Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/tfdAtKatow845W41MwNnVpLGgtg.roa
File: tfdAtKatow845W41MwNnVpLGgtg.roa (raw, json)
Hash identifier: uTfMLLKHQ5gluQZvH64MoBHxclcjq9Bv7RbosMqSlGA=
Subject key identifier: B5:F7:40:B4:A6:AD:A3:0F:38:E5:6E:35:33:03:67:56:92:C6:82:D8
Certificate issuer: /CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Certificate serial: 019A4998833046E6491370EBD279D429C8F8
Authority key identifier: D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/tfdAtKatow845W41MwNnVpLGgtg.roa
Signing time: Mon 03 Nov 2025 12:02:03 +0000
ROA not before: Mon 03 Nov 2025 12:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48529
IP address blocks: 78.108.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Nov 2025 14:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:49:98:83:30:46:e6:49:13:70:eb:d2:79:d4:29:c8:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Validity
Not Before: Nov 3 12:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5f740b4a6ada30f38e56e353303675692c682d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a9:63:aa:d1:d2:35:ad:d4:58:0a:40:c1:62:
8b:a6:be:65:e6:82:50:29:c7:96:97:ff:13:c3:48:
5a:5a:a8:bb:9e:6a:f5:8e:46:cb:e5:3e:a2:9a:b9:
c0:e4:aa:ef:a3:b0:d4:4f:bb:ee:d5:bc:d6:7b:a9:
c9:f6:8c:36:93:a5:4d:a8:22:66:da:40:20:f1:76:
44:69:0f:41:fa:29:6d:95:62:86:14:33:f1:70:4b:
25:5b:b1:d4:da:43:ae:17:f7:91:e0:b2:43:6b:a1:
8a:70:7e:2d:60:12:d6:e7:33:57:b8:59:1b:7b:c4:
7a:de:e3:06:ee:3e:a4:0f:1b:60:4e:bc:ae:ce:82:
f1:61:2e:35:2c:60:4d:36:bc:a3:fd:8e:bf:8f:82:
ca:ff:0d:c8:c4:26:83:c9:25:a1:93:59:40:38:0e:
f1:af:fa:e9:22:df:a2:62:17:86:8a:26:37:74:35:
6a:d9:1e:61:e1:b9:d2:02:1c:ae:45:25:f2:5c:5b:
54:7b:bb:45:2e:9a:7b:f7:e6:b8:b9:48:aa:23:6b:
45:bf:3f:d8:b6:16:4f:5e:8a:04:4f:99:0a:24:48:
cc:09:29:cc:c7:9a:43:20:76:49:92:1c:f2:d9:fd:
e3:07:34:ae:b9:0d:a0:32:b4:cb:9d:cf:36:bf:72:
26:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F7:40:B4:A6:AD:A3:0F:38:E5:6E:35:33:03:67:56:92:C6:82:D8
X509v3 Authority Key Identifier:
keyid:D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/tfdAtKatow845W41MwNnVpLGgtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.63.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:57:2e:60:f0:20:db:82:d4:64:6f:c2:7b:f5:d2:b2:53:3b:
28:0b:8a:c8:e5:ee:07:89:55:70:39:fe:b3:31:11:ea:df:f7:
5c:ce:a6:4d:bd:73:88:fb:db:31:44:4c:3f:5e:a6:a6:6a:ad:
31:74:cb:1a:b1:ad:7f:51:9b:c3:50:1e:e0:3d:11:c1:99:fe:
75:3d:42:19:1b:bf:77:57:1f:37:80:1f:c3:a2:95:4a:b6:31:
fa:9c:9a:5b:f7:08:bc:17:da:47:5b:c9:5e:72:c4:e7:f0:38:
23:4a:01:6d:b5:2f:de:e3:6a:d1:e2:29:e2:1e:4c:02:38:de:
3d:7e:fa:a8:9c:e3:1f:1b:46:a9:21:22:ed:bc:eb:47:06:7a:
14:46:05:1d:8b:75:7a:53:c5:ff:e5:68:6b:fc:f8:7a:8b:db:
20:c7:d5:5a:e9:cd:ba:b8:b8:52:69:55:5b:d4:ab:5d:7b:7f:
6a:b9:73:c7:de:c1:f0:5a:96:16:07:9a:0d:67:2b:fd:03:31:
3b:03:60:7a:b2:25:c6:7c:35:1f:46:5d:34:4e:8b:3b:a3:a5:
4c:1e:1b:b5:dc:dc:03:ef:28:d8:b2:e1:81:aa:5d:14:e9:64:
0b:c6:dc:6f:53:79:9d:5b:e3:89:45:f1:2c:2a:26:df:81:b2:
44:a2:1d:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZpJmIMwRuZJE3Dr0nnUKcj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWEzZmJjNzhlMzEyMjkxNTdjNzhiNmQyM2E2NWViMmUz
NTNkY2UwHhcNMjUxMTAzMTIwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWY3NDBiNGE2YWRhMzBmMzhlNTZlMzUzMzAzNjc1NjkyYzY4MmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6ljqtHSNa3UWApAwWKLpr5l5oJQ
KceWl/8Tw0haWqi7nmr1jkbL5T6imrnA5Krvo7DUT7vu1bzWe6nJ9ow2k6VNqCJm
2kAg8XZEaQ9B+iltlWKGFDPxcEslW7HU2kOuF/eR4LJDa6GKcH4tYBLW5zNXuFkb
e8R63uMG7j6kDxtgTryuzoLxYS41LGBNNryj/Y6/j4LK/w3IxCaDySWhk1lAOA7x
r/rpIt+iYheGiiY3dDVq2R5h4bnSAhyuRSXyXFtUe7tFLpp79+a4uUiqI2tFvz/Y
thZPXooET5kKJEjMCSnMx5pDIHZJkhzy2f3jBzSuuQ2gMrTLnc82v3Im/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLX3QLSmraMPOOVuNTMDZ1aSxoLYMB8GA1UdIwQY
MBaAFNaqP7x44xIpFXx4ttI6ZesuNT3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2Mt
ODI3NmM4YWFjNTBlLzEvdGZkQXRLYXRvdzg0NVc0MU13Tm5WcExHZ3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2MtODI3NmM4YWFjNTBl
LzEvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATmw/MA0G
CSqGSIb3DQEBCwUAA4IBAQDHVy5g8CDbgtRkb8J79dKyUzsoC4rI5e4HiVVwOf6z
MRHq3/dczqZNvXOI+9sxREw/Xqamaq0xdMsasa1/UZvDUB7gPRHBmf51PUIZG793
Vx83gB/DopVKtjH6nJpb9wi8F9pHW8lecsTn8DgjSgFttS/e42rR4iniHkwCON49
fvqonOMfG0apISLtvOtHBnoURgUdi3V6U8X/5Whr/Ph6i9sgx9Va6c26uLhSaVVb
1Ktde39quXPH3sHwWpYWB5oNZyv9AzE7A2B6siXGfDUfRl00Tos7o6VMHhu13NwD
7yjYsuGBql0U6WQLxtxvU3mdW+OJRfEsKibfgbJEoh1l
-----END CERTIFICATE-----
Generated at Thu Nov 6 22:59:56 2025 by rpki-client