Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/d63f8e-4b1a-48bf-87eb-29fa47b68093/1/9h0IDYCPr58Ccxg81AcMZ_13oWo.roa
File: 9h0IDYCPr58Ccxg81AcMZ_13oWo.roa (raw, json)
Hash identifier: l+FTuWjUD+EZ0mXchVkunlX52jPEdy8UaVQG+ZcxDvM=
Subject key identifier: F6:1D:08:0D:80:8F:AF:9F:02:73:18:3C:D4:07:0C:67:FD:77:A1:6A
Certificate issuer: /CN=0b453b410d3586a6237a951eef3b03f4c44118f0
Certificate serial: 0199DF1410C02BD0AD60D9F2FDD8313D0DEF
Authority key identifier: 0B:45:3B:41:0D:35:86:A6:23:7A:95:1E:EF:3B:03:F4:C4:41:18:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0U7QQ01hqYjepUe7zsD9MRBGPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/d63f8e-4b1a-48bf-87eb-29fa47b68093/1/9h0IDYCPr58Ccxg81AcMZ_13oWo.roa
Signing time: Mon 13 Oct 2025 19:37:38 +0000
ROA not before: Mon 13 Oct 2025 19:37:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 91.228.10.0/24 maxlen: 24
146.19.80.0/24 maxlen: 24
185.65.105.0/24 maxlen: 24
185.248.144.0/24 maxlen: 24
2a12:6500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/d63f8e-4b1a-48bf-87eb-29fa47b68093/1/C0U7QQ01hqYjepUe7zsD9MRBGPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/d63f8e-4b1a-48bf-87eb-29fa47b68093/1/C0U7QQ01hqYjepUe7zsD9MRBGPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/C0U7QQ01hqYjepUe7zsD9MRBGPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:df:14:10:c0:2b:d0:ad:60:d9:f2:fd:d8:31:3d:0d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b453b410d3586a6237a951eef3b03f4c44118f0
Validity
Not Before: Oct 13 19:37:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f61d080d808faf9f0273183cd4070c67fd77a16a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:ce:a3:47:ab:e2:e0:f8:8d:f4:58:58:b7:
2e:79:a4:c1:29:e3:63:c4:39:5c:b2:94:68:b4:5f:
46:b8:00:1c:04:df:c0:66:db:83:a0:75:65:b1:33:
30:ee:a8:7f:33:ef:d6:53:88:c8:1e:d6:27:23:88:
42:7a:12:8b:47:b4:9d:94:82:55:8e:fc:8e:91:bb:
7f:ca:bf:2a:b9:9d:29:90:77:41:7c:1e:15:dd:80:
48:9f:85:0c:7c:53:e9:5f:8c:02:67:46:65:21:ad:
69:64:7b:d5:23:82:6d:06:ad:b8:09:ca:c8:be:15:
32:77:77:59:c4:3c:81:29:f0:42:7f:27:84:a0:f5:
ca:1a:a1:73:31:ec:fe:cc:bd:3a:50:3a:1d:81:ab:
c4:e3:09:dc:dc:33:8f:70:90:b3:99:4f:d0:e5:ff:
a7:d5:59:1a:06:00:75:f9:74:13:3a:d8:cf:3b:19:
5c:62:61:0e:a9:32:da:d8:59:d9:ed:20:9e:99:32:
f7:02:43:dd:e8:d1:b6:3f:d5:35:21:fb:08:49:9d:
3d:56:d5:83:a3:12:72:82:9e:d0:da:d2:8b:6c:25:
cb:03:10:f5:0c:f6:97:87:78:95:cb:03:94:8d:fb:
16:c9:a8:42:b7:3a:d2:ed:b6:b8:ed:00:1b:a1:1a:
24:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1D:08:0D:80:8F:AF:9F:02:73:18:3C:D4:07:0C:67:FD:77:A1:6A
X509v3 Authority Key Identifier:
keyid:0B:45:3B:41:0D:35:86:A6:23:7A:95:1E:EF:3B:03:F4:C4:41:18:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0U7QQ01hqYjepUe7zsD9MRBGPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/d63f8e-4b1a-48bf-87eb-29fa47b68093/1/9h0IDYCPr58Ccxg81AcMZ_13oWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/d63f8e-4b1a-48bf-87eb-29fa47b68093/1/C0U7QQ01hqYjepUe7zsD9MRBGPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.10.0/24
