Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/91l2Yb8YwQSDQHvvNE46zpCyVmc.roa
File: 91l2Yb8YwQSDQHvvNE46zpCyVmc.roa (raw, json)
Hash identifier: mGPyzZlrmG/EWJ68Z0RE6FvDlu0TU72CrUGOLfrrtwM=
Subject key identifier: F7:59:76:61:BF:18:C1:04:83:40:7B:EF:34:4E:3A:CE:90:B2:56:67
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019927CCE7B2B1B27897BAFCBEF67BC35DA1
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/91l2Yb8YwQSDQHvvNE46zpCyVmc.roa
Signing time: Mon 08 Sep 2025 05:29:24 +0000
ROA not before: Mon 08 Sep 2025 05:29:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12389
IP address blocks: 2a09:6285::/32 maxlen: 32
2a11:4b40::/32 maxlen: 32
2a12:a340::/32 maxlen: 32
2a13:3880::/32 maxlen: 32
2a13:3881::/32 maxlen: 32
2a13:3882::/32 maxlen: 32
2a13:3883::/32 maxlen: 32
2a13:3884::/32 maxlen: 32
2a13:3885::/32 maxlen: 32
2a13:3886::/32 maxlen: 32
2a13:3887::/32 maxlen: 32
2a13:93c0::/32 maxlen: 32
2a13:93c2::/32 maxlen: 32
2a13:93c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 11:58:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:27:cc:e7:b2:b1:b2:78:97:ba:fc:be:f6:7b:c3:5d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 8 05:29:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7597661bf18c10483407bef344e3ace90b25667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:51:aa:98:83:42:57:d8:20:5d:7d:e4:83:4d:
ed:1e:f8:72:e7:54:3f:2a:68:39:42:56:ea:fc:1c:
66:01:0e:80:4c:cb:24:ab:11:63:cb:0e:52:a8:53:
6f:fa:d0:85:99:cf:16:7d:c2:03:b8:4b:ee:cd:80:
ca:45:9d:b5:06:76:b3:40:06:b7:82:2b:20:6c:8a:
4c:4a:d5:85:8d:f0:08:31:cd:9a:53:43:05:41:ce:
5e:6b:4b:ac:bb:e9:7d:0b:56:61:86:d7:ab:34:d6:
6d:0e:91:cf:06:6e:08:f0:c2:41:bd:94:98:98:3e:
f8:74:35:7c:88:e6:42:65:c3:df:98:24:90:97:85:
b9:5a:3a:80:0c:f8:d4:dc:5e:a5:96:92:fa:eb:7c:
58:3d:2b:6d:f9:ab:d0:65:9f:fe:10:f9:91:8e:47:
05:09:e6:c1:03:f8:7d:dc:35:2a:83:9a:2f:bf:df:
59:1f:6b:fa:e4:f5:6c:2f:98:80:58:6b:00:1a:b3:
35:72:17:a1:16:cf:28:3d:09:67:26:09:af:62:87:
88:ef:73:92:06:7a:41:a4:67:47:47:cb:fd:c7:e3:
27:95:fb:a2:09:04:8f:1f:84:ba:7d:0b:d6:ae:6c:
c3:99:36:b1:0b:e2:2d:d0:8c:2a:5c:bf:50:ec:4a:
f9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:59:76:61:BF:18:C1:04:83:40:7B:EF:34:4E:3A:CE:90:B2:56:67
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/91l2Yb8YwQSDQHvvNE46zpCyVmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6285::/32
