Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/92ecea-3f3c-4baa-834b-126c7b48b847/1/0i_YlSLjNRB30UESNfxOlGgXI04.roa
File: 0i_YlSLjNRB30UESNfxOlGgXI04.roa (raw, json)
Hash identifier: mrgCCvd59tuwyCrIfMNAZk14JnYczApGJpZMZMc86cI=
Subject key identifier: D2:2F:D8:95:22:E3:35:10:77:D1:41:12:35:FC:4E:94:68:17:23:4E
Certificate issuer: /CN=975c9ffa65c3c9b57c549e72cd6dc703005b2e0e
Certificate serial: 019837B7B5A1AB0C68F04563B551CCC99E08
Authority key identifier: 97:5C:9F:FA:65:C3:C9:B5:7C:54:9E:72:CD:6D:C7:03:00:5B:2E:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l1yf-mXDybV8VJ5yzW3HAwBbLg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/92ecea-3f3c-4baa-834b-126c7b48b847/1/0i_YlSLjNRB30UESNfxOlGgXI04.roa
Signing time: Wed 23 Jul 2025 14:37:23 +0000
ROA not before: Wed 23 Jul 2025 14:37:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29196
IP address blocks: 91.239.112.0/24 maxlen: 24
195.69.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/92ecea-3f3c-4baa-834b-126c7b48b847/1/l1yf-mXDybV8VJ5yzW3HAwBbLg4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/92ecea-3f3c-4baa-834b-126c7b48b847/1/l1yf-mXDybV8VJ5yzW3HAwBbLg4.mft
rsync://rpki.ripe.net/repository/DEFAULT/l1yf-mXDybV8VJ5yzW3HAwBbLg4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:b7:b5:a1:ab:0c:68:f0:45:63:b5:51:cc:c9:9e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=975c9ffa65c3c9b57c549e72cd6dc703005b2e0e
Validity
Not Before: Jul 23 14:37:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d22fd89522e3351077d1411235fc4e946817234e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:82:35:27:a1:0b:01:09:b7:86:f3:02:37:03:
ed:2d:83:4a:ff:bf:1c:b5:66:fa:a1:43:58:5b:1a:
50:1b:f5:10:bc:a4:7f:a7:5e:37:f1:b1:f0:47:38:
56:42:19:99:90:67:63:cd:72:3e:51:b6:8d:d9:b4:
e1:44:d6:48:a7:17:a4:d9:5e:8b:86:16:9e:ed:8a:
c4:e0:7b:62:fa:81:cf:b7:32:ab:0f:ce:c2:ae:a3:
7e:12:d2:ff:37:ed:c6:86:cb:28:4c:a8:31:49:92:
74:0d:c3:22:67:f8:5f:58:d5:74:ad:03:1d:d9:d7:
6d:45:54:27:fb:8f:35:45:e4:82:b2:47:bf:26:2d:
f5:2e:11:28:63:8f:98:95:0b:18:53:8f:3e:09:58:
d4:d7:0c:3b:a4:c9:54:58:96:0f:f6:52:29:24:98:
b0:fb:c8:3e:d0:ba:bb:ed:b3:d3:0b:19:f7:22:ef:
3d:7f:9d:b4:f2:50:01:bf:a4:1c:e6:79:21:fb:21:
85:04:8e:5e:ef:8c:cb:24:bc:09:02:03:6c:bd:eb:
1c:81:e9:a1:87:20:ad:52:52:df:01:ba:46:f8:8b:
56:f6:fe:1c:6e:4e:45:26:99:36:2c:b7:2e:9a:56:
1f:8b:1a:56:b4:00:86:ea:09:a9:6a:c1:ca:41:7e:
6d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2F:D8:95:22:E3:35:10:77:D1:41:12:35:FC:4E:94:68:17:23:4E
X509v3 Authority Key Identifier:
keyid:97:5C:9F:FA:65:C3:C9:B5:7C:54:9E:72:CD:6D:C7:03:00:5B:2E:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1yf-mXDybV8VJ5yzW3HAwBbLg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/92ecea-3f3c-4baa-834b-126c7b48b847/1/0i_YlSLjNRB30UESNfxOlGgXI04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/92ecea-3f3c-4baa-834b-126c7b48b847/1/l1yf-mXDybV8VJ5yzW3HAwBbLg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.112.0/24