146.19.80.0/24
185.65.105.0/24
185.248.144.0/24
IPv6:
2a12:6500::/32
Signature Algorithm: sha256WithRSAEncryption
41:d6:ef:7c:e4:c6:41:b2:ea:fc:3e:dc:47:0e:bc:cd:f7:14:
f4:d9:6d:a2:af:ef:f7:66:ce:99:99:e1:30:18:58:ec:00:f6:
14:f3:b5:93:13:db:85:dd:26:b8:cf:ed:26:0c:1c:98:57:1b:
60:64:4e:22:2b:a6:43:7f:87:70:e9:ff:17:b5:17:e6:46:e5:
4b:b7:89:d9:ac:d6:d1:64:b9:22:c2:86:18:fb:28:8c:2b:25:
b8:91:a1:83:e4:fa:db:8a:85:68:d9:68:34:29:92:91:2b:4a:
47:83:37:23:ae:d8:b4:d3:d6:9a:a4:10:2b:00:d2:d2:b3:9a:
f1:b6:81:53:1a:40:06:5a:43:48:0f:f1:c9:45:e8:5b:e5:74:
f4:3b:e2:e6:d6:3f:bc:c0:8f:5b:55:59:17:b1:b7:4d:bb:72:
9f:f6:4d:ab:03:2a:80:7f:1b:b3:c0:98:24:58:02:06:fa:7c:
ba:25:b6:32:50:20:f7:28:7f:d5:82:bc:54:c1:d9:53:66:66:
d1:34:9c:89:a7:fc:36:8d:e0:5b:85:28:05:c9:6a:04:5c:71:
22:75:d5:81:fb:f3:17:4f:af:34:d0:08:c2:86:e2:2b:c6:d3:
ee:d4:35:b4:c4:4b:a7:e2:15:74:fd:6d:81:f9:05:43:3e:34:
de:cc:8a:1a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZnfFBDAK9CtYNny/dgxPQ3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNDUzYjQxMGQzNTg2YTYyMzdhOTUxZWVmM2IwM2Y0YzQ0
MTE4ZjAwHhcNMjUxMDEzMTkzNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjFkMDgwZDgwOGZhZjlmMDI3MzE4M2NkNDA3MGM2N2ZkNzdhMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF/Oo0er4uD4jfRYWLcueaTBKeNj
xDlcspRotF9GuAAcBN/AZtuDoHVlsTMw7qh/M+/WU4jIHtYnI4hCehKLR7SdlIJV
jvyOkbt/yr8quZ0pkHdBfB4V3YBIn4UMfFPpX4wCZ0ZlIa1pZHvVI4JtBq24CcrI
vhUyd3dZxDyBKfBCfyeEoPXKGqFzMez+zL06UDodgavE4wnc3DOPcJCzmU/Q5f+n
1VkaBgB1+XQTOtjPOxlcYmEOqTLa2FnZ7SCemTL3AkPd6NG2P9U1IfsISZ09VtWD
oxJygp7Q2tKLbCXLAxD1DPaXh3iVywOUjfsWyahCtzrS7ba47QAboRokQwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPYdCA2Aj6+fAnMYPNQHDGf9d6FqMB8GA1UdIwQY
MBaAFAtFO0ENNYamI3qVHu87A/TEQRjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzBVN1FRMDFocVlqZXBVZTd6c0Q5TVJCR1BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kNjNmOGUtNGIxYS00OGJmLTg3ZWIt
MjlmYTQ3YjY4MDkzLzEvOWgwSURZQ1ByNThDY3hnODFBY01aXzEzb1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kNjNmOGUtNGIxYS00OGJmLTg3ZWItMjlmYTQ3YjY4MDkz
LzEvQzBVN1FRMDFocVlqZXBVZTd6c0Q5TVJCR1BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW+QKAwQA
khNQAwQAuUFpAwQAufiQMA0EAgACMAcDBQAqEmUAMA0GCSqGSIb3DQEBCwUAA4IB
AQBB1u985MZBsur8PtxHDrzN9xT02W2ir+/3Zs6ZmeEwGFjsAPYU87WTE9uF3Sa4
z+0mDByYVxtgZE4iK6ZDf4dw6f8XtRfmRuVLt4nZrNbRZLkiwoYY+yiMKyW4kaGD
5PrbioVo2Wg0KZKRK0pHgzcjrti009aapBArANLSs5rxtoFTGkAGWkNID/HJRehb
5XT0O+Lm1j+8wI9bVVkXsbdNu3Kf9k2rAyqAfxuzwJgkWAIG+ny6JbYyUCD3KH/V
grxUwdlTZmbRNJyJp/w2jeBbhSgFyWoEXHEiddWB+/MXT6800AjChuIrxtPu1DW0
xEun4hV0/W2B+QVDPjTezIoa
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:11 2025 by rpki-client