Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/750d92-2de0-4f3a-bdd4-bf95c912e7a5/1/dYAAAKmGuQuFHHrxRRst0Uq0VRk.roa
File: dYAAAKmGuQuFHHrxRRst0Uq0VRk.roa (raw, json)
Hash identifier: bfKSiwXgZLehsZ59bheQc6vOAUOk/9VYKz44ndSMNOM=
Subject key identifier: 75:80:00:00:A9:86:B9:0B:85:1C:7A:F1:45:1B:2D:D1:4A:B4:55:19
Certificate issuer: /CN=9fab26753b895e7f3fd9b86095ce04ee3e132cc9
Certificate serial: 019A69D9444E56BE3AEC60B10E5AD852D4B8
Authority key identifier: 9F:AB:26:75:3B:89:5E:7F:3F:D9:B8:60:95:CE:04:EE:3E:13:2C:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n6smdTuJXn8_2bhglc4E7j4TLMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/750d92-2de0-4f3a-bdd4-bf95c912e7a5/1/dYAAAKmGuQuFHHrxRRst0Uq0VRk.roa
Signing time: Sun 09 Nov 2025 18:20:37 +0000
ROA not before: Sun 09 Nov 2025 18:20:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199846
IP address blocks: 95.215.232.0/24 maxlen: 24
95.215.233.0/24 maxlen: 24
95.215.234.0/24 maxlen: 24
95.215.235.0/24 maxlen: 24
194.150.196.0/23 maxlen: 23
195.230.113.0/24 maxlen: 24
2001:67c:1844::/48 maxlen: 48
2a11:3600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/750d92-2de0-4f3a-bdd4-bf95c912e7a5/1/n6smdTuJXn8_2bhglc4E7j4TLMk.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/750d92-2de0-4f3a-bdd4-bf95c912e7a5/1/n6smdTuJXn8_2bhglc4E7j4TLMk.mft
rsync://rpki.ripe.net/repository/DEFAULT/n6smdTuJXn8_2bhglc4E7j4TLMk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:69:d9:44:4e:56:be:3a:ec:60:b1:0e:5a:d8:52:d4:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fab26753b895e7f3fd9b86095ce04ee3e132cc9
Validity
Not Before: Nov 9 18:20:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75800000a986b90b851c7af1451b2dd14ab45519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ef:e0:44:04:2e:13:be:ab:cc:18:c0:f6:dc:
81:0c:7a:63:be:ae:44:ad:69:f4:bb:e1:c4:40:2a:
20:90:b5:6a:a6:be:bf:61:d0:0b:57:c5:af:6a:86:
6c:93:db:7f:22:42:49:e2:55:1e:37:4c:96:d5:5b:
63:f2:c1:8c:c8:7f:72:73:7b:b8:ee:fb:54:66:0c:
b2:a7:6b:f1:b0:98:b3:f8:79:34:e6:ef:a2:99:12:
37:8e:40:a3:e9:45:29:5e:08:b6:50:ff:ef:6a:2f:
fe:b0:24:3c:43:e6:7f:85:ed:c4:a0:ae:2f:c0:c7:
8e:75:2d:1a:09:aa:b5:e1:2c:41:cb:b8:e9:c5:cf:
ce:00:98:66:4b:38:c0:6e:da:3c:ef:ee:59:0c:63:
69:ee:ab:0a:d3:3c:ba:3d:a5:bd:a4:24:5e:2d:6f:
e5:99:1c:20:c3:e8:ad:6f:d5:e5:8a:71:34:8e:7b:
2b:95:ae:ed:aa:bd:82:f2:a4:8d:94:c8:47:9a:f7:
4f:93:73:bb:8c:c0:ad:cc:6e:b9:4e:fb:1f:41:46:
d4:34:d4:18:1b:9a:38:e1:3e:a9:d8:34:31:fe:1a:
2c:f9:f4:13:8b:05:63:d3:48:b1:6a:3e:53:9a:02:
dc:48:10:55:5c:a8:9e:e0:89:de:45:6f:bd:8a:43:
6d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:80:00:00:A9:86:B9:0B:85:1C:7A:F1:45:1B:2D:D1:4A:B4:55:19
X509v3 Authority Key Identifier:
