Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/aN1c9Sw0mZJOwIEAY7wKPyQLEEw.roa
File: aN1c9Sw0mZJOwIEAY7wKPyQLEEw.roa (raw, json)
Hash identifier: 26mq/JieiE08d31P7dbCMptw/12YVOE7/U8mBDr4f0o=
Subject key identifier: 68:DD:5C:F5:2C:34:99:92:4E:C0:81:00:63:BC:0A:3F:24:0B:10:4C
Certificate issuer: /CN=9d1353c80b8835ee9ead37ef7e9f64210a773bfb
Certificate serial: 019B7834FAEDB38F084CC7DABA07041F2346
Authority key identifier: 9D:13:53:C8:0B:88:35:EE:9E:AD:37:EF:7E:9F:64:21:0A:77:3B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nRNTyAuINe6erTfvfp9kIQp3O_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/aN1c9Sw0mZJOwIEAY7wKPyQLEEw.roa
Signing time: Thu 01 Jan 2026 06:18:16 +0000
ROA not before: Thu 01 Jan 2026 06:18:16 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203893
IP address blocks: 185.217.217.0/24 maxlen: 24
185.217.218.0/24 maxlen: 24
185.217.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/nRNTyAuINe6erTfvfp9kIQp3O_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/nRNTyAuINe6erTfvfp9kIQp3O_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/nRNTyAuINe6erTfvfp9kIQp3O_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 15:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:34:fa:ed:b3:8f:08:4c:c7:da:ba:07:04:1f:23:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d1353c80b8835ee9ead37ef7e9f64210a773bfb
Validity
Not Before: Jan 1 06:18:16 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=68dd5cf52c3499924ec0810063bc0a3f240b104c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c6:ce:97:c5:30:83:38:67:d1:99:7a:4d:3b:
79:3b:06:38:9d:f8:3b:6b:ca:25:22:28:c4:10:4c:
61:13:d9:41:9e:0b:11:fa:a1:dd:16:6f:07:38:31:
e7:2a:d3:9f:6e:ae:76:5c:22:8c:7d:0b:94:da:4c:
7d:08:65:f6:aa:aa:90:3a:c6:fd:6b:09:b5:1a:45:
2c:1f:4c:e1:f2:b1:f1:0d:bc:7c:d8:6d:f8:f6:be:
4c:42:ef:99:bc:db:6d:df:7d:65:90:c1:f2:81:fd:
cb:10:cd:e8:ec:25:5a:57:76:93:49:c2:b3:e3:1b:
01:ae:8f:05:e4:61:93:e7:f0:dd:5c:73:92:4b:95:
9b:01:ee:9d:1e:89:81:27:03:49:21:f5:59:f7:67:
2d:d2:d4:94:53:2d:82:2f:40:ab:a1:7b:bd:33:07:
f2:2e:b7:e9:13:98:ae:b1:3a:8b:81:df:67:ee:a4:
d4:71:da:53:b7:a7:ab:b9:62:ea:35:a3:4f:f0:ed:
0e:56:da:fc:f1:b7:bd:4d:25:5a:b7:6a:b7:6e:18:
2e:e9:a1:db:6f:82:b2:4c:18:86:3e:5c:ae:73:d6:
69:56:1f:68:30:23:3c:ea:b7:77:04:81:a7:d8:b6:
b6:2d:a0:fd:55:9a:87:9b:44:5a:d1:ca:32:c0:10:
e6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DD:5C:F5:2C:34:99:92:4E:C0:81:00:63:BC:0A:3F:24:0B:10:4C
X509v3 Authority Key Identifier:
keyid:9D:13:53:C8:0B:88:35:EE:9E:AD:37:EF:7E:9F:64:21:0A:77:3B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nRNTyAuINe6erTfvfp9kIQp3O_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/aN1c9Sw0mZJOwIEAY7wKPyQLEEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/nRNTyAuINe6erTfvfp9kIQp3O_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.217.0-185.217.219.255
