Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/pYT69ekFAz6AyMxjupc4L7m_By4.roa
File: pYT69ekFAz6AyMxjupc4L7m_By4.roa (raw, json)
Hash identifier: Cer1nHXkBg7TmA4VluMF+Bs6hly21XolmwIlPkVMAss=
Subject key identifier: A5:84:FA:F5:E9:05:03:3E:80:C8:CC:63:BA:97:38:2F:B9:BF:07:2E
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 019909837CC24D487E2B30C7489AE65F4B8B
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/pYT69ekFAz6AyMxjupc4L7m_By4.roa
Signing time: Tue 02 Sep 2025 08:20:36 +0000
ROA not before: Tue 02 Sep 2025 08:20:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213245
IP address blocks: 84.17.69.0/24 maxlen: 24
84.17.72.0/24 maxlen: 24
84.17.76.0/24 maxlen: 24
84.17.79.0/24 maxlen: 24
84.17.88.0/24 maxlen: 24
84.17.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 17:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:09:83:7c:c2:4d:48:7e:2b:30:c7:48:9a:e6:5f:4b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Sep 2 08:20:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a584faf5e905033e80c8cc63ba97382fb9bf072e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bb:18:3c:65:a4:f7:91:47:b0:67:d3:92:19:
2f:68:c1:e4:8e:e4:4b:31:b9:60:ba:18:28:76:5c:
c3:9a:89:52:00:b5:34:63:fe:d9:94:90:2c:fa:6a:
95:93:cb:64:ce:12:a9:6d:56:d6:1d:c7:75:e7:09:
08:ef:67:ed:0b:bb:c3:db:9f:56:d8:99:0d:91:0c:
7e:f7:65:b7:fb:42:71:90:00:7e:b6:76:47:1c:ef:
e9:3d:a6:76:ed:d6:91:8e:11:3f:c7:3d:0c:3e:4e:
75:df:e8:d2:c7:25:1c:46:bd:c0:8b:8c:30:76:fb:
a5:3a:42:c3:b0:11:6c:54:27:97:ca:95:6a:56:e1:
f2:67:48:63:ac:36:0c:02:b2:2f:fc:11:3c:50:fd:
84:33:ea:a3:3c:30:14:e4:25:7d:de:1a:27:5b:92:
eb:be:e1:2c:39:2a:15:d6:ed:9a:0d:4f:70:35:2a:
eb:f3:4c:34:7b:02:8e:7c:f0:0a:da:db:60:54:88:
b3:3e:21:f1:fd:9f:4c:75:62:f0:2d:20:9a:92:07:
c3:83:f8:3c:de:3d:d4:33:3b:41:27:13:b4:23:52:
c8:16:96:78:92:c6:d3:42:d3:1b:e0:12:cb:f1:09:
91:e5:e1:fd:ab:60:d9:3d:fb:81:05:3c:3c:49:a7:
49:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:84:FA:F5:E9:05:03:3E:80:C8:CC:63:BA:97:38:2F:B9:BF:07:2E
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/pYT69ekFAz6AyMxjupc4L7m_By4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.69.0/24
84.17.72.0/24
84.17.76.0/24
84.17.79.0/24
84.17.88.0/24
84.17.95.0/24
Signature Algorithm: sha256WithRSAEncryption
02:0b:d3:57:5d:6a:2a:04:59:47:22:89:38:30:31:1f:e6:b1:
37:e4:f9:90:e7:a4:db:69:c0:3b:85:28:87:a2:26:34:ca:40:
0e:c6:a0:d0:fe:91:9b:1b:e8:d1:75:bd:bd:34:a4:32:cc:b3:
fc:af:f4:29:e2:f4:f4:6a:6e:4c:9e:58:3b:e5:04:3e:c2:63:
f5:4b:97:06:3a:8c:74:2e:93:d4:6a:20:19:a2:3a:ac:b4:c8:
45:f0:01:c0:9f:71:d4:e2:14:5a:44:94:df:85:1c:63:4b:10:
7d:18:5e:da:73:f1:7c:e0:c9:5c:69:10:ef:30:c0:c0:3d:35:
e5:f5:46:42:24:8e:2b:54:7a:05:7f:ee:19:6c:e3:2c:e4:6a:
8b:bf:54:3e:d8:06:95:f0:54:40:76:85:5b:05:34:b7:d8:aa:
3e:79:c7:75:5d:4f:0a:3b:7a:c1:ff:6d:60:61:bf:21:ae:b9:
02:be:49:0b:3e:9e:26:9c:5b:0c:6e:d0:55:e6:25:d5:46:2c:
20:98:5c:e6:a3:19:12:0c:a2:2a:c1:ec:25:13:5a:b8:27:c3:
8c:f7:08:ac:e5:42:c5:3c:64:b0:3d:69:65:ee:63:f8:24:94:
93:84:b9:4e:36:b4:e3:d8:d8:48:98:70:c3:fe:e9:7d:ac:0c:
0a:17:1a:c8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZkJg3zCTUh+KzDHSJrmX0uLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjUwOTAyMDgyMDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg0ZmFmNWU5MDUwMzNlODBjOGNjNjNiYTk3MzgyZmI5YmYwNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbsYPGWk95FHsGfTkhkvaMHkjuRL
MblguhgodlzDmolSALU0Y/7ZlJAs+mqVk8tkzhKpbVbWHcd15wkI72ftC7vD259W
2JkNkQx+92W3+0JxkAB+tnZHHO/pPaZ27daRjhE/xz0MPk513+jSxyUcRr3Ai4ww
dvulOkLDsBFsVCeXypVqVuHyZ0hjrDYMArIv/BE8UP2EM+qjPDAU5CV93honW5Lr
vuEsOSoV1u2aDU9wNSrr80w0ewKOfPAK2ttgVIizPiHx/Z9MdWLwLSCakgfDg/g8
3j3UMztBJxO0I1LIFpZ4ksbTQtMb4BLL8QmR5eH9q2DZPfuBBTw8SadJ/wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKWE+vXpBQM+gMjMY7qXOC+5vwcuMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvcFlUNjlla0ZBejZBeU14anVwYzRMN21fQnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVBFFAwQA
VBFIAwQAVBFMAwQAVBFPAwQAVBFYAwQAVBFfMA0GCSqGSIb3DQEBCwUAA4IBAQAC
C9NXXWoqBFlHIok4MDEf5rE35PmQ56TbacA7hSiHoiY0ykAOxqDQ/pGbG+jRdb29
NKQyzLP8r/Qp4vT0am5Mnlg75QQ+wmP1S5cGOox0LpPUaiAZojqstMhF8AHAn3HU
4hRaRJTfhRxjSxB9GF7ac/F84MlcaRDvMMDAPTXl9UZCJI4rVHoFf+4ZbOMs5GqL
v1Q+2AaV8FRAdoVbBTS32Ko+ecd1XU8KO3rB/21gYb8hrrkCvkkLPp4mnFsMbtBV
5iXVRiwgmFzmoxkSDKIqwewlE1q4J8OM9wis5ULFPGSwPWll7mP4JJSThLlONrTj
2NhImHDD/ul9rAwKFxrI
-----END CERTIFICATE-----
Generated at Tue Sep 9 00:36:30 2025 by rpki-client