Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/9_Q9394Z0x8fvCcB_kRxWDxzDcY.roa
File: 9_Q9394Z0x8fvCcB_kRxWDxzDcY.roa (raw, json)
Hash identifier: PanjpRDM1BRIDuCXhHGHPFsUr4cddWBhZ/XLoqFj9Jg=
Subject key identifier: F7:F4:3D:DF:DE:19:D3:1F:1F:BC:27:01:FE:44:71:58:3C:73:0D:C6
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 019A34E5715434B157FB8CC728561554E2F6
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/9_Q9394Z0x8fvCcB_kRxWDxzDcY.roa
Signing time: Thu 30 Oct 2025 11:34:03 +0000
ROA not before: Thu 30 Oct 2025 11:34:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 5.23.0.0/19 maxlen: 19
80.231.0.0/16 maxlen: 16
80.231.8.0/21 maxlen: 21
80.231.11.0/24 maxlen: 24
80.231.22.0/24 maxlen: 24
80.231.56.0/24 maxlen: 24
80.231.71.0/24 maxlen: 24
80.231.93.0/24 maxlen: 24
80.231.94.0/24 maxlen: 24
80.231.96.0/21 maxlen: 21
80.231.112.0/21 maxlen: 21
80.231.176.0/21 maxlen: 21
80.231.187.0/24 maxlen: 24
80.231.202.0/24 maxlen: 24
80.231.216.0/24 maxlen: 24
80.231.235.0/24 maxlen: 24
195.219.0.0/16 maxlen: 16
195.219.22.0/24 maxlen: 24
195.219.38.0/24 maxlen: 24
195.219.40.0/24 maxlen: 24
195.219.41.0/24 maxlen: 24
195.219.43.0/24 maxlen: 24
195.219.44.0/24 maxlen: 24
195.219.45.0/24 maxlen: 24
195.219.47.0/24 maxlen: 24
195.219.168.0/23 maxlen: 23
195.219.204.0/24 maxlen: 24
195.219.232.0/24 maxlen: 24
195.219.235.0/24 maxlen: 24
195.219.238.0/24 maxlen: 24
195.219.240.0/24 maxlen: 24
195.219.246.0/24 maxlen: 24
195.219.248.0/21 maxlen: 21
195.219.253.0/24 maxlen: 24
2a01:3e0::/29 maxlen: 29
2a01:3e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:34:e5:71:54:34:b1:57:fb:8c:c7:28:56:15:54:e2:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Oct 30 11:34:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7f43ddfde19d31f1fbc2701fe4471583c730dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:20:7c:b7:b0:bd:62:a3:a5:1e:02:f6:31:df:
f6:6d:31:32:3e:cf:fc:12:1f:e2:aa:93:57:6d:ff:
5d:9e:ad:36:65:39:c3:95:69:a1:ff:5f:a3:db:9a:
ad:10:a9:96:41:24:34:6a:67:14:e9:5b:6c:8a:3d:
4a:4a:26:2a:12:10:b6:56:9b:8f:4c:f0:2a:1f:02:
26:8e:ae:d6:f2:8c:b4:4d:4f:17:23:24:4a:ec:7b:
03:ea:a0:83:92:c5:ac:e6:47:89:d8:1b:20:f1:d1:
49:fb:12:91:35:ed:93:b5:a3:b1:0d:34:04:18:e5:
62:91:70:0b:07:b1:30:df:ee:c4:62:27:de:6c:49:
5f:97:74:8b:81:3d:fa:b1:89:d8:2d:6f:35:83:28:
ca:47:e1:84:b5:73:94:cf:d3:12:7f:e8:c6:1b:ed:
71:5a:f3:98:af:65:bb:41:f1:e2:92:b5:f9:68:2e:
1f:f3:4c:d0:a1:47:81:ee:2f:9f:38:94:6f:17:22:
f1:f8:65:5b:ff:bd:66:d2:14:f2:a0:30:b5:5c:36:
d5:e4:dc:94:ac:b7:4c:ee:eb:c6:f8:d0:c8:b2:67:
88:6f:02:bb:83:f2:3b:33:d6:bb:4d:34:4d:4c:37:
