Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/5R1-l58ft4GhxzonN9PpLF0e3rg.roa
File: 5R1-l58ft4GhxzonN9PpLF0e3rg.roa (raw, json)
Hash identifier: ld57U57oSYCdX19ANUoiIqFJmCosw0zLo2ypqpVfq5A=
Subject key identifier: E5:1D:7E:97:9F:1F:B7:81:A1:C7:3A:27:37:D3:E9:2C:5D:1E:DE:B8
Certificate issuer: /CN=95bdb85b7ea8f1faaf751e76c4147c81b60e994d
Certificate serial: 0198E00F41F3614F069A81228C4AC60FC5A4
Authority key identifier: 95:BD:B8:5B:7E:A8:F1:FA:AF:75:1E:76:C4:14:7C:81:B6:0E:99:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/5R1-l58ft4GhxzonN9PpLF0e3rg.roa
Signing time: Mon 25 Aug 2025 07:09:12 +0000
ROA not before: Mon 25 Aug 2025 07:09:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215652
IP address blocks: 2001:678:988::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e0:0f:41:f3:61:4f:06:9a:81:22:8c:4a:c6:0f:c5:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95bdb85b7ea8f1faaf751e76c4147c81b60e994d
Validity
Not Before: Aug 25 07:09:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e51d7e979f1fb781a1c73a2737d3e92c5d1edeb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cc:14:a2:17:c4:6d:53:28:70:92:e0:d4:2d:
da:02:40:3f:66:af:8a:15:4f:c1:47:45:a9:83:ab:
2e:cb:01:6c:83:9f:da:fd:a6:3b:f7:4e:78:3e:e5:
34:72:5f:09:38:de:d8:93:26:2a:8d:09:30:b3:83:
7d:1f:09:eb:40:81:50:48:29:a0:4b:68:02:b8:d9:
4a:8e:63:3b:ad:63:18:be:77:cb:f5:35:71:3d:3c:
b5:e2:48:24:ce:f3:33:18:70:7c:77:97:16:9d:d8:
3f:56:c5:3e:b0:ee:d2:c1:24:f0:51:27:05:47:e6:
30:99:fe:45:1d:b9:7c:6a:f2:12:c3:ea:82:68:f8:
c0:b6:7c:57:5c:fa:ce:04:d2:aa:c0:bd:7a:8c:29:
7c:66:65:ca:9f:c4:48:06:e9:21:b2:76:04:5a:e7:
bf:d7:dd:00:02:fb:9b:55:12:bf:93:b7:39:f1:88:
8f:84:8b:20:37:10:f5:31:52:00:76:37:80:2b:4e:
2d:e1:ad:24:cb:37:fe:2e:c7:e6:01:bf:96:61:fb:
ab:cf:1b:cd:95:fd:b5:4a:8d:c3:1e:88:97:59:fb:
38:00:37:1b:8f:19:03:12:e3:a6:86:ea:90:26:fa:
4d:52:fb:a6:e6:9c:19:73:a8:9b:f6:c2:b2:8f:36:
68:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1D:7E:97:9F:1F:B7:81:A1:C7:3A:27:37:D3:E9:2C:5D:1E:DE:B8
X509v3 Authority Key Identifier:
keyid:95:BD:B8:5B:7E:A8:F1:FA:AF:75:1E:76:C4:14:7C:81:B6:0E:99:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/5R1-l58ft4GhxzonN9PpLF0e3rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:988::/48
Signature Algorithm: sha256WithRSAEncryption
71:3d:12:52:aa:0d:93:23:bd:f1:0e:ea:c8:e4:6c:71:50:76:
