
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/OKnFbF9P91_ZXtKJ3LL2trYGZZA.roa
File: OKnFbF9P91_ZXtKJ3LL2trYGZZA.roa (raw, json)
Hash identifier: REsU/w11Yq/eW46cSLfnRZY+9FwY7bx6z/QbRrdcMvw=
Subject key identifier: 38:A9:C5:6C:5F:4F:F7:5F:D9:5E:D2:89:DC:B2:F6:B6:B6:06:65:90
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 019943C8C6986B0EABDDE8E926974D616204
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/OKnFbF9P91_ZXtKJ3LL2trYGZZA.roa
Signing time: Sat 13 Sep 2025 15:54:15 +0000
ROA not before: Sat 13 Sep 2025 15:54:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 92.240.204.0/24 maxlen: 24
92.240.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:43:c8:c6:98:6b:0e:ab:dd:e8:e9:26:97:4d:61:62:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Sep 13 15:54:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38a9c56c5f4ff75fd95ed289dcb2f6b6b6066590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5f:cc:20:f9:91:e9:40:dd:2f:c9:00:f1:8c:
a5:98:fc:8d:71:1f:23:9d:29:aa:ec:c5:9e:4b:19:
dc:5f:ff:5e:d8:de:6b:57:ab:27:90:59:08:46:04:
72:2d:6d:60:42:33:1d:03:29:7b:9d:0f:8e:c9:ee:
01:44:5f:c2:ab:a4:94:f1:07:22:e0:4f:97:a8:f2:
63:7b:2a:6b:2b:a5:3e:c8:40:a4:bf:3b:84:cc:fe:
2e:eb:ab:3c:79:27:b4:fb:3e:34:cc:b9:ee:99:f0:
81:26:3f:3e:ca:90:3a:b8:19:ed:f9:a2:1f:8d:fa:
80:b9:80:47:4d:7d:81:08:02:9d:d1:1d:a6:88:68:
33:d5:a2:03:5e:28:79:d3:96:52:0f:6d:ae:9b:55:
1a:d0:52:22:e3:15:65:d2:f3:34:f8:ff:ae:31:1d:
90:82:fd:6d:26:5a:4c:14:8b:14:30:27:a7:bd:88:
af:39:b7:4d:2b:df:2c:6e:dc:cf:22:4e:5c:35:2b:
db:5f:cc:20:1d:af:e1:16:aa:cb:9d:9c:3f:89:c3:
24:f9:64:8e:ca:97:67:4b:62:8d:21:5b:e6:95:58:
fb:7d:c1:f5:57:8e:6e:dd:7a:a0:44:a3:c5:8b:0a:
3d:c6:1c:ce:58:32:c2:e0:69:e2:6d:61:3b:24:5e:
8e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A9:C5:6C:5F:4F:F7:5F:D9:5E:D2:89:DC:B2:F6:B6:B6:06:65:90
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/OKnFbF9P91_ZXtKJ3LL2trYGZZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.240.204.0/24
92.240.215.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:bd:b4:7f:21:1d:4c:90:56:d3:2d:1a:70:e8:f1:18:d7:64:
9a:b3:9a:51:5d:08:a6:d3:c3:22:15:52:83:ff:e2:fe:fa:dc:
1b:22:03:1b:ca:93:3b:4b:7b:55:96:59:2a:e3:4d:df:17:e0:
c2:cb:89:d0:35:69:55:be:95:55:21:d7:7d:26:10:88:47:7d:
93:95:bd:79:a4:fc:69:f3:91:18:da:08:76:98:f1:cc:1f:a5:
8a:45:80:fc:e7:63:d8:7e:a4:7d:c3:2c:93:62:8c:1b:e3:7a:
f6:3b:b1:97:54:97:88:83:76:f6:be:d9:c8:98:a2:f1:60:b8:
39:e5:88:ee:7f:db:a6:7f:7d:6c:74:71:b0:a5:53:4c:84:a1:
cf:04:4b:23:cd:1f:58:25:18:36:8d:5e:ce:5b:7d:9d:e1:2c:
af:f3:41:14:6b:85:85:b7:46:2f:29:e9:d4:a1:04:e8:71:0d:
81:47:07:a2:df:4c:8f:a5:7e:b3:a8:ef:6b:6e:a3:53:6a:f1:
bd:7b:8d:fe:11:d7:f2:dc:38:03:8c:5c:20:1c:7c:99:cd:93:
72:97:b8:44:58:5f:1d:fe:e9:2f:12:c9:cf:ad:dd:e9:58:ab:
c8:04:9f:53:37:0b:09:f4:00:38:0e:d3:75:40:3c:bd:cc:fb:
8a:5e:82:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlDyMaYaw6r3ejpJpdNYWIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUwOTEzMTU1NDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGE5YzU2YzVmNGZmNzVmZDk1ZWQyODlkY2IyZjZiNmI2MDY2NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6V/MIPmR6UDdL8kA8YylmPyNcR8j
nSmq7MWeSxncX/9e2N5rV6snkFkIRgRyLW1gQjMdAyl7nQ+Oye4BRF/Cq6SU8Qci
4E+XqPJjeyprK6U+yECkvzuEzP4u66s8eSe0+z40zLnumfCBJj8+ypA6uBnt+aIf
jfqAuYBHTX2BCAKd0R2miGgz1aIDXih505ZSD22um1Ua0FIi4xVl0vM0+P+uMR2Q
gv1tJlpMFIsUMCenvYivObdNK98sbtzPIk5cNSvbX8wgHa/hFqrLnZw/icMk+WSO
ypdnS2KNIVvmlVj7fcH1V45u3XqgRKPFiwo9xhzOWDLC4GnibWE7JF6OzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDipxWxfT/df2V7Sidyy9ra2BmWQMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvT0tuRmJGOVA5MV9aWHRLSjNMTDJ0cllHWlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXPDMAwQA
XPDXMA0GCSqGSIb3DQEBCwUAA4IBAQCkvbR/IR1MkFbTLRpw6PEY12Sas5pRXQim
08MiFVKD/+L++twbIgMbypM7S3tVllkq403fF+DCy4nQNWlVvpVVIdd9JhCIR32T
lb15pPxp85EY2gh2mPHMH6WKRYD852PYfqR9wyyTYowb43r2O7GXVJeIg3b2vtnI
mKLxYLg55Yjuf9umf31sdHGwpVNMhKHPBEsjzR9YJRg2jV7OW32d4Syv80EUa4WF
t0YvKenUoQTocQ2BRwei30yPpX6zqO9rbqNTavG9e43+Edfy3DgDjFwgHHyZzZNy
l7hEWF8d/ukvEsnPrd3pWKvIBJ9TNwsJ9AA4DtN1QDy9zPuKXoIw
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:47 2025 by rpki-client