Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/4Xa_I0Ew_SzSlXmU6iIannLAe08.roa
File: 4Xa_I0Ew_SzSlXmU6iIannLAe08.roa (raw, json)
Hash identifier: AjewJFwo4QGY/lxZ4MNmCibBPX5PWQ6zVmjaYAuxeRk=
Subject key identifier: E1:76:BF:23:41:30:FD:2C:D2:95:79:94:EA:22:1A:9E:72:C0:7B:4F
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 0198EBF2564E4177A472889F41CDCEE78EDD
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/4Xa_I0Ew_SzSlXmU6iIannLAe08.roa
Signing time: Wed 27 Aug 2025 14:33:04 +0000
ROA not before: Wed 27 Aug 2025 14:33:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 2a09:a702:6e::/48 maxlen: 48
2a09:a702:6f::/48 maxlen: 48
2a09:a702:70::/48 maxlen: 48
2a09:a702:71::/48 maxlen: 48
2a09:a702:74::/48 maxlen: 48
2a09:a702:75::/48 maxlen: 48
2a09:a702:78::/48 maxlen: 48
2a09:a702:79::/48 maxlen: 48
2a09:a702:7a::/48 maxlen: 48
2a09:a702:7b::/48 maxlen: 48
2a09:a702:7c::/48 maxlen: 48
2a09:a702:7d::/48 maxlen: 48
2a09:a702:7e::/48 maxlen: 48
2a09:a702:7f::/48 maxlen: 48
2a09:a702:80::/48 maxlen: 48
2a09:a702:81::/48 maxlen: 48
2a09:a702:82::/48 maxlen: 48
2a09:a702:83::/48 maxlen: 48
2a09:a702:84::/48 maxlen: 48
2a09:a702:85::/48 maxlen: 48
2a09:a702:86::/48 maxlen: 48
2a09:a702:87::/48 maxlen: 48
2a09:a702:88::/48 maxlen: 48
2a09:a702:89::/48 maxlen: 48
2a09:a702:8a::/48 maxlen: 48
2a09:a702:8b::/48 maxlen: 48
2a09:a702:8c::/48 maxlen: 48
2a09:a702:8d::/48 maxlen: 48
2a09:a702:8e::/48 maxlen: 48
2a09:a702:8f::/48 maxlen: 48
2a09:a702:90::/48 maxlen: 48
2a09:a702:91::/48 maxlen: 48
2a09:a702:96::/48 maxlen: 48
2a09:a702:97::/48 maxlen: 48
2a09:a702:98::/48 maxlen: 48
2a09:a702:99::/48 maxlen: 48
2a09:a702:9a::/48 maxlen: 48
2a09:a702:9b::/48 maxlen: 48
2a09:a702:9c::/48 maxlen: 48
2a09:a702:9d::/48 maxlen: 48
2a09:a702:9e::/48 maxlen: 48
2a09:a702:9f::/48 maxlen: 48
2a09:a702:a2::/48 maxlen: 48
2a09:a702:a3::/48 maxlen: 48
2a09:a702:a4::/48 maxlen: 48
2a09:a702:a5::/48 maxlen: 48
2a09:a702:a6::/48 maxlen: 48
2a09:a702:a7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 19:46:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:f2:56:4e:41:77:a4:72:88:9f:41:cd:ce:e7:8e:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Aug 27 14:33:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e176bf234130fd2cd2957994ea221a9e72c07b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:fa:5f:b5:f9:77:a3:38:6f:cf:3e:3e:dd:47:
44:e7:89:64:5a:3a:22:4a:36:21:05:0f:3c:d9:17:
93:83:86:bd:8d:ff:cb:cd:1a:8b:d4:2a:ab:b7:bc:
ad:23:76:99:c7:dc:83:26:88:75:a2:a4:b8:75:fd:
ca:99:d5:ee:80:df:2d:7e:51:bc:05:e4:39:6f:13:
1a:a1:c4:9f:bf:f1:6d:64:93:b4:58:fb:fd:15:fd:
d0:9f:c7:46:08:66:90:a6:3a:a0:56:de:ac:3c:5c:
ba:db:2f:18:d4:2e:f8:fd:37:4d:4b:fc:d7:05:7b:
4b:95:9c:ef:4a:e3:3d:e6:d4:b1:31:6a:43:27:20:
88:80:6d:c9:4e:7c:65:40:b8:f0:0b:d3:4f:31:cf:
80:b6:bf:c9:ee:ac:f6:46:6d:55:b6:26:56:06:8d:
41:01:9a:10:97:e2:94:04:4a:f1:79:5a:81:45:14:
f8:4a:af:31:49:17:f0:20:38:e1:5b:0e:8e:55:de:
