Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/9BTeG96mTmm61kLVVLDk8ZHO6Sg.roa
File: 9BTeG96mTmm61kLVVLDk8ZHO6Sg.roa (raw, json)
Hash identifier: lT5ZY4XPaUzn3twrU0g36b30ZpJbBwPFITUioq3NsOs=
Subject key identifier: F4:14:DE:1B:DE:A6:4E:69:BA:D6:42:D5:54:B0:E4:F1:91:CE:E9:28
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0198F13012DD4B26074B8AB2A26997D60FD1
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/9BTeG96mTmm61kLVVLDk8ZHO6Sg.roa
Signing time: Thu 28 Aug 2025 14:58:36 +0000
ROA not before: Thu 28 Aug 2025 14:58:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4766
IP address blocks: 93.152.68.0/24 maxlen: 24
93.152.74.0/24 maxlen: 24
93.152.78.0/24 maxlen: 24
93.152.82.0/24 maxlen: 24
93.152.88.0/24 maxlen: 24
93.152.105.0/24 maxlen: 24
93.152.108.0/24 maxlen: 24
93.152.111.0/24 maxlen: 24
93.152.123.0/24 maxlen: 24
93.152.126.0/24 maxlen: 24
109.174.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 23:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f1:30:12:dd:4b:26:07:4b:8a:b2:a2:69:97:d6:0f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Aug 28 14:58:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f414de1bdea64e69bad642d554b0e4f191cee928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:17:01:dd:68:42:22:07:d5:eb:c7:6a:5d:6c:
29:55:07:cc:d9:30:ef:7d:3c:6e:37:d5:1c:aa:d0:
e4:f2:6f:0c:1a:37:5b:aa:3d:41:b9:ab:93:c4:50:
df:b2:d3:05:15:ae:c6:29:7d:8c:a5:20:36:85:98:
10:83:d4:06:cd:4d:ce:24:35:20:cb:47:44:20:8a:
16:0a:a2:00:b7:c0:23:26:49:6d:90:45:87:29:ef:
c8:ff:6c:3b:9e:71:da:11:bf:7d:b8:0b:ed:73:09:
46:32:04:49:0b:cb:17:88:be:2e:18:60:4d:69:51:
3a:97:cc:cb:47:41:d0:93:28:75:3e:36:2c:29:52:
6c:8b:0f:d8:77:1d:bb:05:f4:5d:34:1c:1a:88:13:
f1:80:0c:bd:d6:28:8c:ea:4f:16:4e:f8:b7:4c:58:
5d:21:a5:f5:7d:e0:42:1d:c6:35:ec:3e:29:31:ce:
e6:9c:4d:7e:50:3a:46:f0:ce:38:46:fe:5d:ec:f8:
12:50:61:8a:3e:5b:91:f2:4b:80:13:3a:83:27:19:
3b:29:f3:a0:bc:4a:32:6d:6e:0f:b1:e4:05:ea:e0:
82:07:28:12:ed:57:43:f0:4a:6f:60:3f:7b:31:d8:
4c:c7:9d:06:fc:6a:b1:19:17:a1:1c:3d:64:f9:2a:
47:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:14:DE:1B:DE:A6:4E:69:BA:D6:42:D5:54:B0:E4:F1:91:CE:E9:28
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/9BTeG96mTmm61kLVVLDk8ZHO6Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.68.0/24
93.152.74.0/24
93.152.78.0/24
93.152.82.0/24
