Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/9-BujRyAiG67GPBXPyZf0-ILLF4.roa
File: 9-BujRyAiG67GPBXPyZf0-ILLF4.roa (raw, json)
Hash identifier: KkFtXt5WRV9VBYy3IBvnda5CkZe910L5RSJzKX/5FFY=
Subject key identifier: F7:E0:6E:8D:1C:80:88:6E:BB:18:F0:57:3F:26:5F:D3:E2:0B:2C:5E
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 0199ECF58B964FB3B2D69DE00FCD90641EFB
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/9-BujRyAiG67GPBXPyZf0-ILLF4.roa
Signing time: Thu 16 Oct 2025 12:18:58 +0000
ROA not before: Thu 16 Oct 2025 12:18:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13237
IP address blocks: 62.4.64.0/19 maxlen: 24
62.4.64.0/22 maxlen: 24
62.80.96.0/19 maxlen: 24
62.93.192.0/18 maxlen: 24
80.86.160.0/19 maxlen: 24
80.252.32.0/20 maxlen: 20
81.209.128.0/17 maxlen: 24
82.98.200.0/21 maxlen: 24
82.98.208.0/20 maxlen: 24
82.98.224.0/21 maxlen: 24
82.197.128.0/19 maxlen: 24
83.124.0.0/14 maxlen: 24
83.125.45.0/24 maxlen: 24
83.125.71.0/24 maxlen: 24
83.133.0.0/16 maxlen: 24
83.137.80.0/21 maxlen: 21
84.207.0.0/16 maxlen: 24
84.207.205.0/24 maxlen: 24
84.207.210.0/24 maxlen: 24
84.207.225.0/24 maxlen: 24
84.207.226.0/24 maxlen: 24
84.207.228.0/24 maxlen: 24
84.207.229.0/24 maxlen: 24
84.207.231.0/24 maxlen: 24
84.207.240.0/24 maxlen: 24
185.99.80.0/22 maxlen: 22
185.250.87.0/24 maxlen: 24
217.19.32.0/20 maxlen: 20
217.71.96.0/20 maxlen: 24
217.112.144.0/20 maxlen: 24
217.112.144.0/21 maxlen: 24
2001:7f0::/29 maxlen: 48
2001:7f0::/32 maxlen: 48
2001:7f0:4020::/48 maxlen: 48
2001:1618::/29 maxlen: 48
2001:4d40::/29 maxlen: 48
2001:4d40::/32 maxlen: 48
2a00:cc0::/29 maxlen: 48
2a00:cc0::/32 maxlen: 48
2a00:cc0:4:1::/64 maxlen: 64
2a00:fa0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ec:f5:8b:96:4f:b3:b2:d6:9d:e0:0f:cd:90:64:1e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Oct 16 12:18:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7e06e8d1c80886ebb18f0573f265fd3e20b2c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:75:69:92:ac:57:68:26:fc:5c:96:fa:eb:b2:
77:fd:dc:f7:50:c9:48:a9:8d:44:1d:b1:92:45:ec:
17:67:c6:c6:15:15:aa:04:97:51:24:12:90:67:49:
b8:ea:a5:07:3b:d4:0d:d1:48:43:53:04:f9:1a:ff:
47:f1:f5:96:0a:a8:db:53:ea:23:77:49:b0:df:67:
ca:5d:d2:e5:1d:f6:8e:9c:78:5a:d5:f8:49:cf:d2:
6e:b5:46:b0:59:74:76:2e:e5:c8:21:bc:df:8a:84:
8e:76:93:d0:8d:33:91:72:dc:9c:0a:58:13:2c:81:
6d:61:87:4c:3f:b1:60:16:42:b7:24:28:d3:5f:fb:
fb:7b:7d:30:e7:91:57:b4:47:c5:17:22:18:ab:1b:
ce:69:cc:db:13:25:16:51:84:84:be:0f:80:65:a1:
de:de:9d:ce:29:27:4f:3c:d4:db:d8:da:3d:40:6e:
ec:ad:39:23:c7:56:a2:3e:9d:57:87:db:03:7c:6d:
71:18:48:1e:46:53:e3:0e:2a:cc:4f:0d:2e:5a:e4:
19:89:9a:f8:7f:ba:e5:9b:21:dd:f1:54:ba:68:27:
b9:6f:99:13:16:b0:57:e1:5b:7f:dc:0a:de:cc:89:
1c:5c:92:ab:81:ba:3d:a5:87:e1:13:32:53:33:c9:
3c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:E0:6E:8D:1C:80:88:6E:BB:18:F0:57:3F:26:5F:D3:E2:0B:2C:5E