ad:d9:19:91:3f:83:74:a8:7b:61:4f:f4:ee:e0:1d:53:16:d6:
22:9c:3b:a3:2a:7b:7b:6f:98:dc:b1:cf:33:72:a3:82:09:2b:
bc:b6:37:07:12:d1:87:a2:ab:36:62:d3:21:25:cc:aa:8e:14:
41:ba:f2:33:3a:54:b6:38:a0:cd:19:57:20:d0:e8:9c:58:6c:
25:82:5d:83:e9:18:2e:fa:82:d1:21:0c:a0:08:74:a4:ff:4c:
4a:9c:9a:2b:f6:e9:bf:e3:82:86:f7:c7:e1:ec:ce:b9:1d:77:
db:00:ba:4f:df:67:8c:86:f9:18:27:62:44:dc:4e:2d:53:74:
4d:0a:aa:e3:e8:f4:e5:2d:db:c4:87:aa:10:4e:36:27:1b:23:
86:8e:9d:60:cc:b9:09:62:f3:a7:7a:6c:40:6b:a4:b2:2b:5e:
d6:8c:e8:bb:42:e1:8e:1e:33:d5:20:5a:00:9b:2e:8a:b0:f9:
e0:fc:f0:17:8a:44:50:8f:96:3f:11:42:cd:c1:b5:82:c9:b3:
3e:b2:b3:19:de:c1:f2:61:16:c8:c6:72:e1:33:3e:76:75:c1:
8e:12:6f:20:ff:3b:1c:ea:23:92:b7:5f:b0:8b:93:c6:d6:bf:
39:af:54:3c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZjgD0HzYU8GmoEijErGD8WkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmRiODViN2VhOGYxZmFhZjc1MWU3NmM0MTQ3YzgxYjYw
ZTk5NGQwHhcNMjUwODI1MDcwOTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTFkN2U5NzlmMWZiNzgxYTFjNzNhMjczN2QzZTkyYzVkMWVkZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycwUohfEbVMocJLg1C3aAkA/Zq+K
FU/BR0Wpg6suywFsg5/a/aY79054PuU0cl8JON7YkyYqjQkws4N9HwnrQIFQSCmg
S2gCuNlKjmM7rWMYvnfL9TVxPTy14kgkzvMzGHB8d5cWndg/VsU+sO7SwSTwUScF
R+Ywmf5FHbl8avISw+qCaPjAtnxXXPrOBNKqwL16jCl8ZmXKn8RIBukhsnYEWue/
190AAvubVRK/k7c58YiPhIsgNxD1MVIAdjeAK04t4a0kyzf+LsfmAb+WYfurzxvN
lf21So3DHoiXWfs4ADcbjxkDEuOmhuqQJvpNUvum5pwZc6ib9sKyjzZonwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOUdfpefH7eBocc6JzfT6SxdHt64MB8GA1UdIwQY
MBaAFJW9uFt+qPH6r3UedsQUfIG2DplNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wMzM3MDAtZjkwNC00MjJmLWE0YWMt
MTAyNDBjYTBiMTgyLzEvNVIxLWw1OGZ0NEdoeHpvbk45UHBMRjBlM3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wMzM3MDAtZjkwNC00MjJmLWE0YWMtMTAyNDBjYTBiMTgy
LzEvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAmI
MA0GCSqGSIb3DQEBCwUAA4IBAQBxPRJSqg2TI73xDurI5GxxUHat2RmRP4N0qHth
T/Tu4B1TFtYinDujKnt7b5jcsc8zcqOCCSu8tjcHEtGHoqs2YtMhJcyqjhRBuvIz
OlS2OKDNGVcg0OicWGwlgl2D6Rgu+oLRIQygCHSk/0xKnJor9um/44KG98fh7M65
HXfbALpP32eMhvkYJ2JE3E4tU3RNCqrj6PTlLdvEh6oQTjYnGyOGjp1gzLkJYvOn
emxAa6SyK17WjOi7QuGOHjPVIFoAmy6KsPng/PAXikRQj5Y/EULNwbWCybM+srMZ
3sHyYRbIxnLhMz52dcGOEm8g/zsc6iOSt1+wi5PG1r85r1Q8
-----END CERTIFICATE-----
Generated at Mon Sep 8 07:01:56 2025 by rpki-client