
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9Mh7v1Z5JBGY0lRthuDaNZcOhWA.roa
File: 9Mh7v1Z5JBGY0lRthuDaNZcOhWA.roa (raw, json)
Hash identifier: +u1dOqVLLfzO8roOkXoJfWKMLHBo21wiCSY54xcpEUA=
Subject key identifier: F4:C8:7B:BF:56:79:24:11:98:D2:54:6D:86:E0:DA:35:97:0E:85:60
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0199C13768CD8FEBDEA9445273BFC9031463
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9Mh7v1Z5JBGY0lRthuDaNZcOhWA.roa
Signing time: Wed 08 Oct 2025 00:27:38 +0000
ROA not before: Wed 08 Oct 2025 00:27:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20860
IP address blocks: 91.246.49.0/24 maxlen: 24
91.247.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c1:37:68:cd:8f:eb:de:a9:44:52:73:bf:c9:03:14:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 8 00:27:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4c87bbf5679241198d2546d86e0da35970e8560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e1:ef:ba:4c:79:8c:c1:b7:4f:99:2c:4a:e8:
4e:a7:48:d9:fe:ec:4e:4b:80:c1:70:02:d2:e7:df:
ab:8d:1e:c9:38:48:36:46:9d:2e:c0:0f:fe:c7:0b:
5d:d5:a0:d6:02:8a:ec:06:df:b0:a8:8e:0e:e2:cb:
2f:c2:55:09:9d:d6:9f:2f:63:c6:10:e5:9f:32:68:
9c:2d:fb:9f:ac:bc:50:54:a7:47:0a:99:fc:d5:05:
a7:ee:b6:18:3c:c5:9e:96:48:11:64:47:c8:ef:a6:
e0:f1:98:3d:f1:78:25:2c:fd:9e:38:28:05:47:7b:
a4:33:61:93:bc:c0:c9:89:78:e6:fd:00:f5:ed:6a:
49:27:e5:fb:ea:56:d5:94:24:bd:ed:57:9f:c0:a2:
74:73:e3:6c:a2:a4:fc:12:92:b5:a0:2d:94:b8:4e:
a7:4e:bc:9c:5a:6f:46:52:22:db:2f:e5:86:54:cd:
5b:67:4c:ff:91:13:be:a6:5a:c4:24:c4:2d:03:af:
d4:2d:b5:00:d0:d6:c0:9e:48:0c:e9:3b:57:da:8e:
4b:39:31:34:4f:54:eb:33:62:1f:be:4e:6a:65:85:
a0:b4:89:1f:4a:44:bb:8d:91:b8:74:b2:d9:8d:17:
c1:eb:84:6a:e9:18:f2:7b:ef:04:62:c1:5c:dd:0b:
fa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C8:7B:BF:56:79:24:11:98:D2:54:6D:86:E0:DA:35:97:0E:85:60
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9Mh7v1Z5JBGY0lRthuDaNZcOhWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.49.0/24
91.247.177.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:2c:a1:1b:bc:79:a4:f3:a9:47:1e:b4:87:c9:89:5d:29:78:
56:60:58:a8:35:6d:c8:2c:63:e5:22:f6:83:78:16:36:fe:e9:
63:3c:cb:c7:97:a3:32:99:cd:ce:18:b7:7c:b9:78:15:d2:2b:
4d:d9:a3:55:58:67:3c:74:52:bb:c9:44:68:bf:90:e7:97:66:
11:58:16:8e:fb:ca:f6:cf:ac:f4:55:8f:89:91:82:18:6b:ea:
f6:f6:9d:8f:62:ab:33:a8:0d:ae:5f:54:5f:ee:8f:88:9b:07:
20:9f:ba:9a:8e:36:b1:a5:a3:30:bf:39:87:99:1f:77:c3:64:
e7:7c:af:86:21:52:28:72:2d:8b:36:3b:2b:a0:85:03:72:60:
70:e2:4a:a1:5c:2b:f4:fc:d9:a0:90:e9:cd:c4:ed:fc:40:97:
b1:51:18:c7:38:67:76:d8:2d:9f:7f:42:38:a9:c7:82:e4:85:
52:c6:5d:1d:8b:f2:e8:92:93:12:af:93:b4:90:4d:d5:f8:06:
14:55:c8:96:33:2f:11:7f:67:d9:1c:a2:62:f8:83:a2:16:17:
d8:e4:be:41:4e:5f:8d:02:be:06:9c:58:ad:0e:f4:08:32:25:
99:5f:64:5a:fc:7e:87:08:a9:7c:52:bb:ba:79:e9:e9:27:1c:
83:cf:43:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZnBN2jNj+veqURSc7/JAxRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUxMDA4MDAyNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM4N2JiZjU2NzkyNDExOThkMjU0NmQ4NmUwZGEzNTk3MGU4NTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+Hvukx5jMG3T5ksSuhOp0jZ/uxO
S4DBcALS59+rjR7JOEg2Rp0uwA/+xwtd1aDWAorsBt+wqI4O4ssvwlUJndafL2PG
EOWfMmicLfufrLxQVKdHCpn81QWn7rYYPMWelkgRZEfI76bg8Zg98XglLP2eOCgF
R3ukM2GTvMDJiXjm/QD17WpJJ+X76lbVlCS97VefwKJ0c+NsoqT8EpK1oC2UuE6n
TrycWm9GUiLbL+WGVM1bZ0z/kRO+plrEJMQtA6/ULbUA0NbAnkgM6TtX2o5LOTE0
T1TrM2Ifvk5qZYWgtIkfSkS7jZG4dLLZjRfB64Rq6Rjye+8EYsFc3Qv6twIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPTIe79WeSQRmNJUbYbg2jWXDoVgMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvOU1oN3YxWjVKQkdZMGxSdGh1RGFOWmNPaFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/YxAwQA
W/exMA0GCSqGSIb3DQEBCwUAA4IBAQBKLKEbvHmk86lHHrSHyYldKXhWYFioNW3I
LGPlIvaDeBY2/uljPMvHl6Mymc3OGLd8uXgV0itN2aNVWGc8dFK7yURov5Dnl2YR
WBaO+8r2z6z0VY+JkYIYa+r29p2PYqszqA2uX1Rf7o+Imwcgn7qajjaxpaMwvzmH
mR93w2TnfK+GIVIoci2LNjsroIUDcmBw4kqhXCv0/NmgkOnNxO38QJexURjHOGd2
2C2ff0I4qceC5IVSxl0di/LokpMSr5O0kE3V+AYUVciWMy8Rf2fZHKJi+IOiFhfY
5L5BTl+NAr4GnFitDvQIMiWZX2Ra/H6HCKl8Uru6eenpJxyDz0ON
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:13 2025 by rpki-client