Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7ee442-0ed5-4303-96bd-410b9966e205/1/249HxpirTi_osbw5WvlBrcgIzks.roa
File: 249HxpirTi_osbw5WvlBrcgIzks.roa (raw, json)
Hash identifier: yk0Ki2ByYsC3iFN0F5s91hPx79cwtd3H/FikkHXhlh8=
Subject key identifier: DB:8F:47:C6:98:AB:4E:2F:E8:B1:BC:39:5A:F9:41:AD:C8:08:CE:4B
Certificate issuer: /CN=0fd1d0cc53219b6fe681e189e5e93d6357736ccf
Certificate serial: 0199C8E6E096E62995583D1B43940D4C1428
Authority key identifier: 0F:D1:D0:CC:53:21:9B:6F:E6:81:E1:89:E5:E9:3D:63:57:73:6C:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D9HQzFMhm2_mgeGJ5ek9Y1dzbM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7ee442-0ed5-4303-96bd-410b9966e205/1/249HxpirTi_osbw5WvlBrcgIzks.roa
Signing time: Thu 09 Oct 2025 12:16:37 +0000
ROA not before: Thu 09 Oct 2025 12:16:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214554
IP address blocks: 194.55.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/7ee442-0ed5-4303-96bd-410b9966e205/1/D9HQzFMhm2_mgeGJ5ek9Y1dzbM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/7ee442-0ed5-4303-96bd-410b9966e205/1/D9HQzFMhm2_mgeGJ5ek9Y1dzbM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/D9HQzFMhm2_mgeGJ5ek9Y1dzbM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:e6:e0:96:e6:29:95:58:3d:1b:43:94:0d:4c:14:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fd1d0cc53219b6fe681e189e5e93d6357736ccf
Validity
Not Before: Oct 9 12:16:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db8f47c698ab4e2fe8b1bc395af941adc808ce4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:51:ae:c9:cb:32:44:fa:fb:0b:48:b2:e5:e8:
06:cb:f6:7f:f9:ea:aa:6a:df:84:b4:f1:8f:81:8f:
08:de:04:47:fb:f2:3b:f0:c6:17:c6:d0:30:47:6d:
09:44:58:4b:1b:8d:d3:e7:4e:ea:17:5e:6a:50:a9:
a3:2a:ac:90:da:22:81:0c:5d:01:e4:1e:f4:53:e4:
76:f3:4c:9f:cb:1e:c1:f8:bb:34:06:a0:76:94:96:
78:5b:9f:54:ad:e8:2c:af:be:8c:96:37:2b:2f:b0:
9b:42:0c:d9:bd:47:71:93:85:f0:87:7b:92:08:8f:
4b:31:d9:e1:1c:a3:9a:e3:9e:bf:79:9d:27:ff:a6:
b8:ff:c2:77:c8:8a:43:df:e8:86:66:75:38:d5:bf:
ef:27:ef:16:52:62:fa:e1:80:00:ae:0d:d2:39:71:
d1:45:9a:97:76:5b:66:6b:1d:31:87:29:36:3f:4d:
15:30:4f:ed:c1:21:f6:cf:fd:11:ac:a2:97:da:dd:
01:b9:42:ce:3f:3a:74:f1:b9:33:35:0e:5d:a6:61:
96:ba:d7:ea:e9:2e:e5:2c:78:74:c5:7a:96:c9:4b:
42:c8:6b:f3:34:ff:e7:fc:5c:ca:1c:86:67:84:d7:
72:b7:af:68:f6:ed:6e:bd:5d:d0:de:ed:0b:cb:37:
76:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8F:47:C6:98:AB:4E:2F:E8:B1:BC:39:5A:F9:41:AD:C8:08:CE:4B
X509v3 Authority Key Identifier:
