Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/9rMzVMYK9eXzpBmT0iPvt6GpYzo.roa
File: 9rMzVMYK9eXzpBmT0iPvt6GpYzo.roa (raw, json)
Hash identifier: oQWdzrtWJpDKZmlzoTiBQG4VeWuWHNgophi4D6GY3eU=
Subject key identifier: F6:B3:33:54:C6:0A:F5:E5:F3:A4:19:93:D2:23:EF:B7:A1:A9:63:3A
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 019929054F3A1F2F61E8DED0BE88D8C01DAC
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/9rMzVMYK9eXzpBmT0iPvt6GpYzo.roa
Signing time: Mon 08 Sep 2025 11:10:37 +0000
ROA not before: Mon 08 Sep 2025 11:10:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
45.66.92.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
193.219.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 00:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:29:05:4f:3a:1f:2f:61:e8:de:d0:be:88:d8:c0:1d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Sep 8 11:10:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6b33354c60af5e5f3a41993d223efb7a1a9633a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ca:0d:64:89:c1:e2:e1:c6:9c:e2:a7:b2:4f:
98:9f:fb:5d:6c:6e:43:53:fa:8f:c4:d5:a2:ee:23:
81:a1:86:b6:ef:2f:d2:11:33:8d:8e:73:87:8a:a0:
78:6c:42:20:f0:ae:29:de:b0:be:df:5d:a1:59:d7:
53:49:b3:28:90:c3:6e:f3:73:1e:7b:c1:de:78:9a:
56:2a:97:15:7b:10:87:4c:eb:87:b5:d2:13:d4:0d:
e9:43:f5:ae:ef:df:54:f7:44:3b:96:3a:7e:2d:d4:
99:5c:85:33:01:13:b7:37:d2:ab:fc:56:01:b8:2d:
bd:f2:f2:45:2b:c5:0f:bd:ba:27:38:26:79:2e:b6:
66:4d:53:56:c6:82:ab:08:da:34:c4:46:45:29:fb:
b7:eb:f0:6d:bf:1c:69:6c:fe:3c:e8:fe:c5:2b:7f:
9b:30:a3:87:03:b4:ee:66:3c:61:04:db:7b:45:cc:
77:d3:2c:0b:86:70:6f:07:20:f1:b2:98:bf:c9:de:
c7:5d:3c:4e:b7:20:38:a6:03:5f:c2:39:3d:df:51:
73:2c:9a:df:9b:70:5d:f7:2e:0c:f0:95:f4:d2:25:
73:ef:56:73:29:47:57:b0:82:a6:7a:02:89:6a:36:
65:c9:62:55:18:e0:92:40:00:a6:57:1c:4f:e6:37:
6d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B3:33:54:C6:0A:F5:E5:F3:A4:19:93:D2:23:EF:B7:A1:A9:63:3A
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/9rMzVMYK9eXzpBmT0iPvt6GpYzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/23
192.145.52.0/22
193.219.99.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:d2:5c:96:72:1d:fb:23:be:27:06:05:c3:b0:37:9b:d4:16:
5c:0c:0f:19:dc:76:36:a3:59:30:b9:f6:ef:d1:84:bc:db:ca:
7f:6c:25:a1:96:c0:04:76:d2:04:09:de:03:cd:38:6c:97:b7:
4c:df:9a:91:ae:d2:6c:6b:df:6c:a1:87:51:ec:3a:17:29:08:
fe:e0:68:8b:a9:8d:c5:e1:1c:d4:d2:a8:4f:bb:37:cb:7c:58:
59:22:1f:8f:f7:59:aa:b0:ef:30:d0:14:ef:40:f9:8f:9f:48:
b2:59:8a:01:52:47:06:bd:fc:cf:8e:de:e6:3c:d5:df:39:cd:
80:92:88:a2:3e:73:8a:cb:6b:83:21:8b:d7:fc:ce:be:74:a6:
aa:a0:e6:6e:5b:a9:c2:ed:5c:de:c9:b0:24:f7:b4:6a:53:71:
07:95:31:18:85:d2:6d:a6:24:b4:c0:56:18:1d:97:6f:e8:1a:
06:a4:2d:ff:6e:eb:4c:2e:a8:5c:d3:80:c0:a8:81:9e:af:fc:
b4:49:ec:c3:8c:27:e3:07:51:d4:13:b9:6c:ce:85:3b:6d:ff:
0a:3e:81:58:e9:58:f5:f4:e5:9c:71:08:11:f0:92:03:27:4c:
e3:f9:42:81:02:64:9c:bf:e0:a2:c8:1a:33:23:a9:ea:57:d6:
39:38:21:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkpBU86Hy9h6N7QvojYwB2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUwOTA4MTExMDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmIzMzM1NGM2MGFmNWU1ZjNhNDE5OTNkMjIzZWZiN2ExYTk2MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9MoNZInB4uHGnOKnsk+Yn/tdbG5D
U/qPxNWi7iOBoYa27y/SETONjnOHiqB4bEIg8K4p3rC+312hWddTSbMokMNu83Me
e8HeeJpWKpcVexCHTOuHtdIT1A3pQ/Wu799U90Q7ljp+LdSZXIUzARO3N9Kr/FYB
uC298vJFK8UPvbonOCZ5LrZmTVNWxoKrCNo0xEZFKfu36/BtvxxpbP486P7FK3+b
MKOHA7TuZjxhBNt7Rcx30ywLhnBvByDxspi/yd7HXTxOtyA4pgNfwjk931FzLJrf
m3Bd9y4M8JX00iVz71ZzKUdXsIKmegKJajZlyWJVGOCSQACmVxxP5jdt+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPazM1TGCvXl86QZk9Ij77ehqWM6MB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvOXJNelZNWUs5ZVh6cEJtVDBpUHZ0NkdwWXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJSzkAwQB
LUJcAwQCwJE0AwQAwdtjMA0GCSqGSIb3DQEBCwUAA4IBAQCK0lyWch37I74nBgXD
sDeb1BZcDA8Z3HY2o1kwufbv0YS828p/bCWhlsAEdtIECd4DzThsl7dM35qRrtJs
a99soYdR7DoXKQj+4GiLqY3F4RzU0qhPuzfLfFhZIh+P91mqsO8w0BTvQPmPn0iy
WYoBUkcGvfzPjt7mPNXfOc2AkoiiPnOKy2uDIYvX/M6+dKaqoOZuW6nC7VzeybAk
97RqU3EHlTEYhdJtpiS0wFYYHZdv6BoGpC3/butMLqhc04DAqIGer/y0SezDjCfj
B1HUE7lszoU7bf8KPoFY6Vj19OWccQgR8JIDJ0zj+UKBAmScv+CiyBozI6nqV9Y5
OCF4
-----END CERTIFICATE-----
Generated at Thu Sep 18 08:15:28 2025 by rpki-client