Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/9ivDIYWbbWyf9XthkrT_WNyR-KE.roa
File: 9ivDIYWbbWyf9XthkrT_WNyR-KE.roa (raw, json)
Hash identifier: zcNuXESmQk3bhF6/iOTbudsyigZ75R4PrVSZEKJsBhA=
Subject key identifier: F6:2B:C3:21:85:9B:6D:6C:9F:F5:7B:61:92:B4:FF:58:DC:91:F8:A1
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 019806E3CABEDB658463793D41BC21CBB1C1
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/9ivDIYWbbWyf9XthkrT_WNyR-KE.roa
Signing time: Mon 14 Jul 2025 03:04:08 +0000
ROA not before: Mon 14 Jul 2025 03:04:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 84.22.151.0/24 maxlen: 24
91.204.180.0/24 maxlen: 24
91.204.181.0/24 maxlen: 24
91.204.182.0/23 maxlen: 23
91.204.182.0/24 maxlen: 24
91.218.176.0/22 maxlen: 24
91.232.8.0/22 maxlen: 24
195.234.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:06:e3:ca:be:db:65:84:63:79:3d:41:bc:21:cb:b1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: Jul 14 03:04:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f62bc321859b6d6c9ff57b6192b4ff58dc91f8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:19:05:93:73:26:22:a3:4f:29:83:96:2c:99:
0f:73:96:51:ea:0c:4d:dd:df:57:4c:e5:d9:bb:57:
2c:f8:80:b1:f8:33:59:17:a4:03:ab:76:b0:df:07:
ec:70:53:e7:86:fc:b9:a7:fc:3d:5d:fd:8b:f4:86:
11:3d:9e:25:ab:39:6d:67:a1:fd:2f:61:73:77:08:
ee:a3:7a:57:a8:d6:03:ca:c0:07:84:3c:8b:8f:4e:
9f:19:3a:cf:6d:a9:dd:bd:77:a5:8a:19:aa:b8:80:
e4:6a:56:26:7a:aa:dc:f6:b9:51:04:ae:1a:66:3d:
c8:53:62:f0:e2:06:29:56:b6:7c:4d:62:d8:9b:ad:
ed:b9:54:6b:37:6b:7b:07:55:31:7b:82:95:f3:95:
f4:27:5e:24:fb:e8:b9:f3:5d:74:82:3b:d8:9b:f2:
c4:fa:67:2a:cf:9c:a1:15:8c:da:29:0d:85:26:58:
a5:96:25:16:04:1e:95:fa:8a:f6:fd:b2:b9:d7:02:
c7:af:8a:e0:9e:74:2b:68:90:c4:4e:a1:7d:33:f2:
5e:16:6d:d4:21:45:4f:ec:f4:a6:47:79:58:40:b1:
06:e8:61:63:01:e4:a2:b2:87:f5:34:08:23:50:f7:
b4:48:57:57:9b:a8:ac:aa:7c:00:4b:9a:a8:8e:5d:
d7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:2B:C3:21:85:9B:6D:6C:9F:F5:7B:61:92:B4:FF:58:DC:91:F8:A1
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/9ivDIYWbbWyf9XthkrT_WNyR-KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.151.0/24
91.204.180.0/22
91.218.176.0/22
91.232.8.0/22
195.234.90.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:5a:9c:05:6b:95:98:15:e9:c0:2f:49:8e:d5:22:1a:f5:b9:
c6:96:66:78:66:59:4a:ef:40:5e:c9:a7:df:41:8e:61:24:e1:
c8:35:07:6b:ac:c6:6c:ef:7c:d0:73:06:37:a7:8f:74:f0:a1:
60:8b:6d:d7:f1:65:d1:f2:83:b3:4b:0d:49:e6:ac:00:d4:9c:
5f:4b:9e:d2:14:1d:9c:f5:2d:41:de:d3:65:e8:e6:17:b2:68:
61:1c:f1:b2:5a:4b:d9:1f:f2:39:ff:78:78:6f:3a:45:24:c9:
2e:86:8a:ee:3f:ca:82:a0:1d:ad:81:59:51:79:83:a3:7a:ee:
72:d4:b2:45:c9:d9:72:fb:fc:74:68:81:e8:03:a3:57:33:f7:
86:4f:5d:23:6a:4b:f2:bd:6e:4e:25:b4:73:d7:42:b2:21:4f:
2d:47:b5:c5:47:c6:5e:a9:4a:6d:b8:61:96:a5:2b:02:bc:cc:
c2:0b:38:62:5e:58:e0:7f:b2:7e:4b:26:7e:6a:9c:eb:b9:2f:
1e:23:97:59:eb:5c:53:88:85:19:d5:5e:f5:59:d4:dd:7e:f1:
00:73:e7:c5:aa:2d:7b:f3:cf:9c:c7:9b:11:bf:34:16:b0:29:
60:11:a6:48:91:01:04:c3:c1:d5:f7:a0:b7:87:1f:2a:0b:58:
7d:30:53:b2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgG48q+22WEY3k9Qbwhy7HBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjUwNzE0MDMwNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjJiYzMyMTg1OWI2ZDZjOWZmNTdiNjE5MmI0ZmY1OGRjOTFmOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBkFk3MmIqNPKYOWLJkPc5ZR6gxN
3d9XTOXZu1cs+ICx+DNZF6QDq3aw3wfscFPnhvy5p/w9Xf2L9IYRPZ4lqzltZ6H9
L2Fzdwjuo3pXqNYDysAHhDyLj06fGTrPbandvXelihmquIDkalYmeqrc9rlRBK4a
Zj3IU2Lw4gYpVrZ8TWLYm63tuVRrN2t7B1Uxe4KV85X0J14k++i58110gjvYm/LE
+mcqz5yhFYzaKQ2FJlilliUWBB6V+or2/bK51wLHr4rgnnQraJDETqF9M/JeFm3U
IUVP7PSmR3lYQLEG6GFjAeSisof1NAgjUPe0SFdXm6isqnwAS5qojl3XXwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPYrwyGFm21sn/V7YZK0/1jckfihMB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvOWl2RElZV2JiV3lmOVh0aGtyVF9XTnlSLUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVBaXAwQC
W8y0AwQCW9qwAwQCW+gIAwQAw+paMA0GCSqGSIb3DQEBCwUAA4IBAQA9WpwFa5WY
FenAL0mO1SIa9bnGlmZ4ZllK70BeyaffQY5hJOHINQdrrMZs73zQcwY3p4908KFg
i23X8WXR8oOzSw1J5qwA1JxfS57SFB2c9S1B3tNl6OYXsmhhHPGyWkvZH/I5/3h4
bzpFJMkuhoruP8qCoB2tgVlReYOjeu5y1LJFydly+/x0aIHoA6NXM/eGT10jakvy
vW5OJbRz10KyIU8tR7XFR8ZeqUptuGGWpSsCvMzCCzhiXljgf7J+SyZ+apzruS8e
I5dZ61xTiIUZ1V71WdTdfvEAc+fFqi1788+cx5sRvzQWsClgEaZIkQEEw8HV96C3
hx8qC1h9MFOy
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:11:07 2025 by rpki-client