Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/9JR9kLeC3mROCyumxdx5UUDi6gE.roa
File: 9JR9kLeC3mROCyumxdx5UUDi6gE.roa (raw, json)
Hash identifier: AP5tnA/PZA5j1wHvMVeBn0pLZ2nrXdAqQyrDJzaFfaA=
Subject key identifier: F4:94:7D:90:B7:82:DE:64:4E:0B:2B:A6:C5:DC:79:51:40:E2:EA:01
Certificate issuer: /CN=bbca3f25d54620b50ef8520657634d3b096bac57
Certificate serial: 019938E2405F131274F7364A8DBAC72EF09C
Authority key identifier: BB:CA:3F:25:D5:46:20:B5:0E:F8:52:06:57:63:4D:3B:09:6B:AC:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u8o_JdVGILUO-FIGV2NNOwlrrFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/9JR9kLeC3mROCyumxdx5UUDi6gE.roa
Signing time: Thu 11 Sep 2025 13:06:15 +0000
ROA not before: Thu 11 Sep 2025 13:06:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 2.59.132.0/22 maxlen: 24
45.145.40.0/22 maxlen: 24
45.157.232.0/22 maxlen: 24
62.192.153.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
94.143.231.0/24 maxlen: 24
104.167.24.0/24 maxlen: 24
176.96.136.0/22 maxlen: 24
185.94.29.0/24 maxlen: 24
185.219.84.0/24 maxlen: 24
185.254.96.0/22 maxlen: 24
193.41.226.0/24 maxlen: 24
193.41.237.0/24 maxlen: 24
193.42.11.0/24 maxlen: 24
193.42.12.0/24 maxlen: 24
194.48.217.0/24 maxlen: 24
2a0c:4ac0::/29 maxlen: 40
2a0d:1180::/29 maxlen: 29
2a0d:5940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/u8o_JdVGILUO-FIGV2NNOwlrrFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/u8o_JdVGILUO-FIGV2NNOwlrrFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/u8o_JdVGILUO-FIGV2NNOwlrrFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:e2:40:5f:13:12:74:f7:36:4a:8d:ba:c7:2e:f0:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbca3f25d54620b50ef8520657634d3b096bac57
Validity
Not Before: Sep 11 13:06:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4947d90b782de644e0b2ba6c5dc795140e2ea01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d1:1f:f3:41:11:8a:4c:a1:d0:9f:66:1a:47:
d6:aa:93:1e:a4:59:0f:59:87:d1:25:f7:c3:05:46:
0e:dc:0f:1b:af:7c:ba:28:b5:0c:61:33:e9:1d:ec:
cb:5b:03:5e:2b:cf:08:2a:98:2e:c9:08:98:d2:87:
a9:2c:8c:28:21:72:d9:d6:f9:43:ba:8e:00:c3:a9:
c0:b0:b3:4c:5c:a7:05:3d:b9:fa:c6:30:fd:ca:87:
34:a1:0d:69:d2:a1:3c:0b:7d:dd:be:53:e7:3e:28:
f0:f6:93:8d:de:24:9e:b5:9f:25:d3:1d:68:b7:99:
cc:19:98:0a:6b:8f:f7:39:6b:d1:a6:10:98:54:eb:
11:18:ba:4d:2c:e1:68:8b:5b:c0:2a:c2:dc:ff:e2:
ce:3c:71:41:49:a2:85:4f:e0:90:60:e8:9c:cf:96:
8d:87:7b:9b:61:94:76:28:4c:6d:f9:81:d4:3a:5d:
f1:cf:27:b2:68:d3:cc:72:37:cd:33:5f:44:9f:79:
d2:ac:9e:5d:ea:99:19:b7:2b:14:8d:94:f1:14:c2:
bb:33:08:65:c0:41:54:2e:e0:52:c3:f6:27:9a:50:
46:bd:2c:f7:68:4a:0c:6f:7c:fa:e6:e2:c5:f5:97:
42:be:f4:0b:67:bb:03:cc:da:83:03:55:74:76:b2:
82:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:94:7D:90:B7:82:DE:64:4E:0B:2B:A6:C5:DC:79:51:40:E2:EA:01
X509v3 Authority Key Identifier:
keyid:BB:CA:3F:25:D5:46:20:B5:0E:F8:52:06:57:63:4D:3B:09:6B:AC:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8o_JdVGILUO-FIGV2NNOwlrrFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/9JR9kLeC3mROCyumxdx5UUDi6gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/u8o_JdVGILUO-FIGV2NNOwlrrFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.132.0/22
