Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/9p-IzvmGjhkwx_53U1cp4ca1edc.roa
File: 9p-IzvmGjhkwx_53U1cp4ca1edc.roa (raw, json)
Hash identifier: JvpWSXkuArwSHg+MuvCHLJG25RIozJ6/xQa40mNhYHs=
Subject key identifier: F6:9F:88:CE:F9:86:8E:19:30:C7:FE:77:53:57:29:E1:C6:B5:79:D7
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 0198A38822A5C98443D251997A5CD35F20EB
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/9p-IzvmGjhkwx_53U1cp4ca1edc.roa
Signing time: Wed 13 Aug 2025 13:04:24 +0000
ROA not before: Wed 13 Aug 2025 13:04:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29512
IP address blocks: 79.110.0.0/20 maxlen: 24
94.231.224.0/20 maxlen: 24
94.231.239.0/24 maxlen: 24
195.140.236.0/22 maxlen: 24
2a00:fbc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:88:22:a5:c9:84:43:d2:51:99:7a:5c:d3:5f:20:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Aug 13 13:04:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f69f88cef9868e1930c7fe77535729e1c6b579d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f2:72:eb:c5:9f:3f:8a:55:71:72:74:0c:60:
af:49:89:be:ad:a2:fc:20:8b:b8:8e:ab:66:bd:d3:
27:22:76:20:55:fa:46:4f:31:e3:95:8d:b2:36:c8:
bf:d8:85:dc:5c:47:1a:48:72:d7:17:00:f9:26:34:
7d:cb:75:5b:94:3e:a8:3e:9b:5c:bc:a8:76:8d:8b:
6b:fc:6a:98:07:26:84:da:81:a4:b3:9f:93:d2:0e:
5a:66:97:25:56:64:89:9a:a5:29:93:35:14:f2:8b:
a4:e6:92:31:10:c0:06:c1:84:93:fd:35:3f:57:d6:
70:4f:a0:1c:ce:bf:19:30:08:d1:7e:ef:44:c0:ff:
64:9f:c6:b7:3c:9a:b9:68:5f:a7:43:35:a7:85:02:
a1:1d:2e:24:f0:35:9a:a7:f3:4f:12:53:07:81:46:
76:7b:fd:b2:17:a3:ee:e7:71:29:f6:65:0c:0a:c1:
bf:06:18:4b:dd:10:0a:db:79:ef:66:03:78:ca:45:
4c:35:e0:eb:14:7f:bc:f7:85:fb:a4:a5:b4:08:39:
9f:1e:c1:e9:90:d8:dc:53:1b:13:73:ab:6f:a0:af:
bb:f8:3e:a5:2a:4f:9c:3e:27:fd:cf:a9:76:51:f4:
1a:6b:a7:6b:05:30:4b:98:2d:61:6e:25:67:6d:eb:
33:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:9F:88:CE:F9:86:8E:19:30:C7:FE:77:53:57:29:E1:C6:B5:79:D7
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/9p-IzvmGjhkwx_53U1cp4ca1edc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.0.0/20
94.231.224.0/20
195.140.236.0/22
IPv6:
2a00:fbc0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:78:8e:7a:bb:8a:bf:84:45:74:80:c3:2e:32:a1:78:77:83:
ba:2e:28:68:48:70:97:47:37:63:1d:98:6a:82:75:46:4a:72:
8e:06:92:85:0e:0d:0d:b2:e7:4c:aa:72:90:94:bd:5c:3e:43:
81:46:e1:c6:45:49:1c:d2:d2:3d:c5:a5:f1:35:26:5f:b8:c2:
5f:95:0f:c2:d0:1f:27:98:de:88:cb:90:7b:e3:4e:4d:10:cb:
45:b9:67:4c:cd:38:ed:15:31:c5:b9:60:cf:95:ec:38:df:98:
5b:9b:9e:96:61:71:b1:62:39:0c:ca:03:e4:ca:1c:fe:61:52:
02:f6:2f:bb:cc:7a:5e:78:ea:af:ee:de:f9:9d:6f:00:5f:e2:
21:68:ed:11:65:8a:90:88:19:2b:d1:9f:6f:60:72:00:02:bf:
f0:0e:c2:70:25:16:5d:b6:e0:e9:27:3a:3e:51:3d:b9:89:02:
89:83:a8:5c:4c:ec:84:1d:d2:07:13:5d:55:f6:b8:e8:da:f8:
ee:db:e0:fd:77:5a:b0:70:85:74:f2:ba:85:3d:23:84:d2:ee:
53:66:e9:80:d9:3e:34:a3:4e:d8:fe:ae:9e:db:2e:fa:6c:ef:
32:b7:83:b5:76:f7:64:77:38:a2:57:8c:b0:cb:44:b2:ee:24:
f3:27:fa:aa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZijiCKlyYRD0lGZelzTXyDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjUwODEzMTMwNDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjlmODhjZWY5ODY4ZTE5MzBjN2ZlNzc1MzU3MjllMWM2YjU3OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/Jy68WfP4pVcXJ0DGCvSYm+raL8
IIu4jqtmvdMnInYgVfpGTzHjlY2yNsi/2IXcXEcaSHLXFwD5JjR9y3VblD6oPptc
vKh2jYtr/GqYByaE2oGks5+T0g5aZpclVmSJmqUpkzUU8ouk5pIxEMAGwYST/TU/
V9ZwT6Aczr8ZMAjRfu9EwP9kn8a3PJq5aF+nQzWnhQKhHS4k8DWap/NPElMHgUZ2
e/2yF6Pu53Ep9mUMCsG/BhhL3RAK23nvZgN4ykVMNeDrFH+894X7pKW0CDmfHsHp
kNjcUxsTc6tvoK+7+D6lKk+cPif9z6l2UfQaa6drBTBLmC1hbiVnbeszYwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPafiM75ho4ZMMf+d1NXKeHGtXnXMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvOXAtSXp2bUdqaGt3eF81M1UxY3A0Y2ExZWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQET24AAwQE
XufgAwQCw4zsMA0EAgACMAcDBQMqAPvAMA0GCSqGSIb3DQEBCwUAA4IBAQDAeI56
u4q/hEV0gMMuMqF4d4O6LihoSHCXRzdjHZhqgnVGSnKOBpKFDg0NsudMqnKQlL1c
PkOBRuHGRUkc0tI9xaXxNSZfuMJflQ/C0B8nmN6Iy5B7405NEMtFuWdMzTjtFTHF
uWDPlew435hbm56WYXGxYjkMygPkyhz+YVIC9i+7zHpeeOqv7t75nW8AX+IhaO0R
ZYqQiBkr0Z9vYHIAAr/wDsJwJRZdtuDpJzo+UT25iQKJg6hcTOyEHdIHE11V9rjo
2vju2+D9d1qwcIV08rqFPSOE0u5TZumA2T40o07Y/q6e2y76bO8yt4O1dvdkdzii
V4ywy0Sy7iTzJ/qq
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:15:34 2025 by rpki-client