Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-CbB9RgGxa04M7iSCzJxGFQZkFo.roa
File: 1-CbB9RgGxa04M7iSCzJxGFQZkFo.roa (raw, json)
Hash identifier: Md1yZUZq0e613/Z2CInoRCRRv7MlKDR+iXyC3hMu9I8=
Subject key identifier: F8:26:C1:F5:18:06:C5:AD:38:33:B8:92:0B:32:71:18:54:19:90:5A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01985EA0BCC5F5C91E9D0B20412160040623
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-CbB9RgGxa04M7iSCzJxGFQZkFo.roa
Signing time: Thu 31 Jul 2025 03:57:29 +0000
ROA not before: Thu 31 Jul 2025 03:57:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 89.23.112.0/24 maxlen: 24
89.23.115.0/24 maxlen: 24
89.23.116.0/24 maxlen: 24
89.23.117.0/24 maxlen: 24
89.23.118.0/24 maxlen: 24
2a04:6e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5e:a0:bc:c5:f5:c9:1e:9d:0b:20:41:21:60:04:06:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jul 31 03:57:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f826c1f51806c5ad3833b8920b3271185419905a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0d:50:8e:28:eb:72:cb:03:04:9d:7d:02:e6:
6b:78:13:72:55:d5:6a:3b:05:a4:7e:22:1a:54:20:
7f:83:b8:7b:ab:14:10:96:d9:d4:d2:bc:5f:27:fd:
ab:72:ea:4a:f6:d0:1f:2d:af:ae:95:92:5f:bb:a4:
d6:3e:2c:a3:22:60:51:f2:8d:c2:94:01:25:55:dc:
17:54:e1:45:4c:ae:4e:f4:bf:13:81:65:e4:9f:e6:
5b:52:90:49:a2:8a:8b:a9:3e:a0:8b:f2:4b:63:90:
0d:78:04:64:ca:b6:8a:8d:21:45:a4:a2:aa:10:49:
0b:8a:ab:0a:47:f2:f2:38:2b:39:55:fb:87:1c:36:
80:b0:a8:0b:49:bd:b0:9f:68:77:43:71:84:c8:73:
0e:0b:ef:54:78:94:c9:e3:f2:94:72:05:6a:fa:39:
ef:7f:f0:44:9f:6d:90:63:e1:6e:03:6b:15:d9:5c:
4f:cb:bb:7a:a7:86:2b:72:2e:19:c4:35:3b:03:f1:
c9:e0:01:f5:48:80:4a:de:1f:b9:9d:eb:03:c6:d0:
e5:99:d2:ac:21:b2:46:df:0b:5b:93:99:1c:c7:2a:
58:00:f5:5b:5c:eb:05:4a:c9:4d:ae:da:2a:c9:2a:
05:f2:ac:d4:ab:d8:0f:1f:0d:70:49:f1:52:a6:1d:
8d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:26:C1:F5:18:06:C5:AD:38:33:B8:92:0B:32:71:18:54:19:90:5A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-CbB9RgGxa04M7iSCzJxGFQZkFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.112.0/24
89.23.115.0-89.23.118.255
IPv6:
2a04:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
91:d5:ab:c8:ad:5a:fd:3b:a6:0b:fa:02:3a:a8:c7:85:12:df:
76:a0:d4:41:b3:a6:55:20:57:ed:e8:bf:3e:41:9a:f4:c4:61:
8a:89:3e:16:ae:59:6a:4c:8c:bf:85:db:f5:d9:eb:55:4e:ca:
07:0b:c7:50:2f:33:1c:6f:36:f4:80:97:f3:a2:50:18:fa:8b:
12:cd:20:9f:f3:81:ad:00:bd:a5:e8:62:e9:c3:ed:ea:42:89:
05:fb:c6:27:84:7b:df:86:34:54:ce:2b:10:b4:c7:fd:4d:b5:
18:36:33:a0:29:8c:17:48:b1:f4:5a:94:5b:f0:aa:52:cd:93:
83:31:4f:e5:48:d7:14:e4:62:7d:90:b9:72:7e:c5:00:8b:4d:
a2:25:31:81:52:61:77:78:af:70:1c:8e:80:2b:c5:56:21:34:
52:60:11:27:26:ff:80:bb:cb:f6:cf:10:3b:95:56:25:98:dc:
87:41:58:32:90:54:07:09:82:34:cf:79:95:1f:fa:2d:03:ea:
2e:6e:ca:80:67:96:99:ec:43:f9:54:3d:33:47:39:02:f0:7e:
85:7a:d3:40:0b:92:26:84:bf:b3:fe:86:7f:2b:1b:01:df:65:
43:0d:44:79:9b:fe:07:e0:dc:70:8f:09:c9:e3:e4:d4:b9:d0:
ad:71:a6:78
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZheoLzF9ckenQsgQSFgBAYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwNzMxMDM1NzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODI2YzFmNTE4MDZjNWFkMzgzM2I4OTIwYjMyNzExODU0MTk5MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg1QjijrcssDBJ19AuZreBNyVdVq
OwWkfiIaVCB/g7h7qxQQltnU0rxfJ/2rcupK9tAfLa+ulZJfu6TWPiyjImBR8o3C
lAElVdwXVOFFTK5O9L8TgWXkn+ZbUpBJooqLqT6gi/JLY5ANeARkyraKjSFFpKKq
EEkLiqsKR/LyOCs5VfuHHDaAsKgLSb2wn2h3Q3GEyHMOC+9UeJTJ4/KUcgVq+jnv
f/BEn22QY+FuA2sV2VxPy7t6p4Yrci4ZxDU7A/HJ4AH1SIBK3h+5nesDxtDlmdKs
IbJG3wtbk5kcxypYAPVbXOsFSslNrtoqySoF8qzUq9gPHw1wSfFSph2NWwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPgmwfUYBsWtODO4kgsycRhUGZBaMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMS1DYkI5UmdHeGEwNE03aVNDekp4R0ZRWmtGby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvMWZhNmEzLThkYzUtNGMzNS1hNDliLTE3MWMzNjdiZTc4
Mi8xL2RRaEhYX0RZN0pZRE5nRnVEZ1FpR3BqbDdQSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA8BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEAFkXcDAM
AwQAWRdzAwQAWRd2MA0EAgACMAcDBQMqBG5AMA0GCSqGSIb3DQEBCwUAA4IBAQCR
1avIrVr9O6YL+gI6qMeFEt92oNRBs6ZVIFft6L8+QZr0xGGKiT4WrllqTIy/hdv1
2etVTsoHC8dQLzMcbzb0gJfzolAY+osSzSCf84GtAL2l6GLpw+3qQokF+8YnhHvf
hjRUzisQtMf9TbUYNjOgKYwXSLH0WpRb8KpSzZODMU/lSNcU5GJ9kLlyfsUAi02i
JTGBUmF3eK9wHI6AK8VWITRSYBEnJv+Au8v2zxA7lVYlmNyHQVgykFQHCYI0z3mV
H/otA+oubsqAZ5aZ7EP5VD0zRzkC8H6FetNAC5ImhL+z/oZ/KxsB32VDDUR5m/4H
4NxwjwnJ4+TUudCtcaZ4
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:30:46 2025 by rpki-client