Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5MDyhSjb44YBhSD4rdPnCY-VNAw.roa
File: 5MDyhSjb44YBhSD4rdPnCY-VNAw.roa (raw, json)
Hash identifier: x36rPT3FKpwpBcfi4PepXi7VdXMQkCEuDZ5EZ9OfPwQ=
Subject key identifier: E4:C0:F2:85:28:DB:E3:86:01:85:20:F8:AD:D3:E7:09:8F:95:34:0C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01990F4CE7729C8C3712D6FB67CAFA5D3B94
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5MDyhSjb44YBhSD4rdPnCY-VNAw.roa
Signing time: Wed 03 Sep 2025 11:18:42 +0000
ROA not before: Wed 03 Sep 2025 11:18:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 93.190.244.0/24 maxlen: 24
2a06:a600::/29 maxlen: 29
2a0f:3940::/29 maxlen: 29
2a12:4ac0::/29 maxlen: 29
2a13:cf00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:4c:e7:72:9c:8c:37:12:d6:fb:67:ca:fa:5d:3b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 3 11:18:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4c0f28528dbe386018520f8add3e7098f95340c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:40:7f:c1:f1:98:bf:55:7a:2a:c2:b0:e3:0d:
6f:ac:42:b5:ab:18:ec:14:b2:9d:6c:0d:55:63:14:
c7:08:a7:f4:7e:45:8a:9a:0b:96:72:5a:ce:80:b5:
3a:fb:53:66:fd:f2:e5:4c:1a:67:f8:1b:7d:3b:43:
e7:37:15:66:7e:b2:50:34:95:36:da:73:1b:ff:40:
8d:49:8b:e5:6a:87:7b:5a:4b:01:be:cd:e5:ae:9e:
15:59:05:90:4d:6a:ea:9e:6f:ad:17:46:9a:f0:22:
a3:b2:72:f3:f7:ea:45:24:f4:2c:68:6e:d0:a1:0d:
d2:ac:62:b3:85:dd:bb:9d:79:98:62:47:0a:92:dc:
27:ce:d5:f5:74:db:5a:67:97:6f:e5:79:08:6c:6a:
bc:38:3a:85:01:4d:d2:89:65:89:7f:8c:8a:ca:d9:
e7:a5:b0:36:83:99:3d:1c:36:cb:fb:ae:f5:91:08:
91:df:63:a5:6e:c1:a3:78:09:31:44:4f:0f:18:f3:
85:79:01:b2:f8:f7:fc:25:76:da:52:ff:48:a2:a3:
b6:7d:67:71:fd:5f:76:6e:a5:dd:ba:dc:74:03:62:
88:ee:b4:6b:fb:e8:84:c3:85:be:53:ff:b6:03:fc:
43:d0:f7:e5:02:81:01:02:49:1c:8a:bf:da:18:41:
fc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C0:F2:85:28:DB:E3:86:01:85:20:F8:AD:D3:E7:09:8F:95:34:0C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5MDyhSjb44YBhSD4rdPnCY-VNAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.244.0/24
IPv6:
2a06:a600::/29
2a0f:3940::/29
2a12:4ac0::/29
2a13:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
5e:b7:1d:a1:6d:b4:3c:8a:30:b6:d2:c3:c2:2a:e2:71:73:d6:
11:f4:01:26:1c:50:7f:33:f0:8b:5b:13:cd:6e:b4:60:57:05:
02:99:92:f8:99:e2:76:cf:33:73:5b:5f:3f:43:ca:8c:89:63:
0e:1e:67:2b:0c:f1:ad:ed:70:0d:0e:21:e5:22:8d:94:94:b2:
62:5f:e2:b2:a1:d2:b4:19:24:69:84:bd:69:bd:44:da:bc:e2:
7b:e0:1f:e6:67:9e:09:a4:2f:71:a7:d1:23:bb:21:48:17:aa:
3b:72:77:2a:66:54:4e:dc:e8:c7:72:e0:b6:de:b2:09:ac:b5:
f2:b4:af:bb:c5:73:3b:a3:4e:89:38:03:81:f0:ff:dc:40:f4:
c2:b8:3a:3f:8f:d9:5e:93:b6:71:1c:37:f5:c5:ba:89:4f:3c:
7e:46:50:e0:50:bf:88:8a:c8:c9:c5:d3:e2:58:6f:74:59:e8:
ea:e8:be:ae:32:5e:ff:26:70:59:3e:8e:06:42:61:15:f4:64:
5b:a7:7f:54:e6:f5:1e:8c:fd:65:de:6d:5e:34:ac:4b:8e:5c:
a4:be:f4:99:ba:7c:62:ae:51:cb:b6:25:77:00:77:7e:e0:2e:
ad:92:7d:15:e6:6d:cd:35:0c:25:08:e6:07:84:7a:b1:0e:4d:
d6:3b:61:fb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZkPTOdynIw3Etb7Z8r6XTuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwOTAzMTExODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGMwZjI4NTI4ZGJlMzg2MDE4NTIwZjhhZGQzZTcwOThmOTUzNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEB/wfGYv1V6KsKw4w1vrEK1qxjs
FLKdbA1VYxTHCKf0fkWKmguWclrOgLU6+1Nm/fLlTBpn+Bt9O0PnNxVmfrJQNJU2
2nMb/0CNSYvlaod7WksBvs3lrp4VWQWQTWrqnm+tF0aa8CKjsnLz9+pFJPQsaG7Q
oQ3SrGKzhd27nXmYYkcKktwnztX1dNtaZ5dv5XkIbGq8ODqFAU3SiWWJf4yKytnn
pbA2g5k9HDbL+671kQiR32OlbsGjeAkxRE8PGPOFeQGy+Pf8JXbaUv9IoqO2fWdx
/V92bqXdutx0A2KI7rRr++iEw4W+U/+2A/xD0PflAoEBAkkcir/aGEH8pQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOTA8oUo2+OGAYUg+K3T5wmPlTQMMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNU1EeWhTamI0NFlCaFNENHJkUG5DWS1WTkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAXb70MCIE
AgACMBwDBQMqBqYAAwUDKg85QAMFAyoSSsADBQMqE88AMA0GCSqGSIb3DQEBCwUA
A4IBAQBetx2hbbQ8ijC20sPCKuJxc9YR9AEmHFB/M/CLWxPNbrRgVwUCmZL4meJ2
zzNzW18/Q8qMiWMOHmcrDPGt7XANDiHlIo2UlLJiX+KyodK0GSRphL1pvUTavOJ7
4B/mZ54JpC9xp9EjuyFIF6o7cncqZlRO3OjHcuC23rIJrLXytK+7xXM7o06JOAOB
8P/cQPTCuDo/j9lek7ZxHDf1xbqJTzx+RlDgUL+IisjJxdPiWG90Wejq6L6uMl7/
JnBZPo4GQmEV9GRbp39U5vUejP1l3m1eNKxLjlykvvSZunxirlHLtiV3AHd+4C6t
kn0V5m3NNQwlCOYHhHqxDk3WO2H7
-----END CERTIFICATE-----
Generated at Sat Sep 6 20:46:17 2025 by rpki-client