Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/bB5zzy4ThbFAnwijp00TGD9sM6I.roa
File: bB5zzy4ThbFAnwijp00TGD9sM6I.roa (raw, json)
Hash identifier: fhhS3buvhGDhkDN1E4pvdc0U7J2QTB49LgQ+tBpRCtY=
Subject key identifier: 6C:1E:73:CF:2E:13:85:B1:40:9F:08:A3:A7:4D:13:18:3F:6C:33:A2
Certificate issuer: /CN=0e9a5c3283a6a16b4d205a7c564a382641cd8691
Certificate serial: 0199B7BE85927FDC1B93413C0BC1D7A74C0C
Authority key identifier: 0E:9A:5C:32:83:A6:A1:6B:4D:20:5A:7C:56:4A:38:26:41:CD:86:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DppcMoOmoWtNIFp8Vko4JkHNhpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/bB5zzy4ThbFAnwijp00TGD9sM6I.roa
Signing time: Mon 06 Oct 2025 04:19:00 +0000
ROA not before: Mon 06 Oct 2025 04:19:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200590
IP address blocks: 89.20.48.0/24 maxlen: 24
193.162.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/DppcMoOmoWtNIFp8Vko4JkHNhpE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/DppcMoOmoWtNIFp8Vko4JkHNhpE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DppcMoOmoWtNIFp8Vko4JkHNhpE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b7:be:85:92:7f:dc:1b:93:41:3c:0b:c1:d7:a7:4c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e9a5c3283a6a16b4d205a7c564a382641cd8691
Validity
Not Before: Oct 6 04:19:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c1e73cf2e1385b1409f08a3a74d13183f6c33a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:57:30:30:15:2b:10:1e:97:a6:8c:b1:83:b1:
e9:f1:c9:24:2d:65:6e:2b:f9:3e:22:aa:bc:6c:1a:
07:40:e6:40:56:88:72:c7:dc:13:7a:7a:74:81:c5:
ce:e6:a0:4e:8a:7d:93:1d:ab:fb:7f:f6:de:4f:09:
b7:9d:ed:45:86:96:c2:8e:5a:7a:ae:3e:15:62:b4:
52:cc:65:5e:2f:33:73:fb:83:e6:f5:83:8e:2e:6f:
8e:19:06:b5:2e:9e:f0:ac:6f:0e:59:5a:fa:24:f1:
3e:74:03:95:b7:5b:00:f2:cb:6a:89:56:a0:4b:2c:
90:f6:f4:07:60:73:7b:03:5e:6b:ef:65:7c:a1:dc:
30:1d:6c:2c:93:fb:d2:11:4d:ae:cc:bf:41:b2:f6:
92:33:60:ae:e7:a8:64:87:8f:f7:e3:4f:a0:a0:a2:
86:58:04:46:f9:56:05:7c:ae:53:83:81:57:ca:64:
e1:55:07:e2:84:11:1b:87:a9:57:55:e7:b4:7c:f3:
00:21:96:73:86:1b:26:ef:ad:12:12:17:c8:11:38:
17:10:4c:d1:84:42:3c:a6:81:d5:88:42:e3:ea:db:
c5:93:1f:6e:6a:01:79:4a:d8:1d:a4:4e:bf:cd:f6:
75:3b:4b:7e:5b:63:b7:2e:88:ea:21:99:0f:89:38:
08:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1E:73:CF:2E:13:85:B1:40:9F:08:A3:A7:4D:13:18:3F:6C:33:A2
X509v3 Authority Key Identifier:
keyid:0E:9A:5C:32:83:A6:A1:6B:4D:20:5A:7C:56:4A:38:26:41:CD:86:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DppcMoOmoWtNIFp8Vko4JkHNhpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/bB5zzy4ThbFAnwijp00TGD9sM6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/DppcMoOmoWtNIFp8Vko4JkHNhpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.20.48.0/24