Signature Algorithm: sha256WithRSAEncryption
8a:24:d2:db:cf:0c:fa:81:6d:b1:66:96:9d:4d:97:96:1c:77:
72:58:24:b8:68:df:98:73:4a:51:fb:e1:0e:ff:92:f1:ca:a4:
59:5c:a3:54:98:7d:53:0b:04:35:8a:17:98:17:b6:6d:a4:ad:
e7:e6:7b:e9:bc:d7:16:e5:1c:a3:00:b6:75:9d:72:39:85:43:
59:07:62:ee:13:42:cc:ef:5c:f9:0a:50:b8:2b:49:3e:8a:1c:
81:cd:d2:85:fb:d5:48:4f:52:d1:74:ff:60:86:59:63:b6:03:
be:20:36:33:a5:1a:a1:a7:9b:6c:ad:4d:2c:6e:89:8a:85:1a:
06:28:b2:b5:95:e0:b6:4d:62:24:a7:72:c1:43:cf:ec:a9:c6:
a7:6f:09:db:a2:03:0a:13:95:e6:44:e6:aa:e4:88:31:af:27:
e0:d3:1f:9e:2f:23:58:d9:c8:a2:1e:1b:a3:23:5c:1c:a5:ae:
e1:e1:41:91:a8:7c:cc:d5:33:17:49:3c:d1:50:81:6b:21:a7:
23:a4:56:8b:39:ee:d4:d0:0d:e2:be:d5:6e:4b:52:e5:79:63:
56:42:4e:9d:38:24:fa:ff:14:a2:33:ee:ba:67:dd:74:64:0a:
ec:b1:95:e1:b7:f3:66:16:f5:5a:26:c5:56:96:cd:ad:ae:f0:
e9:33:06:fd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZt4NPrts48ITMfaugcEHyNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMTM1M2M4MGI4ODM1ZWU5ZWFkMzdlZjdlOWY2NDIxMGE3
NzNiZmIwHhcNMjYwMTAxMDYxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGRkNWNmNTJjMzQ5OTkyNGVjMDgxMDA2M2JjMGEzZjI0MGIxMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8bOl8Uwgzhn0Zl6TTt5OwY4nfg7
a8olIijEEExhE9lBngsR+qHdFm8HODHnKtOfbq52XCKMfQuU2kx9CGX2qqqQOsb9
awm1GkUsH0zh8rHxDbx82G349r5MQu+ZvNtt331lkMHygf3LEM3o7CVaV3aTScKz
4xsBro8F5GGT5/DdXHOSS5WbAe6dHomBJwNJIfVZ92ct0tSUUy2CL0CroXu9Mwfy
LrfpE5iusTqLgd9n7qTUcdpTt6eruWLqNaNP8O0OVtr88be9TSVat2q3bhgu6aHb
b4KyTBiGPlyuc9ZpVh9oMCM86rd3BIGn2La2LaD9VZqHm0Ra0coywBDmuQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGjdXPUsNJmSTsCBAGO8Cj8kCxBMMB8GA1UdIwQY
MBaAFJ0TU8gLiDXunq03736fZCEKdzv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblJOVHlBdUlOZTZlclRmdmZwOWtJUXAzT19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8yNWE2MjUtNjQ5Yy00YTExLWI3ZWIt
YTQzZDk5ZmUxMWUxLzEvYU4xYzlTdzBtWkpPd0lFQVk3d0tQeVFMRUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8yNWE2MjUtNjQ5Yy00YTExLWI3ZWItYTQzZDk5ZmUxMWUx
LzEvblJOVHlBdUlOZTZlclRmdmZwOWtJUXAzT19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC52dkD
BAK52dgwDQYJKoZIhvcNAQELBQADggEBAIok0tvPDPqBbbFmlp1Nl5Ycd3JYJLho
35hzSlH74Q7/kvHKpFlco1SYfVMLBDWKF5gXtm2krefme+m81xblHKMAtnWdcjmF
Q1kHYu4TQszvXPkKULgrST6KHIHN0oX71UhPUtF0/2CGWWO2A74gNjOlGqGnm2yt
TSxuiYqFGgYosrWV4LZNYiSncsFDz+ypxqdvCduiAwoTleZE5qrkiDGvJ+DTH54v
I1jZyKIeG6MjXBylruHhQZGofMzVMxdJPNFQgWshpyOkVos57tTQDeK+1W5LUuV5
Y1ZCTp04JPr/FKIz7rpn3XRkCuyxleG382YW9VomxVaWza2u8OkzBv0=
-----END CERTIFICATE-----
Generated at Sat Mar 14 23:54:55 2026 by rpki-client