Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/9sivwV2Y2yAFFnmkYJ1Zol3pcUI.roa
File: 9sivwV2Y2yAFFnmkYJ1Zol3pcUI.roa (raw, json)
Hash identifier: iIPWwTsolo+wvKdwR+ZK1g6w3Rsb/HA6Srp6m7oPlKE=
Subject key identifier: F6:C8:AF:C1:5D:98:DB:20:05:16:79:A4:60:9D:59:A2:5D:E9:71:42
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01999974F46EED1376A13F16B916C626859A
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/9sivwV2Y2yAFFnmkYJ1Zol3pcUI.roa
Signing time: Tue 30 Sep 2025 07:10:02 +0000
ROA not before: Tue 30 Sep 2025 07:10:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.1.40.0/24 maxlen: 24
2a06:fe40::/32 maxlen: 32
2a09:1d80::/29 maxlen: 29
2a09:1d80::/32 maxlen: 32
2a09:1d81::/32 maxlen: 32
2a09:1d82::/32 maxlen: 32
2a09:1d83::/32 maxlen: 32
2a09:1d84::/32 maxlen: 32
2a09:1d85::/32 maxlen: 32
2a09:1d86::/32 maxlen: 32
2a09:1d87::/32 maxlen: 32
2a0e:6c00::/29 maxlen: 29
2a0e:6c00::/32 maxlen: 32
2a0e:6c01::/32 maxlen: 32
2a0e:6c02::/32 maxlen: 32
2a0e:6c03::/32 maxlen: 32
2a0e:6c04::/32 maxlen: 32
2a0e:6c05::/32 maxlen: 32
2a0e:6c06::/32 maxlen: 32
2a0e:6c07::/32 maxlen: 32
2a0e:8400::/29 maxlen: 29
2a11:ed80::/29 maxlen: 29
2a12:f80::/29 maxlen: 29
2a12:2f00::/29 maxlen: 29
2a12:3a80::/32 maxlen: 32
2a12:3a81::/32 maxlen: 32
2a12:3a82::/32 maxlen: 32
2a12:3a83::/32 maxlen: 32
2a12:3a84::/32 maxlen: 32
2a12:3a85::/32 maxlen: 32
2a12:3a86::/32 maxlen: 32
2a12:3a87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:99:74:f4:6e:ed:13:76:a1:3f:16:b9:16:c6:26:85:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Sep 30 07:10:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6c8afc15d98db20051679a4609d59a25de97142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8b:06:0f:03:a3:44:2a:b3:c2:88:74:2f:b5:
96:e5:2e:ce:c4:87:78:98:6f:fb:7a:e9:42:99:a3:
e4:35:cd:59:d2:da:ec:78:54:48:e8:38:85:6c:a4:
82:a8:ca:88:eb:fa:e6:c7:76:21:27:f5:b9:86:78:
be:79:2f:0a:f7:e0:2a:3f:a8:27:1f:5d:61:a5:ec:
41:f7:55:c8:64:7d:33:df:5d:70:57:6c:8a:5a:81:
c1:c7:36:97:6a:f6:9d:6e:18:6a:a0:9b:9d:0d:44:
63:29:b2:33:82:a0:5c:1b:d5:ab:62:12:f7:41:22:
53:33:01:8d:71:2f:24:9b:23:4e:51:26:54:cf:1b:
38:18:da:e6:69:bf:6e:a7:b7:07:66:fb:4c:c6:6f:
8e:2a:74:06:82:8f:0b:6e:7a:41:7c:a4:a9:f5:6b:
97:63:24:47:3d:fb:da:4a:c2:81:e6:89:10:d8:cb:
d3:cc:7e:14:c0:12:28:f8:af:31:fd:62:7c:2d:e3:
95:fb:9a:46:a2:0b:84:d3:7a:cf:ce:a2:54:22:b0:
5a:4e:c7:43:dd:e5:7c:63:a9:7b:3d:3d:ba:38:3c:
9f:a4:db:c4:31:c7:90:f4:bd:eb:99:6e:9d:47:a4:
87:30:2b:98:23:5b:ea:75:2f:c7:a2:e4:a1:96:ab:
01:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C8:AF:C1:5D:98:DB:20:05:16:79:A4:60:9D:59:A2:5D:E9:71:42
