Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d9cf7e-aa7e-4823-99f9-47f5c1c52ce2/1/M9ok_oEA-Cq66PnPmgpXlFaH8Sc.roa
File: M9ok_oEA-Cq66PnPmgpXlFaH8Sc.roa (raw, json)
Hash identifier: Bj68sqknRNEMUK6hrMTUuevwXIra7kusoFg9lZhmyJM=
Subject key identifier: 33:DA:24:FE:81:00:F8:2A:BA:E8:F9:CF:9A:0A:57:94:56:87:F1:27
Certificate issuer: /CN=b94427d8b796645f764b4e66bf19ad38e4abee1c
Certificate serial: 0199A4BAB209301F933A66D49416DEECADF2
Authority key identifier: B9:44:27:D8:B7:96:64:5F:76:4B:4E:66:BF:19:AD:38:E4:AB:EE:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUQn2LeWZF92S05mvxmtOOSr7hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d9cf7e-aa7e-4823-99f9-47f5c1c52ce2/1/M9ok_oEA-Cq66PnPmgpXlFaH8Sc.roa
Signing time: Thu 02 Oct 2025 11:42:02 +0000
ROA not before: Thu 02 Oct 2025 11:42:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41557
IP address blocks: 89.205.0.0/17 maxlen: 17
89.205.0.0/21 maxlen: 21
89.205.8.0/21 maxlen: 21
89.205.16.0/21 maxlen: 21
89.205.24.0/21 maxlen: 21
185.47.56.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/d9cf7e-aa7e-4823-99f9-47f5c1c52ce2/1/uUQn2LeWZF92S05mvxmtOOSr7hw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/d9cf7e-aa7e-4823-99f9-47f5c1c52ce2/1/uUQn2LeWZF92S05mvxmtOOSr7hw.mft
rsync://rpki.ripe.net/repository/DEFAULT/uUQn2LeWZF92S05mvxmtOOSr7hw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a4:ba:b2:09:30:1f:93:3a:66:d4:94:16:de:ec:ad:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b94427d8b796645f764b4e66bf19ad38e4abee1c
Validity
Not Before: Oct 2 11:42:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33da24fe8100f82abae8f9cf9a0a57945687f127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fa:a2:5c:28:83:0c:b9:81:92:43:e6:7b:da:
65:78:dc:71:57:af:97:c0:fb:d5:d4:81:3c:e5:56:
28:1b:18:f9:da:2f:49:1d:d2:77:07:9b:aa:9d:ea:
17:76:78:4e:03:e9:67:6a:25:06:90:32:68:04:1d:
6a:7d:b3:dc:58:70:b9:ed:cf:bc:18:c7:56:d0:7d:
ea:1c:20:60:60:81:56:b4:6a:13:ef:57:d0:d5:1a:
49:f7:c3:0f:79:77:d5:b6:4d:92:90:d9:03:1e:29:
fd:ac:99:12:a5:58:67:b5:82:ee:95:39:ff:7b:11:
4a:69:a3:93:7e:6c:0d:a6:ce:4c:e9:02:95:3e:f3:
4d:f0:d8:9c:64:6c:b8:f0:a6:a6:54:9c:b8:3e:ad:
31:08:fa:db:40:bd:fc:e5:8e:d1:c2:cf:be:4c:c8:
4e:81:fb:df:9d:f6:20:2e:2f:a6:1d:43:47:83:c9:
c9:39:b6:65:84:b2:c5:88:95:53:9c:fa:fd:96:ac:
a4:3d:6d:fd:16:b7:9c:46:23:aa:f9:64:a5:4e:bb:
da:15:0e:73:99:28:22:c5:1b:34:c0:86:12:d6:76:
a0:b6:0b:4c:10:68:8d:2c:b4:60:65:66:41:8f:86:
43:d9:b2:df:e7:d5:b2:7e:c2:d7:b3:60:9d:11:fb:
91:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DA:24:FE:81:00:F8:2A:BA:E8:F9:CF:9A:0A:57:94:56:87:F1:27
X509v3 Authority Key Identifier:
