Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/9rXFP--lxmX7iHGh7HVsJ9PUPS8.roa
File: 9rXFP--lxmX7iHGh7HVsJ9PUPS8.roa (raw, json)
Hash identifier: xRkVXBq99M1ki5WFm8xjsUq6rF/BGplKNymIGwJhLL8=
Subject key identifier: F6:B5:C5:3F:EF:A5:C6:65:FB:88:71:A1:EC:75:6C:27:D3:D4:3D:2F
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0198760534B2D3DA931A112343E741459CD5
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/9rXFP--lxmX7iHGh7HVsJ9PUPS8.roa
Signing time: Mon 04 Aug 2025 16:58:29 +0000
ROA not before: Mon 04 Aug 2025 16:58:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 213.145.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:76:05:34:b2:d3:da:93:1a:11:23:43:e7:41:45:9c:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Aug 4 16:58:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6b5c53fefa5c665fb8871a1ec756c27d3d43d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:84:ff:a5:ec:76:6f:ae:72:0f:c6:62:74:e1:
92:67:8a:96:cd:30:45:1e:da:ee:03:3d:5f:7b:9b:
b1:14:9f:36:dd:a0:67:71:3e:22:8b:96:a9:f8:d1:
4d:84:78:50:ea:21:19:1a:22:fd:38:55:dd:85:67:
7d:ee:a0:b6:41:49:f5:89:65:35:dd:ea:8a:39:1d:
dc:f4:15:b3:37:00:00:fd:80:f6:79:fc:e0:18:ed:
ae:78:a8:5a:2e:b3:55:79:28:4a:85:31:f8:43:35:
c0:12:8d:a5:f5:44:f0:33:85:20:23:9b:a9:56:7f:
e8:44:8e:d6:a1:d8:f6:35:08:b2:85:8a:75:a1:e1:
99:79:84:44:48:3b:06:08:9a:fd:b7:1f:d4:1f:d9:
6f:1f:cd:55:9f:78:33:30:2e:19:39:29:0c:37:fe:
f0:7d:57:1e:46:6c:25:f9:67:e8:7e:53:ba:90:ce:
f8:72:1e:42:ad:f4:1b:10:51:be:53:0f:da:ce:05:
13:d2:11:40:42:0d:57:64:25:54:7d:82:2e:b9:24:
ba:fc:48:0a:a7:46:7d:30:0e:a0:d1:75:3b:97:67:
cd:eb:22:2a:de:d7:aa:57:69:55:6c:d4:95:49:ed:
97:cf:29:a6:eb:02:9e:01:7b:bb:ee:91:4d:fa:d4:
74:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B5:C5:3F:EF:A5:C6:65:FB:88:71:A1:EC:75:6C:27:D3:D4:3D:2F
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/9rXFP--lxmX7iHGh7HVsJ9PUPS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.66.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:00:4b:5c:15:4c:3b:dd:11:45:75:f5:f1:45:1a:e9:e4:5b:
03:42:ef:f5:0f:89:bf:63:5a:a2:64:5e:e6:1e:76:bf:55:cd:
59:59:54:f7:81:ba:d3:73:be:e3:31:81:3b:0d:d3:8e:d6:b8:
37:98:a0:ae:b4:dd:78:87:53:6b:f2:1b:19:f7:e4:31:a3:5f:
d9:2b:de:38:0d:31:80:84:ec:fc:f6:e6:6c:6b:37:7c:8e:b1:
2a:76:ed:7a:8c:84:b2:6d:6e:a3:67:30:e0:cc:7d:0b:1a:ca:
8d:7c:eb:b9:d3:c5:54:8b:44:de:81:9c:f2:8c:f1:fe:7e:f3:
d8:42:70:6c:78:e5:bb:9f:fe:9e:b4:b2:28:a1:28:fc:6e:36:
df:06:e9:ce:7f:05:0e:9c:e3:6c:be:5b:80:ea:86:59:d4:6c:
20:ee:1d:25:16:29:84:0f:aa:22:11:8c:2a:4a:05:a9:75:a8:
28:6c:51:39:e2:7a:73:51:96:57:ca:57:ea:61:bf:33:a7:df:
7a:15:bf:59:c5:7d:48:9f:0a:69:e0:47:b4:0f:8e:0a:ac:bf:
33:83:ea:17:e3:e2:fa:45:05:11:24:df:e6:d4:99:62:37:9c:
1d:53:e8:5f:ba:e4:85:78:ab:1e:91:4e:f5:fa:f7:f1:a4:93:
db:2e:52:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZh2BTSy09qTGhEjQ+dBRZzVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwODA0MTY1ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmI1YzUzZmVmYTVjNjY1ZmI4ODcxYTFlYzc1NmMyN2QzZDQzZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoT/pex2b65yD8ZidOGSZ4qWzTBF
HtruAz1fe5uxFJ823aBncT4ii5ap+NFNhHhQ6iEZGiL9OFXdhWd97qC2QUn1iWU1
3eqKOR3c9BWzNwAA/YD2efzgGO2ueKhaLrNVeShKhTH4QzXAEo2l9UTwM4UgI5up
Vn/oRI7Wodj2NQiyhYp1oeGZeYRESDsGCJr9tx/UH9lvH81Vn3gzMC4ZOSkMN/7w
fVceRmwl+WfoflO6kM74ch5CrfQbEFG+Uw/azgUT0hFAQg1XZCVUfYIuuSS6/EgK
p0Z9MA6g0XU7l2fN6yIq3teqV2lVbNSVSe2Xzymm6wKeAXu77pFN+tR03QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPa1xT/vpcZl+4hxoex1bCfT1D0vMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvOXJYRlAtLWx4bVg3aUhHaDdIVnNKOVBVUFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZFCMA0G
CSqGSIb3DQEBCwUAA4IBAQBcAEtcFUw73RFFdfXxRRrp5FsDQu/1D4m/Y1qiZF7m
Hna/Vc1ZWVT3gbrTc77jMYE7DdOO1rg3mKCutN14h1Nr8hsZ9+Qxo1/ZK944DTGA
hOz89uZsazd8jrEqdu16jISybW6jZzDgzH0LGsqNfOu508VUi0TegZzyjPH+fvPY
QnBseOW7n/6etLIooSj8bjbfBunOfwUOnONsvluA6oZZ1Gwg7h0lFimED6oiEYwq
SgWpdagobFE54npzUZZXylfqYb8zp996Fb9ZxX1Inwpp4Ee0D44KrL8zg+oX4+L6
RQURJN/m1JliN5wdU+hfuuSFeKsekU71+vfxpJPbLlLQ
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:43:43 2025 by rpki-client