45.145.40.0/22
45.157.232.0/22
62.192.153.0/24
93.123.85.0/24
94.143.231.0/24
104.167.24.0/24
176.96.136.0/22
185.94.29.0/24
185.219.84.0/24
185.254.96.0/22
193.41.226.0/24
193.41.237.0/24
193.42.11.0-193.42.12.255
194.48.217.0/24
IPv6:
2a0c:4ac0::/29
2a0d:1180::/29
2a0d:5940::/29
Signature Algorithm: sha256WithRSAEncryption
55:dc:15:9f:32:ec:b0:7a:d0:f6:f2:c2:1e:4c:11:18:48:19:
7d:5e:7b:9b:08:80:00:6f:5b:c1:4b:3f:04:ec:77:81:44:22:
b6:5f:15:ea:0e:72:39:42:8e:58:74:2e:65:c9:ad:0e:a2:cf:
19:bd:de:f2:1a:2a:af:72:e4:55:64:cf:4c:ae:a5:25:9e:a3:
a9:03:b3:36:3c:28:c2:6c:ef:cb:2a:58:67:68:29:ec:38:0f:
ce:88:27:77:2e:a6:55:dd:5a:2e:1e:16:cc:32:1c:4c:69:26:
e1:e4:35:57:c0:6e:ad:64:9f:c5:ab:96:ac:81:4f:4a:5e:96:
f6:8a:9d:ae:fa:ac:71:56:08:86:c7:c9:b4:f3:9a:81:a0:d9:
9d:4b:28:34:d9:79:79:ef:d1:96:09:21:fb:ff:dc:e5:be:86:
f7:25:a8:41:6d:17:31:43:0e:f1:8c:3e:57:4c:55:12:cd:b4:
44:25:70:14:af:90:b6:e3:72:6c:27:9c:11:82:1a:88:ce:ae:
31:85:fb:5e:be:40:3c:83:dd:56:a6:b0:8d:85:11:9b:a2:7d:
08:bb:15:64:fc:21:fb:f5:04:a4:3f:02:3d:9f:12:7e:cd:f1:
a3:fc:f5:68:93:8e:fa:e6:76:59:4f:ed:d8:9a:ce:c6:85:9b:
e0:a3:74:33
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZk44kBfExJ09zZKjbrHLvCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiY2EzZjI1ZDU0NjIwYjUwZWY4NTIwNjU3NjM0ZDNiMDk2
YmFjNTcwHhcNMjUwOTExMTMwNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk0N2Q5MGI3ODJkZTY0NGUwYjJiYTZjNWRjNzk1MTQwZTJlYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9Ef80ERikyh0J9mGkfWqpMepFkP
WYfRJffDBUYO3A8br3y6KLUMYTPpHezLWwNeK88IKpguyQiY0oepLIwoIXLZ1vlD
uo4Aw6nAsLNMXKcFPbn6xjD9yoc0oQ1p0qE8C33dvlPnPijw9pON3iSetZ8l0x1o
t5nMGZgKa4/3OWvRphCYVOsRGLpNLOFoi1vAKsLc/+LOPHFBSaKFT+CQYOicz5aN
h3ubYZR2KExt+YHUOl3xzyeyaNPMcjfNM19En3nSrJ5d6pkZtysUjZTxFMK7Mwhl
wEFULuBSw/YnmlBGvSz3aEoMb3z65uLF9ZdCvvQLZ7sDzNqDA1V0drKCFQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFPSUfZC3gt5kTgsrpsXceVFA4uoBMB8GA1UdIwQY
MBaAFLvKPyXVRiC1DvhSBldjTTsJa6xXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdThvX0pkVkdJTFVPLUZJR1YyTk5Pd2xyckZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81NjFkMjQtZTkyMS00ZWM4LWE2MTEt
NGRjMjBjNWI2MjY4LzEvOUpSOWtMZUMzbVJPQ3l1bXhkeDVVVURpNmdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81NjFkMjQtZTkyMS00ZWM4LWE2MTEtNGRjMjBjNWI2MjY4
LzEvdThvX0pkVkdJTFVPLUZJR1YyTk5Pd2xyckZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBoBAIAATBiAwQCAjuE
AwQCLZEoAwQCLZ3oAwQAPsCZAwQAXXtVAwQAXo/nAwQAaKcYAwQCsGCIAwQAuV4d
AwQAudtUAwQCuf5gAwQAwSniAwQAwSntMAwDBADBKgsDBADBKgwDBADCMNkwGwQC
AAIwFQMFAyoMSsADBQMqDRGAAwUDKg1ZQDANBgkqhkiG9w0BAQsFAAOCAQEAVdwV
nzLssHrQ9vLCHkwRGEgZfV57mwiAAG9bwUs/BOx3gUQitl8V6g5yOUKOWHQuZcmt
DqLPGb3e8hoqr3LkVWTPTK6lJZ6jqQOzNjwowmzvyypYZ2gp7DgPzogndy6mVd1a
Lh4WzDIcTGkm4eQ1V8BurWSfxauWrIFPSl6W9oqdrvqscVYIhsfJtPOagaDZnUso
NNl5ee/Rlgkh+//c5b6G9yWoQW0XMUMO8Yw+V0xVEs20RCVwFK+QtuNybCecEYIa
iM6uMYX7Xr5APIPdVqawjYURm6J9CLsVZPwh+/UEpD8CPZ8Sfs3xo/z1aJOO+uZ2
WU/t2JrOxoWb4KN0Mw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:49:22 2025 by rpki-client