Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/91Ml2kQH8w2tLiMLT6Fbcu6KSJM.roa
File: 91Ml2kQH8w2tLiMLT6Fbcu6KSJM.roa (raw, json)
Hash identifier: EmTDmBXIKNOaEr2bWKxBRH3EXyiQ1ZJtO/knk/QxnbE=
Subject key identifier: F7:53:25:DA:44:07:F3:0D:AD:2E:23:0B:4F:A1:5B:72:EE:8A:48:93
Certificate issuer: /CN=ffdbfbdb6e975ddca8f6dd968c37a7d5560e691d
Certificate serial: 0197A6EED91453ACD0B8E774948904BFE315
Authority key identifier: FF:DB:FB:DB:6E:97:5D:DC:A8:F6:DD:96:8C:37:A7:D5:56:0E:69:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/91Ml2kQH8w2tLiMLT6Fbcu6KSJM.roa
Signing time: Wed 25 Jun 2025 11:52:40 +0000
ROA not before: Wed 25 Jun 2025 11:52:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 2a02:e9c2::/32 maxlen: 32
2a02:e9c7::/32 maxlen: 32
2a13:6cc0::/32 maxlen: 32
2a13:6cc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:ee:d9:14:53:ac:d0:b8:e7:74:94:89:04:bf:e3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdbfbdb6e975ddca8f6dd968c37a7d5560e691d
Validity
Not Before: Jun 25 11:52:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f75325da4407f30dad2e230b4fa15b72ee8a4893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dc:0e:0f:57:de:40:33:a2:67:f1:c0:78:6e:
18:92:d3:c9:69:4d:b3:40:5b:b0:0e:53:a5:e8:4d:
76:4e:2a:fd:d8:35:e2:87:63:1b:69:33:a8:b1:32:
89:b8:e2:cf:3f:4e:04:01:7b:80:f2:c4:fe:cd:0a:
0d:1a:aa:b8:67:d3:22:7a:55:e0:eb:b8:ff:89:cd:
f8:61:b7:ce:43:4a:34:14:a4:5d:31:66:23:97:ea:
48:83:7e:5b:34:04:71:aa:98:f3:39:6a:f5:4a:31:
9e:45:53:e7:75:f3:28:1e:dc:82:f8:78:06:25:4b:
1c:36:3e:e3:03:8f:69:72:12:c0:62:16:8b:96:d4:
f8:26:e7:7a:f2:f4:d3:0c:37:d9:ac:cf:ce:f8:47:
23:78:2d:3a:49:d4:8f:69:7c:42:d9:90:6b:29:fa:
ed:1f:de:19:35:47:d5:5a:4c:04:52:d7:4d:19:58:
e5:85:ba:d9:0f:a2:7a:f9:f3:c3:84:c6:99:f9:43:
bf:75:3f:b0:14:14:c8:94:d3:1b:ef:18:1a:06:bd:
d5:77:36:a9:bf:d0:39:31:b9:96:bc:eb:ad:5f:63:
3a:2f:ee:5b:b7:65:db:11:ee:53:65:c9:e6:4b:52:
b8:09:20:23:dc:47:04:d2:6d:bb:ad:19:18:61:0a:
56:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:53:25:DA:44:07:F3:0D:AD:2E:23:0B:4F:A1:5B:72:EE:8A:48:93
X509v3 Authority Key Identifier:
keyid:FF:DB:FB:DB:6E:97:5D:DC:A8:F6:DD:96:8C:37:A7:D5:56:0E:69:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/91Ml2kQH8w2tLiMLT6Fbcu6KSJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:e9c2::/32
2a02:e9c7::/32
2a13:6cc0::/32
2a13:6cc7::/32
Signature Algorithm: sha256WithRSAEncryption
4d:16:6d:24:b8:0d:da:9b:08:5b:23:1e:8c:88:21:ad:68:60:
