Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/1--9ef5BuonyT90ODHV5G8KHwvGM.roa
File: 1--9ef5BuonyT90ODHV5G8KHwvGM.roa (raw, json)
Hash identifier: 96x1zDsthw+xfBLv+9YvZciWmPNAhtiP7Hkhk8XWewA=
Subject key identifier: FB:EF:5E:7F:90:6E:A2:7C:93:F7:43:83:1D:5E:46:F0:A1:F0:BC:63
Certificate issuer: /CN=81714b2a738ca3deae915af87c3a91c613e1bc49
Certificate serial: 01990E6B8D6CC3A275C08CA0F5E8AE2EB8F1
Authority key identifier: 81:71:4B:2A:73:8C:A3:DE:AE:91:5A:F8:7C:3A:91:C6:13:E1:BC:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gXFLKnOMo96ukVr4fDqRxhPhvEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/1--9ef5BuonyT90ODHV5G8KHwvGM.roa
Signing time: Wed 03 Sep 2025 07:12:33 +0000
ROA not before: Wed 03 Sep 2025 07:12:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39305
IP address blocks: 152.89.197.0/24 maxlen: 24
212.6.47.0/24 maxlen: 24
2a0e:9780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/gXFLKnOMo96ukVr4fDqRxhPhvEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/gXFLKnOMo96ukVr4fDqRxhPhvEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/gXFLKnOMo96ukVr4fDqRxhPhvEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0e:6b:8d:6c:c3:a2:75:c0:8c:a0:f5:e8:ae:2e:b8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81714b2a738ca3deae915af87c3a91c613e1bc49
Validity
Not Before: Sep 3 07:12:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbef5e7f906ea27c93f743831d5e46f0a1f0bc63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ef:f4:ba:95:4b:df:dd:e1:52:a9:8a:c4:a7:
fb:19:0b:bc:7c:cf:b3:8d:92:37:63:79:8f:d6:19:
37:a6:af:09:de:01:04:e6:c0:4a:a5:16:97:f0:bc:
71:39:b7:9a:63:be:75:e7:13:b8:89:b4:43:97:b8:
0f:6b:db:71:61:cd:ea:31:03:42:e2:d2:50:da:d6:
62:72:4f:6e:28:92:78:e3:2b:80:5b:db:c6:41:d5:
bd:61:61:6d:f7:09:af:fe:5b:80:56:2a:24:b6:d4:
b6:5c:8f:9e:b7:ab:07:ed:07:90:68:6c:e9:05:26:
b1:0e:62:c8:c5:b9:05:05:ff:72:89:d6:a9:5c:2f:
84:f1:f8:2a:bf:cf:7a:2b:56:98:db:16:93:d6:93:
22:ef:8a:54:68:2f:50:5e:11:f3:de:42:76:fe:3e:
41:64:5f:fd:35:70:7e:a6:4e:06:de:95:36:0b:29:
af:59:1a:7f:77:f4:e3:a3:a7:fc:0e:9a:5f:dc:59:
fe:7f:3a:b2:3e:33:ac:4c:5f:66:df:e2:56:fb:be:
27:94:c6:81:ac:46:67:0c:9f:29:73:9f:af:dd:79:
7a:c2:34:2d:23:0c:97:89:fb:ca:bb:6c:62:3c:71:
74:25:6f:90:98:a7:a9:2d:0e:23:92:ac:e6:50:23:
9b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:EF:5E:7F:90:6E:A2:7C:93:F7:43:83:1D:5E:46:F0:A1:F0:BC:63
X509v3 Authority Key Identifier:
keyid:81:71:4B:2A:73:8C:A3:DE:AE:91:5A:F8:7C:3A:91:C6:13:E1:BC:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXFLKnOMo96ukVr4fDqRxhPhvEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/1--9ef5BuonyT90ODHV5G8KHwvGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a1e73d-5a1c-4f74-a45b-1897243c62ef/1/gXFLKnOMo96ukVr4fDqRxhPhvEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.197.0/24
