Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/980f77-7d75-4fc3-b45e-112a48570f40/1/qS9lbWxycbZu6RoyXldJwuJR6TM.roa
File: qS9lbWxycbZu6RoyXldJwuJR6TM.roa (raw, json)
Hash identifier: qx382/Be7wHuXq5Yjg5wuqIZocz2BMbKerwk1urC5hM=
Subject key identifier: A9:2F:65:6D:6C:72:71:B6:6E:E9:1A:32:5E:57:49:C2:E2:51:E9:33
Certificate issuer: /CN=6a6a0c9f2778a887868b743a2b5ffa8c627e55f3
Certificate serial: 01995BF4D2BC1A8DEE832E500F59884EF5EB
Authority key identifier: 6A:6A:0C:9F:27:78:A8:87:86:8B:74:3A:2B:5F:FA:8C:62:7E:55:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/amoMnyd4qIeGi3Q6K1_6jGJ-VfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/980f77-7d75-4fc3-b45e-112a48570f40/1/qS9lbWxycbZu6RoyXldJwuJR6TM.roa
Signing time: Thu 18 Sep 2025 08:33:15 +0000
ROA not before: Thu 18 Sep 2025 08:33:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43293
IP address blocks: 77.93.64.0/20 maxlen: 20
2a01:350::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/980f77-7d75-4fc3-b45e-112a48570f40/1/amoMnyd4qIeGi3Q6K1_6jGJ-VfM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/980f77-7d75-4fc3-b45e-112a48570f40/1/amoMnyd4qIeGi3Q6K1_6jGJ-VfM.mft
rsync://rpki.ripe.net/repository/DEFAULT/amoMnyd4qIeGi3Q6K1_6jGJ-VfM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5b:f4:d2:bc:1a:8d:ee:83:2e:50:0f:59:88:4e:f5:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a6a0c9f2778a887868b743a2b5ffa8c627e55f3
Validity
Not Before: Sep 18 08:33:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a92f656d6c7271b66ee91a325e5749c2e251e933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e1:85:d3:d0:fc:e8:74:bc:bf:95:e7:4d:ce:
4b:ff:a0:4d:11:23:7e:02:eb:48:d5:ad:f9:24:21:
04:56:7b:a6:7e:66:e5:51:4e:5c:e6:54:a9:87:3f:
85:48:25:72:46:41:73:b6:df:6e:cd:20:23:4d:41:
00:27:8a:31:f9:8b:bc:dd:d1:26:38:e7:6f:a1:66:
17:10:f7:bb:8c:a1:1a:4a:db:f5:7e:63:7d:7d:fd:
6b:a8:dc:04:7a:c9:88:38:9d:71:c3:ca:4d:17:9b:
02:fc:b4:6f:bf:9c:ee:25:34:8a:24:96:13:95:f9:
89:24:73:41:b2:7e:ae:7f:fe:b8:37:00:95:66:22:
2d:04:a1:48:8e:e9:39:c6:9a:a0:a9:78:d4:60:fa:
1a:a5:16:bf:1b:8f:48:f5:9b:a3:58:56:df:87:3f:
6a:36:bd:82:e9:dc:ef:54:a6:e8:6c:63:41:b8:e0:
ab:53:6d:b0:69:44:70:22:60:87:26:22:47:f8:d8:
de:5f:e0:6a:67:c2:0f:62:70:71:d6:d9:9a:47:e4:
58:92:11:d3:9c:97:db:e8:af:9e:a3:db:6a:a9:66:
61:b4:eb:37:b5:ae:04:3e:8c:2d:ff:e1:75:dc:6d:
28:52:c4:9a:9f:56:52:53:f8:05:c3:53:dc:77:78:
aa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:2F:65:6D:6C:72:71:B6:6E:E9:1A:32:5E:57:49:C2:E2:51:E9:33
X509v3 Authority Key Identifier:
keyid:6A:6A:0C:9F:27:78:A8:87:86:8B:74:3A:2B:5F:FA:8C:62:7E:55:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/amoMnyd4qIeGi3Q6K1_6jGJ-VfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/980f77-7d75-4fc3-b45e-112a48570f40/1/qS9lbWxycbZu6RoyXldJwuJR6TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/980f77-7d75-4fc3-b45e-112a48570f40/1/amoMnyd4qIeGi3Q6K1_6jGJ-VfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.64.0/20
