Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/UkCQdP3RrZAe6U2EZsGgmUYM6T4.roa
File: UkCQdP3RrZAe6U2EZsGgmUYM6T4.roa (raw, json)
Hash identifier: v1eSSUjEmDBKjFNO3CwwmScWxLPiyY9bodIun8a3QK4=
Subject key identifier: 52:40:90:74:FD:D1:AD:90:1E:E9:4D:84:66:C1:A0:99:46:0C:E9:3E
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 01997E0BC1AAB674B02DA8FF70D487678D20
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/UkCQdP3RrZAe6U2EZsGgmUYM6T4.roa
Signing time: Wed 24 Sep 2025 23:25:23 +0000
ROA not before: Wed 24 Sep 2025 23:25:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 87.58.64.0/24 maxlen: 24
87.58.65.0/24 maxlen: 24
159.254.0.0/24 maxlen: 24
159.254.1.0/24 maxlen: 24
159.254.2.0/24 maxlen: 24
159.254.3.0/24 maxlen: 24
159.254.4.0/24 maxlen: 24
159.254.5.0/24 maxlen: 24
159.254.6.0/24 maxlen: 24
159.254.7.0/24 maxlen: 24
159.254.8.0/24 maxlen: 24
159.254.9.0/24 maxlen: 24
159.254.10.0/24 maxlen: 24
159.254.11.0/24 maxlen: 24
159.254.12.0/24 maxlen: 24
159.254.80.0/24 maxlen: 24
159.254.81.0/24 maxlen: 24
159.254.82.0/24 maxlen: 24
194.9.116.0/24 maxlen: 24
2a03:eec0:3601::/48 maxlen: 48
2a03:eec0:3602::/48 maxlen: 48
2a03:eec0:3603::/48 maxlen: 48
2a03:eec0:3604::/48 maxlen: 48
2a03:eec0:3605::/48 maxlen: 48
2a03:eec0:3606::/48 maxlen: 48
2a03:eec0:3607::/48 maxlen: 48
2a03:eec0:3608::/48 maxlen: 48
2a03:eec0:3609::/48 maxlen: 48
2a03:eec0:360a::/48 maxlen: 48
2a03:eec0:360b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 10:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7e:0b:c1:aa:b6:74:b0:2d:a8:ff:70:d4:87:67:8d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Sep 24 23:25:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52409074fdd1ad901ee94d8466c1a099460ce93e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cf:c4:ed:61:86:a9:ff:e0:a5:fc:39:10:fe:
0b:13:8e:b5:7c:8d:03:d9:3e:78:b1:28:2d:07:2d:
4e:5c:40:89:78:f8:b6:25:f2:76:11:0c:99:07:f4:
4e:3d:d4:e8:f5:e8:e7:e7:c4:0a:44:ef:a9:de:d1:
0e:37:15:47:a4:5b:b9:03:62:70:f6:81:b0:05:f4:
cb:cb:e0:a3:f0:94:4e:58:af:c4:c6:a1:ff:08:ff:
7e:b5:e3:a5:8b:81:df:c5:0f:67:5b:46:a8:5e:69:
38:e6:dc:4b:ed:31:49:73:07:d8:a9:7c:8d:85:e2:
2e:26:a5:62:08:74:be:72:d6:f0:3f:5b:ef:af:0b:
00:ec:a2:52:e6:74:71:27:ce:5c:36:2b:3c:26:73:
ae:68:47:5b:30:bd:72:30:9f:af:f2:26:40:91:94:
85:37:5b:37:d4:22:f7:91:72:c0:77:6f:18:2f:23:
0f:61:b6:77:f3:5d:f6:e6:31:b1:51:0d:ee:3e:08:
fd:f3:48:51:62:59:4a:1e:80:36:4e:f4:e9:b0:b3:
91:15:ed:22:a5:94:fb:e2:b3:80:14:a6:ac:bc:39:
f7:79:37:ab:96:8d:52:22:4b:73:a4:b0:fe:82:23:
84:96:a2:25:61:f2:26:2b:f5:9c:08:2e:73:11:89:
