Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mS1s9j-JjgNm4d2VuT1lr5VcqMA.roa
File: mS1s9j-JjgNm4d2VuT1lr5VcqMA.roa (raw, json)
Hash identifier: xf8zpG47yBnOyy23/cPTCI/LJKLAzA3IN7xQkiepsjk=
Subject key identifier: 99:2D:6C:F6:3F:89:8E:03:66:E1:DD:95:B9:3D:65:AF:95:5C:A8:C0
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0198AC1E026703960A3E2351F9826C7DDED3
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mS1s9j-JjgNm4d2VuT1lr5VcqMA.roa
Signing time: Fri 15 Aug 2025 05:05:04 +0000
ROA not before: Fri 15 Aug 2025 05:05:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216138
IP address blocks: 192.200.192.0/19 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ac:1e:02:67:03:96:0a:3e:23:51:f9:82:6c:7d:de:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 15 05:05:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=992d6cf63f898e0366e1dd95b93d65af955ca8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f2:9c:e1:8a:3c:41:ca:8b:60:5d:93:96:71:
b3:a0:c0:7a:0a:7c:35:4e:b8:da:26:6c:61:e4:39:
75:de:23:52:bd:63:91:16:65:22:90:a1:d4:5b:d0:
78:f4:32:36:73:96:c3:f3:27:b7:d4:ff:b4:a9:00:
e6:48:3c:71:67:3f:c9:e1:85:d9:0a:bc:23:b3:ac:
f4:42:90:4c:45:43:8f:af:b3:11:7d:04:05:d7:0f:
c4:7c:7a:f9:42:b4:98:ad:8f:fe:fd:bf:94:80:e8:
c5:e2:9b:fd:41:b8:03:bc:ae:e9:da:61:79:6d:c2:
05:c7:5a:ee:aa:e2:c7:27:63:b9:cd:28:3e:28:8c:
7f:d2:49:ee:32:e7:45:e0:0a:15:84:dc:66:1e:da:
c4:a0:23:83:ae:a5:3b:26:69:1b:1c:4b:36:b3:78:
e4:72:e6:5f:c7:1c:6f:fa:f4:d5:1e:b4:89:e7:7f:
43:d4:21:7f:9f:63:9c:4c:b8:3a:50:ae:a6:24:8f:
bb:3e:f1:e5:e4:67:c8:07:fe:10:ff:b0:d1:40:1a:
5d:ea:1b:72:80:3a:8f:af:27:12:a5:f2:6c:7a:8e:
3b:14:87:42:8a:df:09:1f:23:33:87:87:dc:93:99:
89:7d:16:65:40:0f:5d:90:6b:17:64:48:aa:8a:f4:
62:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2D:6C:F6:3F:89:8E:03:66:E1:DD:95:B9:3D:65:AF:95:5C:A8:C0
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mS1s9j-JjgNm4d2VuT1lr5VcqMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.200.192.0/19
Signature Algorithm: sha256WithRSAEncryption
35:6f:8a:a2:81:e0:c5:4f:3b:32:81:89:5a:97:22:0f:fc:66:
b9:1c:19:e7:07:02:b0:cc:80:63:ac:88:d7:05:54:d9:36:43:
f5:4e:3c:37:2e:0d:3d:89:08:85:a0:28:dd:a2:17:a9:68:34:
e9:d4:50:7c:14:8f:e8:09:b7:e3:d2:0f:43:0f:6d:63:39:b2:
58:8d:3c:03:7a:e4:71:78:6a:9d:ae:8c:84:cb:c1:73:d3:09:
e4:b9:c7:5e:91:88:61:59:b1:b8:40:bd:ba:9a:1a:98:75:8f:
6c:54:e4:67:58:53:d0:1d:27:2b:36:64:2c:1c:01:10:ef:37:
55:83:2b:f0:b7:75:d7:aa:7e:55:4b:a1:d9:b1:74:75:37:43:
9a:84:66:aa:8f:04:14:d9:50:39:5c:1c:a7:eb:43:e1:74:64:
32:f4:13:c8:de:32:65:9d:89:03:42:b1:bb:ea:2d:ac:45:e1:
23:f4:d7:4d:5d:92:d8:b5:6b:50:b9:dc:8e:7c:e8:ef:c9:66:
34:1f:97:c1:ad:1c:3c:a1:04:90:71:d9:8a:87:1f:e6:5d:85:
db:71:8b:5d:db:92:bc:8d:e4:9c:1d:47:8e:41:54:8f:d4:c1:
7c:24:74:fe:37:4a:52:86:8c:95:ea:bd:86:e7:99:a6:0d:cf:
bb:0d:ce:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZisHgJnA5YKPiNR+YJsfd7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwODE1MDUwNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJkNmNmNjNmODk4ZTAzNjZlMWRkOTViOTNkNjVhZjk1NWNhOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPKc4Yo8QcqLYF2TlnGzoMB6Cnw1
TrjaJmxh5Dl13iNSvWORFmUikKHUW9B49DI2c5bD8ye31P+0qQDmSDxxZz/J4YXZ
Crwjs6z0QpBMRUOPr7MRfQQF1w/EfHr5QrSYrY/+/b+UgOjF4pv9QbgDvK7p2mF5
bcIFx1ruquLHJ2O5zSg+KIx/0knuMudF4AoVhNxmHtrEoCODrqU7JmkbHEs2s3jk
cuZfxxxv+vTVHrSJ539D1CF/n2OcTLg6UK6mJI+7PvHl5GfIB/4Q/7DRQBpd6hty
gDqPrycSpfJseo47FIdCit8JHyMzh4fck5mJfRZlQA9dkGsXZEiqivRiWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJktbPY/iY4DZuHdlbk9Za+VXKjAMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvbVMxczlqLUpqZ05tNGQyVnVUMWxyNVZjcU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwMjAMA0G
CSqGSIb3DQEBCwUAA4IBAQA1b4qigeDFTzsygYlalyIP/Ga5HBnnBwKwzIBjrIjX
BVTZNkP1Tjw3Lg09iQiFoCjdohepaDTp1FB8FI/oCbfj0g9DD21jObJYjTwDeuRx
eGqdroyEy8Fz0wnkucdekYhhWbG4QL26mhqYdY9sVORnWFPQHScrNmQsHAEQ7zdV
gyvwt3XXqn5VS6HZsXR1N0OahGaqjwQU2VA5XByn60PhdGQy9BPI3jJlnYkDQrG7
6i2sReEj9NdNXZLYtWtQudyOfOjvyWY0H5fBrRw8oQSQcdmKhx/mXYXbcYtd25K8
jeScHUeOQVSP1MF8JHT+N0pShoyV6r2G55mmDc+7Dc6y
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:59:40 2025 by rpki-client