Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/9nEOqGi3_--NX0-5h6fT715ElSE.roa
File: 9nEOqGi3_--NX0-5h6fT715ElSE.roa (raw, json)
Hash identifier: q/iRA1Cz4NG+otf3xGE1FkrnptD7RCBMfGXAmamLUgo=
Subject key identifier: F6:71:0E:A8:68:B7:FF:EF:8D:5F:4F:B9:87:A7:D3:EF:5E:44:95:21
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 0196C99A3C99550A276A8D98A04BCC02E7A8
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/9nEOqGi3_--NX0-5h6fT715ElSE.roa
Signing time: Tue 13 May 2025 12:24:10 +0000
ROA not before: Tue 13 May 2025 12:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48407
IP address blocks: 81.90.16.0/20 maxlen: 20
81.90.18.0/24 maxlen: 24
81.90.19.0/24 maxlen: 24
81.90.31.0/24 maxlen: 24
93.94.50.0/24 maxlen: 24
93.94.53.0/24 maxlen: 24
93.94.55.0/24 maxlen: 24
2a00:8b20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:9a:3c:99:55:0a:27:6a:8d:98:a0:4b:cc:02:e7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: May 13 12:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6710ea868b7ffef8d5f4fb987a7d3ef5e449521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:90:bf:0f:84:8b:a9:e4:66:09:e8:7b:5f:7f:
ba:a2:6b:4d:bd:65:c3:82:b9:a0:7e:a8:1b:67:84:
f5:af:5e:ef:1b:66:17:97:55:3b:54:7a:73:77:e3:
16:84:95:3c:c7:dc:e5:45:a1:27:ba:af:ea:ce:c1:
28:94:6b:16:b5:14:b1:05:19:f9:1e:e7:13:27:3b:
59:54:df:fe:50:4b:5e:ce:8a:64:29:4f:68:fa:48:
32:75:44:58:23:2d:d7:03:2c:d5:48:13:1b:40:7f:
8e:a4:87:5f:cf:ac:af:db:1c:c4:af:48:06:b3:4b:
c1:08:e5:ea:68:90:2a:17:cf:43:cc:eb:d9:4d:a2:
90:bc:c4:b2:75:a5:64:20:b9:15:9f:bc:37:95:ae:
4a:1c:9d:75:45:bd:82:69:df:20:06:f1:c5:5f:72:
0e:b5:68:48:28:06:33:4f:b3:15:67:f2:ac:e3:2d:
2e:a0:30:66:ff:95:68:ef:21:a7:fb:7b:89:37:95:
ac:b0:f2:2f:da:ae:a5:ef:5e:4b:3d:70:ad:b1:d5:
1b:ad:b3:2b:1c:d6:21:98:8e:c3:2d:53:94:c6:df:
45:4f:7e:df:b7:e7:a7:16:2e:a9:41:15:1b:3a:33:
ee:e3:7a:a4:f2:f5:7d:ec:bc:ab:c8:7a:f3:1a:a2:
13:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:71:0E:A8:68:B7:FF:EF:8D:5F:4F:B9:87:A7:D3:EF:5E:44:95:21
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/9nEOqGi3_--NX0-5h6fT715ElSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.16.0/20
93.94.50.0/24
93.94.53.0/24
93.94.55.0/24
IPv6:
2a00:8b20::/32
Signature Algorithm: sha256WithRSAEncryption
47:a2:ae:cd:5e:d1:4f:90:65:f9:65:69:8f:9c:3a:d7:cc:76:
a2:de:f1:0c:ae:c2:25:a0:81:7b:9f:f7:9e:6b:13:b8:f3:2f:
ea:38:84:38:02:da:01:0f:fc:96:d6:fb:c9:b5:fb:3e:9b:18:
b0:42:f6:ba:91:28:7e:6c:d9:17:5d:5d:ec:94:4c:a8:f0:fe:
42:ac:ce:47:95:b7:ab:a9:1e:a4:29:f0:c0:1d:89:81:78:11:
af:de:47:6e:3b:98:c9:09:b1:9b:85:ac:98:c3:0e:b8:59:e9:
74:2e:f9:d3:e2:19:18:ec:0c:a8:92:70:0f:17:e4:11:6a:51:
41:d1:61:29:57:f4:08:5b:ad:05:99:44:dc:8a:7a:f3:5c:38:
74:cf:ad:8b:cc:1f:03:73:cb:62:a2:5f:14:ba:70:44:d6:fa:
1b:c8:aa:05:6a:17:c4:10:77:be:e8:d7:15:53:f4:4e:1a:fb:
84:dc:d6:11:f1:f7:da:fa:0f:3c:5f:76:36:f6:1e:ef:67:0e:
77:4d:04:7e:ad:be:e8:6f:56:b6:d9:17:fe:30:54:b3:10:15:
2b:60:a0:b0:bd:d3:ca:3b:8e:6c:85:65:70:00:1b:23:b1:b1:
71:80:28:a2:c0:e1:c6:7f:48:93:7d:d7:1d:b4:e7:9c:08:e4:
d8:49:c0:30
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZbJmjyZVQonao2YoEvMAueoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjUwNTEzMTIyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjcxMGVhODY4YjdmZmVmOGQ1ZjRmYjk4N2E3ZDNlZjVlNDQ5NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5C/D4SLqeRmCeh7X3+6omtNvWXD
grmgfqgbZ4T1r17vG2YXl1U7VHpzd+MWhJU8x9zlRaEnuq/qzsEolGsWtRSxBRn5
HucTJztZVN/+UEtezopkKU9o+kgydURYIy3XAyzVSBMbQH+OpIdfz6yv2xzEr0gG
s0vBCOXqaJAqF89DzOvZTaKQvMSydaVkILkVn7w3la5KHJ11Rb2Cad8gBvHFX3IO
tWhIKAYzT7MVZ/Ks4y0uoDBm/5Vo7yGn+3uJN5WssPIv2q6l715LPXCtsdUbrbMr
HNYhmI7DLVOUxt9FT37ft+enFi6pQRUbOjPu43qk8vV97LyryHrzGqITzQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPZxDqhot//vjV9PuYen0+9eRJUhMB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvOW5FT3FHaTNfLS1OWDAtNWg2ZlQ3MTVFbFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUVoQAwQA
XV4yAwQAXV41AwQAXV43MA0EAgACMAcDBQAqAIsgMA0GCSqGSIb3DQEBCwUAA4IB
AQBHoq7NXtFPkGX5ZWmPnDrXzHai3vEMrsIloIF7n/eeaxO48y/qOIQ4AtoBD/yW
1vvJtfs+mxiwQva6kSh+bNkXXV3slEyo8P5CrM5HlberqR6kKfDAHYmBeBGv3kdu
O5jJCbGbhayYww64Wel0LvnT4hkY7AyoknAPF+QRalFB0WEpV/QIW60FmUTcinrz
XDh0z62LzB8Dc8tiol8UunBE1vobyKoFahfEEHe+6NcVU/ROGvuE3NYR8ffa+g88
X3Y29h7vZw53TQR+rb7ob1a22Rf+MFSzEBUrYKCwvdPKO45shWVwABsjsbFxgCii
wOHGf0iTfdcdtOecCOTYScAw
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:27:28 2025 by rpki-client