keyid:B9:44:27:D8:B7:96:64:5F:76:4B:4E:66:BF:19:AD:38:E4:AB:EE:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUQn2LeWZF92S05mvxmtOOSr7hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d9cf7e-aa7e-4823-99f9-47f5c1c52ce2/1/M9ok_oEA-Cq66PnPmgpXlFaH8Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d9cf7e-aa7e-4823-99f9-47f5c1c52ce2/1/uUQn2LeWZF92S05mvxmtOOSr7hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.205.0.0/17
185.47.56.0/22
Signature Algorithm: sha256WithRSAEncryption
99:5e:76:f6:35:35:6e:78:7c:7c:25:0d:5f:3c:cd:79:34:2d:
92:8e:3a:1b:31:3d:44:31:18:48:10:8d:a3:70:23:52:18:7f:
a5:9b:f9:1e:67:08:d7:0b:5f:40:a0:0a:81:26:b8:dd:49:56:
c6:aa:7c:a1:6c:73:04:c8:7c:3d:71:93:02:18:47:45:e0:c3:
a3:2a:7b:64:4b:36:40:d3:ee:69:9a:6a:9e:c6:db:06:fa:ee:
8b:a4:12:41:6d:81:c5:34:c2:e3:dc:f3:1d:8c:03:8e:f2:e0:
6c:ca:f4:d7:bc:ce:bb:6c:c1:99:29:88:c1:4d:20:48:c5:a7:
e0:62:4f:54:58:eb:e2:aa:29:57:d6:03:44:46:7c:e9:96:b3:
df:e2:7f:c6:fc:83:7a:8d:16:ce:57:1c:02:8b:8f:b6:6c:1c:
f4:12:1a:4b:27:0b:80:aa:69:bb:6f:55:c1:4d:98:07:9f:cb:
05:65:41:87:67:92:37:95:13:36:fc:6b:c2:91:1d:c3:38:d1:
9c:a2:18:b3:04:b8:1d:28:d2:e3:ac:e6:f1:59:7e:44:d5:32:
a3:a5:3e:7c:35:d2:53:a3:a2:20:89:d9:d1:7a:d8:97:ad:9b:
5d:bd:f4:0f:de:d4:d2:be:67:1f:ef:76:68:75:dc:10:5f:c5:
fc:f4:3c:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmkurIJMB+TOmbUlBbe7K3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDQyN2Q4Yjc5NjY0NWY3NjRiNGU2NmJmMTlhZDM4ZTRh
YmVlMWMwHhcNMjUxMDAyMTE0MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RhMjRmZTgxMDBmODJhYmFlOGY5Y2Y5YTBhNTc5NDU2ODdmMTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfqiXCiDDLmBkkPme9pleNxxV6+X
wPvV1IE85VYoGxj52i9JHdJ3B5uqneoXdnhOA+lnaiUGkDJoBB1qfbPcWHC57c+8
GMdW0H3qHCBgYIFWtGoT71fQ1RpJ98MPeXfVtk2SkNkDHin9rJkSpVhntYLulTn/
exFKaaOTfmwNps5M6QKVPvNN8NicZGy48KamVJy4Pq0xCPrbQL385Y7Rws++TMhO
gfvfnfYgLi+mHUNHg8nJObZlhLLFiJVTnPr9lqykPW39FrecRiOq+WSlTrvaFQ5z
mSgixRs0wIYS1nagtgtMEGiNLLRgZWZBj4ZD2bLf59WyfsLXs2CdEfuR4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDPaJP6BAPgquuj5z5oKV5RWh/EnMB8GA1UdIwQY
MBaAFLlEJ9i3lmRfdktOZr8ZrTjkq+4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVRbjJMZVdaRjkyUzA1bXZ4bXRPT1NyN2h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kOWNmN2UtYWE3ZS00ODIzLTk5Zjkt
NDdmNWMxYzUyY2UyLzEvTTlva19vRUEtQ3E2NlBuUG1ncFhsRmFIOFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kOWNmN2UtYWE3ZS00ODIzLTk5ZjktNDdmNWMxYzUyY2Uy
LzEvdVVRbjJMZVdaRjkyUzA1bXZ4bXRPT1NyN2h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHWc0AAwQC
uS84MA0GCSqGSIb3DQEBCwUAA4IBAQCZXnb2NTVueHx8JQ1fPM15NC2SjjobMT1E
MRhIEI2jcCNSGH+lm/keZwjXC19AoAqBJrjdSVbGqnyhbHMEyHw9cZMCGEdF4MOj
KntkSzZA0+5pmmqextsG+u6LpBJBbYHFNMLj3PMdjAOO8uBsyvTXvM67bMGZKYjB
TSBIxafgYk9UWOviqilX1gNERnzplrPf4n/G/IN6jRbOVxwCi4+2bBz0EhpLJwuA
qmm7b1XBTZgHn8sFZUGHZ5I3lRM2/GvCkR3DONGcohizBLgdKNLjrObxWX5E1TKj
pT58NdJTo6IgidnRetiXrZtdvfQP3tTSvmcf73ZoddwQX8X89DxB
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:23:18 2025 by rpki-client