
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/j9WZYSGRdVfvzLNu1mDZtYatwaY.roa
File: j9WZYSGRdVfvzLNu1mDZtYatwaY.roa (raw, json)
Hash identifier: nUy51L/tmtGCGiZiltuVFci4bpVMC+ZdBO8uYz2YP0g=
Subject key identifier: 8F:D5:99:61:21:91:75:57:EF:CC:B3:6E:D6:60:D9:B5:86:AD:C1:A6
Certificate issuer: /CN=e58024b729d99f05133ec6d14390c73eb36db99e
Certificate serial: 01986142904210E77E54EF68C96361FF43AA
Authority key identifier: E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/j9WZYSGRdVfvzLNu1mDZtYatwaY.roa
Signing time: Thu 31 Jul 2025 16:13:28 +0000
ROA not before: Thu 31 Jul 2025 16:13:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208905
IP address blocks: 80.91.84.0/23 maxlen: 24
81.2.144.0/22 maxlen: 24
81.2.188.0/23 maxlen: 24
213.146.169.0/24 maxlen: 24
213.146.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:61:42:90:42:10:e7:7e:54:ef:68:c9:63:61:ff:43:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e58024b729d99f05133ec6d14390c73eb36db99e
Validity
Not Before: Jul 31 16:13:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fd5996121917557efccb36ed660d9b586adc1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:50:4b:0c:de:66:f3:78:ae:71:36:ac:fb:41:
6d:dd:d5:b5:9e:f8:07:f3:61:4b:84:4c:8d:a4:d9:
e9:47:87:6b:bf:74:e8:64:7e:b7:c8:02:65:10:93:
17:bd:96:cd:97:e8:cc:76:15:9e:ef:43:ad:ec:91:
5c:a1:1c:e0:cb:80:55:2a:e6:69:47:ac:c5:3a:fd:
cd:c2:9c:52:9c:0a:4c:45:39:6a:05:95:d3:f4:07:
ef:1d:a3:e7:79:1b:03:5f:2e:3f:0f:25:0d:b9:21:
de:62:6c:40:de:1b:49:89:3e:37:9f:b3:ea:28:dc:
77:30:4c:11:8e:76:38:c3:37:de:fa:7a:91:31:3d:
be:36:58:c6:91:a5:02:17:b0:b1:46:16:b9:25:6e:
7b:dd:ed:6a:ca:ba:cf:d3:c0:e1:e2:0a:58:80:14:
ba:62:6d:00:d1:cd:0e:29:ad:6b:20:90:be:58:ff:
28:70:8f:a6:51:20:22:81:0f:66:16:7b:92:06:93:
01:84:37:07:4e:f4:7e:06:57:67:43:e1:12:af:51:
dc:e1:e9:29:1a:8e:51:8a:56:5e:6b:2a:00:76:fc:
f9:62:91:59:7e:f5:f4:36:c2:77:e3:d8:61:8c:c7:
1e:9c:0a:1d:19:61:98:e6:67:72:2b:07:81:27:aa:
11:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D5:99:61:21:91:75:57:EF:CC:B3:6E:D6:60:D9:B5:86:AD:C1:A6
X509v3 Authority Key Identifier:
keyid:E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/j9WZYSGRdVfvzLNu1mDZtYatwaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.84.0/23
81.2.144.0/22
81.2.188.0/23
213.146.169.0-213.146.170.255
Signature Algorithm: sha256WithRSAEncryption