1e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:40:90:74:FD:D1:AD:90:1E:E9:4D:84:66:C1:A0:99:46:0C:E9:3E
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/UkCQdP3RrZAe6U2EZsGgmUYM6T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.58.64.0/23
159.254.0.0-159.254.12.255
159.254.80.0-159.254.82.255
194.9.116.0/24
IPv6:
2a03:eec0:3601::-2a03:eec0:360b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:cc:c9:c4:6d:fc:8a:33:2f:4f:13:21:e8:d3:ba:7b:b4:9e:
6c:4e:de:3e:81:3b:f0:46:16:d2:40:60:3a:68:02:0f:f9:a9:
2a:f4:fb:f7:59:fe:a8:5f:7e:3e:06:95:74:c9:9e:10:0b:58:
00:c9:58:08:22:de:b7:ed:66:31:02:e4:ce:9f:54:ef:e2:1f:
c7:9f:34:0a:92:be:b3:ee:94:8a:c5:b0:82:40:83:57:6c:d3:
d0:ea:40:aa:a4:79:e3:fd:2b:ec:25:da:5a:2f:49:c6:cf:ae:
71:37:a9:86:e7:2f:36:f8:1f:98:26:cb:3f:f4:c3:de:6a:7e:
e3:aa:ae:3f:38:8f:4f:c9:0d:5d:ac:82:2f:d0:ff:8f:f3:2f:
6b:b8:0e:10:56:32:7c:8b:8f:39:57:f9:35:6f:dc:b9:4b:a5:
42:18:32:7b:b3:eb:cc:76:24:40:e1:6b:84:1c:7f:e9:bb:a3:
a5:86:b9:f2:63:06:a8:25:33:0e:12:89:a6:d7:aa:68:7b:b7:
1b:39:a9:10:63:0c:08:86:04:84:cb:3b:d3:ea:82:d5:2c:2d:
4a:c8:6f:8f:fc:27:2e:2d:74:6f:7a:d5:0b:7e:33:80:93:a6:
c8:c0:27:71:8e:aa:41:7b:cf:2f:e5:6f:32:52:1a:58:1c:59:
33:f0:ee:47
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZl+C8GqtnSwLaj/cNSHZ40gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwOTI0MjMyNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQwOTA3NGZkZDFhZDkwMWVlOTRkODQ2NmMxYTA5OTQ2MGNlOTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts/E7WGGqf/gpfw5EP4LE461fI0D
2T54sSgtBy1OXECJePi2JfJ2EQyZB/ROPdTo9ejn58QKRO+p3tEONxVHpFu5A2Jw
9oGwBfTLy+Cj8JROWK/ExqH/CP9+teOli4HfxQ9nW0aoXmk45txL7TFJcwfYqXyN
heIuJqViCHS+ctbwP1vvrwsA7KJS5nRxJ85cNis8JnOuaEdbML1yMJ+v8iZAkZSF
N1s31CL3kXLAd28YLyMPYbZ381325jGxUQ3uPgj980hRYllKHoA2TvTpsLORFe0i
pZT74rOAFKasvDn3eTerlo1SIktzpLD+giOElqIlYfImK/WcCC5zEYke8wIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFFJAkHT90a2QHulNhGbBoJlGDOk+MB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvVWtDUWRQM1JyWkFlNlUyRVpzR2dtVVlNNlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAtBAIAATAnAwQBVzpAMAsD
AwGf/gMEAJ/+DDAMAwQEn/5QAwQAn/5SAwQAwgl0MBoEAgACMBQwEgMHACoD7sA2
AQMHAioD7sA2CDANBgkqhkiG9w0BAQsFAAOCAQEAdszJxG38ijMvTxMh6NO6e7Se
bE7ePoE78EYW0kBgOmgCD/mpKvT791n+qF9+PgaVdMmeEAtYAMlYCCLet+1mMQLk
zp9U7+Ifx580CpK+s+6UisWwgkCDV2zT0OpAqqR54/0r7CXaWi9Jxs+ucTephucv
NvgfmCbLP/TD3mp+46quPziPT8kNXayCL9D/j/Mva7gOEFYyfIuPOVf5NW/cuUul
Qhgye7PrzHYkQOFrhBx/6bujpYa58mMGqCUzDhKJpteqaHu3GzmpEGMMCIYEhMs7
0+qC1SwtSshvj/wnLi10b3rVC34zgJOmyMAncY6qQXvPL+VvMlIaWBxZM/DuRw==
-----END CERTIFICATE-----
Generated at Wed Oct 8 19:39:54 2025 by rpki-client