Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/9nB9xptebm_yqovp27eMXwv2Kj0.roa
File: 9nB9xptebm_yqovp27eMXwv2Kj0.roa (raw, json)
Hash identifier: A6LbvNPZp+pkrahA14ukMartOC6uLxnoJIQUTgrBExQ=
Subject key identifier: F6:70:7D:C6:9B:5E:6E:6F:F2:AA:8B:E9:DB:B7:8C:5F:0B:F6:2A:3D
Certificate issuer: /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial: 019731F7447EDF81363ED30833E0CB0415A7
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/9nB9xptebm_yqovp27eMXwv2Kj0.roa
Signing time: Mon 02 Jun 2025 18:46:17 +0000
ROA not before: Mon 02 Jun 2025 18:46:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41001
IP address blocks: 86.105.118.0/24 maxlen: 24
89.45.232.0/22 maxlen: 22
89.47.184.0/23 maxlen: 23
89.47.188.0/22 maxlen: 22
2001:6b0:5a::/48 maxlen: 48
2001:6b0:7d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 17:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:f7:44:7e:df:81:36:3e:d3:08:33:e0:cb:04:15:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
Validity
Not Before: Jun 2 18:46:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6707dc69b5e6e6ff2aa8be9dbb78c5f0bf62a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:91:a1:14:02:bc:e2:dd:93:c5:c1:82:0e:4f:
c3:fa:96:95:f8:b4:5f:50:99:b6:d2:ee:42:e4:30:
cc:31:40:88:10:b2:9b:f7:5e:c1:e9:68:90:37:4d:
79:9d:9b:73:89:81:55:86:fc:0f:34:19:3f:de:22:
83:01:3c:8a:88:32:a6:65:c1:5f:f2:aa:82:43:41:
f0:8d:f1:40:24:8a:d7:80:24:75:1d:ef:31:00:6c:
2b:8e:11:6f:81:51:4d:8a:c2:15:8d:66:f6:38:78:
ac:41:a0:5a:34:b6:d2:8e:eb:3e:56:be:8c:85:38:
52:e8:3d:f4:b4:b0:63:0d:4b:d6:f5:94:a4:34:42:
6c:6d:4b:19:cc:00:13:44:76:8c:aa:85:25:2f:c1:
d4:56:a8:7d:26:7d:38:24:c0:d8:b0:c8:33:1a:25:
48:9a:fb:94:49:ce:d2:2c:8b:9d:e3:a4:22:70:fc:
6d:4a:af:3c:9a:2c:40:88:5b:83:8c:e6:b5:a6:f3:
e9:71:4a:b2:a9:7d:5a:ad:87:0f:44:d5:1d:f1:f8:
3c:d1:24:d2:a5:0d:14:5e:7b:53:07:ab:a6:2c:b5:
6e:15:5b:99:80:96:6f:ee:79:fe:dd:8e:ea:ce:3d:
8b:f8:90:24:1d:a3:97:b1:5b:b6:f0:b9:5b:5f:4c:
98:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:70:7D:C6:9B:5E:6E:6F:F2:AA:8B:E9:DB:B7:8C:5F:0B:F6:2A:3D
X509v3 Authority Key Identifier:
keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/9nB9xptebm_yqovp27eMXwv2Kj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.118.0/24
89.45.232.0/22
89.47.184.0/23
89.47.188.0/22
IPv6:
2001:6b0:5a::/48
2001:6b0:7d::/48
Signature Algorithm: sha256WithRSAEncryption
