Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/D5MvDrzK0eKeBhQPT5E-qcyDegE.roa
File: D5MvDrzK0eKeBhQPT5E-qcyDegE.roa (raw, json)
Hash identifier: ZZ3rGXDkZjhVdVSt+mJABSAAxbotcysbVgd0Yw1KZd4=
Subject key identifier: 0F:93:2F:0E:BC:CA:D1:E2:9E:06:14:0F:4F:91:3E:A9:CC:83:7A:01
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0198A46FC34162C23D5CFF334145F26DEECE
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/D5MvDrzK0eKeBhQPT5E-qcyDegE.roa
Signing time: Wed 13 Aug 2025 17:17:24 +0000
ROA not before: Wed 13 Aug 2025 17:17:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401838
IP address blocks: 89.187.9.0/24 maxlen: 24
89.187.24.0/24 maxlen: 24
89.187.26.0/24 maxlen: 24
89.187.27.0/24 maxlen: 24
89.187.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a4:6f:c3:41:62:c2:3d:5c:ff:33:41:45:f2:6d:ee:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Aug 13 17:17:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f932f0ebccad1e29e06140f4f913ea9cc837a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:58:70:00:64:7c:e5:99:ec:05:e6:39:f5:7e:
36:cc:47:28:9c:64:7f:b8:52:95:91:dd:61:5d:0b:
26:9c:43:58:38:38:0e:fb:6b:2a:b0:0f:22:cb:35:
7e:57:cc:11:cb:40:46:ac:b0:55:00:d0:0b:9c:43:
f0:e8:db:ae:de:29:1e:c8:69:98:ce:91:13:04:ee:
ae:b2:12:7b:07:2b:06:0f:fd:c8:6b:51:e7:93:0b:
56:14:e0:2b:25:18:b6:33:4a:6a:e5:96:5b:8f:fc:
c5:76:b0:51:76:91:c0:fe:1a:7f:0a:08:46:22:6b:
45:4b:5b:51:73:e4:12:06:77:74:f6:d7:f3:60:11:
db:88:89:9e:9d:de:42:33:3c:5c:60:c1:05:c5:bb:
d4:5f:51:e7:0c:fd:ee:4b:95:1f:1a:ea:ad:05:c3:
26:be:66:02:e6:04:e9:a1:bd:26:c7:94:9f:35:16:
ed:bc:1c:bc:7b:e8:26:50:d5:9e:ff:fb:78:cc:ad:
76:65:78:28:dc:89:26:d7:e2:c8:5b:ac:d2:de:e2:
08:a6:a8:b8:bc:cf:5f:69:24:1b:59:df:8e:f0:4e:
33:29:a4:73:54:95:68:58:9a:82:33:28:b9:b3:99:
68:a6:e2:c1:09:1f:f6:7f:5a:ef:3b:b0:dd:af:2a:
de:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:93:2F:0E:BC:CA:D1:E2:9E:06:14:0F:4F:91:3E:A9:CC:83:7A:01
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/D5MvDrzK0eKeBhQPT5E-qcyDegE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.9.0/24
89.187.24.0/24
89.187.26.0/23
89.187.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:49:c6:18:06:bf:cb:d7:29:cb:7a:22:08:7c:16:73:86:45:
70:84:35:9a:ee:00:f9:40:39:86:c9:01:93:29:e9:4e:99:2b:
d5:d6:ff:88:5a:4a:79:b8:dd:86:f4:66:16:e2:5b:ce:77:0a:
9c:70:59:cf:c4:2e:11:f6:ea:ea:f5:44:e1:40:35:1f:f3:4a:
04:1c:52:cd:fa:98:83:a7:af:0a:1b:d1:b5:40:97:9c:98:eb:
f4:1e:8b:2a:13:08:12:0e:31:66:41:a9:1c:eb:ac:98:6d:5a:
96:55:e2:17:ff:d2:f2:3a:a7:4e:d5:c1:d9:8c:47:5b:39:4b:
1e:af:fa:a7:9b:73:11:a2:7a:a8:e6:d5:84:72:08:c0:90:8c:
b3:dd:78:ab:cf:44:71:2d:5f:af:be:d2:e0:22:1e:31:41:1b:
6a:f6:ec:95:fc:3c:e4:89:20:ec:52:ea:9b:f3:cc:65:48:02:
bf:2d:10:2e:6a:bd:c4:27:12:22:06:c5:0f:11:47:25:46:d2:
be:b5:43:af:32:d4:62:f1:19:4d:91:9f:4b:2d:54:80:09:25:
2f:75:62:b6:c9:11:d2:8f:80:34:8a:ea:8a:a8:24:31:67:ad:
38:bd:ef:37:57:38:b6:30:68:d6:1f:c0:11:28:61:11:66:2e:
af:c5:6b:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZikb8NBYsI9XP8zQUXybe7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjUwODEzMTcxNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjkzMmYwZWJjY2FkMWUyOWUwNjE0MGY0ZjkxM2VhOWNjODM3YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1hwAGR85ZnsBeY59X42zEconGR/
uFKVkd1hXQsmnENYODgO+2sqsA8iyzV+V8wRy0BGrLBVANALnEPw6Nuu3ikeyGmY
zpETBO6ushJ7BysGD/3Ia1HnkwtWFOArJRi2M0pq5ZZbj/zFdrBRdpHA/hp/CghG
ImtFS1tRc+QSBnd09tfzYBHbiImend5CMzxcYMEFxbvUX1HnDP3uS5UfGuqtBcMm
vmYC5gTpob0mx5SfNRbtvBy8e+gmUNWe//t4zK12ZXgo3Ikm1+LIW6zS3uIIpqi4
vM9faSQbWd+O8E4zKaRzVJVoWJqCMyi5s5lopuLBCR/2f1rvO7DdryrecQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA+TLw68ytHingYUD0+RPqnMg3oBMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvRDVNdkRyekswZUtlQmhRUFQ1RS1xY3lEZWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWbsJAwQA
WbsYAwQBWbsaAwQAWbsfMA0GCSqGSIb3DQEBCwUAA4IBAQAKScYYBr/L1ynLeiII
fBZzhkVwhDWa7gD5QDmGyQGTKelOmSvV1v+IWkp5uN2G9GYW4lvOdwqccFnPxC4R
9urq9UThQDUf80oEHFLN+piDp68KG9G1QJecmOv0HosqEwgSDjFmQakc66yYbVqW
VeIX/9LyOqdO1cHZjEdbOUser/qnm3MRonqo5tWEcgjAkIyz3Xirz0RxLV+vvtLg
Ih4xQRtq9uyV/DzkiSDsUuqb88xlSAK/LRAuar3EJxIiBsUPEUclRtK+tUOvMtRi
8RlNkZ9LLVSACSUvdWK2yRHSj4A0iuqKqCQxZ604ve83Vzi2MGjWH8ARKGERZi6v
xWvW
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:04:30 2025 by rpki-client