Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/iRG9ucM5Y1__Y1j40udIIAjWRo4.roa
File: iRG9ucM5Y1__Y1j40udIIAjWRo4.roa (raw, json)
Hash identifier: IhQn4ZuEkIr4xebbPWQUjrsTXErn0Gt0OnIFGQHg8dQ=
Subject key identifier: 89:11:BD:B9:C3:39:63:5F:FF:63:58:F8:D2:E7:48:20:08:D6:46:8E
Certificate issuer: /CN=9367965e2834f1893cfa8631a484071e6a2d45b7
Certificate serial: 0198853BC94A66F44EF184F86700AA08683A
Authority key identifier: 93:67:96:5E:28:34:F1:89:3C:FA:86:31:A4:84:07:1E:6A:2D:45:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2eWXig08Yk8-oYxpIQHHmotRbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/iRG9ucM5Y1__Y1j40udIIAjWRo4.roa
Signing time: Thu 07 Aug 2025 15:52:24 +0000
ROA not before: Thu 07 Aug 2025 15:52:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47541
IP address blocks: 79.137.164.0/24 maxlen: 24
79.137.180.0/24 maxlen: 24
93.186.224.0/21 maxlen: 21
93.186.232.0/21 maxlen: 21
95.142.192.0/20 maxlen: 20
95.142.192.0/21 maxlen: 21
185.32.248.0/22 maxlen: 22
2a00:bdc0::/33 maxlen: 33
2a00:bdc0:8000::/34 maxlen: 34
2a00:bdc0:c000::/35 maxlen: 35
2a00:bdc2::/31 maxlen: 31
2a00:bdc4::/30 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/k2eWXig08Yk8-oYxpIQHHmotRbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/k2eWXig08Yk8-oYxpIQHHmotRbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2eWXig08Yk8-oYxpIQHHmotRbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:85:3b:c9:4a:66:f4:4e:f1:84:f8:67:00:aa:08:68:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9367965e2834f1893cfa8631a484071e6a2d45b7
Validity
Not Before: Aug 7 15:52:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8911bdb9c339635fff6358f8d2e7482008d6468e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:bf:73:d0:6c:b9:df:a7:a2:ca:50:43:f9:
cf:79:f1:f5:62:be:19:97:a0:e8:72:84:0c:c6:24:
f3:c1:d4:89:d3:79:14:76:56:88:7c:c8:15:82:d5:
44:63:c1:4e:33:d2:f0:c2:b0:3d:da:e5:88:72:8f:
8c:bb:ee:fe:38:0d:9d:8a:2a:ba:0d:1e:3a:2c:77:
52:41:7f:72:b7:15:3a:09:32:7b:ba:4e:53:90:05:
7f:24:4a:c3:aa:fa:bb:8d:90:0b:e0:54:3c:f3:e5:
fe:7a:f0:ba:d4:af:91:55:b8:aa:b8:17:38:2a:de:
63:22:f7:d4:79:b6:19:91:3b:68:bd:5a:db:ef:9d:
6b:bc:fe:bb:9a:a0:f3:42:74:da:7d:e1:1d:57:ca:
f8:89:c2:01:d6:9b:1c:98:3a:60:9e:96:c7:58:4a:
bb:44:01:06:39:68:86:78:8d:96:ca:cc:4c:4c:17:
d4:85:b2:35:28:52:5d:74:10:82:24:b4:51:f4:0e:
4e:20:69:b7:72:00:c7:3f:4f:99:52:7e:b5:19:62:
45:37:aa:56:da:01:8b:e8:cf:9d:0d:ae:d9:39:68:
23:fc:e6:37:9b:09:ac:0b:1e:4f:d2:4d:75:2b:17:
d1:3d:5b:cc:06:e0:2e:0e:0a:d8:ad:98:fc:e1:de:
46:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:11:BD:B9:C3:39:63:5F:FF:63:58:F8:D2:E7:48:20:08:D6:46:8E
X509v3 Authority Key Identifier:
keyid:93:67:96:5E:28:34:F1:89:3C:FA:86:31:A4:84:07:1E:6A:2D:45:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2eWXig08Yk8-oYxpIQHHmotRbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/iRG9ucM5Y1__Y1j40udIIAjWRo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/k2eWXig08Yk8-oYxpIQHHmotRbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.164.0/24
