Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/sdiNlumQHk___AUE4LP5XJrnhvw.roa
File: sdiNlumQHk___AUE4LP5XJrnhvw.roa (raw, json)
Hash identifier: DMvJRwVnEi6Zfvc9NBYyxmS9pxF+tbXKQJ7+eqPkw/o=
Subject key identifier: B1:D8:8D:96:E9:90:1E:4F:FF:FC:05:04:E0:B3:F9:5C:9A:E7:86:FC
Certificate issuer: /CN=42f9a96952777f1074338303ecb65025c4e2b8b5
Certificate serial: 0199DF725D323897D669010F1201A140814A
Authority key identifier: 42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/sdiNlumQHk___AUE4LP5XJrnhvw.roa
Signing time: Mon 13 Oct 2025 21:20:38 +0000
ROA not before: Mon 13 Oct 2025 21:20:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206260
IP address blocks: 83.223.208.0/20 maxlen: 24
83.223.216.0/22 maxlen: 24
141.0.128.0/20 maxlen: 24
143.110.96.0/19 maxlen: 24
185.13.124.0/22 maxlen: 24
2a02:f300::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:df:72:5d:32:38:97:d6:69:01:0f:12:01:a1:40:81:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f9a96952777f1074338303ecb65025c4e2b8b5
Validity
Not Before: Oct 13 21:20:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1d88d96e9901e4ffffc0504e0b3f95c9ae786fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:78:42:4b:71:db:6c:b2:cc:23:8e:74:14:1d:
c0:62:eb:c1:91:85:68:ac:31:d4:b1:4b:6f:d7:1d:
33:4a:6e:8b:20:37:8b:31:de:99:fb:e3:cc:cb:d2:
d9:64:30:a9:63:54:81:96:13:8d:a8:7b:f3:07:95:
55:cf:b8:e3:fc:a5:e9:00:4d:21:d4:28:6a:04:ad:
10:22:a0:21:5c:72:e5:d2:19:c6:f6:74:30:f7:4f:
2b:8f:a4:9d:c6:4d:e6:86:47:5c:68:a9:5d:24:6d:
54:3b:39:7f:0a:52:c8:67:1c:25:56:74:2d:01:9b:
f8:7f:41:c0:28:d9:be:15:38:00:44:6f:ee:ae:31:
97:4c:78:2e:d2:db:e2:b7:dc:83:16:e0:5f:21:99:
86:57:c0:01:79:ab:6c:dd:08:59:85:8b:e7:e4:aa:
e5:3c:8c:f3:05:02:73:1d:9b:bb:79:b2:ef:d4:69:
c9:1d:5f:4b:fa:75:de:29:24:c9:15:08:8c:92:f9:
b1:cb:79:45:e2:6f:14:49:41:26:6a:2a:e6:5e:8a:
0c:ca:c2:d9:c8:3e:08:23:fc:d7:c2:c4:4a:88:a3:
3d:e4:87:ff:42:bd:49:7e:d0:e1:5a:37:25:64:56:
d2:42:22:11:c4:85:db:c7:67:0e:e0:9f:1f:8a:7a:
29:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D8:8D:96:E9:90:1E:4F:FF:FC:05:04:E0:B3:F9:5C:9A:E7:86:FC
X509v3 Authority Key Identifier:
keyid:42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/sdiNlumQHk___AUE4LP5XJrnhvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.223.208.0/20
141.0.128.0/20
143.110.96.0/19
185.13.124.0/22
IPv6:
2a02:f300::/29
Signature Algorithm: sha256WithRSAEncryption
