Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/pz7TiJpGgwqEWnzhPaDm3WXeM3o.roa
File: pz7TiJpGgwqEWnzhPaDm3WXeM3o.roa (raw, json)
Hash identifier: 00OySg28z5kHvMGh/RlyvK5Ek2msUh1Kz15HmFEqenQ=
Subject key identifier: A7:3E:D3:88:9A:46:83:0A:84:5A:7C:E1:3D:A0:E6:DD:65:DE:33:7A
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0199766BDAD97E9D54DBC4E49B7A248848F4
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/pz7TiJpGgwqEWnzhPaDm3WXeM3o.roa
Signing time: Tue 23 Sep 2025 11:53:23 +0000
ROA not before: Tue 23 Sep 2025 11:53:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 91.109.40.0/24 maxlen: 24
91.109.41.0/24 maxlen: 24
91.109.42.0/24 maxlen: 24
91.109.46.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:6b:da:d9:7e:9d:54:db:c4:e4:9b:7a:24:88:48:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Sep 23 11:53:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a73ed3889a46830a845a7ce13da0e6dd65de337a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:47:20:5a:7d:1d:fc:8e:81:53:27:c9:9a:a1:
ad:86:eb:c6:56:6d:92:8a:6f:5d:ae:47:62:40:dc:
76:eb:17:4d:b3:a6:7e:60:09:a8:0f:fd:2a:69:92:
ab:7e:18:38:ce:37:36:c5:c2:bc:a6:51:12:6a:37:
0a:4a:7b:ec:7d:38:5a:38:0d:92:7d:2d:58:64:b5:
34:55:b7:58:7d:8c:6d:e7:df:8d:11:f9:6e:39:bb:
20:8e:ab:c5:7c:fd:27:5c:c5:18:08:c4:43:ec:d6:
54:8e:f9:01:2f:5d:83:25:e0:aa:5d:8c:6c:b8:a6:
9f:9f:39:bc:b9:27:93:b2:bc:39:e3:3a:9c:8b:e4:
16:ff:68:74:3d:90:6b:2d:06:85:17:06:39:85:2d:
ce:7d:19:25:82:ff:4e:37:47:fa:21:3e:52:f3:e4:
a8:37:84:c8:f5:0b:9e:7f:c7:fe:46:09:fd:41:b6:
e8:0d:02:3e:fd:5d:b0:a7:47:60:59:79:52:c0:be:
f2:6f:ec:a9:e5:d9:1f:3e:2e:f0:e5:c4:87:11:08:
3f:e5:a5:3c:51:e0:26:39:e6:74:b9:28:4a:e5:d5:
95:a5:8c:27:95:07:e6:ab:15:22:f9:1e:00:a1:1e:
a1:2d:77:7b:5d:b1:d6:be:bc:36:b6:3a:4e:21:0c:
58:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:3E:D3:88:9A:46:83:0A:84:5A:7C:E1:3D:A0:E6:DD:65:DE:33:7A
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/pz7TiJpGgwqEWnzhPaDm3WXeM3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.40.0-91.109.42.255
91.109.46.0/24
193.168.203.0/24
207.244.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:4b:c4:69:4a:98:37:91:cc:1b:17:19:83:ed:88:84:20:c2:
8a:f2:c0:a5:ba:3c:8c:36:19:4b:88:ca:f5:a9:c1:30:10:31:
0b:59:c5:c0:85:0a:f5:9a:2e:5d:35:91:37:21:a4:4a:5a:05:
72:2c:17:c4:53:0a:17:8e:91:15:4a:3c:ce:1b:e6:41:91:e2:
41:93:a8:05:48:eb:22:41:32:ba:ea:b5:98:70:14:2b:7c:0c:
98:d6:91:7e:c5:33:82:fb:0f:36:d6:9d:36:5e:a7:27:07:11:
e4:51:8b:67:9f:e3:bf:6c:3d:9f:da:60:2f:32:03:8c:1c:00:
83:82:b2:9f:67:da:89:59:db:58:ec:aa:7f:e0:8b:72:0b:77:
dd:88:2b:ab:29:b4:81:9f:50:04:52:3e:38:64:da:7e:c4:41:
55:2f:a4:ad:64:6d:fc:ed:10:d1:cd:2b:8b:ea:0b:1d:21:a8:
1c:6e:a3:5f:76:a3:2c:6c:fd:d1:e2:9f:a8:95:81:bb:1f:9a:
6b:e5:cf:77:d1:e3:3c:cf:dc:03:e2:06:93:47:54:8b:86:f8:
d4:21:12:ca:08:a3:62:3d:c2:ec:d8:1e:be:67:2f:11:73:19:
72:b9:88:2c:e3:e8:f8:42:ef:2d:e4:63:18:f8:b2:b1:69:e7:
2e:7c:b4:79
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZl2a9rZfp1U28Tkm3okiEj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwOTIzMTE1MzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzNlZDM4ODlhNDY4MzBhODQ1YTdjZTEzZGEwZTZkZDY1ZGUzMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UcgWn0d/I6BUyfJmqGthuvGVm2S
im9drkdiQNx26xdNs6Z+YAmoD/0qaZKrfhg4zjc2xcK8plESajcKSnvsfThaOA2S
fS1YZLU0VbdYfYxt59+NEfluObsgjqvFfP0nXMUYCMRD7NZUjvkBL12DJeCqXYxs
uKafnzm8uSeTsrw54zqci+QW/2h0PZBrLQaFFwY5hS3OfRklgv9ON0f6IT5S8+So
N4TI9Quef8f+Rgn9QbboDQI+/V2wp0dgWXlSwL7yb+yp5dkfPi7w5cSHEQg/5aU8
UeAmOeZ0uShK5dWVpYwnlQfmqxUi+R4AoR6hLXd7XbHWvrw2tjpOIQxYtQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKc+04iaRoMKhFp84T2g5t1l3jN6MB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvcHo3VGlKcEdnd3FFV256aFBhRG0zV1hlTTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBANbbSgD
BABbbSoDBABbbS4DBADBqMsDBADP9MYwDQYJKoZIhvcNAQELBQADggEBAFpLxGlK
mDeRzBsXGYPtiIQgworywKW6PIw2GUuIyvWpwTAQMQtZxcCFCvWaLl01kTchpEpa
BXIsF8RTCheOkRVKPM4b5kGR4kGTqAVI6yJBMrrqtZhwFCt8DJjWkX7FM4L7DzbW
nTZepycHEeRRi2ef479sPZ/aYC8yA4wcAIOCsp9n2olZ21jsqn/gi3ILd92IK6sp
tIGfUARSPjhk2n7EQVUvpK1kbfztENHNK4vqCx0hqBxuo192oyxs/dHin6iVgbsf
mmvlz3fR4zzP3APiBpNHVIuG+NQhEsoIo2I9wuzYHr5nLxFzGXK5iCzj6PhC7y3k
Yxj4srFp5y58tHk=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:23 2025 by rpki-client