Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/4hEwPlQV2R3wkknVQDbhfUdi-Hg.roa
File: 4hEwPlQV2R3wkknVQDbhfUdi-Hg.roa (raw, json)
Hash identifier: mjLFc+VoWHA5LJYiCj4OZP4v7wKlAoLVjBHa2WdTgLI=
Subject key identifier: E2:11:30:3E:54:15:D9:1D:F0:92:49:D5:40:36:E1:7D:47:62:F8:78
Certificate issuer: /CN=9f067e52b4b5b2412fec0148dfc6cb1b34e9274b
Certificate serial: 0196E762BE5CC9A1BEDD2C8C3FC141C12971
Authority key identifier: 9F:06:7E:52:B4:B5:B2:41:2F:EC:01:48:DF:C6:CB:1B:34:E9:27:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/4hEwPlQV2R3wkknVQDbhfUdi-Hg.roa
Signing time: Mon 19 May 2025 07:12:10 +0000
ROA not before: Mon 19 May 2025 07:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44765
IP address blocks: 209.92.64.0/22 maxlen: 24
209.92.64.0/24 maxlen: 24
209.92.65.0/24 maxlen: 24
209.92.66.0/24 maxlen: 24
209.92.67.0/24 maxlen: 24
2a00:8e40::/32 maxlen: 48
2a00:8e40:b00b::/48 maxlen: 48
2a00:8e41::/32 maxlen: 48
2a00:8e42::/32 maxlen: 48
2a00:8e43::/32 maxlen: 48
2a00:8e44::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/nwZ-UrS1skEv7AFI38bLGzTpJ0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/nwZ-UrS1skEv7AFI38bLGzTpJ0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:62:be:5c:c9:a1:be:dd:2c:8c:3f:c1:41:c1:29:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f067e52b4b5b2412fec0148dfc6cb1b34e9274b
Validity
Not Before: May 19 07:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e211303e5415d91df09249d54036e17d4762f878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ce:ee:c9:6c:1b:aa:dc:b2:e9:1f:7b:75:db:
69:63:b4:04:9f:85:f5:be:12:51:ff:0a:69:78:81:
db:51:57:8a:0f:a8:12:d9:0b:d8:40:06:b3:3f:01:
bf:ea:39:fc:0b:1d:42:c1:7d:2c:46:76:91:57:75:
68:10:06:6a:14:fb:e0:35:31:68:cc:52:12:23:b1:
bb:07:13:77:39:50:5f:71:ed:9d:5c:ec:8a:77:74:
38:ea:55:2f:dc:8d:a5:72:5c:5c:bf:eb:41:06:b4:
9b:29:77:4a:8f:41:26:5a:b5:fb:75:a1:5f:fd:e6:
f7:d3:eb:4d:84:66:1a:a9:44:49:fa:b6:d7:f0:9d:
6b:ab:3e:cd:bc:2f:63:b7:d1:95:91:6c:7c:ef:7b:
f0:60:54:1e:51:7e:30:84:40:64:08:59:28:83:5f:
d7:64:d6:c7:5f:a1:95:85:3b:1f:c3:cb:0c:64:a3:
36:4f:57:00:c4:3d:3b:c7:5d:ae:a5:16:ed:89:55:
65:fd:15:9f:43:16:d1:e5:d2:10:29:8d:70:f7:b9:
26:16:b0:51:e1:e4:86:7c:24:d8:bf:0f:4d:20:09:
4f:28:ec:25:b8:b8:b6:8a:74:30:ea:bf:df:99:59:
0d:40:aa:cc:6e:07:ea:5f:99:e9:37:c9:83:f5:5c:
11:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:11:30:3E:54:15:D9:1D:F0:92:49:D5:40:36:E1:7D:47:62:F8:78
X509v3 Authority Key Identifier:
keyid:9F:06:7E:52:B4:B5:B2:41:2F:EC:01:48:DF:C6:CB:1B:34:E9:27:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/4hEwPlQV2R3wkknVQDbhfUdi-Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/nwZ-UrS1skEv7AFI38bLGzTpJ0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.92.64.0/22
