Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/tsMi9Spmw9ktRAObPVrMvL_NDfM.roa
File: tsMi9Spmw9ktRAObPVrMvL_NDfM.roa (raw, json)
Hash identifier: vcFMvuKcFVt9l1PFw6awejrlsR9MLAnsGRscDdgFGwI=
Subject key identifier: B6:C3:22:F5:2A:66:C3:D9:2D:44:03:9B:3D:5A:CC:BC:BF:CD:0D:F3
Certificate issuer: /CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Certificate serial: 019A4D7F5A301E5EF918E6D1D8BBFF309E23
Authority key identifier: 9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/tsMi9Spmw9ktRAObPVrMvL_NDfM.roa
Signing time: Tue 04 Nov 2025 06:13:03 +0000
ROA not before: Tue 04 Nov 2025 06:13:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43060
IP address blocks: 91.196.76.0/23 maxlen: 24
91.196.77.0/24 maxlen: 24
94.158.48.0/20 maxlen: 20
94.158.48.0/21 maxlen: 21
94.158.56.0/24 maxlen: 24
94.158.57.0/24 maxlen: 24
94.158.58.0/24 maxlen: 24
94.158.59.0/24 maxlen: 24
94.158.60.0/24 maxlen: 24
94.158.61.0/24 maxlen: 24
94.158.62.0/24 maxlen: 24
94.158.63.0/24 maxlen: 24
109.207.243.0/24 maxlen: 24
185.196.216.0/22 maxlen: 22
2a04:1b80::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:7f:5a:30:1e:5e:f9:18:e6:d1:d8:bb:ff:30:9e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Validity
Not Before: Nov 4 06:13:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6c322f52a66c3d92d44039b3d5accbcbfcd0df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8f:7f:cb:b7:c8:5c:81:d8:67:48:92:c3:30:
45:8a:12:fa:29:1c:96:ba:f8:4e:37:1c:d4:71:c8:
f1:5a:64:d1:f9:1d:c6:0c:9a:e0:3f:de:3f:bc:df:
4d:65:22:ee:e3:18:83:48:70:62:34:7d:c3:b4:13:
c1:4f:f0:b8:b1:b7:c6:00:90:83:29:f2:71:cf:4e:
01:1d:e3:5a:96:f5:fe:35:df:9c:77:2e:3a:47:c4:
5a:60:69:ba:57:e4:21:74:1d:1f:2b:e2:73:df:72:
77:66:06:2f:a2:42:c6:77:d3:aa:d4:cc:bd:82:f3:
1a:41:3b:20:71:68:7f:df:dd:7a:f4:fc:cb:ec:a5:
7c:cc:be:32:9e:26:05:70:ba:6c:2a:06:e0:1f:64:
1f:d0:b8:00:58:74:ff:33:9e:69:36:c0:7e:65:9d:
b7:b6:6f:4f:6e:b5:6a:5e:3f:9e:92:27:65:c9:77:
f5:7f:cd:af:9b:f3:0d:86:83:dd:2c:6a:87:ff:ae:
42:91:c0:7a:10:03:67:5d:17:2c:6f:aa:c0:61:6f:
b8:12:58:24:e5:42:16:ac:1b:f6:ec:bf:f8:28:9a:
da:ba:11:db:35:d9:98:0c:47:4e:1e:42:41:c0:53:
bd:d6:50:3e:a0:fa:6a:4f:88:8f:9e:1d:10:91:55:
0c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C3:22:F5:2A:66:C3:D9:2D:44:03:9B:3D:5A:CC:BC:BF:CD:0D:F3
X509v3 Authority Key Identifier:
keyid:9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/tsMi9Spmw9ktRAObPVrMvL_NDfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.76.0/23