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/9-BujRyAiG67GPBXPyZf0-ILLF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.64.0/19
62.80.96.0/19
62.93.192.0/18
80.86.160.0/19
80.252.32.0/20
81.209.128.0/17
82.98.200.0-82.98.231.255
82.197.128.0/19
83.124.0.0/14
83.133.0.0/16
83.137.80.0/21
84.207.0.0/16
185.99.80.0/22
185.250.87.0/24
217.19.32.0/20
217.71.96.0/20
217.112.144.0/20
IPv6:
2001:7f0::/29
2001:1618::/29
2001:4d40::/29
2a00:cc0::/29
2a00:fa0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:9a:97:36:71:ee:46:d7:9e:51:75:f6:65:6a:c7:41:06:59:
5a:f6:b2:8e:22:e4:d9:c3:ac:70:c8:f4:4c:b2:7e:94:73:57:
05:0d:c0:47:ea:55:ab:3e:94:94:df:a8:f9:42:14:9b:54:eb:
01:59:e9:02:31:b4:c7:0b:59:8f:37:a6:bf:a7:10:b2:27:99:
4e:d2:d5:c1:3e:0e:60:39:b1:e8:fd:0a:d7:4d:d1:c0:c2:50:
f9:c1:e0:60:59:36:71:43:63:6d:d0:44:e4:33:3d:f0:3f:60:
25:49:fd:56:1e:e0:23:97:e0:16:c4:b4:0e:88:a3:ee:fd:74:
09:76:0d:4c:7f:df:b5:0f:bb:f4:ea:ef:3f:68:63:75:7b:df:
ea:b3:bd:15:eb:33:41:66:56:a6:61:9a:ab:93:fa:4b:f8:6c:
60:bf:b1:84:26:ab:60:48:a2:96:5f:16:7a:5b:99:5e:86:ae:
06:da:b4:e0:f1:ff:5c:6c:bc:fe:26:5a:d9:ae:cb:44:a2:47:
a8:ea:59:e4:37:73:1b:ba:6e:32:50:30:70:26:65:9f:2b:ec:
b3:cf:c5:20:8a:29:6d:31:fe:de:73:2b:03:37:41:76:85:16:
ba:f5:3f:e4:fd:be:75:38:15:19:c4:c7:6d:81:60:3d:8b:35:
40:3a:64:15
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZns9YuWT7Oy1p3gD82QZB77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjUxMDE2MTIxODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2UwNmU4ZDFjODA4ODZlYmIxOGYwNTczZjI2NWZkM2UyMGIyYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHVpkqxXaCb8XJb667J3/dz3UMlI
qY1EHbGSRewXZ8bGFRWqBJdRJBKQZ0m46qUHO9QN0UhDUwT5Gv9H8fWWCqjbU+oj
d0mw32fKXdLlHfaOnHha1fhJz9JutUawWXR2LuXIIbzfioSOdpPQjTORctycClgT
LIFtYYdMP7FgFkK3JCjTX/v7e30w55FXtEfFFyIYqxvOaczbEyUWUYSEvg+AZaHe
3p3OKSdPPNTb2No9QG7srTkjx1aiPp1Xh9sDfG1xGEgeRlPjDirMTw0uWuQZiZr4
f7rlmyHd8VS6aCe5b5kTFrBX4Vt/3ArezIkcXJKrgbo9pYfhEzJTM8k8IQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFPfgbo0cgIhuuxjwVz8mX9PiCyxeMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvOS1CdWpSeUFpRzY3R1BCWFB5WmYwLUlMTEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjBxBAIAATBrAwQFPgRA
AwQFPlBgAwQGPl3AAwQFUFagAwQEUPwgAwQHUdGAMAwDBANSYsgDBANSYuADBAVS
xYADAwJTfAMDAFOFAwQDU4lQAwMAVM8DBAK5Y1ADBAC5+lcDBATZEyADBATZR2AD
BATZcJAwKQQCAAIwIwMFAyABB/ADBQMgARYYAwUDIAFNQAMFAyoADMADBQAqAA+g
MA0GCSqGSIb3DQEBCwUAA4IBAQBsmpc2ce5G155RdfZlasdBBlla9rKOIuTZw6xw
yPRMsn6Uc1cFDcBH6lWrPpSU36j5QhSbVOsBWekCMbTHC1mPN6a/pxCyJ5lO0tXB
Pg5gObHo/QrXTdHAwlD5weBgWTZxQ2Nt0ETkMz3wP2AlSf1WHuAjl+AWxLQOiKPu
/XQJdg1Mf9+1D7v06u8/aGN1e9/qs70V6zNBZlamYZqrk/pL+Gxgv7GEJqtgSKKW
XxZ6W5lehq4G2rTg8f9cbLz+JlrZrstEokeo6lnkN3Mbum4yUDBwJmWfK+yzz8Ug
iiltMf7ecysDN0F2hRa69T/k/b51OBUZxMdtgWA9izVAOmQV
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:17 2025 by rpki-client