Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/9L6AVjkValDZgShbyHFIglFK-vU.roa
File: 9L6AVjkValDZgShbyHFIglFK-vU.roa (raw, json)
Hash identifier: vufq8Mys/rVjB7A0Cd1ttX4gkVYJG8tMhOrBmJ6rqrA=
Subject key identifier: F4:BE:80:56:39:15:6A:50:D9:81:28:5B:C8:71:48:82:51:4A:FA:F5
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0198E526D619DD891615AD413BDBAF0C14CA
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/9L6AVjkValDZgShbyHFIglFK-vU.roa
Signing time: Tue 26 Aug 2025 06:53:04 +0000
ROA not before: Tue 26 Aug 2025 06:53:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 85.204.181.0/24 maxlen: 24
86.105.58.0/24 maxlen: 24
86.105.211.0/24 maxlen: 24
86.107.164.0/24 maxlen: 24
89.39.97.0/24 maxlen: 24
93.113.70.0/24 maxlen: 24
93.119.144.0/24 maxlen: 24
93.119.201.0/24 maxlen: 24
93.119.232.0/24 maxlen: 24
188.208.124.0/24 maxlen: 24
188.214.136.0/24 maxlen: 24
188.214.137.0/24 maxlen: 24
188.214.138.0/24 maxlen: 24
188.214.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e5:26:d6:19:dd:89:16:15:ad:41:3b:db:af:0c:14:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Aug 26 06:53:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4be805639156a50d981285bc8714882514afaf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d4:a7:3b:75:ae:ff:48:36:3c:ad:ad:8d:15:
07:6a:a4:28:46:ae:38:10:84:e7:3e:29:c6:3f:a7:
4f:73:26:a9:cb:9d:a0:59:e1:0a:1a:88:39:1a:08:
ce:b6:87:75:6d:bc:70:e9:19:f7:ed:f9:e1:fb:d8:
17:f2:2f:c6:c8:c9:50:8c:09:d7:f9:62:8f:53:bb:
83:d2:3a:70:2d:33:a1:ae:de:7b:76:00:f8:68:db:
8b:f2:80:54:75:c4:62:18:ca:4e:93:55:7a:fb:61:
0c:d6:78:94:75:d7:c8:44:a0:92:bb:96:d3:fa:15:
1e:e0:c1:6d:49:15:90:8a:72:89:2f:2f:a7:a9:97:
fd:4a:f4:5b:ad:26:f4:bf:af:55:1c:dd:16:20:95:
22:2f:31:2d:9a:04:6e:9d:f7:87:ff:10:2b:38:1c:
d4:aa:60:01:52:6c:99:58:f4:36:06:25:66:89:cd:
04:19:c7:9b:a4:3f:41:3b:8e:00:be:74:40:7c:8d:
12:8a:b0:fb:27:1b:ab:ae:4f:b4:d2:9d:98:a3:e4:
aa:34:27:d9:d3:ee:45:51:37:49:e6:31:68:1f:d0:
55:50:2b:9b:08:88:26:f7:58:17:5c:04:b2:03:bb:
e6:f3:7c:fa:05:db:11:7c:b5:1b:de:59:e7:38:76:
57:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BE:80:56:39:15:6A:50:D9:81:28:5B:C8:71:48:82:51:4A:FA:F5
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/9L6AVjkValDZgShbyHFIglFK-vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.181.0/24
86.105.58.0/24
86.105.211.0/24
86.107.164.0/24
89.39.97.0/24
93.113.70.0/24
93.119.144.0/24
93.119.201.0/24
93.119.232.0/24
188.208.124.0/24
188.214.136.0/22
Signature Algorithm: sha256WithRSAEncryption
49:c3:ac:de:6f:74:1d:b2:77:ed:75:ba:c8:50:bb:1a:e3:82:
67:79:73:2a:e0:6e:6d:eb:97:28:81:be:a8:f6:85:71:4b:d6:
8e:24:40:04:29:87:09:a8:8f:18:77:0a:29:8a:ad:28:13:ff:
12:02:07:46:0f:3f:f9:50:a0:1c:9e:8a:7b:ef:0b:31:b7:bb:
f4:0a:48:06:84:ee:23:8c:d1:50:01:32:82:50:84:36:56:75:
c8:f7:8f:3a:8a:bf:bb:e5:58:2f:5b:8f:91:46:e4:ac:a8:5a:
97:3f:10:f9:24:9b:d9:ae:03:3b:21:16:20:b5:f7:9f:35:64:
e8:03:03:21:2a:d4:4a:06:36:45:96:33:cd:be:f1:fe:28:4a:
19:f3:87:f6:ad:39:98:b9:fb:c3:e6:f5:8d:75:d0:be:ef:72:
35:70:12:12:80:0a:3e:c8:e5:78:3c:3d:00:08:1a:70:df:e7:
38:b7:67:7e:80:f3:5b:0a:20:a2:c1:7d:73:69:95:a0:0d:99:
5c:56:41:bd:ea:d6:63:c3:42:94:f9:94:85:d0:99:b8:a3:08:
61:8a:8b:67:19:1b:62:56:2c:dd:0c:55:63:ad:cc:b3:65:62:
75:6c:12:d6:04:2b:dc:53:8c:0a:df:30:ab:4e:58:d5:f0:27:
9b:ea:71:6e
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZjlJtYZ3YkWFa1BO9uvDBTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwODI2MDY1MzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGJlODA1NjM5MTU2YTUwZDk4MTI4NWJjODcxNDg4MjUxNGFmYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tSnO3Wu/0g2PK2tjRUHaqQoRq44
EITnPinGP6dPcyapy52gWeEKGog5GgjOtod1bbxw6Rn37fnh+9gX8i/GyMlQjAnX
+WKPU7uD0jpwLTOhrt57dgD4aNuL8oBUdcRiGMpOk1V6+2EM1niUddfIRKCSu5bT
+hUe4MFtSRWQinKJLy+nqZf9SvRbrSb0v69VHN0WIJUiLzEtmgRunfeH/xArOBzU
qmABUmyZWPQ2BiVmic0EGcebpD9BO44AvnRAfI0SirD7Jxurrk+00p2Yo+SqNCfZ
0+5FUTdJ5jFoH9BVUCubCIgm91gXXASyA7vm83z6BdsRfLUb3lnnOHZXMwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPS+gFY5FWpQ2YEoW8hxSIJRSvr1MB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvOUw2QVZqa1ZhbERaZ1NoYnlIRklnbEZLLXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVcy1AwQA
Vmk6AwQAVmnTAwQAVmukAwQAWSdhAwQAXXFGAwQAXXeQAwQAXXfJAwQAXXfoAwQA
vNB8AwQCvNaIMA0GCSqGSIb3DQEBCwUAA4IBAQBJw6zeb3QdsnftdbrIULsa44Jn
eXMq4G5t65cogb6o9oVxS9aOJEAEKYcJqI8Ydwopiq0oE/8SAgdGDz/5UKAcnop7
7wsxt7v0CkgGhO4jjNFQATKCUIQ2VnXI9486ir+75VgvW4+RRuSsqFqXPxD5JJvZ
rgM7IRYgtfefNWToAwMhKtRKBjZFljPNvvH+KEoZ84f2rTmYufvD5vWNddC+73I1
cBISgAo+yOV4PD0ACBpw3+c4t2d+gPNbCiCiwX1zaZWgDZlcVkG96tZjw0KU+ZSF
0Jm4owhhiotnGRtiVizdDFVjrcyzZWJ1bBLWBCvcU4wK3zCrTljV8Ceb6nFu
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:04 2025 by rpki-client