keyid:9F:AB:26:75:3B:89:5E:7F:3F:D9:B8:60:95:CE:04:EE:3E:13:2C:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n6smdTuJXn8_2bhglc4E7j4TLMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/750d92-2de0-4f3a-bdd4-bf95c912e7a5/1/dYAAAKmGuQuFHHrxRRst0Uq0VRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/750d92-2de0-4f3a-bdd4-bf95c912e7a5/1/n6smdTuJXn8_2bhglc4E7j4TLMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.232.0/22
194.150.196.0/23
195.230.113.0/24
IPv6:
2001:67c:1844::/48
2a11:3600::/29
Signature Algorithm: sha256WithRSAEncryption
78:d2:26:d9:9c:1a:0f:fe:3c:15:00:68:4a:bc:d9:00:01:42:
c0:15:57:db:99:aa:a3:48:8e:03:68:2b:12:dd:1d:fa:e3:b6:
ab:a3:7b:c8:d1:e0:c7:cb:3f:d3:dd:78:ee:58:38:91:bc:e5:
4e:de:3a:f1:6d:bc:ec:d7:e1:27:1e:8d:78:b4:59:c2:5c:45:
f2:bb:a8:c6:2a:d4:ab:89:a0:eb:c7:7b:f5:8a:c7:ef:3f:a4:
24:4a:7e:2f:58:0b:7c:1f:d8:04:d0:0b:9b:b0:6c:38:0d:06:
cd:01:3b:57:99:57:49:f7:d1:71:f5:e3:5b:25:a9:58:bb:83:
56:d0:8e:92:37:14:e5:48:dd:89:e9:ee:c1:df:36:1f:eb:ba:
e7:37:7a:56:8b:52:68:16:fe:2a:bc:15:46:5b:11:e0:d5:34:
a9:39:b6:42:da:e5:e5:e2:eb:9e:55:de:ad:58:81:91:36:3e:
fd:cf:95:2c:20:87:e9:55:e2:ae:f9:2b:ad:08:6d:43:d0:ab:
d5:0a:ee:35:50:25:b0:68:25:0a:56:d1:48:99:6c:0b:7a:fe:
89:bd:47:18:ee:68:94:70:2b:2c:03:db:67:93:46:7c:06:67:
8b:60:23:da:8c:2d:e2:c1:db:e0:7c:df:1a:1d:2b:47:01:6b:
14:c2:78:5c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZpp2UROVr467GCxDlrYUtS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYWIyNjc1M2I4OTVlN2YzZmQ5Yjg2MDk1Y2UwNGVlM2Ux
MzJjYzkwHhcNMjUxMTA5MTgyMDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTgwMDAwMGE5ODZiOTBiODUxYzdhZjE0NTFiMmRkMTRhYjQ1NTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle/gRAQuE76rzBjA9tyBDHpjvq5E
rWn0u+HEQCogkLVqpr6/YdALV8WvaoZsk9t/IkJJ4lUeN0yW1Vtj8sGMyH9yc3u4
7vtUZgyyp2vxsJiz+Hk05u+imRI3jkCj6UUpXgi2UP/vai/+sCQ8Q+Z/he3EoK4v
wMeOdS0aCaq14SxBy7jpxc/OAJhmSzjAbto87+5ZDGNp7qsK0zy6PaW9pCReLW/l
mRwgw+itb9XlinE0jnsrla7tqr2C8qSNlMhHmvdPk3O7jMCtzG65TvsfQUbUNNQY
G5o44T6p2DQx/hos+fQTiwVj00ixaj5TmgLcSBBVXKie4IneRW+9ikNtqwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHWAAACphrkLhRx68UUbLdFKtFUZMB8GA1UdIwQY
MBaAFJ+rJnU7iV5/P9m4YJXOBO4+EyzJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjZzbWRUdUpYbjhfMmJoZ2xjNEU3ajRUTE1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi83NTBkOTItMmRlMC00ZjNhLWJkZDQt
YmY5NWM5MTJlN2E1LzEvZFlBQUFLbUd1UXVGSEhyeFJSc3QwVXEwVlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi83NTBkOTItMmRlMC00ZjNhLWJkZDQtYmY5NWM5MTJlN2E1
LzEvbjZzbWRUdUpYbjhfMmJoZ2xjNEU3ajRUTE1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCX9foAwQB
wpbEAwQAw+ZxMBYEAgACMBADBwAgAQZ8GEQDBQMqETYAMA0GCSqGSIb3DQEBCwUA
A4IBAQB40ibZnBoP/jwVAGhKvNkAAULAFVfbmaqjSI4DaCsS3R3647aro3vI0eDH
yz/T3XjuWDiRvOVO3jrxbbzs1+EnHo14tFnCXEXyu6jGKtSriaDrx3v1isfvP6Qk
Sn4vWAt8H9gE0AubsGw4DQbNATtXmVdJ99Fx9eNbJalYu4NW0I6SNxTlSN2J6e7B
3zYf67rnN3pWi1JoFv4qvBVGWxHg1TSpObZC2uXl4uueVd6tWIGRNj79z5UsIIfp
VeKu+SutCG1D0KvVCu41UCWwaCUKVtFImWwLev6JvUcY7miUcCssA9tnk0Z8BmeL
YCPajC3iwdvgfN8aHStHAWsUwnhc
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:54:50 2025 by rpki-client