtQ85L
JALfF78IJ2zvc+Hmv7x9ks2Gg0vfl1ycqlyzljvotFeAVPQxIE6HsyvzFwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLBPdXLQXZt5M8dCO/pu8h7nhR+QMB8GA1UdIwQY
MBaAFDEURTU6CCPtrvEqOjNW+oCY4V6sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVJSRk5Ub0lJLTJ1OFNvNk0xYjZnSmpoWHF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni82OWIwOGQtN2M5Ny00MzJmLWI0YmYt
NTFlODIxZDIzMTQxLzEvc0U5MWN0QmRtM2t6eDBJNy1tN3lIdWVGSDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni82OWIwOGQtN2M5Ny00MzJmLWI0YmYtNTFlODIxZDIzMTQx
LzEvTVJSRk5Ub0lJLTJ1OFNvNk0xYjZnSmpoWHF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAoTP/AwQA
wRejMA8EAgACMAkDBwAgAQZ8LGwwDQYJKoZIhvcNAQELBQADggEBAC7yx7g/+T2P
WX5YkY6D1XKBERDipeRKBzHKnvE24qzeswxY5lkifDhIDjRXR7x/yXHTRhKiINyx
E3SpOjSnRLVegMmq3iiZhlWkmYmsuOMojJVSM1bSSmI4lM4hriOQkqU7zqrtU4hb
+qvctEJztpRG0IHbb8osfujW2v05L7itu94faHjiBtnaBjlEdHKnHfeBjSsciiKJ
unB1++uOYc+vDtC6+R3Eb1wXWUSO2GP/uZucVVbjwNqm4qnvtFlOlqx2Y37NClCn
FFnZYddC+DKaXSz/b3gz1ryRkz2vyROWf2EjXGyl7QCCDb7+hvA131Xstgs9Ltqk
ZpMVMkY4y24=
-----END CERTIFICATE-----
Generated at Mon Sep 8 10:27:54 2025 by rpki-client