34:59:b8:0b:6b:0d:d6:b2:cb:49:7c:82:15:bb:c1:5a:61:e4:
f7:3f:6c:8d:13:69:d1:76:54:8a:08:fc:4a:60:f9:0b:db:c8:
27:5d:61:8c:0d:8d:b8:21:84:f9:68:22:a3:35:d6:29:34:c9:
68:a2:b4:f4:08:49:a5:a9:be:21:56:70:ae:e0:6e:a1:1e:78:
a2:4e:df:4c:ea:01:95:50:61:05:5d:e5:15:0b:16:36:1c:eb:
a1:6c:6d:92:11:63:6e:89:3e:b2:b0:3d:6e:7d:c4:52:e7:ae:
1b:0a:9c:b8:3d:f1:99:0d:4b:2d:58:7f:a0:01:df:c4:93:46:
e0:ee:e5:cb:d4:99:a2:c9:c4:1c:86:b7:30:0a:29:ff:e6:aa:
93:98:2d:b1:24:1d:5d:92:41:2e:10:62:31:11:c9:d2:b8:34:
4e:b3:4e:2a:5b:67:6f:83:43:ee:90:71:fa:1c:7d:8f:22:89:
52:27:01:15:ac:34:16:46:00:2f:58:24:1e:17:39:4d:57:b3:
bd:27:52:57:8c:f8:b0:d4:8b:d7:3d:ab:fb:cb:10:a8:bc:29:
12:8b:a0:79:11:4d:3d:d0:73:d5:72:64:ec:44:ac:7b:cd:61:
65:bb:b2:72:0b:b8:98:63:fd:98:fc:ff:00:17:0a:04:af:98:
1c:e3:bc:94
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZhhQpBCEOd+VO9oyWNh/0OqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODAyNGI3MjlkOTlmMDUxMzNlYzZkMTQzOTBjNzNlYjM2
ZGI5OWUwHhcNMjUwNzMxMTYxMzI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQ1OTk2MTIxOTE3NTU3ZWZjY2IzNmVkNjYwZDliNTg2YWRjMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFBLDN5m83iucTas+0Ft3dW1nvgH
82FLhEyNpNnpR4drv3ToZH63yAJlEJMXvZbNl+jMdhWe70Ot7JFcoRzgy4BVKuZp
R6zFOv3NwpxSnApMRTlqBZXT9AfvHaPneRsDXy4/DyUNuSHeYmxA3htJiT43n7Pq
KNx3MEwRjnY4wzfe+nqRMT2+NljGkaUCF7CxRha5JW573e1qyrrP08Dh4gpYgBS6
Ym0A0c0OKa1rIJC+WP8ocI+mUSAigQ9mFnuSBpMBhDcHTvR+BldnQ+ESr1Hc4ekp
Go5RilZeayoAdvz5YpFZfvX0NsJ349hhjMcenAodGWGY5mdyKweBJ6oRdQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI/VmWEhkXVX78yzbtZg2bWGrcGmMB8GA1UdIwQY
MBaAFOWAJLcp2Z8FEz7G0UOQxz6zbbmeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQt
OTU2ZjZiNWM2MTcwLzEvajlXWllTR1JkVmZ2ekxOdTFtRFp0WWF0d2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQtOTU2ZjZiNWM2MTcw
LzEvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBUFtUAwQC
UQKQAwQBUQK8MAwDBADVkqkDBADVkqowDQYJKoZIhvcNAQELBQADggEBADRZuAtr
Ddayy0l8ghW7wVph5Pc/bI0TadF2VIoI/Epg+QvbyCddYYwNjbghhPloIqM11ik0
yWiitPQISaWpviFWcK7gbqEeeKJO30zqAZVQYQVd5RULFjYc66FsbZIRY26JPrKw
PW59xFLnrhsKnLg98ZkNSy1Yf6AB38STRuDu5cvUmaLJxByGtzAKKf/mqpOYLbEk
HV2SQS4QYjERydK4NE6zTipbZ2+DQ+6QcfocfY8iiVInARWsNBZGAC9YJB4XOU1X
s70nUleM+LDUi9c9q/vLEKi8KRKLoHkRTT3Qc9VyZOxErHvNYWW7snILuJhj/Zj8
/wAXCgSvmBzjvJQ=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:12:33 2025 by rpki-client