IPv6:
2a01:350::/32
Signature Algorithm: sha256WithRSAEncryption
36:8c:f9:bc:34:97:b4:24:11:f9:32:62:a7:6f:77:0d:71:de:
dd:3e:39:03:cf:62:c7:d0:26:24:08:72:79:20:cc:98:33:fa:
c2:dc:40:95:38:e0:fc:7c:0b:29:92:fb:92:cb:2c:31:0e:1c:
da:8e:24:fa:24:40:01:7f:17:02:2e:e5:56:e1:5c:b6:51:05:
d6:cf:41:e8:05:74:b6:60:01:08:bc:ec:f4:55:3a:91:60:f7:
f3:34:6d:3f:04:93:47:49:57:c6:71:e2:85:83:be:12:f5:12:
53:bf:98:8f:30:8b:58:78:b2:bf:78:02:95:b5:c7:f1:7d:42:
d6:f2:09:c0:01:cc:8a:06:0e:7f:fb:ad:ca:ee:7c:5f:28:5d:
12:74:8d:02:05:20:8f:59:6d:d8:40:d2:23:78:c0:63:9f:e6:
f3:88:a1:a3:bd:12:3f:47:23:4a:39:21:05:48:21:7d:d0:73:
e0:ff:d0:4b:10:35:21:74:fd:47:a6:b4:ac:54:0f:cf:fa:fb:
8e:75:09:fc:87:ab:f8:6b:9d:d2:5f:2f:48:b5:99:4b:d0:77:
3c:cc:a6:17:42:31:ee:56:43:76:4d:ff:72:26:12:d1:7a:d6:
e9:c0:67:9c:95:28:c9:a6:94:66:d2:c5:8e:d4:bf:9e:71:d7:
ff:e3:e3:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZlb9NK8Go3ugy5QD1mITvXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNmEwYzlmMjc3OGE4ODc4NjhiNzQzYTJiNWZmYThjNjI3
ZTU1ZjMwHhcNMjUwOTE4MDgzMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTJmNjU2ZDZjNzI3MWI2NmVlOTFhMzI1ZTU3NDljMmUyNTFlOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeGF09D86HS8v5XnTc5L/6BNESN+
AutI1a35JCEEVnumfmblUU5c5lSphz+FSCVyRkFztt9uzSAjTUEAJ4ox+Yu83dEm
OOdvoWYXEPe7jKEaStv1fmN9ff1rqNwEesmIOJ1xw8pNF5sC/LRvv5zuJTSKJJYT
lfmJJHNBsn6uf/64NwCVZiItBKFIjuk5xpqgqXjUYPoapRa/G49I9ZujWFbfhz9q
Nr2C6dzvVKbobGNBuOCrU22waURwImCHJiJH+NjeX+BqZ8IPYnBx1tmaR+RYkhHT
nJfb6K+eo9tqqWZhtOs3ta4EPowt/+F13G0oUsSan1ZSU/gFw1Pcd3iqrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKkvZW1scnG2bukaMl5XScLiUekzMB8GA1UdIwQY
MBaAFGpqDJ8neKiHhot0Oitf+oxiflXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW1vTW55ZDRxSWVHaTNRNksxXzZqR0otVmZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85ODBmNzctN2Q3NS00ZmMzLWI0NWUt
MTEyYTQ4NTcwZjQwLzEvcVM5bGJXeHljYlp1NlJveVhsZEp3dUpSNlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85ODBmNzctN2Q3NS00ZmMzLWI0NWUtMTEyYTQ4NTcwZjQw
LzEvYW1vTW55ZDRxSWVHaTNRNksxXzZqR0otVmZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQETV1AMA0E
AgACMAcDBQAqAQNQMA0GCSqGSIb3DQEBCwUAA4IBAQA2jPm8NJe0JBH5MmKnb3cN
cd7dPjkDz2LH0CYkCHJ5IMyYM/rC3ECVOOD8fAspkvuSyywxDhzajiT6JEABfxcC
LuVW4Vy2UQXWz0HoBXS2YAEIvOz0VTqRYPfzNG0/BJNHSVfGceKFg74S9RJTv5iP
MItYeLK/eAKVtcfxfULW8gnAAcyKBg5/+63K7nxfKF0SdI0CBSCPWW3YQNIjeMBj
n+bziKGjvRI/RyNKOSEFSCF90HPg/9BLEDUhdP1HprSsVA/P+vuOdQn8h6v4a53S
Xy9ItZlL0Hc8zKYXQjHuVkN2Tf9yJhLRetbpwGeclSjJppRm0sWO1L+ecdf/4+Mj
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:23:47 2025 by rpki-client