195.69.216.0/22
Signature Algorithm: sha256WithRSAEncryption
45:07:7a:ac:b7:fc:fa:bf:58:c7:a9:ca:bf:5c:19:b9:35:53:
2e:12:ff:c9:76:71:72:b2:6f:0b:4d:cf:de:eb:63:37:b5:b5:
2c:29:20:00:6d:40:15:ce:df:d6:98:0b:27:d2:c6:d7:e6:fa:
c1:6b:6c:f4:58:4f:89:e3:a4:34:5c:9a:e7:60:55:16:3d:4f:
02:7d:d8:20:bf:28:0d:46:cc:66:99:9d:8a:97:0e:e2:34:13:
f2:78:ea:9b:01:e2:a5:c7:8f:30:8b:ef:17:2a:91:a1:18:08:
39:b7:8d:d9:a2:09:17:10:8b:7e:57:29:c7:e3:fe:18:b1:46:
65:24:86:2f:44:f3:f9:2a:3b:62:a2:44:da:e5:c9:4f:f7:ee:
a5:09:18:3e:0a:31:79:4a:0e:83:04:c8:3e:63:1b:f5:18:7b:
6b:44:9d:f3:f9:b3:3f:42:36:5e:bd:b2:5f:fd:d3:48:47:df:
eb:dc:8e:15:12:87:61:86:7a:87:bb:a6:9c:7b:2b:53:6a:73:
c2:87:31:22:34:74:ba:90:a2:01:94:03:67:7f:2a:bf:da:e4:
93:3b:5e:e9:08:dc:2c:d5:bf:f2:04:05:ec:df:6b:20:38:99:
d8:3b:cc:7f:a0:a4:88:ec:57:70:b1:1b:78:18:dc:91:9c:50:
f7:a7:29:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZg3t7Whqwxo8EVjtVHMyZ4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NWM5ZmZhNjVjM2M5YjU3YzU0OWU3MmNkNmRjNzAzMDA1
YjJlMGUwHhcNMjUwNzIzMTQzNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJmZDg5NTIyZTMzNTEwNzdkMTQxMTIzNWZjNGU5NDY4MTcyMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYI1J6ELAQm3hvMCNwPtLYNK/78c
tWb6oUNYWxpQG/UQvKR/p1438bHwRzhWQhmZkGdjzXI+UbaN2bThRNZIpxek2V6L
hhae7YrE4Hti+oHPtzKrD87CrqN+EtL/N+3GhssoTKgxSZJ0DcMiZ/hfWNV0rQMd
2ddtRVQn+481ReSCske/Ji31LhEoY4+YlQsYU48+CVjU1ww7pMlUWJYP9lIpJJiw
+8g+0Lq77bPTCxn3Iu89f5208lABv6Qc5nkh+yGFBI5e74zLJLwJAgNsvescgemh
hyCtUlLfAbpG+ItW9v4cbk5FJpk2LLcumlYfixpWtACG6gmpasHKQX5tSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNIv2JUi4zUQd9FBEjX8TpRoFyNOMB8GA1UdIwQY
MBaAFJdcn/plw8m1fFSecs1txwMAWy4OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDF5Zi1tWER5YlY4Vko1eXpXM0hBd0JiTGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85MmVjZWEtM2YzYy00YmFhLTgzNGIt
MTI2YzdiNDhiODQ3LzEvMGlfWWxTTGpOUkIzMFVFU05meE9sR2dYSTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85MmVjZWEtM2YzYy00YmFhLTgzNGItMTI2YzdiNDhiODQ3
LzEvbDF5Zi1tWER5YlY4Vko1eXpXM0hBd0JiTGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+9wAwQC
w0XYMA0GCSqGSIb3DQEBCwUAA4IBAQBFB3qst/z6v1jHqcq/XBm5NVMuEv/JdnFy
sm8LTc/e62M3tbUsKSAAbUAVzt/WmAsn0sbX5vrBa2z0WE+J46Q0XJrnYFUWPU8C
fdggvygNRsxmmZ2Klw7iNBPyeOqbAeKlx48wi+8XKpGhGAg5t43ZogkXEIt+VynH
4/4YsUZlJIYvRPP5KjtiokTa5clP9+6lCRg+CjF5Sg6DBMg+Yxv1GHtrRJ3z+bM/
QjZevbJf/dNIR9/r3I4VEodhhnqHu6aceytTanPChzEiNHS6kKIBlANnfyq/2uST
O17pCNws1b/yBAXs32sgOJnYO8x/oKSI7FdwsRt4GNyRnFD3pymr
-----END CERTIFICATE-----
Generated at Sun Aug 10 20:59:51 2025 by rpki-client