Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/0i9rX2feVpxn00o6Ok1LCwfKG9s.roa
File: 0i9rX2feVpxn00o6Ok1LCwfKG9s.roa (raw, json)
Hash identifier: CXVbkTnTW3iOhYJS4A/hhGnO0DbUsClXOzGNTAyAP1Q=
Subject key identifier: D2:2F:6B:5F:67:DE:56:9C:67:D3:4A:3A:3A:4D:4B:0B:07:CA:1B:DB
Certificate issuer: /CN=88fb410a3bfc7340b667b4f221c7cb806267896e
Certificate serial: 019A48B91FAE2C9CEFA7C1722C116677C999
Authority key identifier: 88:FB:41:0A:3B:FC:73:40:B6:67:B4:F2:21:C7:CB:80:62:67:89:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPtBCjv8c0C2Z7TyIcfLgGJniW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/0i9rX2feVpxn00o6Ok1LCwfKG9s.roa
Signing time: Mon 03 Nov 2025 07:58:03 +0000
ROA not before: Mon 03 Nov 2025 07:58:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205399
IP address blocks: 141.98.116.0/24 maxlen: 24
141.98.117.0/24 maxlen: 24
141.98.118.0/24 maxlen: 24
141.98.119.0/24 maxlen: 24
194.26.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/iPtBCjv8c0C2Z7TyIcfLgGJniW4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/iPtBCjv8c0C2Z7TyIcfLgGJniW4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iPtBCjv8c0C2Z7TyIcfLgGJniW4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:b9:1f:ae:2c:9c:ef:a7:c1:72:2c:11:66:77:c9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88fb410a3bfc7340b667b4f221c7cb806267896e
Validity
Not Before: Nov 3 07:58:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d22f6b5f67de569c67d34a3a3a4d4b0b07ca1bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b4:c5:73:50:6b:51:cf:b3:35:75:98:9f:63:
cf:44:20:fe:be:c8:1b:0e:11:a1:7f:b2:6b:bb:da:
f0:fe:9c:ea:5c:bc:b1:94:d6:33:fa:3c:f4:d3:bb:
8e:38:a8:93:ee:08:e6:e4:45:7c:4a:b0:9b:b8:96:
70:89:2e:18:61:47:7b:6c:37:e7:0e:ee:59:c0:2f:
3e:66:22:8a:9f:fc:07:11:88:95:28:5e:49:b2:ff:
91:c4:53:bd:68:5c:71:9a:0f:37:14:80:9a:20:99:
f6:33:ce:96:fd:09:3d:0c:21:ea:89:24:aa:d8:5f:
a1:96:46:19:9f:1c:3f:f0:b4:c2:fa:90:0e:a3:0a:
93:cc:74:37:5f:20:e4:09:91:b0:a8:a0:a3:de:87:
d1:3d:c8:41:35:d0:ae:d0:0a:6c:9a:1a:2e:67:a1:
39:fe:6f:03:ba:a1:66:a7:44:72:2f:55:79:82:b7:
34:ee:98:ed:3b:41:21:24:ae:c2:23:eb:ad:f9:ff:
7f:1d:08:97:67:d8:74:2b:eb:c4:b8:03:50:02:6d:
ba:28:6d:28:ea:8f:e4:ba:1f:d6:36:c2:2d:14:04:
b0:23:31:b8:c1:35:71:22:d4:83:24:a2:24:0a:2f:
25:9c:7b:14:bb:6d:6e:89:0b:24:82:8b:e7:36:e9:
74:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2F:6B:5F:67:DE:56:9C:67:D3:4A:3A:3A:4D:4B:0B:07:CA:1B:DB
X509v3 Authority Key Identifier:
keyid:88:FB:41:0A:3B:FC:73:40:B6:67:B4:F2:21:C7:CB:80:62:67:89:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPtBCjv8c0C2Z7TyIcfLgGJniW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/0i9rX2feVpxn00o6Ok1LCwfKG9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/44624f-231d-466c-bb02-b38c80951981/1/iPtBCjv8c0C2Z7TyIcfLgGJniW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.116.0/22
