Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/WnFnK8VXpQQxUL_OgQ8OW_w5oIM.roa
File: WnFnK8VXpQQxUL_OgQ8OW_w5oIM.roa (raw, json)
Hash identifier: vXZiyClY8rXg02fKUHT/FiY5l7q8slO9Y7yGKufOZXw=
Subject key identifier: 5A:71:67:2B:C5:57:A5:04:31:50:BF:CE:81:0F:0E:5B:FC:39:A0:83
Certificate issuer: /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial: 01995BBFB97DFCEC5ECBE164F5FD3EE32760
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/WnFnK8VXpQQxUL_OgQ8OW_w5oIM.roa
Signing time: Thu 18 Sep 2025 07:35:15 +0000
ROA not before: Thu 18 Sep 2025 07:35:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215373
IP address blocks: 89.111.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5b:bf:b9:7d:fc:ec:5e:cb:e1:64:f5:fd:3e:e3:27:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
Validity
Not Before: Sep 18 07:35:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a71672bc557a5043150bfce810f0e5bfc39a083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:60:08:46:89:41:6e:ed:ce:8f:e5:88:12:29:
cb:18:d8:94:f8:35:93:4f:6f:cd:21:10:02:79:74:
10:35:b5:03:af:14:ad:5f:dc:82:1c:5b:c2:c6:e0:
15:e6:80:11:df:08:6d:ce:1a:c9:90:3a:44:6c:47:
54:0e:bd:c2:d2:e0:97:4b:38:46:a1:b1:40:f1:e2:
a4:0e:f0:bd:6f:6e:39:0a:e1:44:2d:14:57:7c:89:
26:21:73:d7:76:c7:5c:19:93:c4:e9:0f:f5:0a:d4:
9d:f1:32:da:06:bc:1f:50:34:6e:20:15:ae:de:03:
29:e1:6c:05:10:2b:ec:94:d7:14:bb:91:13:3c:9c:
bf:d7:ae:b9:a4:8e:a8:56:20:6b:d8:80:98:d6:22:
f3:54:38:d7:bb:f9:3a:9e:94:21:f0:5d:af:2f:2f:
e8:3f:02:12:53:66:95:5f:d8:54:50:54:89:81:2c:
7d:45:c9:4a:e1:d1:21:db:8a:a8:07:33:09:20:26:
81:e5:3b:d4:d8:c4:2e:16:2b:bd:29:1a:75:d6:71:
61:e2:dc:3e:56:41:12:ca:22:77:28:4c:47:40:2e:
6e:33:ed:e0:f1:3e:a6:24:2d:fb:65:c1:2a:fd:6d:
f0:fe:5a:0f:52:92:4c:36:a1:bd:12:05:4b:7d:cb:
9a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:71:67:2B:C5:57:A5:04:31:50:BF:CE:81:0F:0E:5B:FC:39:A0:83
X509v3 Authority Key Identifier:
keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/WnFnK8VXpQQxUL_OgQ8OW_w5oIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.111.27.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:14:08:1f:6c:a4:a6:63:0a:16:dd:8f:5b:46:3f:75:40:fd:
2d:47:53:3a:10:40:a8:7e:b5:a0:e4:b7:b5:7e:d8:42:69:4c:
bd:ea:34:c6:3e:0a:a5:cd:7e:db:24:92:72:59:0c:63:63:33:
c1:c3:99:45:93:db:32:69:52:15:bc:5f:15:24:9d:df:3c:7d:
f3:fa:9b:26:90:d7:96:41:0c:6b:bc:92:24:cb:27:d7:5b:c9:
ae:b4:c9:52:9f:40:32:b7:b9:f1:da:81:4f:75:a9:e2:c6:39:
79:cf:b4:99:d1:f9:ce:5b:63:32:81:0a:a0:bb:a4:12:21:3c:
90:97:50:d0:c4:a9:0d:03:29:37:e2:8e:07:8f:c3:bd:c3:08:
8e:02:89:6e:6f:5f:3d:98:b7:fd:db:25:94:9b:ad:9e:c1:39:
81:a7:88:8a:33:78:83:70:ed:d1:4c:13:2c:1d:af:ca:35:ca:
27:57:de:18:c4:80:b1:da:1c:ff:2e:9f:2c:08:10:ed:a4:d1:
92:d4:13:3b:bd:7b:0d:db:f7:1b:06:b9:9e:64:b9:42:35:c2:
55:60:93:25:9c:8f:46:7e:d6:96:0d:83:24:01:5b:5f:f2:ac:
c1:85:39:fd:d7:2b:fc:fc:ba:ad:e1:13:76:cf:bf:37:7e:5f:
6b:61:e8:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlbv7l9/Oxey+Fk9f0+4ydgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YzIwM2UzZjM2NTkyM2E4NDNkMzIyMDMxN2ExYzY4Y2Y3
NGRlMGYwHhcNMjUwOTE4MDczNTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTcxNjcyYmM1NTdhNTA0MzE1MGJmY2U4MTBmMGU1YmZjMzlhMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWAIRolBbu3Oj+WIEinLGNiU+DWT
T2/NIRACeXQQNbUDrxStX9yCHFvCxuAV5oAR3whtzhrJkDpEbEdUDr3C0uCXSzhG
obFA8eKkDvC9b245CuFELRRXfIkmIXPXdsdcGZPE6Q/1CtSd8TLaBrwfUDRuIBWu
3gMp4WwFECvslNcUu5ETPJy/1665pI6oViBr2ICY1iLzVDjXu/k6npQh8F2vLy/o
PwISU2aVX9hUUFSJgSx9RclK4dEh24qoBzMJICaB5TvU2MQuFiu9KRp11nFh4tw+
VkESyiJ3KExHQC5uM+3g8T6mJC37ZcEq/W3w/loPUpJMNqG9EgVLfcuaNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFpxZyvFV6UEMVC/zoEPDlv8OaCDMB8GA1UdIwQY
MBaAFBfCA+PzZZI6hD0yIDF6HGjPdN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMt
YWM2N2EzNmU0YWFiLzEvV25Gbks4VlhwUVF4VUxfT2dROE9XX3c1b0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMtYWM2N2EzNmU0YWFi
LzEvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWW8bMA0G
CSqGSIb3DQEBCwUAA4IBAQBdFAgfbKSmYwoW3Y9bRj91QP0tR1M6EECofrWg5Le1
fthCaUy96jTGPgqlzX7bJJJyWQxjYzPBw5lFk9syaVIVvF8VJJ3fPH3z+psmkNeW
QQxrvJIkyyfXW8mutMlSn0Ayt7nx2oFPdanixjl5z7SZ0fnOW2MygQqgu6QSITyQ
l1DQxKkNAyk34o4Hj8O9wwiOAolub189mLf92yWUm62ewTmBp4iKM3iDcO3RTBMs
Ha/KNconV94YxICx2hz/Lp8sCBDtpNGS1BM7vXsN2/cbBrmeZLlCNcJVYJMlnI9G
ftaWDYMkAVtf8qzBhTn91yv8/Lqt4RN2z783fl9rYeiw
-----END CERTIFICATE-----
Generated at Fri Sep 19 16:30:00 2025 by rpki-client