
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/q9Fght0eWnwg9L4cOjC-8MWuD_0.roa
File: q9Fght0eWnwg9L4cOjC-8MWuD_0.roa (raw, json)
Hash identifier: DogNwIUzNPICLsbvaitegQlMAv0jPMlhURxKnx1oUnY=
Subject key identifier: AB:D1:60:86:DD:1E:5A:7C:20:F4:BE:1C:3A:30:BE:F0:C5:AE:0F:FD
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 01971781D8CBA7DF84B33A5B45A09E090EF9
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/q9Fght0eWnwg9L4cOjC-8MWuD_0.roa
Signing time: Wed 28 May 2025 15:27:54 +0000
ROA not before: Wed 28 May 2025 15:27:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204707
IP address blocks: 94.131.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:81:d8:cb:a7:df:84:b3:3a:5b:45:a0:9e:09:0e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: May 28 15:27:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abd16086dd1e5a7c20f4be1c3a30bef0c5ae0ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:87:40:73:95:67:db:a5:83:5e:80:43:92:fb:
75:80:af:e9:62:74:9f:29:d3:b1:69:f9:ba:c5:67:
2c:48:da:9a:df:ca:c0:76:a6:8a:e0:16:bb:b7:86:
ed:d6:db:53:ff:74:9c:ba:58:1c:55:08:90:ca:49:
4c:a8:56:8e:a7:6f:cb:45:30:26:31:07:e5:83:7f:
49:34:88:a0:e7:4a:46:d8:af:cd:9b:92:41:5e:e3:
59:9c:e7:2d:d8:6f:c2:2c:83:2f:51:81:5e:d5:51:
69:9c:11:66:54:91:9e:84:d0:7c:82:d5:99:42:87:
d3:7c:1f:b5:cd:78:ad:08:1a:b6:de:24:38:28:f9:
22:ff:19:84:90:cb:92:be:67:84:5b:a2:d0:ca:b3:
43:a5:c7:a9:0b:96:ae:d7:6c:90:07:28:51:bd:06:
9a:0d:80:43:04:09:14:e2:18:32:9d:7e:8c:6f:bb:
43:96:14:d7:bd:37:b6:e5:dd:a7:cd:48:62:61:7d:
2f:b3:a6:7e:f5:9e:ea:28:41:c4:7e:b0:49:e5:81:
cd:d4:cc:dd:ea:f8:67:7e:9d:54:48:ad:de:f7:38:
88:67:22:03:06:ee:75:d0:e8:d0:7b:01:6d:b1:35:
d2:84:a5:be:44:87:f0:74:96:d7:91:c2:18:ec:37:
53:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D1:60:86:DD:1E:5A:7C:20:F4:BE:1C:3A:30:BE:F0:C5:AE:0F:FD
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/q9Fght0eWnwg9L4cOjC-8MWuD_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.204.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:8c:50:b0:eb:96:e3:69:1f:3b:07:2c:ef:9b:7e:61:7a:cf:
2e:05:bc:5c:da:e6:13:8f:6a:1b:3a:dd:41:19:2f:0e:c8:9c:
18:0b:9b:91:7b:1e:54:2e:4e:49:6e:68:4b:a5:d5:78:7f:d5:
71:45:2d:14:70:58:6c:42:3d:3e:6e:b5:c5:a2:e7:13:e1:94:
08:a6:2f:46:5b:4a:02:87:af:c8:80:4b:d3:b6:b1:fb:ba:56:
1f:a5:53:4b:50:d1:57:76:71:4c:e4:87:29:ed:9d:b7:a4:a6:
62:6b:ec:21:c9:f8:ad:08:57:aa:86:0a:82:ab:46:c3:d2:2d:
3d:db:3e:57:f9:46:70:78:7b:16:a1:04:2c:eb:7a:39:b3:ad:
73:21:74:e3:fb:0c:a4:e9:33:4b:f9:ae:d6:2c:e6:1c:5c:40:
2c:db:5c:ed:8a:e6:68:19:85:36:97:ed:bd:0e:72:8a:59:34:
3d:b1:55:bf:e5:68:cd:2b:54:43:57:7a:bb:f4:5a:03:74:c2:
f3:87:56:c6:99:17:88:53:1d:bd:9b:77:d3:a2:65:ee:64:fe:
d8:22:df:93:b7:f9:ea:93:4a:9e:c8:62:22:3d:20:3e:8f:4d:
b5:11:ea:ea:60:d1:ec:a9:58:82:56:9b:ab:cd:06:db:9e:43:
1a:3c:3a:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcXgdjLp9+EszpbRaCeCQ75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjUwNTI4MTUyNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQxNjA4NmRkMWU1YTdjMjBmNGJlMWMzYTMwYmVmMGM1YWUwZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoodAc5Vn26WDXoBDkvt1gK/pYnSf
KdOxafm6xWcsSNqa38rAdqaK4Ba7t4bt1ttT/3SculgcVQiQyklMqFaOp2/LRTAm
MQflg39JNIig50pG2K/Nm5JBXuNZnOct2G/CLIMvUYFe1VFpnBFmVJGehNB8gtWZ
QofTfB+1zXitCBq23iQ4KPki/xmEkMuSvmeEW6LQyrNDpcepC5au12yQByhRvQaa
DYBDBAkU4hgynX6Mb7tDlhTXvTe25d2nzUhiYX0vs6Z+9Z7qKEHEfrBJ5YHN1Mzd
6vhnfp1USK3e9ziIZyIDBu510OjQewFtsTXShKW+RIfwdJbXkcIY7DdTCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvRYIbdHlp8IPS+HDowvvDFrg/9MB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvcTlGZ2h0MGVXbndnOUw0Y09qQy04TVd1RF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXoPMMA0G
CSqGSIb3DQEBCwUAA4IBAQCKjFCw65bjaR87Byzvm35hes8uBbxc2uYTj2obOt1B
GS8OyJwYC5uRex5ULk5JbmhLpdV4f9VxRS0UcFhsQj0+brXFoucT4ZQIpi9GW0oC
h6/IgEvTtrH7ulYfpVNLUNFXdnFM5Icp7Z23pKZia+whyfitCFeqhgqCq0bD0i09
2z5X+UZweHsWoQQs63o5s61zIXTj+wyk6TNL+a7WLOYcXEAs21ztiuZoGYU2l+29
DnKKWTQ9sVW/5WjNK1RDV3q79FoDdMLzh1bGmReIUx29m3fTomXuZP7YIt+Tt/nq
k0qeyGIiPSA+j021EerqYNHsqViCVpurzQbbnkMaPDpH
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:21:41 2025 by rpki-client