79.137.180.0/24
93.186.224.0/20
95.142.192.0/20
185.32.248.0/22
IPv6:
2a00:bdc0::-2a00:bdc0:dfff:ffff:ffff:ffff:ffff:ffff
2a00:bdc2::-2a00:bdc7:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0d:62:82:7a:26:f7:05:54:d3:b2:03:54:8b:f1:8e:d7:d9:b6:
85:a6:25:76:b1:ae:bb:cc:04:21:18:f8:77:05:66:00:25:a8:
34:d8:f1:91:64:01:80:64:9f:6e:0f:57:10:24:7b:b4:e0:bb:
3b:51:96:79:08:00:48:a2:37:a4:26:b6:b7:6f:05:87:02:8b:
36:b0:0c:9c:c4:f1:4f:a4:fa:3d:86:e6:25:18:02:da:d1:da:
c5:f8:68:b7:33:be:21:33:58:aa:27:2c:d3:64:69:a7:fd:b2:
dd:15:4f:8f:c1:91:e5:5e:35:99:58:2c:b1:87:2a:db:b6:01:
64:4b:b9:19:af:35:e0:9c:63:41:94:c1:98:33:5e:72:af:7c:
a6:5d:c9:43:48:99:d3:6c:6b:64:dc:68:e1:66:3d:78:23:ab:
97:57:79:de:9b:30:ba:58:97:80:40:b0:51:17:a1:4a:e1:66:
c7:ee:5d:f3:0f:45:b4:61:a9:03:81:e9:59:45:e9:cc:8a:95:
0e:f8:8c:56:92:73:e3:1e:f9:44:e9:31:09:94:13:9d:10:a7:
e4:fd:e0:2d:9f:bf:c0:08:bb:b0:a7:1e:fa:c7:61:6f:13:d9:
fe:ab:fc:6b:0d:b5:c6:20:58:2c:8e:d8:96:6e:7c:62:16:09:
41:51:45:e0
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZiFO8lKZvRO8YT4ZwCqCGg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc5NjVlMjgzNGYxODkzY2ZhODYzMWE0ODQwNzFlNmEy
ZDQ1YjcwHhcNMjUwODA3MTU1MjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTExYmRiOWMzMzk2MzVmZmY2MzU4ZjhkMmU3NDgyMDA4ZDY0NjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt32/c9Bsud+nospQQ/nPefH1Yr4Z
l6DocoQMxiTzwdSJ03kUdlaIfMgVgtVEY8FOM9LwwrA92uWIco+Mu+7+OA2diiq6
DR46LHdSQX9ytxU6CTJ7uk5TkAV/JErDqvq7jZAL4FQ88+X+evC61K+RVbiquBc4
Kt5jIvfUebYZkTtovVrb751rvP67mqDzQnTafeEdV8r4icIB1pscmDpgnpbHWEq7
RAEGOWiGeI2WysxMTBfUhbI1KFJddBCCJLRR9A5OIGm3cgDHP0+ZUn61GWJFN6pW
2gGL6M+dDa7ZOWgj/OY3mwmsCx5P0k11KxfRPVvMBuAuDgrYrZj84d5GFQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIkRvbnDOWNf/2NY+NLnSCAI1kaOMB8GA1UdIwQY
MBaAFJNnll4oNPGJPPqGMaSEBx5qLUW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJlV1hpZzA4WWs4LW9ZeHBJUUhIbW90UmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xODEzYmEtNTA2ZS00NDRlLTljYTQt
ZjA5M2UxN2IyN2VmLzEvaVJHOXVjTTVZMV9fWTFqNDB1ZElJQWpXUm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xODEzYmEtNTA2ZS00NDRlLTljYTQtZjA5M2UxN2IyN2Vm
LzEvazJlV1hpZzA4WWs4LW9ZeHBJUUhIbW90UmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAkBAIAATAeAwQAT4mkAwQA
T4m0AwQEXbrgAwQEX47AAwQCuSD4MCcEAgACMCEwDwMFBioAvcADBgUqAL3AwDAO
AwUBKgC9wgMFAyoAvcAwDQYJKoZIhvcNAQELBQADggEBAA1ignom9wVU07IDVIvx
jtfZtoWmJXaxrrvMBCEY+HcFZgAlqDTY8ZFkAYBkn24PVxAke7TguztRlnkIAEii
N6QmtrdvBYcCizawDJzE8U+k+j2G5iUYAtrR2sX4aLczviEzWKonLNNkaaf9st0V
T4/BkeVeNZlYLLGHKtu2AWRLuRmvNeCcY0GUwZgzXnKvfKZdyUNImdNsa2TcaOFm
PXgjq5dXed6bMLpYl4BAsFEXoUrhZsfuXfMPRbRhqQOB6VlF6cyKlQ74jFaSc+Me
+UTpMQmUE50Qp+T94C2fv8AIu7CnHvrHYW8T2f6r/GsNtcYgWCyO2JZufGIWCUFR
ReA=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:51:18 2025 by rpki-client