Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/aW16bEMvTRG7qNefb2rpU4NnSOQ.roa
File: aW16bEMvTRG7qNefb2rpU4NnSOQ.roa (raw, json)
Hash identifier: 9Z0UxDNm5ByQmlf/lz8y7rt0OHD0m9TRRk+iOQJUyKE=
Subject key identifier: 69:6D:7A:6C:43:2F:4D:11:BB:A8:D7:9F:6F:6A:E9:53:83:67:48:E4
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 01997A66D53439BB25D4DF90D4AA6CFCB559
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/aW16bEMvTRG7qNefb2rpU4NnSOQ.roa
Signing time: Wed 24 Sep 2025 06:26:23 +0000
ROA not before: Wed 24 Sep 2025 06:26:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 81.17.160.0/21 maxlen: 24
81.17.168.0/21 maxlen: 24
109.238.160.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.mft
rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7a:66:d5:34:39:bb:25:d4:df:90:d4:aa:6c:fc:b5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Sep 24 06:26:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=696d7a6c432f4d11bba8d79f6f6ae953836748e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ca:52:05:b3:25:a8:6b:23:55:3f:4c:ff:da:
3f:02:a5:40:02:bb:34:28:d2:80:ce:98:e7:fd:2b:
1b:48:87:2a:71:6f:3c:37:2d:84:30:84:8c:81:8b:
69:04:ef:cc:ac:25:11:17:ec:1e:a1:5b:13:d5:01:
30:b8:97:5b:bb:82:e9:80:e5:15:74:f7:0f:96:9d:
5b:f2:ef:1e:29:99:d6:ab:2c:1b:64:23:23:c7:8e:
2d:02:20:e8:84:f1:94:a1:b8:2b:65:3c:55:8c:37:
bf:01:18:f3:d8:c5:b0:76:d5:2f:7e:06:e4:ae:d1:
3f:fe:0e:84:91:f9:5f:42:19:46:63:46:ae:b6:96:
d3:36:9a:17:9d:b9:5b:35:5b:8e:31:66:fc:80:53:
ba:83:9d:fd:35:09:f1:f3:7f:92:ff:37:91:74:16:
2d:38:5e:cb:f1:e5:75:84:50:e1:f8:d8:7e:c0:87:
bf:25:d7:db:d9:ae:92:64:fc:4f:88:95:17:16:4c:
cc:c6:da:5b:42:2f:62:bd:8c:3b:0d:9d:ce:67:92:
2a:46:af:61:d5:33:3f:60:a3:ba:7c:75:3d:af:11:
f3:54:42:71:db:bb:7b:a2:5e:d3:8b:64:1c:79:be:
68:fb:2e:dc:32:a8:c9:05:14:2d:7d:b5:7f:8a:a8:
69:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:6D:7A:6C:43:2F:4D:11:BB:A8:D7:9F:6F:6A:E9:53:83:67:48:E4
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/aW16bEMvTRG7qNefb2rpU4NnSOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.160.0/20
109.238.160.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:4b:bc:f2:b1:09:32:56:9b:9b:0f:b2:83:78:93:b1:d9:9f:
d1:63:55:ce:2e:14:f9:d1:b4:a1:71:c9:b9:06:7d:62:9d:ab:
e3:c5:cf:99:53:c1:b9:f2:01:dd:2e:21:45:99:f4:0e:b5:08:
e2:3b:e5:01:b1:cb:51:9c:4d:44:8d:79:34:c5:3d:3e:c0:92:
f0:61:62:7a:bc:8d:fb:94:bb:57:83:66:95:5a:30:1e:ab:1e:
0b:f1:f6:d3:7c:79:f9:cc:d4:bb:bd:5c:52:0b:bd:68:9f:4c:
1e:37:ab:a1:e2:7b:3d:db:f5:42:73:c3:7a:41:41:45:85:b6:
a1:44:e0:3c:b8:05:96:34:0a:62:42:2b:46:64:f3:bb:d3:1a:
9b:d1:b6:70:2c:7e:7f:2d:13:4c:3d:53:55:7d:a8:8e:f8:f9:
ee:eb:62:8c:45:8c:69:1a:99:1f:56:e4:80:09:c0:6e:02:33:
8d:75:f4:fc:15:0a:87:84:3d:9e:e5:af:5d:02:4f:df:a4:e1:
63:b0:7b:9f:29:fb:45:22:85:51:8b:10:58:d3:10:b3:b3:1b:
4f:a2:95:69:0e:f7:6f:b7:16:39:74:9d:d9:64:82:9b:f5:9c:
7d:22:ac:4c:4a:83:87:aa:d4:99:fd:70:f5:80:60:97:13:3e:
5f:e1:05:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZl6ZtU0Obsl1N+Q1Kps/LVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjUwOTI0MDYyNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTZkN2E2YzQzMmY0ZDExYmJhOGQ3OWY2ZjZhZTk1MzgzNjc0OGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMpSBbMlqGsjVT9M/9o/AqVAArs0
KNKAzpjn/SsbSIcqcW88Ny2EMISMgYtpBO/MrCURF+weoVsT1QEwuJdbu4LpgOUV
dPcPlp1b8u8eKZnWqywbZCMjx44tAiDohPGUobgrZTxVjDe/ARjz2MWwdtUvfgbk
rtE//g6EkflfQhlGY0autpbTNpoXnblbNVuOMWb8gFO6g539NQnx83+S/zeRdBYt
OF7L8eV1hFDh+Nh+wIe/Jdfb2a6SZPxPiJUXFkzMxtpbQi9ivYw7DZ3OZ5IqRq9h
1TM/YKO6fHU9rxHzVEJx27t7ol7Ti2Qceb5o+y7cMqjJBRQtfbV/iqhpUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGltemxDL00Ru6jXn29q6VODZ0jkMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvYVcxNmJFTXZUUkc3cU5lZmIycnBVNE5uU09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEURGgAwQD
be6gMA0GCSqGSIb3DQEBCwUAA4IBAQCxS7zysQkyVpubD7KDeJOx2Z/RY1XOLhT5
0bShccm5Bn1inavjxc+ZU8G58gHdLiFFmfQOtQjiO+UBsctRnE1EjXk0xT0+wJLw
YWJ6vI37lLtXg2aVWjAeqx4L8fbTfHn5zNS7vVxSC71on0weN6uh4ns92/VCc8N6
QUFFhbahROA8uAWWNApiQitGZPO70xqb0bZwLH5/LRNMPVNVfaiO+Pnu62KMRYxp
GpkfVuSACcBuAjONdfT8FQqHhD2e5a9dAk/fpOFjsHufKftFIoVRixBY0xCzsxtP
opVpDvdvtxY5dJ3ZZIKb9Zx9IqxMSoOHqtSZ/XD1gGCXEz5f4QXU
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:21 2025 by rpki-client