Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/is_2p9c72i9SqdHOdQECHoEj2KI.roa
File: is_2p9c72i9SqdHOdQECHoEj2KI.roa (raw, json)
Hash identifier: 68Pbkuya3pT0PDgvbPhuXTcECYTodGaR9wl/fj5QS8g=
Subject key identifier: 8A:CF:F6:A7:D7:3B:DA:2F:52:A9:D1:CE:75:01:02:1E:81:23:D8:A2
Certificate issuer: /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Certificate serial: 01984115342156013C03D11F3F9B7807F411
Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/is_2p9c72i9SqdHOdQECHoEj2KI.roa
Signing time: Fri 25 Jul 2025 10:16:05 +0000
ROA not before: Fri 25 Jul 2025 10:16:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6698
IP address blocks: 91.239.78.0/23 maxlen: 23
213.111.148.0/24 maxlen: 24
213.111.149.0/24 maxlen: 24
213.111.150.0/24 maxlen: 24
213.111.152.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:41:15:34:21:56:01:3c:03:d1:1f:3f:9b:78:07:f4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Validity
Not Before: Jul 25 10:16:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8acff6a7d73bda2f52a9d1ce7501021e8123d8a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:dd:c4:35:5b:25:8a:bd:1b:70:48:4e:ff:45:
a2:cb:64:c4:2b:35:7c:7b:05:0d:5f:d0:70:cd:b6:
5c:22:eb:e1:bb:07:57:c1:2c:a5:a9:8b:5c:b0:a6:
4b:4b:f4:bd:64:44:ef:9d:74:c8:e7:a2:92:fd:d3:
df:69:7f:97:79:1d:3c:72:4f:60:5e:22:2c:63:a4:
63:bd:8b:15:34:b7:10:b2:79:52:06:f9:b7:40:4a:
7a:eb:75:85:e4:a8:3d:60:ba:b3:2a:c7:6e:78:96:
34:38:c0:8a:0e:4b:a7:ea:ac:05:61:95:0e:ca:eb:
39:93:d0:1b:c6:ae:57:97:dd:1a:7e:46:e9:a6:0a:
1e:c0:28:c8:48:b2:7a:52:c5:1f:a5:ca:c5:fb:08:
ed:1c:12:9d:39:48:d2:b8:77:d3:3a:a3:81:57:e9:
c2:d1:0c:ac:14:51:d5:36:5b:c3:d5:31:10:09:80:
ad:d5:e0:65:97:7f:3a:02:9d:f3:1d:aa:20:c2:42:
99:4f:59:66:27:26:aa:1d:29:63:bf:fc:9e:c7:88:
86:d6:0f:c1:34:e8:d0:32:0c:2e:b9:e4:44:4a:62:
3e:05:64:1a:be:36:93:6b:14:12:ec:40:18:51:c6:
5c:4c:42:be:f5:26:a4:67:8c:f2:92:2f:cb:ab:53:
3c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CF:F6:A7:D7:3B:DA:2F:52:A9:D1:CE:75:01:02:1E:81:23:D8:A2
X509v3 Authority Key Identifier:
keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/is_2p9c72i9SqdHOdQECHoEj2KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.78.0/23
213.111.148.0-213.111.150.255
213.111.152.0/23
Signature Algorithm: sha256WithRSAEncryption
60:08:d0:99:87:44:de:c4:37:4d:97:54:7b:0c:aa:ad:d5:e1:
f5:97:33:08:4c:6a:76:82:6d:11:64:76:3f:95:d4:57:93:b1:
92:7c:d1:1f:7e:8c:68:cd:81:1f:e3:40:72:80:33:aa:bf:3d:
14:10:6c:60:f3:3f:56:1a:4c:24:10:c7:55:91:df:12:be:f5:
97:e5:e5:10:14:e3:a4:f6:65:ac:b5:03:f4:ef:5d:4d:2a:29:
56:45:c5:a6:50:0c:1c:d8:b2:f4:38:9e:09:47:78:6c:4d:6e:
e0:a1:5b:11:00:ec:d5:87:87:e2:cf:be:64:fb:df:b5:da:ab:
18:79:1c:bb:1e:21:e3:ca:1b:90:2c:59:58:56:09:4d:17:59:
99:34:16:64:3f:50:00:64:7a:0c:23:54:4b:14:f1:57:c6:30:
cb:cc:40:44:5b:eb:11:65:53:69:c5:4e:b3:56:1f:d2:2d:90:
5a:69:30:06:96:f6:2a:fd:66:6b:5e:2c:ef:98:dc:46:e5:b2:
59:78:9a:89:d7:a9:93:04:22:a8:42:77:f2:f9:b2:c2:14:36:
95:cd:fe:a5:1d:76:8d:52:88:87:1b:dd:7b:e1:b6:62:c9:78:
1f:3c:28:02:e6:09:67:71:c2:6c:ab:fb:fc:b1:0b:1e:3b:be:
9e:a9:4e:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZhBFTQhVgE8A9EfP5t4B/QRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl
YmM3MGQwHhcNMjUwNzI1MTAxNjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNmZjZhN2Q3M2JkYTJmNTJhOWQxY2U3NTAxMDIxZTgxMjNkOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj93ENVslir0bcEhO/0Wiy2TEKzV8
ewUNX9BwzbZcIuvhuwdXwSylqYtcsKZLS/S9ZETvnXTI56KS/dPfaX+XeR08ck9g
XiIsY6RjvYsVNLcQsnlSBvm3QEp663WF5Kg9YLqzKsdueJY0OMCKDkun6qwFYZUO
yus5k9Abxq5Xl90afkbppgoewCjISLJ6UsUfpcrF+wjtHBKdOUjSuHfTOqOBV+nC
0QysFFHVNlvD1TEQCYCt1eBll386Ap3zHaogwkKZT1lmJyaqHSljv/yex4iG1g/B
NOjQMgwuueRESmI+BWQavjaTaxQS7EAYUcZcTEK+9SakZ4zyki/Lq1M84wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIrP9qfXO9ovUqnRznUBAh6BI9iiMB8GA1UdIwQY
MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt
MDg3M2UzOTk0ZDBlLzEvaXNfMnA5YzcyaTlTcWRIT2RRRUNIb0VqMktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl
LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBW+9OMAwD
BALVb5QDBADVb5YDBAHVb5gwDQYJKoZIhvcNAQELBQADggEBAGAI0JmHRN7EN02X
VHsMqq3V4fWXMwhManaCbRFkdj+V1FeTsZJ80R9+jGjNgR/jQHKAM6q/PRQQbGDz
P1YaTCQQx1WR3xK+9Zfl5RAU46T2Zay1A/TvXU0qKVZFxaZQDBzYsvQ4nglHeGxN
buChWxEA7NWHh+LPvmT737Xaqxh5HLseIePKG5AsWVhWCU0XWZk0FmQ/UABkegwj
VEsU8VfGMMvMQERb6xFlU2nFTrNWH9ItkFppMAaW9ir9ZmteLO+Y3Eblsll4monX
qZMEIqhCd/L5ssIUNpXN/qUddo1SiIcb3XvhtmLJeB88KALmCWdxwmyr+/yxCx47
vp6pTtg=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:48:30 2025 by rpki-client