Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/9XNQ-LuxWafilNR-TRvf42lKQkQ.roa
File: 9XNQ-LuxWafilNR-TRvf42lKQkQ.roa (raw, json)
Hash identifier: Nu40u9kqTAGcybRDfAJPYNk/1UyeCmBShsQQppjbAj8=
Subject key identifier: F5:73:50:F8:BB:B1:59:A7:E2:94:D4:7E:4D:1B:DF:E3:69:4A:42:44
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 01992D4DE74CBC9884399E13FED896EBCCA2
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/9XNQ-LuxWafilNR-TRvf42lKQkQ.roa
Signing time: Tue 09 Sep 2025 07:08:24 +0000
ROA not before: Tue 09 Sep 2025 07:08:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3218
IP address blocks: 193.232.2.0/24 maxlen: 24
193.232.3.0/24 maxlen: 24
193.232.4.0/24 maxlen: 24
193.232.6.0/24 maxlen: 24
193.232.9.0/24 maxlen: 24
193.232.10.0/24 maxlen: 24
193.232.11.0/24 maxlen: 24
193.232.12.0/24 maxlen: 24
193.232.13.0/24 maxlen: 24
193.232.17.0/24 maxlen: 24
193.232.19.0/24 maxlen: 24
193.232.28.0/24 maxlen: 24
193.232.31.0/24 maxlen: 24
193.232.192.0/22 maxlen: 24
193.232.196.0/23 maxlen: 24
193.232.207.0/24 maxlen: 24
193.232.212.0/24 maxlen: 24
193.232.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 07:08:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:4d:e7:4c:bc:98:84:39:9e:13:fe:d8:96:eb:cc:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Sep 9 07:08:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f57350f8bbb159a7e294d47e4d1bdfe3694a4244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6d:66:5a:17:61:cd:3f:fc:1e:72:df:d5:e5:
44:10:3a:38:ee:53:54:3f:a4:bf:0e:ff:6c:89:92:
da:66:a3:75:28:c9:47:6f:9c:42:2b:6c:68:42:02:
a2:9f:10:c3:0f:31:60:fb:6c:0f:6c:c1:e7:8c:5e:
62:07:45:34:33:96:4a:34:18:79:dd:a5:1a:46:39:
f8:cc:18:70:ef:af:2d:9f:4c:4e:e6:22:5f:11:39:
a8:31:bc:2e:48:80:1a:27:cc:b5:7f:17:ab:f7:69:
d9:66:d8:9b:b0:21:81:28:75:b4:3e:a0:91:4a:e0:
6c:7e:9d:91:07:d0:80:a8:3e:72:bd:09:df:0d:8b:
8c:d9:43:dd:41:b5:cd:04:ba:c9:02:0d:76:c3:16:
a9:c3:30:2e:8b:d6:f8:e9:fe:91:1a:bc:88:d2:d7:
8b:a3:17:7f:b7:16:78:0f:a9:1d:a3:c9:40:da:a5:
8c:9b:b0:8b:36:32:ac:4e:80:b5:cc:17:a8:8f:68:
30:84:ad:f3:16:d9:f8:2a:6a:f9:88:92:12:6c:50:
ea:cc:72:fe:25:ee:f0:fb:8d:f6:39:75:a0:5c:1c:
7c:04:22:33:47:3c:9e:e4:0a:5c:05:95:b9:3b:f3:
e8:b5:0a:e1:8e:81:d5:cf:42:e1:40:33:e9:5d:04:
e4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:73:50:F8:BB:B1:59:A7:E2:94:D4:7E:4D:1B:DF:E3:69:4A:42:44
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/9XNQ-LuxWafilNR-TRvf42lKQkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.2.0-193.232.4.255
