Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/D9Tgl1iqPVqzogreZQaLciUO1Ak.roa
File: D9Tgl1iqPVqzogreZQaLciUO1Ak.roa (raw, json)
Hash identifier: ALXBuyDrvec1RQ7PDmdQXAupe4CfkfhDi04uH+kRt5M=
Subject key identifier: 0F:D4:E0:97:58:AA:3D:5A:B3:A2:0A:DE:65:06:8B:72:25:0E:D4:09
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 019A07FE15A1FE65C3C2BCE1857E854721CD
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/D9Tgl1iqPVqzogreZQaLciUO1Ak.roa
Signing time: Tue 21 Oct 2025 18:18:03 +0000
ROA not before: Tue 21 Oct 2025 18:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 213.145.66.0/24 maxlen: 24
213.145.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 10:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:fe:15:a1:fe:65:c3:c2:bc:e1:85:7e:85:47:21:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Oct 21 18:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fd4e09758aa3d5ab3a20ade65068b72250ed409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:28:c0:4b:a0:4c:c9:0a:d2:55:0c:d0:1d:75:
e6:d2:01:ce:72:c2:51:53:33:d6:51:e2:9c:42:f8:
1c:87:2f:da:1d:3d:58:aa:a6:8e:91:fa:c4:66:a1:
77:02:c5:df:11:89:be:75:a0:45:af:69:6e:4b:11:
42:6d:7a:9b:07:0e:4b:c3:5a:f0:45:53:06:54:bb:
4e:20:e2:61:4f:c9:56:f2:92:6c:e2:f3:20:09:e4:
df:43:65:82:27:f4:3e:06:36:d6:b8:32:61:64:b7:
06:21:bf:96:3c:ea:39:74:54:3a:ec:d6:62:36:44:
81:42:78:b5:f0:b0:c1:0f:80:15:f9:c4:99:5e:36:
5f:56:1f:a8:b1:70:f5:85:5f:4e:d8:21:dd:19:50:
32:0f:f9:bf:be:d9:2e:6b:23:08:ea:26:83:d1:67:
c1:75:4e:7a:7b:81:c0:d4:bb:3b:82:8c:dd:f7:71:
81:2d:53:ad:21:f1:68:7a:42:97:60:bb:2c:f9:66:
4e:26:6e:19:8b:6b:99:35:a5:2f:c7:9d:9f:25:c0:
1b:c1:ca:63:1d:80:ae:0a:d5:cc:b2:a8:0e:39:14:
ff:06:3a:cd:cb:a5:c3:0b:84:68:26:ae:92:aa:21:
d7:d5:6c:b2:21:6d:2b:de:b7:d7:0a:03:1c:75:43:
f1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D4:E0:97:58:AA:3D:5A:B3:A2:0A:DE:65:06:8B:72:25:0E:D4:09
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/D9Tgl1iqPVqzogreZQaLciUO1Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.66.0/24
213.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
27:17:5e:47:a9:41:25:ac:c3:c6:ac:63:51:b3:fa:d4:e9:8b:
37:37:b1:82:2d:51:1b:93:6a:0b:92:b5:58:8c:e9:d2:74:0d:
92:6a:d7:95:9e:7a:1b:5f:f7:10:56:01:76:04:35:12:59:d8:
46:df:ff:24:1c:25:07:79:77:9c:78:90:d9:8b:2f:f7:51:ea:
d3:1c:78:15:e5:48:b2:0e:3d:4a:d9:4e:4a:64:f9:81:8f:33:
f1:0d:9e:5e:68:60:3a:5a:40:3e:86:8c:07:c4:3c:9b:bf:56:
8d:c7:48:f4:b0:da:2a:b8:c2:93:b3:d7:07:bf:84:f0:6f:07:
77:60:ff:28:ca:00:02:53:06:d5:5b:6d:71:06:21:8f:fd:00:
5e:58:3c:bf:8e:95:87:32:91:fc:f9:84:e5:10:32:ff:23:03:
9a:ab:fd:00:7e:32:4a:8b:43:09:0b:6a:57:47:3c:32:05:90:
07:ba:bf:61:75:b4:01:ac:0a:11:64:21:2a:89:51:aa:2d:c7:
2a:64:0f:7e:ce:88:99:c6:a2:36:70:7f:04:10:0b:6e:d9:c0:
98:0a:13:b8:89:eb:ef:71:0a:a5:01:3d:65:cb:03:9e:2f:a4:
4b:9b:49:b7:b3:58:21:1d:d3:c7:6e:9b:d1:2a:cc:0f:dd:71:
2b:6b:c9:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZoH/hWh/mXDwrzhhX6FRyHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUxMDIxMTgxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ0ZTA5NzU4YWEzZDVhYjNhMjBhZGU2NTA2OGI3MjI1MGVkNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCjAS6BMyQrSVQzQHXXm0gHOcsJR
UzPWUeKcQvgchy/aHT1YqqaOkfrEZqF3AsXfEYm+daBFr2luSxFCbXqbBw5Lw1rw
RVMGVLtOIOJhT8lW8pJs4vMgCeTfQ2WCJ/Q+BjbWuDJhZLcGIb+WPOo5dFQ67NZi
NkSBQni18LDBD4AV+cSZXjZfVh+osXD1hV9O2CHdGVAyD/m/vtkuayMI6iaD0WfB
dU56e4HA1Ls7gozd93GBLVOtIfFoekKXYLss+WZOJm4Zi2uZNaUvx52fJcAbwcpj
HYCuCtXMsqgOORT/BjrNy6XDC4RoJq6SqiHX1WyyIW0r3rfXCgMcdUPx0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA/U4JdYqj1as6IK3mUGi3IlDtQJMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvRDlUZ2wxaXFQVnF6b2dyZVpRYUxjaVVPMUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1ZFCAwQA
1ZFHMA0GCSqGSIb3DQEBCwUAA4IBAQAnF15HqUElrMPGrGNRs/rU6Ys3N7GCLVEb
k2oLkrVYjOnSdA2SateVnnobX/cQVgF2BDUSWdhG3/8kHCUHeXeceJDZiy/3UerT
HHgV5UiyDj1K2U5KZPmBjzPxDZ5eaGA6WkA+howHxDybv1aNx0j0sNoquMKTs9cH
v4Twbwd3YP8oygACUwbVW21xBiGP/QBeWDy/jpWHMpH8+YTlEDL/IwOaq/0AfjJK
i0MJC2pXRzwyBZAHur9hdbQBrAoRZCEqiVGqLccqZA9+zoiZxqI2cH8EEAtu2cCY
ChO4ievvcQqlAT1lywOeL6RLm0m3s1ghHdPHbpvRKswP3XEra8m5
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:21:10 2025 by rpki-client