IPv6:
2a00:8e40::-2a00:8e44:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1b:e9:19:09:87:31:44:b8:2e:64:ef:89:8a:57:f0:99:57:10:
0c:5d:ce:26:b7:16:f7:86:96:d3:95:f3:9d:3c:da:b0:6c:7f:
3f:a6:c7:4c:85:2d:c4:27:2d:cb:a9:16:96:f8:3f:35:64:c3:
4d:8e:cd:ef:bd:1f:7b:30:29:c3:8b:1f:74:85:01:84:b9:68:
bc:f8:7d:d6:fe:1e:ba:7e:0d:c0:9d:d6:f8:fb:5f:c5:02:2f:
1e:ca:52:5d:89:dc:d7:5f:dd:0a:82:c4:c2:ed:11:4e:c6:15:
e7:d1:53:19:64:dd:43:04:eb:56:9b:b2:c7:e6:30:ec:e2:ad:
c5:a5:fd:20:83:5a:20:42:c1:c2:1b:00:cb:6f:e6:82:5d:ce:
fc:b8:61:d8:d3:7a:94:79:4b:22:b7:fb:1f:b2:5e:0b:4a:4f:
a2:5f:29:a3:9d:11:7f:dd:b9:2c:f7:db:de:50:54:72:92:9d:
1f:10:7b:94:82:6e:9f:63:23:b3:19:52:7d:ea:ba:06:a2:c3:
39:60:b8:8a:4a:01:b4:a7:d4:f1:3c:0d:e5:4b:af:e2:b0:2e:
4f:55:19:9b:70:aa:6f:d4:6e:61:70:21:f3:cf:d7:d7:13:bb:
c0:e2:3a:e6:7c:eb:df:f9:80:aa:c8:40:dc:d2:9e:02:09:38:
8a:de:08:a2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZbnYr5cyaG+3SyMP8FBwSlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDY3ZTUyYjRiNWIyNDEyZmVjMDE0OGRmYzZjYjFiMzRl
OTI3NGIwHhcNMjUwNTE5MDcxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjExMzAzZTU0MTVkOTFkZjA5MjQ5ZDU0MDM2ZTE3ZDQ3NjJmODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt87uyWwbqtyy6R97ddtpY7QEn4X1
vhJR/wppeIHbUVeKD6gS2QvYQAazPwG/6jn8Cx1CwX0sRnaRV3VoEAZqFPvgNTFo
zFISI7G7BxN3OVBfce2dXOyKd3Q46lUv3I2lclxcv+tBBrSbKXdKj0EmWrX7daFf
/eb30+tNhGYaqURJ+rbX8J1rqz7NvC9jt9GVkWx873vwYFQeUX4whEBkCFkog1/X
ZNbHX6GVhTsfw8sMZKM2T1cAxD07x12upRbtiVVl/RWfQxbR5dIQKY1w97kmFrBR
4eSGfCTYvw9NIAlPKOwluLi2inQw6r/fmVkNQKrMbgfqX5npN8mD9VwRVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOIRMD5UFdkd8JJJ1UA24X1HYvh4MB8GA1UdIwQY
MBaAFJ8GflK0tbJBL+wBSN/Gyxs06SdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndaLVVyUzFza0V2N0FGSTM4YkxHelRwSjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8wY2Q2NWMtZTU3ZC00MTJlLWJhNjUt
MDJhMDliN2E0ZWI3LzEvNGhFd1BsUVYyUjN3a2tuVlFEYmhmVWRpLUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8wY2Q2NWMtZTU3ZC00MTJlLWJhNjUtMDJhMDliN2E0ZWI3
LzEvbndaLVVyUzFza0V2N0FGSTM4YkxHelRwSjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQC0VxAMBYE
AgACMBAwDgMFBioAjkADBQAqAI5EMA0GCSqGSIb3DQEBCwUAA4IBAQAb6RkJhzFE
uC5k74mKV/CZVxAMXc4mtxb3hpbTlfOdPNqwbH8/psdMhS3EJy3LqRaW+D81ZMNN
js3vvR97MCnDix90hQGEuWi8+H3W/h66fg3Andb4+1/FAi8eylJdidzXX90KgsTC
7RFOxhXn0VMZZN1DBOtWm7LH5jDs4q3Fpf0gg1ogQsHCGwDLb+aCXc78uGHY03qU
eUsit/sfsl4LSk+iXymjnRF/3bks99veUFRykp0fEHuUgm6fYyOzGVJ96roGosM5
YLiKSgG0p9TxPA3lS6/isC5PVRmbcKpv1G5hcCHzz9fXE7vA4jrmfOvf+YCqyEDc
0p4CCTiK3gii
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:44:28 2025 by rpki-client