Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/_6y-LJNxV-mTIaYkmb813yvhWcw.roa
File: _6y-LJNxV-mTIaYkmb813yvhWcw.roa (raw, json)
Hash identifier: DHAF3cF7E6kFaqicMBcL18bflbgXIWl818XhgBDiv84=
Subject key identifier: FF:AC:BE:2C:93:71:57:E9:93:21:A6:24:99:BF:35:DF:2B:E1:59:CC
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01991ADD715E5FFD978282AE2940E66EA8B8
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/_6y-LJNxV-mTIaYkmb813yvhWcw.roa
Signing time: Fri 05 Sep 2025 17:12:24 +0000
ROA not before: Fri 05 Sep 2025 17:12:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 89.185.79.0/24 maxlen: 24
92.240.215.0/24 maxlen: 24
92.240.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 23:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1a:dd:71:5e:5f:fd:97:82:82:ae:29:40:e6:6e:a8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Sep 5 17:12:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffacbe2c937157e99321a62499bf35df2be159cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:68:38:ab:cb:7e:e2:15:30:83:83:8b:c2:40:
4a:62:98:e1:a2:59:09:d9:45:f2:7d:11:09:9b:4f:
70:e8:e7:c9:36:1f:7e:4f:92:69:98:d6:5e:3c:40:
61:e8:b6:f1:14:ae:52:12:f1:6c:bd:8c:52:29:88:
fa:f5:14:ad:12:02:c8:d1:d6:bb:b9:af:97:bc:50:
0e:29:31:a4:bb:59:67:1d:95:93:51:8c:26:23:65:
8c:03:c7:51:7a:0a:bd:f1:10:82:f3:d4:fd:1c:33:
e2:24:78:a1:09:07:50:bf:58:df:d1:65:87:46:5f:
ad:d9:8f:b1:e9:e7:a9:34:42:50:75:c8:e1:3c:bc:
5c:3c:af:26:cb:98:6f:c1:24:31:85:f3:eb:56:ef:
45:1f:52:b9:d1:70:2e:2b:b1:72:a8:39:23:71:d7:
66:16:0e:86:1b:7b:9e:a7:84:6a:88:d3:9e:10:64:
18:4e:35:2b:1d:d8:8a:b3:0b:b7:b2:1e:48:b9:83:
5e:b9:a4:03:97:bd:7b:49:77:f8:3c:39:3b:a0:d5:
5a:fd:a0:0a:a9:3d:7b:e8:5e:bc:ea:6b:e1:70:d3:
66:9d:dd:9d:b1:e5:4e:f4:96:3f:8e:37:be:bd:6c:
51:e8:32:c5:a7:ad:38:da:44:a6:66:e5:be:9e:09:
23:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AC:BE:2C:93:71:57:E9:93:21:A6:24:99:BF:35:DF:2B:E1:59:CC
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/_6y-LJNxV-mTIaYkmb813yvhWcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.79.0/24
92.240.215.0/24
92.240.217.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:3e:25:11:31:2b:4d:d5:89:95:4a:ae:20:6f:39:e7:9a:89:
c7:00:e9:d2:cb:22:81:f8:e7:d6:8c:81:b1:5d:22:43:a0:b8:
4e:90:3f:ba:4b:ad:2e:cd:2c:6a:83:ac:5e:dc:32:5e:04:6d:
b5:94:01:ea:ca:0b:fa:85:11:c8:6e:6d:0d:5a:f5:ca:64:69:
c0:16:06:78:70:5f:e0:9c:df:84:e9:c6:0f:5e:05:d3:a1:ce:
1e:36:5a:57:4a:05:d3:c1:24:9b:62:50:da:45:d1:88:f1:0d:
a3:d3:0e:91:16:3a:d2:9d:d8:46:b2:da:99:d7:ab:d4:ce:c1:
b2:62:54:9b:51:d5:2f:d3:cf:46:8c:5b:2c:6e:c0:16:b3:e7:
0b:39:7d:86:50:c8:61:2f:ba:d9:28:04:1c:2e:d5:74:4b:9c:
a3:11:cc:29:6a:07:ff:98:91:ba:dc:6a:e1:54:0e:18:3e:36:
69:d7:88:a0:a6:c6:e0:94:27:33:ea:58:b4:48:7c:5c:e9:a9:
11:45:0b:8d:19:ba:91:82:ef:15:da:29:79:78:40:50:aa:5b:
b5:b5:91:ec:c8:53:f2:17:fc:ed:a7:95:20:86:8f:21:c3:50:
2d:ce:13:d1:78:3e:a0:64:41:fb:1a:51:31:4c:49:68:df:23:
5a:1c:df:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZka3XFeX/2XgoKuKUDmbqi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUwOTA1MTcxMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmFjYmUyYzkzNzE1N2U5OTMyMWE2MjQ5OWJmMzVkZjJiZTE1OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWg4q8t+4hUwg4OLwkBKYpjholkJ
2UXyfREJm09w6OfJNh9+T5JpmNZePEBh6LbxFK5SEvFsvYxSKYj69RStEgLI0da7
ua+XvFAOKTGku1lnHZWTUYwmI2WMA8dRegq98RCC89T9HDPiJHihCQdQv1jf0WWH
Rl+t2Y+x6eepNEJQdcjhPLxcPK8my5hvwSQxhfPrVu9FH1K50XAuK7FyqDkjcddm
Fg6GG3uep4RqiNOeEGQYTjUrHdiKswu3sh5IuYNeuaQDl717SXf4PDk7oNVa/aAK
qT176F686mvhcNNmnd2dseVO9JY/jje+vWxR6DLFp6042kSmZuW+ngkjTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP+sviyTcVfpkyGmJJm/Nd8r4VnMMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvXzZ5LUxKTnhWLW1USWFZa21iODEzeXZoV2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWblPAwQA
XPDXAwQAXPDZMA0GCSqGSIb3DQEBCwUAA4IBAQCqPiURMStN1YmVSq4gbznnmonH
AOnSyyKB+OfWjIGxXSJDoLhOkD+6S60uzSxqg6xe3DJeBG21lAHqygv6hRHIbm0N
WvXKZGnAFgZ4cF/gnN+E6cYPXgXToc4eNlpXSgXTwSSbYlDaRdGI8Q2j0w6RFjrS
ndhGstqZ16vUzsGyYlSbUdUv089GjFssbsAWs+cLOX2GUMhhL7rZKAQcLtV0S5yj
Ecwpagf/mJG63GrhVA4YPjZp14igpsbglCcz6li0SHxc6akRRQuNGbqRgu8V2il5
eEBQqlu1tZHsyFPyF/ztp5Ugho8hw1AtzhPReD6gZEH7GlExTElo3yNaHN9N
-----END CERTIFICATE-----
Generated at Mon Sep 8 04:16:54 2025 by rpki-client