94.158.48.0/20
109.207.243.0/24
185.196.216.0/22
IPv6:
2a04:1b80::/32
Signature Algorithm: sha256WithRSAEncryption
19:7a:6d:ef:b1:37:12:1c:0f:da:84:39:c2:b8:06:48:23:b3:
40:b3:52:68:ff:f3:b5:a7:fd:ab:e9:9c:b9:d7:89:c5:fe:ef:
65:53:43:99:a3:6a:30:25:7d:a3:8b:4e:d2:e3:ed:65:81:55:
e6:da:80:81:27:84:6a:f6:ec:fe:c0:c1:3a:99:45:0c:fc:a7:
7f:81:2f:4d:54:e9:e1:e7:e3:39:ad:df:65:40:0c:5c:d4:fe:
c9:0f:bd:a2:b1:db:76:5a:c1:f8:99:8f:7a:b9:e3:09:ec:71:
7d:13:d4:97:61:93:96:78:e6:cf:f4:11:9d:e1:ba:82:a9:dd:
ed:8a:6e:ce:94:0b:5e:4c:a4:26:98:02:67:6e:6d:5b:6c:20:
83:dc:0b:55:ec:c6:78:b2:aa:bf:b9:19:c6:f4:a2:2e:f3:e4:
1f:03:b7:48:7e:92:b1:bf:ed:5f:a4:36:f3:a8:51:b1:6c:7e:
c8:31:dc:36:95:5e:24:41:45:31:4d:31:fd:f7:aa:e4:4f:16:
46:40:dc:ee:23:2b:0b:b3:c6:bf:5e:e9:18:22:b5:0d:de:d3:
52:85:12:1b:9a:e9:e2:d5:40:a0:55:fb:11:71:c8:b4:21:6a:
67:3e:3a:46:c6:cc:75:2b:f9:a6:c5:87:9a:ee:28:4d:f6:86:
1d:9e:4b:85
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZpNf1owHl75GObR2Lv/MJ4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjRhOGI5M2FmOWVhOWNmMThhYWNhNGU3M2YxMTZlYzI2
ZWIzNTcwHhcNMjUxMTA0MDYxMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmMzMjJmNTJhNjZjM2Q5MmQ0NDAzOWIzZDVhY2NiY2JmY2QwZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI9/y7fIXIHYZ0iSwzBFihL6KRyW
uvhONxzUccjxWmTR+R3GDJrgP94/vN9NZSLu4xiDSHBiNH3DtBPBT/C4sbfGAJCD
KfJxz04BHeNalvX+Nd+cdy46R8RaYGm6V+QhdB0fK+Jz33J3ZgYvokLGd9Oq1My9
gvMaQTsgcWh/39169PzL7KV8zL4yniYFcLpsKgbgH2Qf0LgAWHT/M55pNsB+ZZ23
tm9PbrVqXj+ekidlyXf1f82vm/MNhoPdLGqH/65CkcB6EANnXRcsb6rAYW+4Elgk
5UIWrBv27L/4KJrauhHbNdmYDEdOHkJBwFO91lA+oPpqT4iPnh0QkVUMgQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLbDIvUqZsPZLUQDmz1azLy/zQ3zMB8GA1UdIwQY
MBaAFJ+0qLk6+eqc8YqspOc/EW7CbrNXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYt
OGQ2OGViMjBmYmRkLzEvdHNNaTlTcG13OWt0UkFPYlBWck12TF9ORGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYtOGQ2OGViMjBmYmRk
LzEvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8RMAwQE
Xp4wAwQAbc/zAwQCucTYMA0EAgACMAcDBQAqBBuAMA0GCSqGSIb3DQEBCwUAA4IB
AQAZem3vsTcSHA/ahDnCuAZII7NAs1Jo//O1p/2r6Zy514nF/u9lU0OZo2owJX2j
i07S4+1lgVXm2oCBJ4Rq9uz+wME6mUUM/Kd/gS9NVOnh5+M5rd9lQAxc1P7JD72i
sdt2WsH4mY96ueMJ7HF9E9SXYZOWeObP9BGd4bqCqd3tim7OlAteTKQmmAJnbm1b
bCCD3AtV7MZ4sqq/uRnG9KIu8+QfA7dIfpKxv+1fpDbzqFGxbH7IMdw2lV4kQUUx
TTH996rkTxZGQNzuIysLs8a/XukYIrUN3tNShRIbmuni1UCgVfsRcci0IWpnPjpG
xsx1K/mmxYea7ihN9oYdnkuF
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:54:26 2025 by rpki-client