Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/S5tOJLlP_fO4AuDKQ8_gge5ko6o.roa
File: S5tOJLlP_fO4AuDKQ8_gge5ko6o.roa (raw, json)
Hash identifier: v1IqdqgiinrLaFWkomMQNKh2wkRHR0/kvJk++V8a1GU=
Subject key identifier: 4B:9B:4E:24:B9:4F:FD:F3:B8:02:E0:CA:43:CF:E0:81:EE:64:A3:AA
Certificate issuer: /CN=e58024b729d99f05133ec6d14390c73eb36db99e
Certificate serial: 019A12245942F2760B9BCC80CE0A84636266
Authority key identifier: E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/S5tOJLlP_fO4AuDKQ8_gge5ko6o.roa
Signing time: Thu 23 Oct 2025 17:36:03 +0000
ROA not before: Thu 23 Oct 2025 17:36:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213671
IP address blocks: 81.2.136.0/22 maxlen: 24
81.2.140.0/23 maxlen: 24
82.129.8.0/24 maxlen: 24
213.146.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:12:24:59:42:f2:76:0b:9b:cc:80:ce:0a:84:63:62:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e58024b729d99f05133ec6d14390c73eb36db99e
Validity
Not Before: Oct 23 17:36:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b9b4e24b94ffdf3b802e0ca43cfe081ee64a3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:45:83:56:4a:6c:29:43:78:51:94:32:55:35:
eb:dd:03:fe:2f:ba:ab:a7:42:72:54:90:d8:2a:33:
ff:cd:a3:ed:97:16:cb:07:0f:e8:02:21:24:01:3b:
80:a8:99:c7:79:9e:fc:59:19:b6:88:d0:ff:ef:6f:
d7:55:e1:e3:86:89:b2:4a:84:81:29:9e:7e:f4:50:
d7:4a:56:b4:ba:8b:b6:91:20:47:ea:95:f0:c1:48:
7e:0c:d9:1c:be:2d:6c:64:db:83:71:ec:b3:96:c1:
7d:48:23:34:91:0a:9a:02:f0:20:74:78:c3:68:a7:
78:c3:f9:c4:75:ff:29:2c:7e:8d:5c:1c:70:e6:3a:
c8:14:1a:aa:74:28:b7:ee:bd:36:ee:6f:58:67:fd:
71:8c:f8:f8:26:1a:68:20:59:c0:b9:a9:66:d0:10:
7e:ec:b7:31:81:d4:52:53:5b:b1:a8:e0:d5:d5:24:
c3:58:39:22:ba:c8:18:7e:92:50:00:58:f6:64:30:
da:80:c4:95:d2:bc:e1:f3:b2:22:55:59:d3:ec:bf:
e6:e5:32:25:c0:55:bd:ac:c5:b0:e9:52:44:de:16:
f6:74:2e:0e:d6:ff:cb:7f:3c:17:99:d1:68:c6:b2:
2d:7a:91:29:bf:0a:44:57:8d:3c:76:ea:0e:e5:a4:
7d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9B:4E:24:B9:4F:FD:F3:B8:02:E0:CA:43:CF:E0:81:EE:64:A3:AA
X509v3 Authority Key Identifier:
keyid:E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/S5tOJLlP_fO4AuDKQ8_gge5ko6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.2.136.0-81.2.141.255
82.129.8.0/24
213.146.161.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:60:72:24:5e:b9:02:a4:86:a9:fa:3b:46:42:fa:2f:6d:6b:
7c:d4:ac:b9:8b:b9:8f:b8:8d:54:11:3f:c8:13:06:5e:b4:52:
b6:ab:70:1d:d7:8d:e6:99:33:2d:1d:a9:80:0d:38:96:de:f3:
6f:ed:a7:02:1a:08:9e:e7:6d:7d:eb:3d:75:39:f7:24:a3:bc:
6d:8d:8b:cf:e1:4d:40:f1:9c:3f:22:c3:c5:54:69:72:60:bd:
c3:55:60:52:81:0c:8f:3a:59:25:d7:1f:e3:86:53:63:64:d5:
5b:a7:1b:1a:2e:98:c9:71:06:1d:be:10:17:15:0d:44:d5:2e:
35:df:a0:8d:37:a9:e4:b2:af:12:47:bc:67:23:47:d0:04:4b:
1c:4c:ab:f6:88:4d:7f:4c:03:34:ae:17:d9:ce:0f:23:2a:32:
b5:96:b9:b0:79:12:31:a5:02:b3:f4:df:79:8f:1f:8c:4c:96:
cf:6b:1b:5c:93:3e:8f:ec:9c:39:fa:92:71:3e:45:99:ab:88:
fa:4b:fd:80:00:b6:6e:91:42:b4:d1:8d:7e:67:3e:a6:59:58:
8c:d6:40:bf:82:f4:51:4d:d9:5f:a8:78:01:68:6e:37:20:d8:
54:5b:b5:88:17:7d:83:0e:e0:90:14:19:e6:b7:f5:ca:b1:45:
d9:be:69:38
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZoSJFlC8nYLm8yAzgqEY2JmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODAyNGI3MjlkOTlmMDUxMzNlYzZkMTQzOTBjNzNlYjM2
ZGI5OWUwHhcNMjUxMDIzMTczNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjliNGUyNGI5NGZmZGYzYjgwMmUwY2E0M2NmZTA4MWVlNjRhM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0WDVkpsKUN4UZQyVTXr3QP+L7qr
p0JyVJDYKjP/zaPtlxbLBw/oAiEkATuAqJnHeZ78WRm2iND/72/XVeHjhomySoSB
KZ5+9FDXSla0uou2kSBH6pXwwUh+DNkcvi1sZNuDceyzlsF9SCM0kQqaAvAgdHjD
aKd4w/nEdf8pLH6NXBxw5jrIFBqqdCi37r027m9YZ/1xjPj4JhpoIFnAualm0BB+
7LcxgdRSU1uxqODV1STDWDkiusgYfpJQAFj2ZDDagMSV0rzh87IiVVnT7L/m5TIl
wFW9rMWw6VJE3hb2dC4O1v/LfzwXmdFoxrItepEpvwpEV408duoO5aR9lQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEubTiS5T/3zuALgykPP4IHuZKOqMB8GA1UdIwQY
MBaAFOWAJLcp2Z8FEz7G0UOQxz6zbbmeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQt
OTU2ZjZiNWM2MTcwLzEvUzV0T0pMbFBfZk80QXVES1E4X2dnZTVrbzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQtOTU2ZjZiNWM2MTcw
LzEvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBANRAogD
BAFRAowDBABSgQgDBADVkqEwDQYJKoZIhvcNAQELBQADggEBAI9gciReuQKkhqn6
O0ZC+i9ta3zUrLmLuY+4jVQRP8gTBl60UrarcB3XjeaZMy0dqYANOJbe82/tpwIa
CJ7nbX3rPXU59ySjvG2Ni8/hTUDxnD8iw8VUaXJgvcNVYFKBDI86WSXXH+OGU2Nk
1VunGxoumMlxBh2+EBcVDUTVLjXfoI03qeSyrxJHvGcjR9AESxxMq/aITX9MAzSu
F9nODyMqMrWWubB5EjGlArP033mPH4xMls9rG1yTPo/snDn6knE+RZmriPpL/YAA
tm6RQrTRjX5nPqZZWIzWQL+C9FFN2V+oeAFobjcg2FRbtYgXfYMO4JAUGea39cqx
Rdm+aTg=
-----END CERTIFICATE-----
Generated at Sun Oct 26 00:00:51 2025 by rpki-client