2a11:4b40::/32
2a12:a340::/32
2a13:3880::/29
2a13:93c0::/32
2a13:93c2::/32
2a13:93c4::/32
Signature Algorithm: sha256WithRSAEncryption
96:c2:40:55:bc:e3:3b:79:70:6f:4b:1b:ea:61:01:93:22:04:
58:6c:b6:30:0a:f6:37:40:65:d9:f5:95:24:84:b2:eb:fb:25:
3d:2c:b8:96:31:ca:77:49:97:3b:d2:24:7c:13:de:9f:a8:be:
88:89:0d:e8:34:6c:4e:fa:21:a8:d9:4e:4b:30:22:38:ab:7e:
3e:a1:9b:d9:24:a3:ef:d6:fb:2b:26:6c:46:99:b2:31:53:a7:
f7:7c:e0:09:bf:db:c3:3b:37:64:0a:ab:66:08:82:30:4c:6c:
80:4d:e4:54:f1:79:c1:ac:8b:8f:8f:64:60:5a:ce:d3:c6:e8:
0e:a1:ac:01:69:56:37:5c:1c:51:c4:bc:a9:99:7f:bc:19:a1:
50:e7:3a:72:7b:a6:59:67:a8:dc:53:1e:d0:9b:d2:c8:69:0d:
ed:65:f1:36:e5:01:53:c5:0e:b0:ce:ff:71:84:12:8d:7a:0a:
1c:2d:d7:8d:0e:d9:55:71:5e:00:a2:71:02:5f:10:50:05:59:
ed:63:49:69:53:e2:fa:6a:83:70:2c:78:bc:39:40:0e:5d:1d:
be:66:36:52:42:05:cb:03:4d:47:8b:b2:ea:27:1b:b7:a8:78:
1d:f2:b3:b7:cf:85:d9:fc:7b:f1:18:cb:6a:57:35:90:58:9a:
6f:3e:f9:a0
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZknzOeysbJ4l7r8vvZ7w12hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwOTA4MDUyOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzU5NzY2MWJmMThjMTA0ODM0MDdiZWYzNDRlM2FjZTkwYjI1NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklGqmINCV9ggXX3kg03tHvhy51Q/
Kmg5Qlbq/BxmAQ6ATMskqxFjyw5SqFNv+tCFmc8WfcIDuEvuzYDKRZ21BnazQAa3
gisgbIpMStWFjfAIMc2aU0MFQc5ea0usu+l9C1ZhhterNNZtDpHPBm4I8MJBvZSY
mD74dDV8iOZCZcPfmCSQl4W5WjqADPjU3F6llpL663xYPStt+avQZZ/+EPmRjkcF
CebBA/h93DUqg5ovv99ZH2v65PVsL5iAWGsAGrM1chehFs8oPQlnJgmvYoeI73OS
BnpBpGdHR8v9x+MnlfuiCQSPH4S6fQvWrmzDmTaxC+It0IwqXL9Q7Er5zQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPdZdmG/GMEEg0B77zROOs6QslZnMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvOTFsMlliOFl3UVNEUUh2dk5FNDZ6cEN5Vm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKglihQMF
ACoRS0ADBQAqEqNAAwUDKhM4gAMFACoTk8ADBQAqE5PCAwUAKhOTxDANBgkqhkiG
9w0BAQsFAAOCAQEAlsJAVbzjO3lwb0sb6mEBkyIEWGy2MAr2N0Bl2fWVJISy6/sl
PSy4ljHKd0mXO9IkfBPen6i+iIkN6DRsTvohqNlOSzAiOKt+PqGb2SSj79b7KyZs
RpmyMVOn93zgCb/bwzs3ZAqrZgiCMExsgE3kVPF5wayLj49kYFrO08boDqGsAWlW
N1wcUcS8qZl/vBmhUOc6cnumWWeo3FMe0JvSyGkN7WXxNuUBU8UOsM7/cYQSjXoK
HC3XjQ7ZVXFeAKJxAl8QUAVZ7WNJaVPi+mqDcCx4vDlADl0dvmY2UkIFywNNR4uy
6icbt6h4HfKzt8+F2fx78RjLalc1kFiabz75oA==
-----END CERTIFICATE-----
Generated at Tue Sep 9 18:13:28 2025 by rpki-client