7b:71:39:c1:5f:ea:d5:9b:2b:82:83:6a:23:7c:16:
ff:91:3b:bb:e0:ba:ba:a9:e2:23:02:73:36:6c:23:
81:36:97:0e:8e:c5:57:f1:0e:fd:f4:c1:41:25:cd:
aa:40:07:3b:84:cb:d4:2e:df:e3:13:50:cf:65:27:
fa:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:76:BF:23:41:30:FD:2C:D2:95:79:94:EA:22:1A:9E:72:C0:7B:4F
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/4Xa_I0Ew_SzSlXmU6iIannLAe08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a702:6e::-2a09:a702:71:ffff:ffff:ffff:ffff:ffff
2a09:a702:74::/47
2a09:a702:78::-2a09:a702:91:ffff:ffff:ffff:ffff:ffff
2a09:a702:96::-2a09:a702:9f:ffff:ffff:ffff:ffff:ffff
2a09:a702:a2::-2a09:a702:a7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
87:bb:e9:76:4f:0a:fd:89:dd:b7:9b:fb:6c:35:fe:ac:d5:71:
ed:d4:7f:5d:88:6d:6f:07:7c:5d:45:c0:fe:a0:f9:cc:07:4a:
d2:23:94:89:0a:66:ce:74:d7:41:38:0b:51:69:7a:c2:07:8d:
e8:79:67:96:e2:5e:7a:cd:b6:70:0c:ea:d2:92:0d:d4:8d:7b:
78:18:fe:f9:32:ab:e4:ab:25:43:a0:83:7f:60:51:4c:73:99:
2c:c1:3f:13:a4:bb:a4:60:2b:8f:03:91:e4:21:62:44:6a:85:
df:70:5a:32:b5:3c:38:9c:2e:52:c0:68:7e:15:f6:ac:48:61:
a9:f9:73:4e:96:c1:e6:3d:2b:c8:1b:f7:4c:2f:84:6b:82:c1:
5c:ba:0c:e9:61:06:d9:f0:5c:07:95:b4:86:97:3c:ca:a4:d6:
a0:6e:95:19:b5:80:0c:bd:b7:93:be:93:4f:b5:1e:d3:24:b0:
ad:84:5d:3a:5f:c2:8b:b2:1f:f4:32:a7:1f:a2:0c:b2:7a:d0:
4f:be:58:f6:b3:89:68:0b:66:bc:a4:d1:a0:78:da:65:4c:24:
ba:99:59:36:c1:8e:95:ca:90:c6:e7:51:a7:bc:0b:5e:b1:46:
16:fe:3c:b7:6d:74:ca:5c:8d:ab:36:c2:10:61:04:0c:f1:e6:
3b:77:43:c3
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZjr8lZOQXekcoifQc3O547dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjUwODI3MTQzMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTc2YmYyMzQxMzBmZDJjZDI5NTc5OTRlYTIyMWE5ZTcyYzA3YjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Ppftfl3ozhvzz4+3UdE54lkWjoi
SjYhBQ882ReTg4a9jf/LzRqL1Cqrt7ytI3aZx9yDJoh1oqS4df3KmdXugN8tflG8
BeQ5bxMaocSfv/FtZJO0WPv9Ff3Qn8dGCGaQpjqgVt6sPFy62y8Y1C74/TdNS/zX
BXtLlZzvSuM95tSxMWpDJyCIgG3JTnxlQLjwC9NPMc+Atr/J7qz2Rm1VtiZWBo1B
AZoQl+KUBErxeVqBRRT4Sq8xSRfwIDjhWw6OVd57cTnBX+rVmyuCg2ojfBb/kTu7
4Lq6qeIjAnM2bCOBNpcOjsVX8Q799MFBJc2qQAc7hMvULt/jE1DPZSf6QwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFOF2vyNBMP0s0pV5lOoiGp5ywHtPMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvNFhhX0kwRXdfU3pTbFhtVTZpSWFubkxBZTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBfBAIAAjBZMBIDBwEqCacC
AG4DBwEqCacCAHADBwEqCacCAHQwEgMHAyoJpwIAeAMHASoJpwIAkDASAwcBKgmn
AgCWAwcFKgmnAgCAMBIDBwEqCacCAKIDBwMqCacCAKAwDQYJKoZIhvcNAQELBQAD
ggEBAIe76XZPCv2J3beb+2w1/qzVce3Uf12IbW8HfF1FwP6g+cwHStIjlIkKZs50
10E4C1FpesIHjeh5Z5biXnrNtnAM6tKSDdSNe3gY/vkyq+SrJUOgg39gUUxzmSzB
PxOku6RgK48DkeQhYkRqhd9wWjK1PDicLlLAaH4V9qxIYan5c06WweY9K8gb90wv
hGuCwVy6DOlhBtnwXAeVtIaXPMqk1qBulRm1gAy9t5O+k0+1HtMksK2EXTpfwouy
H/Qypx+iDLJ60E++WPaziWgLZryk0aB42mVMJLqZWTbBjpXKkMbnUae8C16xRhb+
PLdtdMpcjas2whBhBAzx5jt3Q8M=
-----END CERTIFICATE-----
Generated at Fri Sep 5 02:35:03 2025 by rpki-client