Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/f9MGnlddFQ2IMf-Uoo2fTYxJ_co.roa
File: f9MGnlddFQ2IMf-Uoo2fTYxJ_co.roa (raw, json)
Hash identifier: kPIpbLqEj4dHSmVPx7WOIcV4CWQtCce8UvwQXn1AUT0=
Subject key identifier: 7F:D3:06:9E:57:5D:15:0D:88:31:FF:94:A2:8D:9F:4D:8C:49:FD:CA
Certificate issuer: /CN=869c0e737df482e89aa6726cdd8a9958aa74111e
Certificate serial: 01978C69E395F30E83AC0ED992F16600EB13
Authority key identifier: 86:9C:0E:73:7D:F4:82:E8:9A:A6:72:6C:DD:8A:99:58:AA:74:11:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpwOc330guiapnJs3YqZWKp0ER4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/f9MGnlddFQ2IMf-Uoo2fTYxJ_co.roa
Signing time: Fri 20 Jun 2025 08:17:19 +0000
ROA not before: Fri 20 Jun 2025 08:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13030
IP address blocks: 192.135.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/hpwOc330guiapnJs3YqZWKp0ER4.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/hpwOc330guiapnJs3YqZWKp0ER4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpwOc330guiapnJs3YqZWKp0ER4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:69:e3:95:f3:0e:83:ac:0e:d9:92:f1:66:00:eb:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869c0e737df482e89aa6726cdd8a9958aa74111e
Validity
Not Before: Jun 20 08:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fd3069e575d150d8831ff94a28d9f4d8c49fdca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3c:3b:55:c5:cf:9c:75:e2:94:a6:20:e5:26:
49:08:2f:53:00:c9:1f:45:9a:f7:09:6c:54:55:3e:
13:1a:0c:22:6b:c0:68:a3:e0:cb:d9:6d:6b:4c:59:
91:47:36:3d:12:ca:d6:f2:a8:a6:06:b0:10:dd:f5:
20:cb:39:fb:bd:16:a0:c4:e2:8c:02:d7:4f:11:3e:
3b:4a:41:03:38:ce:73:a5:b5:d1:1a:35:1a:96:29:
80:d9:81:74:cd:c2:b1:43:ef:b7:3e:ef:ba:d3:2f:
b2:b0:2d:ad:83:a3:06:e2:98:b3:53:2a:4b:e5:44:
eb:33:aa:86:11:6d:24:c2:aa:06:93:d8:8c:7f:85:
47:4b:6c:04:64:55:52:ac:48:3b:7c:bb:74:22:7e:
80:bf:17:bf:ae:83:9e:11:eb:6e:94:b6:1d:68:04:
6c:a6:d8:df:77:63:52:d3:c7:ad:7d:aa:19:1b:69:
6a:2e:b5:28:a6:c5:77:c4:f7:47:d5:31:1f:ad:94:
b2:ab:1e:cc:5f:9c:e0:83:76:8e:0c:ab:03:3e:a7:
88:15:91:45:79:69:73:20:ef:d9:3a:11:fe:1d:b0:
50:fa:c6:2c:34:13:b0:b0:cd:f0:73:83:e1:16:ce:
11:06:90:34:38:f9:50:f4:fe:d0:de:ec:3a:77:c4:
3d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D3:06:9E:57:5D:15:0D:88:31:FF:94:A2:8D:9F:4D:8C:49:FD:CA
X509v3 Authority Key Identifier:
keyid:86:9C:0E:73:7D:F4:82:E8:9A:A6:72:6C:DD:8A:99:58:AA:74:11:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpwOc330guiapnJs3YqZWKp0ER4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/f9MGnlddFQ2IMf-Uoo2fTYxJ_co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/hpwOc330guiapnJs3YqZWKp0ER4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.135.217.0/24