193.232.6.0/24
193.232.9.0-193.232.13.255
193.232.17.0/24
193.232.19.0/24
193.232.28.0/24
193.232.31.0/24
193.232.192.0-193.232.197.255
193.232.207.0/24
193.232.212.0/24
193.232.218.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:30:05:3a:8a:1e:f7:6c:32:79:bf:d8:29:79:9c:e5:e5:c9:
a4:ee:c4:99:00:05:bf:4b:9d:65:6c:d1:fc:a9:35:e0:84:83:
56:85:ca:f5:11:23:0a:9d:a3:06:f3:30:69:05:3e:67:86:6f:
cf:3f:c2:02:f3:16:12:d5:b7:10:70:05:30:40:24:c2:49:09:
1c:72:c6:93:db:6d:10:ea:59:05:be:24:47:3b:88:e7:77:ba:
14:81:8f:cb:93:9e:c8:01:29:84:a3:d4:ca:63:2f:0f:50:a3:
2c:ec:41:69:0f:9f:1c:ad:e0:08:60:bd:89:c7:66:27:55:8d:
43:ee:7f:4e:e2:d4:c6:5d:d2:9f:00:e2:5d:bf:5d:ae:4e:f8:
50:6a:bf:6e:d8:38:d8:8a:12:5e:5c:85:31:83:09:ec:7c:8f:
bd:c6:20:47:5e:f8:ce:49:9a:95:3b:f4:ad:bd:cb:45:02:0e:
7a:ad:89:b0:3b:31:47:5c:e1:16:c6:be:8c:70:24:8b:51:6e:
dc:d0:84:19:99:01:eb:17:e6:3f:ca:f5:27:54:fb:ff:a6:a7:
0a:3b:d4:12:1c:d0:b3:c3:84:b0:1e:a9:f7:64:31:d6:97:d4:
a1:1a:08:bb:d9:e7:32:27:f3:56:51:56:fd:ea:46:41:d4:76:
76:17:1e:08
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZktTedMvJiEOZ4T/tiW68yiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwOTA5MDcwODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTczNTBmOGJiYjE1OWE3ZTI5NGQ0N2U0ZDFiZGZlMzY5NGE0MjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm1mWhdhzT/8HnLf1eVEEDo47lNU
P6S/Dv9siZLaZqN1KMlHb5xCK2xoQgKinxDDDzFg+2wPbMHnjF5iB0U0M5ZKNBh5
3aUaRjn4zBhw768tn0xO5iJfETmoMbwuSIAaJ8y1fxer92nZZtibsCGBKHW0PqCR
SuBsfp2RB9CAqD5yvQnfDYuM2UPdQbXNBLrJAg12wxapwzAui9b46f6RGryI0teL
oxd/txZ4D6kdo8lA2qWMm7CLNjKsToC1zBeoj2gwhK3zFtn4Kmr5iJISbFDqzHL+
Je7w+432OXWgXBx8BCIzRzye5ApcBZW5O/PotQrhjoHVz0LhQDPpXQTkQwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFPVzUPi7sVmn4pTUfk0b3+NpSkJEMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvOVhOUS1MdXhXYWZpbE5SLVRSdmY0MmxLUWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaMAwDBAHB6AID
BADB6AQDBADB6AYwDAMEAMHoCQMEAcHoDAMEAMHoEQMEAMHoEwMEAMHoHAMEAMHo
HzAMAwQGwejAAwQBwejEAwQAwejPAwQAwejUAwQBwejaMA0GCSqGSIb3DQEBCwUA
A4IBAQAuMAU6ih73bDJ5v9gpeZzl5cmk7sSZAAW/S51lbNH8qTXghINWhcr1ESMK
naMG8zBpBT5nhm/PP8IC8xYS1bcQcAUwQCTCSQkccsaT220Q6lkFviRHO4jnd7oU
gY/Lk57IASmEo9TKYy8PUKMs7EFpD58creAIYL2Jx2YnVY1D7n9O4tTGXdKfAOJd
v12uTvhQar9u2DjYihJeXIUxgwnsfI+9xiBHXvjOSZqVO/StvctFAg56rYmwOzFH
XOEWxr6McCSLUW7c0IQZmQHrF+Y/yvUnVPv/pqcKO9QSHNCzw4SwHqn3ZDHWl9Sh
Ggi72ecyJ/NWUVb96kZB1HZ2Fx4I
-----END CERTIFICATE-----
Generated at Tue Sep 9 16:52:45 2025 by rpki-client