212.6.47.0/24
IPv6:
2a0e:9780::/29
Signature Algorithm: sha256WithRSAEncryption
07:51:74:91:51:e6:a5:ac:29:87:49:b8:a4:7b:6d:04:e1:bf:
a3:d7:51:00:c9:e5:72:0c:c8:64:9b:51:d6:ec:07:8e:4d:1f:
c1:a6:7e:28:fb:78:4f:ac:6b:91:cc:b3:48:58:6d:44:54:2d:
9e:5c:8e:36:ed:74:1c:0f:74:f0:b7:99:19:e9:28:01:19:ef:
2d:47:fc:aa:85:09:05:4f:d0:18:5e:0f:2b:f8:dd:71:ea:31:
98:9c:bf:94:cb:4d:49:50:88:2e:6b:27:9c:c3:60:c2:0a:c6:
c3:e3:e7:bd:3f:14:f9:3a:c2:a3:35:3d:a8:2d:62:93:23:98:
02:1d:a4:27:68:1a:d2:7a:68:d6:aa:11:b8:32:85:69:b9:93:
65:83:63:cb:45:64:d4:87:19:be:2c:75:55:be:e2:7b:9b:bc:
9c:f6:31:06:0d:15:39:88:73:0b:cc:7e:c6:71:bc:d1:d8:95:
3f:da:f1:d7:61:fa:04:b2:17:78:ae:2e:6d:39:5c:91:e8:cf:
a3:9b:17:d2:04:66:85:09:28:37:1d:b3:28:80:13:bf:e3:b8:
42:45:0c:cc:fa:ec:30:9e:d7:36:75:44:0d:d3:66:75:c7:bd:
c2:9b:f8:80:19:0d:14:60:e6:06:a9:fe:5b:66:76:ee:7a:6a:
18:1d:f5:cd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZkOa41sw6J1wIyg9eiuLrjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNzE0YjJhNzM4Y2EzZGVhZTkxNWFmODdjM2E5MWM2MTNl
MWJjNDkwHhcNMjUwOTAzMDcxMjMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmVmNWU3ZjkwNmVhMjdjOTNmNzQzODMxZDVlNDZmMGExZjBiYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO/0upVL393hUqmKxKf7GQu8fM+z
jZI3Y3mP1hk3pq8J3gEE5sBKpRaX8LxxObeaY7515xO4ibRDl7gPa9txYc3qMQNC
4tJQ2tZick9uKJJ44yuAW9vGQdW9YWFt9wmv/luAViokttS2XI+et6sH7QeQaGzp
BSaxDmLIxbkFBf9yidapXC+E8fgqv896K1aY2xaT1pMi74pUaC9QXhHz3kJ2/j5B
ZF/9NXB+pk4G3pU2CymvWRp/d/Tjo6f8Dppf3Fn+fzqyPjOsTF9m3+JW+74nlMaB
rEZnDJ8pc5+v3Xl6wjQtIwyXifvKu2xiPHF0JW+QmKepLQ4jkqzmUCObHwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPvvXn+QbqJ8k/dDgx1eRvCh8LxjMB8GA1UdIwQY
MBaAFIFxSypzjKPerpFa+Hw6kcYT4bxJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1hGTEtuT01vOTZ1a1ZyNGZEcVJ4aFBodkVrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hMWU3M2QtNWExYy00Zjc0LWE0NWIt
MTg5NzI0M2M2MmVmLzEvMS0tOWVmNUJ1b255VDkwT0RIVjVHOEtId3ZHTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvYTFlNzNkLTVhMWMtNGY3NC1hNDViLTE4OTcyNDNjNjJl
Zi8xL2dYRkxLbk9Nbzk2dWtWcjRmRHFSeGhQaHZFay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAJhZxQME
ANQGLzANBAIAAjAHAwUDKg6XgDANBgkqhkiG9w0BAQsFAAOCAQEAB1F0kVHmpawp
h0m4pHttBOG/o9dRAMnlcgzIZJtR1uwHjk0fwaZ+KPt4T6xrkcyzSFhtRFQtnlyO
Nu10HA908LeZGekoARnvLUf8qoUJBU/QGF4PK/jdceoxmJy/lMtNSVCILmsnnMNg
wgrGw+PnvT8U+TrCozU9qC1ikyOYAh2kJ2ga0npo1qoRuDKFabmTZYNjy0Vk1IcZ
vix1Vb7ie5u8nPYxBg0VOYhzC8x+xnG80diVP9rx12H6BLIXeK4ubTlckejPo5sX
0gRmhQkoNx2zKIATv+O4QkUMzPrsMJ7XNnVEDdNmdce9wpv4gBkNFGDmBqn+W2Z2
7npqGB31zQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:00:18 2025 by rpki-client