b3:8d:8f:3e:7d:0d:2c:ec:b7:9b:f2:e1:a3:3d:4e:03:a7:7a:
4f:dd:d1:0f:85:9a:5e:ff:4e:bf:aa:06:fa:93:10:4a:ea:03:
b7:32:d7:ea:55:8e:7c:c4:36:a7:c9:9f:cf:4c:10:04:f1:a9:
d3:24:08:22:42:0c:fb:79:50:2c:7d:9e:6b:aa:45:d6:1d:6c:
71:d0:07:3a:8a:23:48:1a:21:90:1d:aa:70:c5:79:56:ab:98:
2c:e1:e0:5e:88:9e:fc:e9:10:33:c4:b9:b4:09:8b:99:e0:49:
b7:fc:5b:ec:8f:ce:ad:3a:af:e7:e3:24:e7:63:ff:e7:2a:d2:
d5:7b:f6:dc:ed:37:dd:f8:d5:d9:22:75:87:19:5f:dd:30:1c:
e6:3d:e6:27:8c:55:15:63:06:d6:ac:37:e5:26:25:0c:28:eb:
2b:d8:d5:f7:6b:4e:45:c5:64:d3:30:d5:0b:a9:7c:ba:65:ad:
77:42:73:67:ce:7c:bd:43:ee:65:71:6b:26:cf:71:08:ad:68:
c4:3c:4c:1d:8b:f6:fe:cf:bc:5d:81:3d:5e:65:44:fc:7c:fb:
0d:9e:3a:98:36:c1:f4:8a:9c:a5:f2:df:d7:fe:f0:99:ec:58:
83:8c:58:5e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZem7tkUU6zQuOd0lIkEv+MVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGJmYmRiNmU5NzVkZGNhOGY2ZGQ5NjhjMzdhN2Q1NTYw
ZTY5MWQwHhcNMjUwNjI1MTE1MjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzUzMjVkYTQ0MDdmMzBkYWQyZTIzMGI0ZmExNWI3MmVlOGE0ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdwOD1feQDOiZ/HAeG4YktPJaU2z
QFuwDlOl6E12Tir92DXih2MbaTOosTKJuOLPP04EAXuA8sT+zQoNGqq4Z9MielXg
67j/ic34YbfOQ0o0FKRdMWYjl+pIg35bNARxqpjzOWr1SjGeRVPndfMoHtyC+HgG
JUscNj7jA49pchLAYhaLltT4Jud68vTTDDfZrM/O+EcjeC06SdSPaXxC2ZBrKfrt
H94ZNUfVWkwEUtdNGVjlhbrZD6J6+fPDhMaZ+UO/dT+wFBTIlNMb7xgaBr3Vdzap
v9A5MbmWvOutX2M6L+5bt2XbEe5TZcnmS1K4CSAj3EcE0m27rRkYYQpWEQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPdTJdpEB/MNrS4jC0+hW3LuikiTMB8GA1UdIwQY
MBaAFP/b+9tul13cqPbdlow3p9VWDmkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzl2NzIyNlhYZHlvOXQyV2pEZW4xVllPYVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NmZmZjMtYmZhOS00NzMyLWI0YjUt
MTk3NjlmNTc4ZWZkLzEvOTFNbDJrUUg4dzJ0TGlNTFQ2RmJjdTZLU0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NmZmZjMtYmZhOS00NzMyLWI0YjUtMTk3NjlmNTc4ZWZk
LzEvXzl2NzIyNlhYZHlvOXQyV2pEZW4xVllPYVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgLpwgMF
ACoC6ccDBQAqE2zAAwUAKhNsxzANBgkqhkiG9w0BAQsFAAOCAQEATRZtJLgN2psI
WyMejIghrWhgs42PPn0NLOy3m/Lhoz1OA6d6T93RD4WaXv9Ov6oG+pMQSuoDtzLX
6lWOfMQ2p8mfz0wQBPGp0yQIIkIM+3lQLH2ea6pF1h1scdAHOoojSBohkB2qcMV5
VquYLOHgXoie/OkQM8S5tAmLmeBJt/xb7I/OrTqv5+Mk52P/5yrS1Xv23O033fjV
2SJ1hxlf3TAc5j3mJ4xVFWMG1qw35SYlDCjrK9jV92tORcVk0zDVC6l8umWtd0Jz
Z858vUPuZXFrJs9xCK1oxDxMHYv2/s+8XYE9XmVE/Hz7DZ46mDbB9IqcpfLf1/7w
mexYg4xYXg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:21:27 2025 by rpki-client