Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/9i_VRH4SN0bZyontlmrKaymSOQU.roa
File: 9i_VRH4SN0bZyontlmrKaymSOQU.roa (raw, json)
Hash identifier: VP8z9O82STLqAkFLW5MEl1mpT9dc3tnjVbsf741KC/w=
Subject key identifier: F6:2F:D5:44:7E:12:37:46:D9:CA:89:ED:96:6A:CA:6B:29:92:39:05
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0196E7733A237E9E8880E79B2A6434A73640
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/9i_VRH4SN0bZyontlmrKaymSOQU.roa
Signing time: Mon 19 May 2025 07:30:10 +0000
ROA not before: Mon 19 May 2025 07:30:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 80.97.128.0/20 maxlen: 20
194.102.105.0/24 maxlen: 24
217.156.64.0/24 maxlen: 24
217.156.65.0/24 maxlen: 24
217.156.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:73:3a:23:7e:9e:88:80:e7:9b:2a:64:34:a7:36:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: May 19 07:30:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f62fd5447e123746d9ca89ed966aca6b29923905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:65:e5:cb:8f:8b:fa:12:20:ec:50:05:52:42:
21:04:ea:8e:31:a6:b2:ca:e0:6f:1d:f4:ab:8c:2d:
e4:67:d4:eb:49:5f:a0:8c:44:92:73:58:ff:32:5e:
a3:4d:8b:fc:12:8a:fd:88:1a:c6:8a:f7:b5:00:36:
92:56:d7:b8:ae:35:30:f2:8c:d1:87:48:39:0e:cc:
87:ff:b7:7e:3d:3d:39:9d:cb:30:b1:f4:f1:e8:53:
98:cd:7a:47:e7:26:2d:27:09:80:ae:c2:33:a2:02:
35:f7:b4:27:23:56:5d:24:58:96:d8:6a:f7:b9:1f:
55:ac:11:1c:cf:20:bf:22:0d:aa:c0:43:e7:64:44:
9f:7e:e3:1f:d6:dc:ba:85:3c:ef:f9:d1:42:c1:fd:
fe:47:eb:41:07:c0:99:7c:d5:f9:ec:cd:39:7d:5e:
6a:be:64:49:f5:df:a7:d3:8f:e8:06:b8:fc:a7:21:
ab:5c:a8:bc:bd:77:87:db:5c:ff:a7:1e:4e:0a:9a:
33:ac:3b:8a:c6:5f:fc:ce:e6:a3:3b:4e:6f:0e:77:
9e:b9:62:ce:32:2c:5a:bf:37:26:cf:f0:8e:12:42:
4f:0a:c9:82:a9:d5:b2:c0:36:08:7c:5d:ec:df:1e:
f5:4d:ce:79:5b:1e:8c:db:fd:73:7f:54:29:e9:0a:
eb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:2F:D5:44:7E:12:37:46:D9:CA:89:ED:96:6A:CA:6B:29:92:39:05
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/9i_VRH4SN0bZyontlmrKaymSOQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.97.128.0/20
194.102.105.0/24
217.156.64.0/23
217.156.123.0/24
Signature Algorithm: sha256WithRSAEncryption
15:4d:d7:f9:4f:dc:33:77:7d:1e:f0:a5:a3:78:0c:d6:75:d7:
ed:67:e4:33:ff:bd:65:38:fc:21:37:10:be:0e:a2:c7:0e:98:
74:8d:69:ed:a2:2d:90:41:92:fe:1e:bc:4f:59:3c:c8:8a:69:
a5:e2:8c:7d:33:dd:62:27:b0:be:b0:8d:11:b3:e3:82:18:a6:
c9:62:3b:de:04:15:c1:0b:22:eb:f5:cc:da:6c:8b:6b:e0:49:
ee:6c:ac:79:46:e1:f6:80:18:b4:d7:30:3a:ac:5a:36:5c:af:
1d:6f:db:78:48:18:c4:02:9d:0e:36:75:8d:ca:1a:d5:c1:c2:
0d:c6:99:a2:49:7f:cf:28:2c:0b:49:e5:8a:bb:df:f3:9e:18:
cb:b7:6c:e7:39:55:6a:a0:66:d0:dd:b6:12:9c:03:01:28:5d:
d3:6c:06:dd:1f:ac:be:8e:d6:3b:84:40:7c:0a:99:35:b6:89:
3b:f1:db:58:d5:39:9e:a7:bf:0b:0d:4c:80:b4:ec:77:00:fe:
22:85:75:84:90:af:e2:ea:1a:03:14:bb:ad:57:94:ea:d7:ac:
48:74:cc:d2:5d:fc:7c:7c:97:4e:81:6a:60:9b:5d:88:1c:45:
61:af:2c:65:75:c2:ba:87:f5:2a:1a:4e:d6:77:06:d0:e4:e7:
26:a9:f3:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbnczojfp6IgOebKmQ0pzZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNTE5MDczMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjJmZDU0NDdlMTIzNzQ2ZDljYTg5ZWQ5NjZhY2E2YjI5OTIzOTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmXly4+L+hIg7FAFUkIhBOqOMaay
yuBvHfSrjC3kZ9TrSV+gjESSc1j/Ml6jTYv8Eor9iBrGive1ADaSVte4rjUw8ozR
h0g5DsyH/7d+PT05ncswsfTx6FOYzXpH5yYtJwmArsIzogI197QnI1ZdJFiW2Gr3
uR9VrBEczyC/Ig2qwEPnZESffuMf1ty6hTzv+dFCwf3+R+tBB8CZfNX57M05fV5q
vmRJ9d+n04/oBrj8pyGrXKi8vXeH21z/px5OCpozrDuKxl/8zuajO05vDneeuWLO
Mixavzcmz/COEkJPCsmCqdWywDYIfF3s3x71Tc55Wx6M2/1zf1Qp6Qrr6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPYv1UR+EjdG2cqJ7ZZqymspkjkFMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvOWlfVlJINFNOMGJaeW9udGxtcktheW1TT1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUGGAAwQA
wmZpAwQB2ZxAAwQA2Zx7MA0GCSqGSIb3DQEBCwUAA4IBAQAVTdf5T9wzd30e8KWj
eAzWddftZ+Qz/71lOPwhNxC+DqLHDph0jWntoi2QQZL+HrxPWTzIimml4ox9M91i
J7C+sI0Rs+OCGKbJYjveBBXBCyLr9czabItr4EnubKx5RuH2gBi01zA6rFo2XK8d
b9t4SBjEAp0ONnWNyhrVwcINxpmiSX/PKCwLSeWKu9/znhjLt2znOVVqoGbQ3bYS
nAMBKF3TbAbdH6y+jtY7hEB8Cpk1tok78dtY1Tmep78LDUyAtOx3AP4ihXWEkK/i
6hoDFLutV5Tq16xIdMzSXfx8fJdOgWpgm12IHEVhryxldcK6h/UqGk7WdwbQ5Ocm
qfNw
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:11:41 2025 by rpki-client