93.152.88.0/24
93.152.105.0/24
93.152.108.0/24
93.152.111.0/24
93.152.123.0/24
93.152.126.0/24
109.174.236.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:c3:ec:88:0c:d3:06:e2:e0:dc:24:dd:0c:6c:2d:35:23:52:
b3:50:47:fb:cb:b9:e6:3e:4d:29:56:b6:f5:c5:d9:5b:70:a0:
19:90:90:27:ba:fa:12:8b:45:6d:bf:78:40:ff:7a:07:88:b1:
b2:0d:90:a4:c1:3c:e3:20:50:a6:94:8e:c0:6a:47:2d:0d:95:
10:60:ef:c3:93:1a:51:f7:81:20:e2:9f:6a:84:ae:b6:75:0d:
58:d3:6a:06:99:54:64:77:9e:7b:84:1f:2f:20:b9:f8:74:0d:
08:6e:ad:17:b7:0a:61:3a:84:58:ce:2f:fa:6f:28:d3:5f:c7:
eb:b4:33:bc:0e:a9:29:8a:b4:f3:85:7d:f1:7d:cc:ce:f2:80:
4d:de:0b:c7:44:47:f1:b9:c5:62:34:4f:01:91:f0:94:8c:e8:
2c:5c:0a:b7:54:a5:df:81:6f:d7:ac:3a:ad:75:66:5f:3f:5d:
c6:e0:a8:75:50:83:c9:fc:50:4e:f4:13:d2:5f:3e:da:a6:fa:
b5:53:2a:0c:f0:9c:5b:6f:d3:1a:cb:af:4e:13:a0:ef:d0:30:
e5:ec:39:55:94:1d:f7:5f:ad:b9:71:c8:1a:ee:61:8b:80:23:
ef:1c:49:a5:4a:87:d2:43:92:56:54:ae:63:4f:20:33:c0:f7:
38:1c:de:cf
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZjxMBLdSyYHS4qyommX1g/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwODI4MTQ1ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE0ZGUxYmRlYTY0ZTY5YmFkNjQyZDU1NGIwZTRmMTkxY2VlOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhcB3WhCIgfV68dqXWwpVQfM2TDv
fTxuN9UcqtDk8m8MGjdbqj1BuauTxFDfstMFFa7GKX2MpSA2hZgQg9QGzU3OJDUg
y0dEIIoWCqIAt8AjJkltkEWHKe/I/2w7nnHaEb99uAvtcwlGMgRJC8sXiL4uGGBN
aVE6l8zLR0HQkyh1PjYsKVJsiw/Ydx27BfRdNBwaiBPxgAy91iiM6k8WTvi3TFhd
IaX1feBCHcY17D4pMc7mnE1+UDpG8M44Rv5d7PgSUGGKPluR8kuAEzqDJxk7KfOg
vEoybW4PseQF6uCCBygS7VdD8EpvYD97MdhMx50G/GqxGRehHD1k+SpH3wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPQU3hvepk5putZC1VSw5PGRzukoMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvOUJUZUc5Nm1UbW02MWtMVlZMRGs4WkhPNlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAXZhEAwQA
XZhKAwQAXZhOAwQAXZhSAwQAXZhYAwQAXZhpAwQAXZhsAwQAXZhvAwQAXZh7AwQA
XZh+AwQCba7sMA0GCSqGSIb3DQEBCwUAA4IBAQCgw+yIDNMG4uDcJN0MbC01I1Kz
UEf7y7nmPk0pVrb1xdlbcKAZkJAnuvoSi0Vtv3hA/3oHiLGyDZCkwTzjIFCmlI7A
akctDZUQYO/DkxpR94Eg4p9qhK62dQ1Y02oGmVRkd557hB8vILn4dA0Ibq0Xtwph
OoRYzi/6byjTX8frtDO8DqkpirTzhX3xfczO8oBN3gvHREfxucViNE8BkfCUjOgs
XAq3VKXfgW/XrDqtdWZfP13G4Kh1UIPJ/FBO9BPSXz7apvq1UyoM8Jxbb9May69O
E6Dv0DDl7DlVlB33X625ccga7mGLgCPvHEmlSofSQ5JWVK5jTyAzwPc4HN7P
-----END CERTIFICATE-----
Generated at Fri Sep 5 08:43:10 2025 by rpki-client