194.26.109.0/24
Signature Algorithm: sha256WithRSAEncryption
90:42:fa:23:53:00:f6:55:ce:a1:e2:6a:cc:d8:8a:1e:fe:cd:
b1:a2:62:5b:bb:2b:09:6b:a9:4e:bd:d8:0d:3b:48:71:20:04:
0e:6a:24:0d:27:19:a3:54:4b:48:c8:7a:4a:88:1e:df:4a:ca:
1a:c5:09:0c:cd:f6:72:24:4c:91:62:f5:09:ec:a5:90:dc:67:
e8:10:23:2f:95:ad:09:6b:5f:b1:b3:f8:52:ab:51:f1:1b:ac:
8c:a4:45:81:a3:81:25:dd:ef:34:cf:74:4d:ad:be:08:57:fb:
9d:7f:35:87:25:75:06:ee:2c:33:f8:f7:5c:bc:6e:91:5e:2c:
18:41:a8:c6:63:6e:f3:1a:6a:6d:95:0b:ce:76:10:96:d5:f0:
37:35:cd:92:9a:b3:da:af:80:c8:79:11:a7:86:4f:cf:f0:fd:
8d:5a:be:bc:85:e4:23:97:34:e7:e0:09:4c:af:44:2d:82:d1:
fe:c2:4d:30:74:c1:f8:f8:34:33:74:6e:8a:09:b8:66:6b:cc:
a3:91:00:fa:fe:37:ae:6a:37:01:01:28:43:68:c0:98:70:e2:
47:89:1e:3f:10:40:6e:ce:d9:fb:2b:5f:b8:00:c3:8e:90:0e:
31:06:6d:79:21:4c:1b:34:d8:5b:cd:fd:a8:92:aa:b8:68:b0:
c4:f5:79:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpIuR+uLJzvp8FyLBFmd8mZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmI0MTBhM2JmYzczNDBiNjY3YjRmMjIxYzdjYjgwNjI2
Nzg5NmUwHhcNMjUxMTAzMDc1ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJmNmI1ZjY3ZGU1NjljNjdkMzRhM2EzYTRkNGIwYjA3Y2ExYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7TFc1BrUc+zNXWYn2PPRCD+vsgb
DhGhf7Jru9rw/pzqXLyxlNYz+jz007uOOKiT7gjm5EV8SrCbuJZwiS4YYUd7bDfn
Du5ZwC8+ZiKKn/wHEYiVKF5Jsv+RxFO9aFxxmg83FICaIJn2M86W/Qk9DCHqiSSq
2F+hlkYZnxw/8LTC+pAOowqTzHQ3XyDkCZGwqKCj3ofRPchBNdCu0ApsmhouZ6E5
/m8DuqFmp0RyL1V5grc07pjtO0EhJK7CI+ut+f9/HQiXZ9h0K+vEuANQAm26KG0o
6o/kuh/WNsItFASwIzG4wTVxItSDJKIkCi8lnHsUu21uiQskgovnNul0pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNIva19n3lacZ9NKOjpNSwsHyhvbMB8GA1UdIwQY
MBaAFIj7QQo7/HNAtme08iHHy4BiZ4luMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVB0QkNqdjhjMEMyWjdUeUljZkxnR0puaVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80NDYyNGYtMjMxZC00NjZjLWJiMDIt
YjM4YzgwOTUxOTgxLzEvMGk5clgyZmVWcHhuMDBvNk9rMUxDd2ZLRzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80NDYyNGYtMjMxZC00NjZjLWJiMDItYjM4YzgwOTUxOTgx
LzEvaVB0QkNqdjhjMEMyWjdUeUljZkxnR0puaVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCjWJ0AwQA
whptMA0GCSqGSIb3DQEBCwUAA4IBAQCQQvojUwD2Vc6h4mrM2Ioe/s2xomJbuysJ
a6lOvdgNO0hxIAQOaiQNJxmjVEtIyHpKiB7fSsoaxQkMzfZyJEyRYvUJ7KWQ3Gfo
ECMvla0Ja1+xs/hSq1HxG6yMpEWBo4El3e80z3RNrb4IV/udfzWHJXUG7iwz+Pdc
vG6RXiwYQajGY27zGmptlQvOdhCW1fA3Nc2SmrPar4DIeRGnhk/P8P2NWr68heQj
lzTn4AlMr0QtgtH+wk0wdMH4+DQzdG6KCbhma8yjkQD6/jeuajcBAShDaMCYcOJH
iR4/EEBuztn7K1+4AMOOkA4xBm15IUwbNNhbzf2okqq4aLDE9XnH
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:56:14 2025 by rpki-client