Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/mygN9EXv15Mv_R2x5EM_di5X8p4.roa
File: mygN9EXv15Mv_R2x5EM_di5X8p4.roa (raw, json)
Hash identifier: +hnEnqUqGPQ5/+etnnWXKfILgh8ttS98q0vUC8Q5rns=
Subject key identifier: 9B:28:0D:F4:45:EF:D7:93:2F:FD:1D:B1:E4:43:3F:76:2E:57:F2:9E
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01985A78E4A455FD85D36B151E038F87921A
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/mygN9EXv15Mv_R2x5EM_di5X8p4.roa
Signing time: Wed 30 Jul 2025 08:35:29 +0000
ROA not before: Wed 30 Jul 2025 08:35:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41272
IP address blocks: 46.165.64.0/18 maxlen: 18
80.185.0.0/16 maxlen: 16
188.7.0.0/16 maxlen: 16
2a00:8380::/32 maxlen: 32
2a04:800:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:78:e4:a4:55:fd:85:d3:6b:15:1e:03:8f:87:92:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jul 30 08:35:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b280df445efd7932ffd1db1e4433f762e57f29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7b:fb:a7:19:5c:71:d9:90:5c:5c:60:75:a4:
aa:69:8f:c0:02:c1:79:7c:6d:7f:4b:49:c4:62:3f:
f5:47:1f:1f:9c:c8:78:ea:cb:6b:43:fa:5e:e3:0f:
d9:6f:de:84:b7:e6:0d:0d:86:31:df:bf:33:b2:86:
2a:bb:4f:32:c5:73:1e:62:ce:cb:1b:f7:7f:91:f7:
cb:8e:95:69:11:80:d6:ce:09:64:88:9a:12:14:0a:
72:e8:89:7a:f2:18:2f:e2:2b:3b:d7:d0:a4:33:3c:
e4:39:e8:d7:f9:fc:c2:bd:23:90:72:30:11:39:aa:
66:8b:ac:89:8e:1a:bc:ad:38:8b:bd:0f:e3:27:5d:
74:42:1b:59:73:28:42:52:9f:cd:d1:9f:84:b1:10:
75:e3:44:b3:3d:e8:86:49:c1:40:bd:8a:71:dc:f7:
cc:94:53:a2:3a:fd:c4:54:80:9a:a0:59:17:8e:e8:
3e:7c:71:7a:ed:30:72:6f:51:5a:6c:c8:0e:c3:66:
51:ba:69:5d:62:a4:ad:93:b6:ef:63:ec:4e:64:35:
b0:87:72:7b:0d:6a:f6:8d:0a:a2:09:e8:53:9e:c4:
a0:48:9e:08:cd:00:9c:21:27:38:4c:12:0d:20:b6:
0f:49:5b:3f:03:e4:7a:0c:2b:28:e2:65:a4:40:2d:
6d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:28:0D:F4:45:EF:D7:93:2F:FD:1D:B1:E4:43:3F:76:2E:57:F2:9E
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/mygN9EXv15Mv_R2x5EM_di5X8p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.165.64.0/18
80.185.0.0/16
188.7.0.0/16
IPv6:
2a00:8380::/32
2a04:800:6000::/36
Signature Algorithm: sha256WithRSAEncryption
5e:02:e5:91:ad:78:3a:b2:62:ed:9b:a5:93:bb:78:01:d8:ba:
72:bc:6a:b8:35:69:c0:3e:61:6d:98:e1:2a:51:47:0d:a1:1b:
d2:b1:af:40:57:3d:eb:18:2f:12:ec:33:73:8e:44:18:b6:03:
79:c3:1c:53:cd:9b:68:3e:1a:d0:a8:f1:7e:cb:0e:13:40:d1:
19:6a:20:7e:2a:fd:b4:a1:0e:15:df:4d:43:11:c2:ba:14:34:
ba:90:03:67:88:a8:1b:26:df:17:02:91:fb:ae:74:c0:ea:8a:
66:90:f1:35:27:95:7a:a1:17:f7:e7:d7:be:ed:32:b7:4f:e3:
a4:3e:58:09:ba:86:39:26:ed:0f:c2:6d:66:57:02:66:f0:d5:
9a:e7:89:55:8a:32:63:76:35:f4:57:0e:a1:8a:67:c3:2f:eb:
65:b7:8b:06:52:e5:8e:35:8b:b9:6f:20:c9:58:f0:78:74:44:
ac:eb:8e:64:33:8c:15:5f:23:2e:c4:da:a2:da:e2:db:3d:94:
2c:04:d7:ec:4d:a7:f3:1a:8b:cb:94:5e:6a:b5:9c:2a:db:00:
45:55:f1:95:c8:3f:96:85:f7:3e:88:46:29:1d:7f:59:cd:50:
05:65:64:f6:ca:7b:eb:af:a8:a1:5d:db:b6:53:cc:c2:ab:ae:
e9:5f:9d:5a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZhaeOSkVf2F02sVHgOPh5IaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwNzMwMDgzNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjI4MGRmNDQ1ZWZkNzkzMmZmZDFkYjFlNDQzM2Y3NjJlNTdmMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXv7pxlccdmQXFxgdaSqaY/AAsF5
fG1/S0nEYj/1Rx8fnMh46strQ/pe4w/Zb96Et+YNDYYx378zsoYqu08yxXMeYs7L
G/d/kffLjpVpEYDWzglkiJoSFApy6Il68hgv4is719CkMzzkOejX+fzCvSOQcjAR
Oapmi6yJjhq8rTiLvQ/jJ110QhtZcyhCUp/N0Z+EsRB140SzPeiGScFAvYpx3PfM
lFOiOv3EVICaoFkXjug+fHF67TByb1FabMgOw2ZRumldYqStk7bvY+xOZDWwh3J7
DWr2jQqiCehTnsSgSJ4IzQCcISc4TBINILYPSVs/A+R6DCso4mWkQC1tIQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJsoDfRF79eTL/0dseRDP3YuV/KeMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvbXlnTjlFWHYxNU12X1IyeDVFTV9kaTVYOHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAWBAIAATAQAwQGLqVAAwMA
ULkDAwC8BzAVBAIAAjAPAwUAKgCDgAMGBCoECABgMA0GCSqGSIb3DQEBCwUAA4IB
AQBeAuWRrXg6smLtm6WTu3gB2LpyvGq4NWnAPmFtmOEqUUcNoRvSsa9AVz3rGC8S
7DNzjkQYtgN5wxxTzZtoPhrQqPF+yw4TQNEZaiB+Kv20oQ4V301DEcK6FDS6kANn
iKgbJt8XApH7rnTA6opmkPE1J5V6oRf359e+7TK3T+OkPlgJuoY5Ju0Pwm1mVwJm
8NWa54lVijJjdjX0Vw6himfDL+tlt4sGUuWONYu5byDJWPB4dESs645kM4wVXyMu
xNqi2uLbPZQsBNfsTafzGovLlF5qtZwq2wBFVfGVyD+Whfc+iEYpHX9ZzVAFZWT2
ynvrr6ihXdu2U8zCq67pX51a
-----END CERTIFICATE-----
Generated at Fri Aug 8 19:38:56 2025 by rpki-client