09:bf:fa:1a:e3:fe:ba:10:a7:af:a6:8f:6c:49:59:
72:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F4:3D:DF:DE:19:D3:1F:1F:BC:27:01:FE:44:71:58:3C:73:0D:C6
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/9_Q9394Z0x8fvCcB_kRxWDxzDcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.0.0/19
80.231.0.0/16
195.219.0.0/16
IPv6:
2a01:3e0::/29
Signature Algorithm: sha256WithRSAEncryption
35:22:76:0f:06:44:7b:1a:03:e2:6d:af:73:4b:16:46:55:fa:
4b:bd:41:1b:05:ef:3c:06:78:bf:68:28:cf:34:5a:c3:6e:6e:
89:62:3b:30:5d:b3:5a:22:a3:a2:1f:12:27:5e:6b:28:2d:5d:
40:c3:2a:44:c7:04:4a:9d:95:ae:c8:09:d0:e7:30:61:72:95:
8e:38:69:09:8d:55:b9:29:c1:3c:52:3c:46:c3:2c:87:b9:30:
4a:6c:16:a6:af:6e:83:3c:1b:fc:58:30:08:fa:cf:91:0c:07:
18:5b:05:dc:0f:46:00:ac:4e:e0:dc:06:a6:de:d9:23:51:ef:
5d:38:73:e6:11:ea:9f:e5:c5:65:6f:68:5e:c3:34:a1:1a:51:
24:8c:17:48:4d:df:9d:57:de:b6:04:00:a8:28:5d:86:c4:55:
b2:9a:9f:0b:89:0d:e4:7e:51:52:f0:6c:81:c5:b1:56:55:8f:
55:40:ac:6b:ba:31:3a:db:24:72:3a:81:d6:cc:bf:44:e9:c8:
4d:17:5c:81:d0:fc:4a:63:08:6c:0f:4d:37:13:e6:03:9b:02:
15:55:db:02:96:f1:8c:fc:c4:a7:dd:f1:c4:72:40:cb:1b:c9:
ff:92:88:18:45:76:db:03:d6:17:5c:88:e2:10:04:16:95:c2:
0c:a2:0c:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZo05XFUNLFX+4zHKFYVVOL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjUxMDMwMTEzNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Y0M2RkZmRlMTlkMzFmMWZiYzI3MDFmZTQ0NzE1ODNjNzMwZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCB8t7C9YqOlHgL2Md/2bTEyPs/8
Eh/iqpNXbf9dnq02ZTnDlWmh/1+j25qtEKmWQSQ0amcU6Vtsij1KSiYqEhC2VpuP
TPAqHwImjq7W8oy0TU8XIyRK7HsD6qCDksWs5keJ2Bsg8dFJ+xKRNe2TtaOxDTQE
GOVikXALB7Ew3+7EYifebElfl3SLgT36sYnYLW81gyjKR+GEtXOUz9MSf+jGG+1x
WvOYr2W7QfHikrX5aC4f80zQoUeB7i+fOJRvFyLx+GVb/71m0hTyoDC1XDbV5NyU
rLdM7uvG+NDIsmeIbwK7g/I7M9a7TTRNTDcJv/oa4/66EKevpo9sSVlyFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPf0Pd/eGdMfH7wnAf5EcVg8cw3GMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvOV9ROTM5NFoweDhmdkNjQl9rUnhXRHh6RGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAWBAIAATAQAwQFBRcAAwMA
UOcDAwDD2zANBAIAAjAHAwUDKgED4DANBgkqhkiG9w0BAQsFAAOCAQEANSJ2DwZE
exoD4m2vc0sWRlX6S71BGwXvPAZ4v2gozzRaw25uiWI7MF2zWiKjoh8SJ15rKC1d
QMMqRMcESp2VrsgJ0OcwYXKVjjhpCY1VuSnBPFI8RsMsh7kwSmwWpq9ugzwb/Fgw
CPrPkQwHGFsF3A9GAKxO4NwGpt7ZI1HvXThz5hHqn+XFZW9oXsM0oRpRJIwXSE3f
nVfetgQAqChdhsRVspqfC4kN5H5RUvBsgcWxVlWPVUCsa7oxOtskcjqB1sy/ROnI
TRdcgdD8SmMIbA9NNxPmA5sCFVXbApbxjPzEp93xxHJAyxvJ/5KIGEV22wPWF1yI
4hAEFpXCDKIMKg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:54:07 2025 by rpki-client