Signature Algorithm: sha256WithRSAEncryption
90:f3:69:ff:3e:52:2d:00:d3:7f:01:bd:cc:8c:c4:cb:5e:64:
10:d0:3a:9f:60:15:ae:43:89:54:5b:94:43:71:3d:bc:22:4d:
96:3f:fc:2a:72:95:06:e1:db:14:47:92:f3:bd:f0:32:3b:17:
b8:9d:e5:05:78:69:a9:8e:25:d5:1a:70:13:24:af:ab:c4:bd:
21:fb:42:a7:c7:17:18:f1:67:ea:d2:c7:f2:55:44:1c:f8:e3:
d5:a4:03:2f:f2:ea:06:f3:99:ff:10:e4:c3:7c:60:d5:8f:41:
3a:8f:68:fb:09:76:6e:33:43:e8:06:c3:07:a7:22:f1:67:c8:
99:2f:42:77:72:07:c0:8c:39:7a:b6:96:4c:44:b5:10:6e:6a:
25:06:93:b6:0d:da:20:3f:e0:98:3b:8e:5f:b6:2b:8d:c8:53:
d7:de:a1:f0:d1:56:b6:e2:7e:38:17:2e:37:76:84:dc:33:25:
cc:1f:0c:60:37:08:8a:32:52:1f:5c:d5:79:36:4d:38:f6:2c:
64:1e:09:18:da:69:4c:87:ec:0a:1d:8d:62:c5:5c:c2:2d:c6:
a5:19:5c:e7:a3:78:54:5b:f2:5a:bc:13:bd:c0:54:0f:f4:d0:
40:7b:90:37:c0:cc:2d:cb:56:b0:52:79:8f:ba:4d:d3:0f:b9:
f6:25:0a:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeMaeOV8w6DrA7ZkvFmAOsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWMwZTczN2RmNDgyZTg5YWE2NzI2Y2RkOGE5OTU4YWE3
NDExMWUwHhcNMjUwNjIwMDgxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQzMDY5ZTU3NWQxNTBkODgzMWZmOTRhMjhkOWY0ZDhjNDlmZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjw7VcXPnHXilKYg5SZJCC9TAMkf
RZr3CWxUVT4TGgwia8Boo+DL2W1rTFmRRzY9EsrW8qimBrAQ3fUgyzn7vRagxOKM
AtdPET47SkEDOM5zpbXRGjUalimA2YF0zcKxQ++3Pu+60y+ysC2tg6MG4pizUypL
5UTrM6qGEW0kwqoGk9iMf4VHS2wEZFVSrEg7fLt0In6Avxe/roOeEetulLYdaARs
ptjfd2NS08etfaoZG2lqLrUopsV3xPdH1TEfrZSyqx7MX5zgg3aODKsDPqeIFZFF
eWlzIO/ZOhH+HbBQ+sYsNBOwsM3wc4PhFs4RBpA0OPlQ9P7Q3uw6d8Q9iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/TBp5XXRUNiDH/lKKNn02MSf3KMB8GA1UdIwQY
MBaAFIacDnN99ILomqZybN2KmViqdBEeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHB3T2MzMzBndWlhcG5KczNZcVpXS3AwRVI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNzk4MGItY2VmOC00YjUzLWEwMzEt
YzVlMGZhY2E0YTVlLzEvZjlNR25sZGRGUTJJTWYtVW9vMmZUWXhKX2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNzk4MGItY2VmOC00YjUzLWEwMzEtYzVlMGZhY2E0YTVl
LzEvaHB3T2MzMzBndWlhcG5KczNZcVpXS3AwRVI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwIfZMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ82n/PlItANN/Ab3MjMTLXmQQ0DqfYBWuQ4lUW5RD
cT28Ik2WP/wqcpUG4dsUR5LzvfAyOxe4neUFeGmpjiXVGnATJK+rxL0h+0KnxxcY
8Wfq0sfyVUQc+OPVpAMv8uoG85n/EOTDfGDVj0E6j2j7CXZuM0PoBsMHpyLxZ8iZ
L0J3cgfAjDl6tpZMRLUQbmolBpO2DdogP+CYO45ftiuNyFPX3qHw0Va24n44Fy43
doTcMyXMHwxgNwiKMlIfXNV5Nk049ixkHgkY2mlMh+wKHY1ixVzCLcalGVzno3hU
W/JavBO9wFQP9NBAe5A3wMwty1awUnmPuk3TD7n2JQrt
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:17:43 2025 by rpki-client