keyid:0F:D1:D0:CC:53:21:9B:6F:E6:81:E1:89:E5:E9:3D:63:57:73:6C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D9HQzFMhm2_mgeGJ5ek9Y1dzbM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7ee442-0ed5-4303-96bd-410b9966e205/1/249HxpirTi_osbw5WvlBrcgIzks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7ee442-0ed5-4303-96bd-410b9966e205/1/D9HQzFMhm2_mgeGJ5ek9Y1dzbM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.86.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:e3:f1:e3:5d:98:f5:cf:63:b5:02:ba:54:62:9d:de:c3:a3:
21:4f:5e:81:74:9b:51:42:8c:42:b8:be:f0:e7:15:76:80:d2:
23:7a:dc:94:ae:fa:8d:21:05:36:92:a0:72:5d:fb:4c:e9:85:
94:7c:d5:8c:2a:81:4c:f7:58:01:29:07:d9:ee:56:9a:46:1e:
f1:d3:99:2d:4c:7c:43:c6:b4:77:c6:bc:e2:dd:9d:fb:36:96:
4e:22:bd:d2:31:ab:d5:a2:86:9a:37:97:f9:c8:3e:df:57:41:
63:6c:69:37:5e:2d:2d:4c:d6:e5:b4:d9:a4:2d:cf:35:55:f8:
af:c4:be:0e:8c:92:a1:7e:3b:cf:8f:93:fb:fb:29:67:15:08:
61:a5:f2:76:d4:34:4e:4d:c5:fd:57:28:bb:2f:a3:d3:48:be:
c9:73:ce:4f:9e:55:37:44:12:f6:ed:d1:f1:7e:e1:b1:5b:15:
06:b1:ea:7d:9d:e1:27:15:56:60:9a:bf:61:aa:57:10:16:a2:
28:88:1d:60:25:2d:36:ed:eb:d6:c6:1f:24:dc:96:12:bb:17:
17:b7:78:11:94:ab:6b:c3:61:84:79:6b:70:b8:71:7f:1d:f5:
97:b2:bc:37:ff:91:50:0b:90:d5:f9:76:3f:82:3f:d7:04:09:
d0:9b:f8:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnI5uCW5imVWD0bQ5QNTBQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZDFkMGNjNTMyMTliNmZlNjgxZTE4OWU1ZTkzZDYzNTc3
MzZjY2YwHhcNMjUxMDA5MTIxNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjhmNDdjNjk4YWI0ZTJmZThiMWJjMzk1YWY5NDFhZGM4MDhjZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklGuycsyRPr7C0iy5egGy/Z/+eqq
at+EtPGPgY8I3gRH+/I78MYXxtAwR20JRFhLG43T507qF15qUKmjKqyQ2iKBDF0B
5B70U+R280yfyx7B+Ls0BqB2lJZ4W59Uregsr76MljcrL7CbQgzZvUdxk4Xwh3uS
CI9LMdnhHKOa456/eZ0n/6a4/8J3yIpD3+iGZnU41b/vJ+8WUmL64YAArg3SOXHR
RZqXdltmax0xhyk2P00VME/twSH2z/0RrKKX2t0BuULOPzp08bkzNQ5dpmGWutfq
6S7lLHh0xXqWyUtCyGvzNP/n/FzKHIZnhNdyt69o9u1uvV3Q3u0Lyzd2hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuPR8aYq04v6LG8OVr5Qa3ICM5LMB8GA1UdIwQY
MBaAFA/R0MxTIZtv5oHhieXpPWNXc2zPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDlIUXpGTWhtMl9tZ2VHSjVlazlZMWR6Yk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZWU0NDItMGVkNS00MzAzLTk2YmQt
NDEwYjk5NjZlMjA1LzEvMjQ5SHhwaXJUaV9vc2J3NVd2bEJyY2dJemtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZWU0NDItMGVkNS00MzAzLTk2YmQtNDEwYjk5NjZlMjA1
LzEvRDlIUXpGTWhtMl9tZ2VHSjVlazlZMWR6Yk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjdWMA0G
CSqGSIb3DQEBCwUAA4IBAQBL4/HjXZj1z2O1ArpUYp3ew6MhT16BdJtRQoxCuL7w
5xV2gNIjetyUrvqNIQU2kqByXftM6YWUfNWMKoFM91gBKQfZ7laaRh7x05ktTHxD
xrR3xrzi3Z37NpZOIr3SMavVooaaN5f5yD7fV0FjbGk3Xi0tTNbltNmkLc81Vfiv
xL4OjJKhfjvPj5P7+ylnFQhhpfJ21DROTcX9Vyi7L6PTSL7Jc85PnlU3RBL27dHx
fuGxWxUGsep9neEnFVZgmr9hqlcQFqIoiB1gJS027evWxh8k3JYSuxcXt3gRlKtr
w2GEeWtwuHF/HfWXsrw3/5FQC5DV+XY/gj/XBAnQm/hA
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:08:59 2025 by rpki-client