07:6a:c0:88:d8:b6:a2:f4:33:74:c0:90:f1:59:fd:0f:0f:16:
f5:44:f7:09:6f:1d:30:17:c9:32:1f:c4:2d:31:6f:e5:b7:e2:
71:cb:d0:e2:0c:02:30:21:4b:41:58:c0:c9:4d:9e:ea:c5:01:
91:e7:27:e1:03:e4:ef:19:73:8f:14:d2:5d:b1:70:7f:4e:50:
8e:31:7a:5f:2d:7a:47:1c:82:cf:e9:6a:f9:e3:97:fd:74:07:
4e:8f:41:dc:5f:70:9f:54:a3:99:ba:bf:a4:e9:92:2b:41:a9:
d3:fa:b7:54:04:46:d5:18:ef:97:13:df:9f:aa:bc:e1:a8:d3:
6f:1f:0d:84:9b:69:90:61:b9:4b:e0:90:3f:9e:d2:4d:2d:75:
81:52:c3:bf:cc:1b:18:7c:e7:a7:7d:6a:c9:74:ec:b6:d5:7c:
0e:37:35:39:c6:98:e1:4c:b5:d9:e9:a7:3d:21:37:ca:45:bb:
9c:c5:6d:4d:18:0f:bc:ee:9f:7b:44:72:2a:5d:74:9e:e4:ab:
6d:1f:ff:92:72:1e:7e:a6:f3:b5:58:95:80:24:c9:ac:67:1a:
c7:e4:46:f2:ba:9f:a3:d3:30:fd:03:dd:5d:ce:80:24:e4:81:
07:25:b5:5d:d0:07:58:d6:76:ba:14:eb:18:00:c0:4b:5d:b9:
90:05:ea:c1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZnfcl0yOJfWaQEPEgGhQIFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjlhOTY5NTI3NzdmMTA3NDMzODMwM2VjYjY1MDI1YzRl
MmI4YjUwHhcNMjUxMDEzMjEyMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQ4OGQ5NmU5OTAxZTRmZmZmYzA1MDRlMGIzZjk1YzlhZTc4NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonhCS3HbbLLMI450FB3AYuvBkYVo
rDHUsUtv1x0zSm6LIDeLMd6Z++PMy9LZZDCpY1SBlhONqHvzB5VVz7jj/KXpAE0h
1ChqBK0QIqAhXHLl0hnG9nQw908rj6Sdxk3mhkdcaKldJG1UOzl/ClLIZxwlVnQt
AZv4f0HAKNm+FTgARG/urjGXTHgu0tvit9yDFuBfIZmGV8ABeats3QhZhYvn5Krl
PIzzBQJzHZu7ebLv1GnJHV9L+nXeKSTJFQiMkvmxy3lF4m8USUEmairmXooMysLZ
yD4II/zXwsRKiKM95If/Qr1JftDhWjclZFbSQiIRxIXbx2cO4J8finopiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLHYjZbpkB5P//wFBOCz+Vya54b8MB8GA1UdIwQY
MBaAFEL5qWlSd38QdDODA+y2UCXE4ri1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUt
NzdmYTI5MTI5OTRkLzEvc2RpTmx1bVFIa19fX0FVRTRMUDVYSnJuaHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUtNzdmYTI5MTI5OTRk
LzEvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEU9/QAwQE
jQCAAwQFj25gAwQCuQ18MA0EAgACMAcDBQMqAvMAMA0GCSqGSIb3DQEBCwUAA4IB
AQAHasCI2Lai9DN0wJDxWf0PDxb1RPcJbx0wF8kyH8QtMW/lt+Jxy9DiDAIwIUtB
WMDJTZ7qxQGR5yfhA+TvGXOPFNJdsXB/TlCOMXpfLXpHHILP6Wr545f9dAdOj0Hc
X3CfVKOZur+k6ZIrQanT+rdUBEbVGO+XE9+fqrzhqNNvHw2Em2mQYblL4JA/ntJN
LXWBUsO/zBsYfOenfWrJdOy21XwONzU5xpjhTLXZ6ac9ITfKRbucxW1NGA+87p97
RHIqXXSe5KttH/+Sch5+pvO1WJWAJMmsZxrH5Ebyup+j0zD9A91dzoAk5IEHJbVd
0AdY1na6FOsYAMBLXbmQBerB
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:52 2025 by rpki-client