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/9sivwV2Y2yAFFnmkYJ1Zol3pcUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.40.0/24
IPv6:
2a06:fe40::/32
2a09:1d80::/29
2a0e:6c00::/29
2a0e:8400::/29
2a11:ed80::/29
2a12:f80::/29
2a12:2f00::/29
2a12:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
79:90:27:0a:26:5b:80:fb:5f:94:f4:18:fe:4e:33:f6:57:51:
e9:be:6d:b2:3b:01:a9:c5:2b:f2:db:88:35:fd:8f:8e:3a:4b:
b5:29:8c:4a:32:72:5a:af:98:10:3f:b2:a9:e1:b8:d6:dd:d5:
16:89:e8:5a:d3:4f:52:2a:ca:11:8f:0f:d9:f8:a1:d5:6d:db:
f8:93:ce:1a:c5:c0:ec:39:a1:c5:d1:93:a6:e5:1c:ef:52:a3:
c6:99:85:61:ed:da:11:1a:6d:d5:47:e0:73:06:ef:0e:6a:d4:
80:d5:4b:c4:c3:8f:43:43:c8:77:4a:32:fd:97:a3:c0:3d:5a:
e1:2c:1c:24:36:e4:7a:1c:8c:23:2e:22:0b:25:68:4d:a0:0e:
23:65:d7:aa:f4:5e:32:6f:c5:14:d8:04:a7:92:39:1b:23:78:
65:81:be:d5:c0:59:a9:12:88:c2:c0:6c:f2:51:43:17:80:54:
4b:e9:97:6a:71:98:01:fb:6f:b3:21:73:b4:84:68:91:e1:71:
62:16:bc:21:68:7d:ae:c0:1e:c4:17:b4:bd:eb:4d:03:99:65:
1a:3a:45:f8:b2:5e:b7:84:9a:d4:96:19:22:29:ab:a3:36:89:
a4:85:11:e7:af:af:82:60:bc:fa:df:da:d9:d0:8b:1d:a8:4b:
d3:4e:81:eb
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZmZdPRu7RN2oT8WuRbGJoWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwOTMwMDcxMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmM4YWZjMTVkOThkYjIwMDUxNjc5YTQ2MDlkNTlhMjVkZTk3MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4sGDwOjRCqzwoh0L7WW5S7OxId4
mG/7eulCmaPkNc1Z0trseFRI6DiFbKSCqMqI6/rmx3YhJ/W5hni+eS8K9+AqP6gn
H11hpexB91XIZH0z311wV2yKWoHBxzaXavadbhhqoJudDURjKbIzgqBcG9WrYhL3
QSJTMwGNcS8kmyNOUSZUzxs4GNrmab9up7cHZvtMxm+OKnQGgo8LbnpBfKSp9WuX
YyRHPfvaSsKB5okQ2MvTzH4UwBIo+K8x/WJ8LeOV+5pGoguE03rPzqJUIrBaTsdD
3eV8Y6l7PT26ODyfpNvEMceQ9L3rmW6dR6SHMCuYI1vqdS/HouShlqsBowIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPbIr8FdmNsgBRZ5pGCdWaJd6XFCMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvOXNpdndWMlkyeUFGRm5ta1lKMVpvbDNwY1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAMBAIAATAGAwQABQEoMD4E
AgACMDgDBQAqBv5AAwUDKgkdgAMFAyoObAADBQMqDoQAAwUDKhHtgAMFAyoSD4AD
BQMqEi8AAwUDKhI6gDANBgkqhkiG9w0BAQsFAAOCAQEAeZAnCiZbgPtflPQY/k4z
9ldR6b5tsjsBqcUr8tuINf2PjjpLtSmMSjJyWq+YED+yqeG41t3VFonoWtNPUirK
EY8P2fih1W3b+JPOGsXA7DmhxdGTpuUc71KjxpmFYe3aERpt1UfgcwbvDmrUgNVL
xMOPQ0PId0oy/ZejwD1a4SwcJDbkehyMIy4iCyVoTaAOI2XXqvReMm/FFNgEp5I5
GyN4ZYG+1cBZqRKIwsBs8lFDF4BUS+mXanGYAftvsyFztIRokeFxYha8IWh9rsAe
xBe0vetNA5llGjpF+LJet4Sa1JYZIimrozaJpIUR56+vgmC8+t/a2dCLHahL006B
6w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:19:51 2025 by rpki-client