09:47:11:04:4c:5c:21:a8:5d:85:31:9d:af:95:7f:ad:6c:08:
d0:44:c2:1f:5f:b9:07:b3:00:3a:a0:e5:13:87:bd:b8:19:db:
c4:ac:86:32:ee:7e:c2:f4:f9:b6:0e:ef:46:51:3d:84:ab:b9:
59:35:fd:59:20:f9:92:24:c8:40:d6:15:41:20:37:58:4c:3c:
d9:53:bd:23:ec:f5:8a:bb:aa:2d:23:6b:a5:35:de:47:2b:2b:
09:8c:7b:e1:99:46:16:0d:e3:4f:6d:85:79:46:d3:ac:f2:11:
77:ce:57:af:96:02:b6:a6:b8:55:ac:3a:78:03:20:44:89:c6:
64:57:5e:f3:41:7b:04:10:ab:fc:f9:61:3d:cd:04:e6:1d:8f:
e4:4f:a2:93:d4:9d:76:2d:c4:83:ae:5f:ee:84:a7:a9:8d:f1:
8d:47:42:7d:d5:1f:e0:a0:f7:a3:8f:98:59:f2:83:7a:c4:6c:
5c:f9:51:fb:61:a4:61:0c:f0:0d:cb:dc:0a:ca:56:10:d5:0e:
2a:65:87:c7:af:04:2c:af:d2:b8:0f:7a:ce:a1:d4:47:44:ed:
2d:6d:aa:7b:61:96:00:4f:2d:f3:8f:9c:31:c6:02:d0:2a:50:
f0:59:3a:9b:97:0a:2e:3f:af:17:89:3e:00:0b:72:2c:d9:93:
db:d0:44:29
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZcx90R+34E2PtMIM+DLBBWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDFmMjNjZTgyMWMyNjRkNjc3Mjc1MzZlYzE4MzUzNzU5
NGM1ZjIwHhcNMjUwNjAyMTg0NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjcwN2RjNjliNWU2ZTZmZjJhYThiZTlkYmI3OGM1ZjBiZjYyYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ZGhFAK84t2TxcGCDk/D+paV+LRf
UJm20u5C5DDMMUCIELKb917B6WiQN015nZtziYFVhvwPNBk/3iKDATyKiDKmZcFf
8qqCQ0HwjfFAJIrXgCR1He8xAGwrjhFvgVFNisIVjWb2OHisQaBaNLbSjus+Vr6M
hThS6D30tLBjDUvW9ZSkNEJsbUsZzAATRHaMqoUlL8HUVqh9Jn04JMDYsMgzGiVI
mvuUSc7SLIud46QicPxtSq88mixAiFuDjOa1pvPpcUqyqX1arYcPRNUd8fg80STS
pQ0UXntTB6umLLVuFVuZgJZv7nn+3Y7qzj2L+JAkHaOXsVu28LlbX0yYnwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPZwfcabXm5v8qqL6du3jF8L9io9MB8GA1UdIwQY
MBaAFOgB8jzoIcJk1ncnU27Bg1N1lMXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAt
NDY0ZWIxODNiNTY4LzEvOW5COXhwdGVibV95cW92cDI3ZU1Yd3YyS2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAtNDY0ZWIxODNiNTY4
LzEvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAVml2AwQC
WS3oAwQBWS+4AwQCWS+8MBgEAgACMBIDBwAgAQawAFoDBwAgAQawAH0wDQYJKoZI
hvcNAQELBQADggEBAAlHEQRMXCGoXYUxna+Vf61sCNBEwh9fuQezADqg5ROHvbgZ
28SshjLufsL0+bYO70ZRPYSruVk1/Vkg+ZIkyEDWFUEgN1hMPNlTvSPs9Yq7qi0j
a6U13kcrKwmMe+GZRhYN409thXlG06zyEXfOV6+WAramuFWsOngDIESJxmRXXvNB
ewQQq/z5YT3NBOYdj+RPopPUnXYtxIOuX+6Ep6mN8Y1HQn3VH+Cg96OPmFnyg3rE
bFz5UfthpGEM8A3L3ArKVhDVDiplh8evBCyv0rgPes6h1EdE7S1tqnthlgBPLfOP
nDHGAtAqUPBZOpuXCi4/rxeJPgALcizZk9vQRCk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:08:21 2025 by rpki-client