193.162.28.0/24
Signature Algorithm: sha256WithRSAEncryption
00:04:db:73:b9:f6:b6:ae:df:28:1b:ef:e2:41:9c:a2:63:02:
a6:8f:dd:90:7d:eb:87:15:25:e4:e7:74:4f:d7:ad:90:32:58:
01:a0:34:14:42:94:2a:22:ba:ba:d2:f3:76:2b:db:c3:19:ee:
22:0a:96:63:05:8c:8c:56:36:e1:00:2f:cf:6a:19:a8:c9:e3:
87:2c:e4:38:01:5f:b2:79:98:38:d9:17:0e:8b:c4:e5:f7:06:
4f:7e:05:e8:f3:03:31:62:6b:4d:33:c9:28:94:de:ac:23:e9:
32:6c:d0:83:c2:74:04:58:82:5b:da:23:68:d0:87:4e:b5:c9:
fd:5b:97:c4:84:79:3b:16:fa:29:e6:b4:27:11:d9:4d:bf:57:
aa:28:7b:bb:6c:eb:03:c8:30:ab:54:97:ed:ef:6f:29:11:80:
88:98:3c:de:74:3a:02:01:aa:23:34:3a:8e:7d:a7:0d:1d:02:
b6:98:87:49:12:f1:70:b5:2d:85:91:a4:a0:cd:e7:59:70:80:
b0:27:b5:2a:11:85:97:b7:a3:dd:71:29:6f:bc:8b:82:4f:99:
73:5c:2f:7b:2a:39:ad:fa:ed:40:15:42:38:f0:bb:3f:de:f6:
d6:ad:bf:0a:85:58:9a:6e:57:c1:a0:ae:b5:d7:32:1f:f8:7b:
dc:15:14:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZm3voWSf9wbk0E8C8HXp0wMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlOWE1YzMyODNhNmExNmI0ZDIwNWE3YzU2NGEzODI2NDFj
ZDg2OTEwHhcNMjUxMDA2MDQxOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzFlNzNjZjJlMTM4NWIxNDA5ZjA4YTNhNzRkMTMxODNmNmMzM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlcwMBUrEB6Xpoyxg7Hp8ckkLWVu
K/k+Iqq8bBoHQOZAVohyx9wTenp0gcXO5qBOin2THav7f/beTwm3ne1FhpbCjlp6
rj4VYrRSzGVeLzNz+4Pm9YOOLm+OGQa1Lp7wrG8OWVr6JPE+dAOVt1sA8stqiVag
SyyQ9vQHYHN7A15r72V8odwwHWwsk/vSEU2uzL9BsvaSM2Cu56hkh4/340+goKKG
WARG+VYFfK5Tg4FXymThVQfihBEbh6lXVee0fPMAIZZzhhsm760SEhfIETgXEEzR
hEI8poHViELj6tvFkx9uagF5StgdpE6/zfZ1O0t+W2O3LojqIZkPiTgIxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGwec88uE4WxQJ8Io6dNExg/bDOiMB8GA1UdIwQY
MBaAFA6aXDKDpqFrTSBafFZKOCZBzYaRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHBwY01vT21vV3ROSUZwOFZrbzRKa0hOaHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kZjZmNWYtZTFlYy00MzQzLTlhMjEt
YTVjZWUxMWJiYWU4LzEvYkI1enp5NFRoYkZBbndpanAwMFRHRDlzTTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kZjZmNWYtZTFlYy00MzQzLTlhMjEtYTVjZWUxMWJiYWU4
LzEvRHBwY01vT21vV3ROSUZwOFZrbzRKa0hOaHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRQwAwQA
waIcMA0GCSqGSIb3DQEBCwUAA4IBAQAABNtzufa2rt8oG+/iQZyiYwKmj92QfeuH
FSXk53RP162QMlgBoDQUQpQqIrq60vN2K9vDGe4iCpZjBYyMVjbhAC/PahmoyeOH
LOQ4AV+yeZg42RcOi8Tl9wZPfgXo8wMxYmtNM8kolN6sI+kybNCDwnQEWIJb2iNo
0IdOtcn9W5fEhHk7Fvop5rQnEdlNv1eqKHu7bOsDyDCrVJft728pEYCImDzedDoC
AaojNDqOfacNHQK2mIdJEvFwtS2FkaSgzedZcICwJ7UqEYWXt6PdcSlvvIuCT5lz
XC97Kjmt+u1AFUI48Ls/3vbWrb8KhViablfBoK611zIf+HvcFRSJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:07:29 2025 by rpki-client