Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/9Q38Q7e7w7x-E5d_pC0yM2_jAJI.roa
File: 9Q38Q7e7w7x-E5d_pC0yM2_jAJI.roa (raw, json)
Hash identifier: DJb5zZemEvlA9nZv0Fj8KOH1873t3PxvR0XGA4DUmug=
Subject key identifier: F5:0D:FC:43:B7:BB:C3:BC:7E:13:97:7F:A4:2D:32:33:6F:E3:00:92
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 01995870DCF50DE312FAEB7CE1E4B426CE88
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/9Q38Q7e7w7x-E5d_pC0yM2_jAJI.roa
Signing time: Wed 17 Sep 2025 16:10:15 +0000
ROA not before: Wed 17 Sep 2025 16:10:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 5.10.213.0/24 maxlen: 24
5.10.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:58:70:dc:f5:0d:e3:12:fa:eb:7c:e1:e4:b4:26:ce:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Sep 17 16:10:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f50dfc43b7bbc3bc7e13977fa42d32336fe30092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:29:9b:50:5c:e5:a4:a5:d2:88:1c:9c:61:f2:
2a:aa:b9:a5:ac:1e:ba:7b:db:5b:51:8d:86:0f:63:
05:06:17:2a:30:31:26:41:24:03:e2:63:16:e3:95:
e2:aa:e7:ec:b0:dc:23:88:bd:0f:dc:92:37:29:4e:
00:ab:d4:cf:de:89:6a:ce:f5:a6:9b:22:3a:c6:5a:
5f:28:37:e0:93:57:3a:38:fe:4f:ee:6c:9d:f8:95:
9d:ee:69:62:ab:7f:f7:ca:e9:60:25:6c:71:b7:bd:
21:5b:7d:c3:06:8e:9a:e7:f6:81:b8:14:1a:fa:00:
67:c5:d1:e0:2c:d6:b3:7e:ce:06:b9:5a:e1:58:7c:
0b:79:27:e1:1d:9a:81:a9:93:68:e4:9c:06:4f:90:
a5:33:d7:22:95:b3:24:d4:16:ce:39:09:2b:61:34:
e8:9e:5f:7b:dc:3d:2b:d3:51:26:12:ee:b9:9c:6a:
74:b0:3b:04:b0:e6:9c:6e:78:02:df:0c:56:eb:74:
9c:ce:c1:a3:60:40:c3:0c:e2:f5:59:0f:b4:e1:86:
48:c4:9a:f9:1c:e8:e6:42:21:7c:33:f8:17:e6:a0:
b8:ef:d0:a2:8c:80:86:00:1b:aa:6c:c9:a1:eb:69:
df:cc:37:66:49:87:25:ce:88:3a:df:7c:c1:6a:ab:
38:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:0D:FC:43:B7:BB:C3:BC:7E:13:97:7F:A4:2D:32:33:6F:E3:00:92
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/9Q38Q7e7w7x-E5d_pC0yM2_jAJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.213.0/24
5.10.222.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:16:11:68:f2:1f:fc:0a:de:32:6c:f6:36:84:49:d6:46:a0:
49:3d:2d:48:41:44:d3:c1:c1:77:f7:99:5d:02:42:b4:34:a9:
5a:83:1d:c6:c1:6a:86:5d:f7:c8:09:e9:9d:44:b9:fb:20:9a:
a9:46:92:78:16:61:87:4a:49:67:42:61:1d:1b:2c:af:53:ed:
bc:ca:ae:67:03:e2:e8:d6:22:2c:35:ac:d5:a9:ef:ab:c6:9a:
a1:b4:ca:f5:33:f8:62:5a:ec:b2:0a:c6:9f:80:25:1e:a9:b8:
0c:32:d3:2c:3e:22:8f:b4:52:c7:83:50:bb:1e:cf:2d:48:02:
fb:d4:f2:f2:b7:27:09:4f:1a:d4:e9:72:c2:38:4b:f3:35:ad:
e0:41:f3:84:58:38:49:1c:d8:86:5c:fc:2e:e0:21:63:32:b4:
5f:9e:91:0a:74:90:5b:31:6f:51:be:52:12:90:c0:65:df:e5:
e9:25:25:85:4c:b5:e9:09:dd:68:c1:ec:3e:6b:0c:09:09:85:
af:c4:9d:2e:ac:60:56:8a:f2:aa:cb:cc:eb:48:e2:49:e9:2f:
65:6a:3d:08:65:2b:84:af:f6:78:22:c9:01:a2:25:16:71:5b:
06:f7:2f:dd:b2:4c:1f:bf:a3:48:5e:86:ea:e6:77:4c:05:4e:
f4:8a:63:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlYcNz1DeMS+ut84eS0Js6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwOTE3MTYxMDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTBkZmM0M2I3YmJjM2JjN2UxMzk3N2ZhNDJkMzIzMzZmZTMwMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3imbUFzlpKXSiBycYfIqqrmlrB66
e9tbUY2GD2MFBhcqMDEmQSQD4mMW45XiqufssNwjiL0P3JI3KU4Aq9TP3olqzvWm
myI6xlpfKDfgk1c6OP5P7myd+JWd7mliq3/3yulgJWxxt70hW33DBo6a5/aBuBQa
+gBnxdHgLNazfs4GuVrhWHwLeSfhHZqBqZNo5JwGT5ClM9cilbMk1BbOOQkrYTTo
nl973D0r01EmEu65nGp0sDsEsOacbngC3wxW63SczsGjYEDDDOL1WQ+04YZIxJr5
HOjmQiF8M/gX5qC479CijICGABuqbMmh62nfzDdmSYclzog633zBaqs4ZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPUN/EO3u8O8fhOXf6QtMjNv4wCSMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvOVEzOFE3ZTd3N3gtRTVkX3BDMHlNMl9qQUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQrVAwQA
BQreMA0GCSqGSIb3DQEBCwUAA4IBAQBfFhFo8h/8Ct4ybPY2hEnWRqBJPS1IQUTT
wcF395ldAkK0NKlagx3GwWqGXffICemdRLn7IJqpRpJ4FmGHSklnQmEdGyyvU+28
yq5nA+Lo1iIsNazVqe+rxpqhtMr1M/hiWuyyCsafgCUeqbgMMtMsPiKPtFLHg1C7
Hs8tSAL71PLytycJTxrU6XLCOEvzNa3gQfOEWDhJHNiGXPwu4CFjMrRfnpEKdJBb
MW9RvlISkMBl3+XpJSWFTLXpCd1owew+awwJCYWvxJ0urGBWivKqy8zrSOJJ6S9l
aj0IZSuEr/Z4IskBoiUWcVsG9y/dskwfv6NIXobq5ndMBU70imPy
-----END CERTIFICATE-----
Generated at Wed Oct 8 13:57:48 2025 by rpki-client