Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/0gM9nO8aCfkT81wAB6FtCesEwDg.roa
File: 0gM9nO8aCfkT81wAB6FtCesEwDg.roa (raw, json)
Hash identifier: Lfwi2k/qzNFayxWwQOnJuaS4g7hdO3qEEZMxYRqe+is=
Subject key identifier: D2:03:3D:9C:EF:1A:09:F9:13:F3:5C:00:07:A1:6D:09:EB:04:C0:38
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 0199CAAFBB10B320F8956A03D37E94564158
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/0gM9nO8aCfkT81wAB6FtCesEwDg.roa
Signing time: Thu 09 Oct 2025 20:35:38 +0000
ROA not before: Thu 09 Oct 2025 20:35:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401443
IP address blocks: 81.31.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Oct 2025 20:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ca:af:bb:10:b3:20:f8:95:6a:03:d3:7e:94:56:41:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Oct 9 20:35:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2033d9cef1a09f913f35c0007a16d09eb04c038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:18:b1:78:a4:35:25:53:4a:fb:2c:e6:83:e2:
5b:f4:e5:2a:f1:7f:d3:60:93:8b:b6:90:17:cc:e1:
36:7f:89:41:e2:04:bd:47:84:48:18:55:23:d1:8b:
89:e0:50:8a:e6:39:e7:1f:af:6b:2b:75:41:4d:a1:
09:7c:b9:2a:79:92:1c:6d:93:d8:db:78:87:e9:1c:
a1:27:d7:c4:74:f6:c7:fc:f5:1e:fd:91:4b:03:a0:
21:b1:68:27:ad:07:0a:ed:d3:71:7b:89:21:cc:a8:
4c:02:0f:f8:18:20:79:0c:b0:71:6b:9c:59:5b:26:
11:f0:d2:c9:d0:26:3e:70:29:0a:14:fb:90:4f:80:
c4:47:46:af:fa:d7:08:dd:a9:81:f5:ea:0e:3b:c7:
a2:ac:f5:ea:6d:cc:d7:dc:84:bc:63:c2:11:fd:ba:
34:d1:87:c9:f0:79:da:a0:13:e4:5c:23:03:97:74:
11:80:a4:92:1e:be:3d:1d:01:1a:9b:6f:c2:a3:fc:
92:5f:c3:a2:91:3a:e3:bb:a3:73:c6:95:5d:40:2a:
13:d6:d9:02:47:14:e9:16:22:57:21:5a:4e:bf:36:
aa:b5:93:3b:96:dd:1a:81:1e:c7:2c:43:22:55:dd:
95:22:28:bb:14:07:50:53:ba:09:ef:4f:a6:d3:a6:
1e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:03:3D:9C:EF:1A:09:F9:13:F3:5C:00:07:A1:6D:09:EB:04:C0:38
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/0gM9nO8aCfkT81wAB6FtCesEwDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.232.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:11:20:10:b6:eb:c1:20:9d:23:39:7f:ed:39:9d:7e:a9:14:
fa:49:8e:04:76:d7:a3:cc:03:35:ac:ff:96:df:a5:8d:75:9a:
e0:79:21:57:66:99:7d:df:9a:ef:f8:82:b5:40:d6:de:49:e5:
91:90:dc:de:03:62:c2:90:0e:dd:b5:ce:50:5a:1b:d5:35:75:
5a:34:93:0d:bf:4b:b6:81:8f:93:69:6a:b0:25:d8:d1:75:4c:
23:47:59:0d:82:be:23:6b:a4:d6:f2:4b:69:ce:a1:09:8b:ee:
ca:3c:16:ea:d9:95:2a:72:b0:e6:16:a9:c7:a8:cf:d9:28:70:
74:07:c0:ea:1c:01:fc:ee:0a:45:09:40:d8:36:fa:63:e7:ab:
79:1d:55:12:ff:3b:a2:1d:46:05:8e:c7:d7:2a:3c:b0:85:0c:
b0:66:d2:c8:f1:87:d8:0f:4e:ca:eb:d3:ed:0c:32:75:80:9b:
2b:93:f7:1a:fb:b1:5f:7b:10:e1:5b:1f:ef:2b:c6:a0:f6:3b:
2d:73:7b:6e:69:e4:69:68:ad:02:5f:24:8f:a0:f0:1a:8d:2d:
bf:10:b4:dc:48:de:be:ed:cd:72:36:69:f3:3f:51:57:3d:22:
fe:66:db:78:b7:7e:17:c2:49:bb:ba:2e:9a:f2:0a:01:6a:74:
ad:5b:7f:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnKr7sQsyD4lWoD036UVkFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjUxMDA5MjAzNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjAzM2Q5Y2VmMWEwOWY5MTNmMzVjMDAwN2ExNmQwOWViMDRjMDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxixeKQ1JVNK+yzmg+Jb9OUq8X/T
YJOLtpAXzOE2f4lB4gS9R4RIGFUj0YuJ4FCK5jnnH69rK3VBTaEJfLkqeZIcbZPY
23iH6RyhJ9fEdPbH/PUe/ZFLA6AhsWgnrQcK7dNxe4khzKhMAg/4GCB5DLBxa5xZ
WyYR8NLJ0CY+cCkKFPuQT4DER0av+tcI3amB9eoOO8eirPXqbczX3IS8Y8IR/bo0
0YfJ8HnaoBPkXCMDl3QRgKSSHr49HQEam2/Co/ySX8OikTrju6NzxpVdQCoT1tkC
RxTpFiJXIVpOvzaqtZM7lt0agR7HLEMiVd2VIii7FAdQU7oJ70+m06YeDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIDPZzvGgn5E/NcAAehbQnrBMA4MB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvMGdNOW5POGFDZmtUODF3QUI2RnRDZXNFd0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR/oMA0G
CSqGSIb3DQEBCwUAA4IBAQCbESAQtuvBIJ0jOX/tOZ1+qRT6SY4EdtejzAM1rP+W
36WNdZrgeSFXZpl935rv+IK1QNbeSeWRkNzeA2LCkA7dtc5QWhvVNXVaNJMNv0u2
gY+TaWqwJdjRdUwjR1kNgr4ja6TW8ktpzqEJi+7KPBbq2ZUqcrDmFqnHqM/ZKHB0
B8DqHAH87gpFCUDYNvpj56t5HVUS/zuiHUYFjsfXKjywhQywZtLI8YfYD07K69Pt
DDJ1gJsrk/ca+7FfexDhWx/vK8ag9jstc3tuaeRpaK0CXySPoPAajS2/ELTcSN6+
7c1yNmnzP1FXPSL+Ztt4t34Xwkm7ui6a8goBanStW39y
-----END CERTIFICATE-----
Generated at Thu Oct 16 01:54:20 2025 by rpki-client