Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/L9EJrBUciQjEObuQ0J-VqiOd5mA.roa
File: L9EJrBUciQjEObuQ0J-VqiOd5mA.roa (raw, json)
Hash identifier: irE0ocCLAX9MhQ75DdKDlRWLpAx+C1UK9Jq4hM6NCHE=
Subject key identifier: 2F:D1:09:AC:15:1C:89:08:C4:39:BB:90:D0:9F:95:AA:23:9D:E6:60
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0198F0F57ABEA83B509647977083BDCED2FC
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/L9EJrBUciQjEObuQ0J-VqiOd5mA.roa
Signing time: Thu 28 Aug 2025 13:54:36 +0000
ROA not before: Thu 28 Aug 2025 13:54:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213570
IP address blocks: 109.236.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f0:f5:7a:be:a8:3b:50:96:47:97:70:83:bd:ce:d2:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Aug 28 13:54:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fd109ac151c8908c439bb90d09f95aa239de660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:22:4d:8e:80:34:a4:75:7a:d0:6a:06:13:e5:
9d:70:f3:7a:42:4c:27:b1:07:9f:ac:c2:e6:de:78:
68:1b:95:54:cb:3f:b7:22:d1:51:eb:56:b3:87:9f:
fe:40:bf:0e:84:f8:26:90:c5:d1:44:4c:23:88:bf:
1e:45:9d:55:7f:27:a7:af:3d:b7:fb:a4:e2:e4:11:
b7:da:e5:2e:f5:cf:34:48:7a:04:fc:b9:a7:03:62:
a1:a7:dd:2f:39:a1:84:ca:d5:50:e6:95:de:73:be:
01:05:35:40:3b:00:dd:0b:89:ac:71:7b:b2:30:95:
d4:19:a0:14:a8:c0:8e:38:48:4d:6f:fe:c4:71:34:
83:4e:e9:91:57:46:4c:d2:6c:fb:77:4a:a4:5d:c2:
d2:1d:e2:6d:16:f6:aa:4b:d6:86:77:16:b9:e3:af:
16:7a:7c:25:b1:fc:01:24:aa:e6:6c:eb:84:db:92:
6e:9d:f8:40:40:9e:3f:5c:17:59:d3:c9:36:bf:73:
7b:f4:c6:dc:ee:d8:e8:71:6f:b0:a1:3d:70:ac:32:
e8:1e:c1:08:27:41:d6:8b:7e:53:fc:35:d4:27:93:
d2:2e:4f:ec:8a:a2:1e:be:6d:ba:42:35:79:e1:3e:
61:e1:34:6b:5e:fc:c5:ed:ec:fd:0b:8d:1a:58:d8:
5f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D1:09:AC:15:1C:89:08:C4:39:BB:90:D0:9F:95:AA:23:9D:E6:60
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/L9EJrBUciQjEObuQ0J-VqiOd5mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.48.0/24
Signature Algorithm: sha256WithRSAEncryption
61:70:5d:ae:a9:b7:ea:fd:a8:9b:09:35:41:c5:be:24:1d:e4:
ab:4e:07:5d:56:a2:48:69:32:7a:5b:e8:0d:28:ed:21:77:31:
d4:fb:a4:e1:86:06:e1:00:53:d5:ad:b7:3b:29:1f:19:1a:7a:
ac:b2:50:16:cf:d4:db:5c:20:a9:e2:24:e6:37:ec:f4:bd:00:
b9:d3:59:61:1e:50:d4:09:cf:6a:51:47:d8:2a:40:d7:c2:8e:
91:8f:22:61:8d:d3:c8:3d:71:41:58:45:59:cb:91:56:a4:8f:
3b:25:6d:9a:88:91:5c:44:4d:4f:1f:a4:4c:86:84:16:d4:fe:
e8:d6:f6:86:f9:cc:98:74:70:12:9d:63:65:25:a2:bf:68:8a:
e6:90:9b:b1:b5:9d:29:d2:c6:b5:43:db:7d:b9:8a:84:a6:97:
d3:57:ac:91:5a:53:ce:e5:8b:09:73:8c:2d:66:6c:0a:c4:26:
d9:32:9a:96:d0:97:0c:d4:ea:5b:3b:0f:21:a2:13:60:32:72:
2e:6f:28:19:fd:1b:c7:77:02:d0:19:ce:38:12:07:db:65:c6:
06:7d:ff:94:d1:fb:f5:6f:a2:b4:2b:06:5c:32:bd:5e:01:17:
15:09:e4:2d:36:5b:07:5f:f6:62:97:c3:e2:92:97:f0:75:d3:
c8:18:c9:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjw9Xq+qDtQlkeXcIO9ztL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwODI4MTM1NDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQxMDlhYzE1MWM4OTA4YzQzOWJiOTBkMDlmOTVhYTIzOWRlNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iJNjoA0pHV60GoGE+WdcPN6Qkwn
sQefrMLm3nhoG5VUyz+3ItFR61azh5/+QL8OhPgmkMXRREwjiL8eRZ1Vfyenrz23
+6Ti5BG32uUu9c80SHoE/LmnA2Khp90vOaGEytVQ5pXec74BBTVAOwDdC4mscXuy
MJXUGaAUqMCOOEhNb/7EcTSDTumRV0ZM0mz7d0qkXcLSHeJtFvaqS9aGdxa5468W
enwlsfwBJKrmbOuE25JunfhAQJ4/XBdZ08k2v3N79Mbc7tjocW+woT1wrDLoHsEI
J0HWi35T/DXUJ5PSLk/siqIevm26QjV54T5h4TRrXvzF7ez9C40aWNhfHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/RCawVHIkIxDm7kNCflaojneZgMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvTDlFSnJCVWNpUWpFT2J1UTBKLVZxaU9kNW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbewwMA0G
CSqGSIb3DQEBCwUAA4IBAQBhcF2uqbfq/aibCTVBxb4kHeSrTgddVqJIaTJ6W+gN
KO0hdzHU+6ThhgbhAFPVrbc7KR8ZGnqsslAWz9TbXCCp4iTmN+z0vQC501lhHlDU
Cc9qUUfYKkDXwo6RjyJhjdPIPXFBWEVZy5FWpI87JW2aiJFcRE1PH6RMhoQW1P7o
1vaG+cyYdHASnWNlJaK/aIrmkJuxtZ0p0sa1Q9t9uYqEppfTV6yRWlPO5YsJc4wt
ZmwKxCbZMpqW0JcM1OpbOw8hohNgMnIubygZ/RvHdwLQGc44EgfbZcYGff+U0fv1
b6K0KwZcMr1eARcVCeQtNlsHX/Zil8PikpfwddPIGMkr
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:22:20 2025 by rpki-client