Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/B_87xyFnbDOZDB1wE9jO4dM80Ak.roa
File: B_87xyFnbDOZDB1wE9jO4dM80Ak.roa (raw, json)
Hash identifier: jqMsSyd2BodUo3SWvUB1DPGbu0fSTX6qnz6woDEmb/M=
Subject key identifier: 07:FF:3B:C7:21:67:6C:33:99:0C:1D:70:13:D8:CE:E1:D3:3C:D0:09
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0197CF576E89498DA44488DCF41E212E4F87
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/B_87xyFnbDOZDB1wE9jO4dM80Ak.roa
Signing time: Thu 03 Jul 2025 08:11:42 +0000
ROA not before: Thu 03 Jul 2025 08:11:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197537
IP address blocks: 89.213.206.0/23 maxlen: 24
109.176.203.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
213.218.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:57:6e:89:49:8d:a4:44:88:dc:f4:1e:21:2e:4f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 3 08:11:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07ff3bc721676c33990c1d7013d8cee1d33cd009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:64:6a:35:ab:3c:82:40:a7:0e:40:31:35:4a:
7e:0e:6d:79:ba:0e:da:78:23:53:66:b2:7d:97:7f:
68:56:e3:bc:e4:00:e8:51:51:aa:1c:ce:71:58:da:
2e:0c:a0:db:6e:af:62:b1:5e:75:6c:e6:60:9c:81:
36:73:8e:f4:e7:af:4f:53:e8:e9:87:47:75:e4:13:
eb:f3:33:1e:34:7c:b2:9b:52:ff:70:bd:30:d9:56:
c3:a4:53:d4:d8:92:49:d1:ab:c4:05:8c:c7:df:0d:
fc:ac:09:f9:9d:b8:cb:27:fc:e7:e5:ed:7b:42:c5:
db:95:04:60:0d:74:b6:11:49:31:9d:54:ba:fa:d6:
41:76:1b:21:7d:c2:38:0f:f7:a3:02:a0:75:06:6a:
f2:ae:7a:95:fa:32:23:99:3d:9e:10:10:f0:1b:22:
09:12:2d:d9:0c:81:5d:da:e3:af:22:ed:69:c3:42:
bb:e4:39:2c:3a:81:5f:01:9e:2d:b1:8f:5e:7a:f4:
29:1e:de:d6:84:a6:07:20:7a:e2:ab:24:7b:b2:9a:
d2:13:bb:92:4e:61:80:4f:1e:57:c3:0a:ec:19:72:
65:2a:1f:95:6d:af:c6:76:28:99:a6:c5:48:de:dd:
65:f4:f7:f3:a8:f1:02:dc:32:33:07:6d:f7:cf:5d:
3a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:FF:3B:C7:21:67:6C:33:99:0C:1D:70:13:D8:CE:E1:D3:3C:D0:09
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/B_87xyFnbDOZDB1wE9jO4dM80Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.206.0/23
109.176.203.0/24
109.176.230.0/24
213.218.247.0/24
Signature Algorithm: sha256WithRSAEncryption
54:01:04:02:49:89:73:93:36:78:21:7d:cc:2c:36:53:f8:0c:
90:82:ad:5b:2a:12:d7:9e:2d:44:06:a8:4a:13:42:0f:a8:f3:
33:51:47:98:12:10:72:a0:12:f2:e0:2a:43:c5:83:f4:13:2d:
ee:2b:a5:a7:5e:11:5f:b6:89:b4:3f:c7:cd:14:81:5f:bc:a1:
70:e5:08:40:3b:53:44:96:b4:c9:7e:f0:c4:f0:31:9c:5b:6d:
fa:77:96:5d:62:8f:a0:88:ea:79:fa:34:07:4f:65:2c:23:13:
f1:21:67:30:cb:ce:ee:c5:4d:34:c5:a3:ad:00:6c:8b:2a:10:
81:d8:60:b4:3e:c5:31:7f:39:f8:c3:e6:54:21:a4:71:f6:33:
59:9e:67:d8:04:72:7d:ec:45:36:a0:9d:20:6c:a2:13:8d:d2:
75:4a:78:19:ab:92:1d:29:ee:ef:98:89:4d:bb:79:30:44:2c:
14:d5:14:87:1f:28:1d:04:78:e7:ea:3d:e2:44:c2:da:40:5d:
76:db:33:f7:21:c0:0d:ee:fb:7e:1f:54:ce:8d:2b:00:fb:da:
9d:9b:96:ce:75:37:e4:52:9c:c4:34:60:c3:b6:6b:c0:c4:35:
37:db:3d:9d:18:6d:67:46:88:da:a8:09:c2:ed:99:d2:a1:a6:
05:d2:23:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZfPV26JSY2kRIjc9B4hLk+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNzAzMDgxMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2ZmM2JjNzIxNjc2YzMzOTkwYzFkNzAxM2Q4Y2VlMWQzM2NkMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWRqNas8gkCnDkAxNUp+Dm15ug7a
eCNTZrJ9l39oVuO85ADoUVGqHM5xWNouDKDbbq9isV51bOZgnIE2c470569PU+jp
h0d15BPr8zMeNHyym1L/cL0w2VbDpFPU2JJJ0avEBYzH3w38rAn5nbjLJ/zn5e17
QsXblQRgDXS2EUkxnVS6+tZBdhshfcI4D/ejAqB1BmryrnqV+jIjmT2eEBDwGyIJ
Ei3ZDIFd2uOvIu1pw0K75DksOoFfAZ4tsY9eevQpHt7WhKYHIHriqyR7sprSE7uS
TmGATx5XwwrsGXJlKh+Vba/GdiiZpsVI3t1l9PfzqPEC3DIzB233z106FQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAf/O8chZ2wzmQwdcBPYzuHTPNAJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQl84N3h5Rm5iRE9aREIxd0U5ak80ZE04MEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWdXOAwQA
bbDLAwQAbbDmAwQA1dr3MA0GCSqGSIb3DQEBCwUAA4IBAQBUAQQCSYlzkzZ4IX3M
LDZT+AyQgq1bKhLXni1EBqhKE0IPqPMzUUeYEhByoBLy4CpDxYP0Ey3uK6WnXhFf
tom0P8fNFIFfvKFw5QhAO1NElrTJfvDE8DGcW236d5ZdYo+giOp5+jQHT2UsIxPx
IWcwy87uxU00xaOtAGyLKhCB2GC0PsUxfzn4w+ZUIaRx9jNZnmfYBHJ97EU2oJ0g
bKITjdJ1SngZq5IdKe7vmIlNu3kwRCwU1RSHHygdBHjn6j3iRMLaQF122zP3IcAN
7vt+H1TOjSsA+9qdm5bOdTfkUpzENGDDtmvAxDU32z2dGG1nRojaqAnC7ZnSoaYF
0iOm
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:31:57 2025 by rpki-client