Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/nToAqcsYyxwDGsMBzLqBicaltlw.roa
File: nToAqcsYyxwDGsMBzLqBicaltlw.roa (raw, json)
Hash identifier: Eac2WLhpsA1YSA5bwyxiOfidCi/tlLgtUwluSQVDo/A=
Subject key identifier: 9D:3A:00:A9:CB:18:CB:1C:03:1A:C3:01:CC:BA:81:89:C6:A5:B6:5C
Certificate issuer: /CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Certificate serial: 0198326572422B8FEA461546108F51AB0CB7
Authority key identifier: 32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/nToAqcsYyxwDGsMBzLqBicaltlw.roa
Signing time: Tue 22 Jul 2025 13:49:25 +0000
ROA not before: Tue 22 Jul 2025 13:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43666
IP address blocks: 91.197.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 01:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:32:65:72:42:2b:8f:ea:46:15:46:10:8f:51:ab:0c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Validity
Not Before: Jul 22 13:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d3a00a9cb18cb1c031ac301ccba8189c6a5b65c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:01:c6:e2:bd:32:88:ec:84:b5:96:0f:1b:5e:
53:73:48:89:bb:15:f4:e4:dc:f6:00:b6:06:05:3c:
41:f8:a9:02:6b:db:e5:a7:b3:f4:f4:df:13:4a:e8:
6c:c0:e6:2b:56:e9:43:c7:20:ff:46:df:42:1d:48:
d4:4b:82:45:66:a9:95:0d:a4:ac:02:f6:87:98:8b:
ae:79:6a:59:09:2d:96:b5:ad:a2:8a:52:ba:df:e8:
0f:26:aa:4c:0e:ae:20:2a:9b:4b:b2:64:99:8e:87:
90:d2:30:15:47:ae:88:bd:5d:1c:6c:ab:a6:f7:2d:
fb:81:58:06:37:ff:03:8f:a8:fa:e5:67:7a:30:b6:
a3:c2:79:37:ff:3b:e6:2b:58:37:6b:29:5a:7e:5e:
3b:95:17:30:03:93:49:eb:2c:44:d9:2d:21:71:86:
8a:11:90:21:e6:a9:c1:d4:a2:5a:36:ab:45:80:2b:
de:c6:5e:8e:9f:44:b9:78:2b:cc:0d:18:2d:5c:ee:
b0:76:be:31:6d:1a:69:3c:5a:9d:cf:86:e1:d3:08:
c1:8b:ec:5a:8a:69:e8:98:45:22:31:03:28:39:35:
e7:e9:0d:81:e9:7f:5a:fa:57:bd:ff:cf:f1:93:51:
cf:81:4b:45:be:25:92:68:b3:0d:cb:38:7e:1d:c5:
f4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3A:00:A9:CB:18:CB:1C:03:1A:C3:01:CC:BA:81:89:C6:A5:B6:5C
X509v3 Authority Key Identifier:
keyid:32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/nToAqcsYyxwDGsMBzLqBicaltlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.180.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:ab:92:fb:36:0a:d4:1c:be:bf:95:38:70:a5:6f:42:86:75:
16:6f:6e:f8:d9:e8:3f:1e:2c:af:31:31:23:48:b9:b3:ae:4b:
43:d8:37:4d:4e:10:39:53:3d:e0:d7:c1:37:76:1b:54:0a:36:
14:aa:0b:63:53:2d:3e:8d:5a:03:c8:97:63:d3:c3:66:bf:50:
32:bd:f4:93:07:99:c3:3d:af:d7:9c:c0:07:fb:06:f4:47:c9:
ed:85:a6:c6:9c:6b:20:39:e6:68:eb:7d:0a:13:7e:98:3f:b6:
4b:ec:3c:5e:f9:7d:c3:d7:8c:9a:b8:1f:4d:89:9e:56:64:fa:
a0:23:4d:bb:54:af:a3:90:98:04:69:09:21:a6:d4:48:64:0f:
2e:12:0e:54:ef:97:be:83:26:52:02:d6:5c:fc:a1:51:8d:3d:
b7:65:b1:37:fb:65:28:51:84:ba:61:ae:ab:54:36:da:b8:e7:
18:26:2c:96:08:e6:20:09:a1:5d:d3:5e:6b:d3:1e:c3:bc:1a:
29:45:22:85:08:75:8b:a6:28:6d:09:9e:e7:b3:c7:dd:32:f0:
f5:45:4d:16:bc:ff:2b:bd:9d:79:62:be:75:97:21:8b:0b:89:
a2:08:e8:a8:a6:79:c9:32:0f:bf:86:e9:16:ea:9f:df:c5:20:
00:28:b5:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgyZXJCK4/qRhVGEI9Rqwy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYTc3NDI3YzAzNzA5YjMzOWE5NWIwYWQ5YTRhYzlkMmM5
MmM5MDMwHhcNMjUwNzIyMTM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNhMDBhOWNiMThjYjFjMDMxYWMzMDFjY2JhODE4OWM2YTViNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QHG4r0yiOyEtZYPG15Tc0iJuxX0
5Nz2ALYGBTxB+KkCa9vlp7P09N8TSuhswOYrVulDxyD/Rt9CHUjUS4JFZqmVDaSs
AvaHmIuueWpZCS2Wta2iilK63+gPJqpMDq4gKptLsmSZjoeQ0jAVR66IvV0cbKum
9y37gVgGN/8Dj6j65Wd6MLajwnk3/zvmK1g3aylafl47lRcwA5NJ6yxE2S0hcYaK
EZAh5qnB1KJaNqtFgCvexl6On0S5eCvMDRgtXO6wdr4xbRppPFqdz4bh0wjBi+xa
imnomEUiMQMoOTXn6Q2B6X9a+le9/8/xk1HPgUtFviWSaLMNyzh+HcX04QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ06AKnLGMscAxrDAcy6gYnGpbZcMB8GA1UdIwQY
MBaAFDKndCfANwmzOalbCtmkrJ0skskDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmIt
N2Q0MGI3YzhmYjAxLzEvblRvQXFjc1l5eHdER3NNQnpMcUJpY2FsdGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmItN2Q0MGI3YzhmYjAx
LzEvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8W0MA0G
CSqGSIb3DQEBCwUAA4IBAQCjq5L7NgrUHL6/lThwpW9ChnUWb2742eg/HiyvMTEj
SLmzrktD2DdNThA5Uz3g18E3dhtUCjYUqgtjUy0+jVoDyJdj08Nmv1AyvfSTB5nD
Pa/XnMAH+wb0R8nthabGnGsgOeZo630KE36YP7ZL7Dxe+X3D14yauB9NiZ5WZPqg
I027VK+jkJgEaQkhptRIZA8uEg5U75e+gyZSAtZc/KFRjT23ZbE3+2UoUYS6Ya6r
VDbauOcYJiyWCOYgCaFd015r0x7DvBopRSKFCHWLpihtCZ7ns8fdMvD1RU0WvP8r
vZ15Yr51lyGLC4miCOiopnnJMg+/hukW6p/fxSAAKLVx
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:38:01 2025 by rpki-client