Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/_VM6Mj4CguVY0d_OX4HaJGpBWSs.roa
File: _VM6Mj4CguVY0d_OX4HaJGpBWSs.roa (raw, json)
Hash identifier: cSXjXfka+X+cP+Z+HXidhFSrH7TuR0mB9cfQoGvxchQ=
Subject key identifier: FD:53:3A:32:3E:02:82:E5:58:D1:DF:CE:5F:81:DA:24:6A:41:59:2B
Certificate issuer: /CN=e15136feff3574ef9b2262de59b06a21908fab3e
Certificate serial: 0197C12BB367C286CECAC74F063C306D4AF8
Authority key identifier: E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/_VM6Mj4CguVY0d_OX4HaJGpBWSs.roa
Signing time: Mon 30 Jun 2025 14:09:15 +0000
ROA not before: Mon 30 Jun 2025 14:09:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41227
IP address blocks: 87.247.168.0/23 maxlen: 23
87.247.170.0/23 maxlen: 24
87.247.178.0/24 maxlen: 24
87.247.184.0/21 maxlen: 24
194.34.160.0/24 maxlen: 24
194.34.161.0/24 maxlen: 24
194.34.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c1:2b:b3:67:c2:86:ce:ca:c7:4f:06:3c:30:6d:4a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15136feff3574ef9b2262de59b06a21908fab3e
Validity
Not Before: Jun 30 14:09:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd533a323e0282e558d1dfce5f81da246a41592b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e6:7b:91:84:c2:e3:54:72:1e:83:4f:86:d4:
4f:6b:78:3b:de:d6:b0:70:7e:b7:93:a9:e5:63:77:
f8:ba:bb:b0:78:f4:29:39:72:2b:d0:ba:f7:00:11:
75:f3:5c:fd:25:77:bc:07:c2:6b:84:27:5c:6e:56:
83:f8:7a:2c:57:a3:a6:b8:a4:db:f0:77:81:48:d4:
37:5d:cd:85:03:d3:26:f5:bb:d9:f1:83:3a:9b:1a:
49:6d:2a:ce:b1:91:1a:ae:86:cd:b1:dc:96:7b:e9:
63:e0:0f:7f:f1:a1:66:28:8f:68:cc:2f:e6:9e:77:
80:84:00:b6:af:2d:fe:ac:6c:fc:c3:ed:18:8b:b8:
b2:e3:2d:8d:f4:3f:eb:2f:85:1f:35:6c:53:cf:15:
a4:2b:cc:08:19:9e:21:23:a2:41:65:5f:7a:1a:ad:
59:22:e3:51:80:c9:cb:bf:68:df:06:89:ac:db:cb:
e3:e6:46:18:f6:1f:24:fb:7b:49:d9:7a:c1:47:bb:
4d:50:a1:25:89:53:44:f2:69:c9:69:3e:6c:9f:af:
86:5f:c3:dc:ad:39:c0:90:74:25:63:5a:bb:0e:04:
23:9f:53:32:ac:b2:f5:6e:31:7b:40:48:bb:9f:48:
75:cf:98:b5:df:7f:f9:ca:2e:fb:2c:03:be:4c:d1:
7e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:53:3A:32:3E:02:82:E5:58:D1:DF:CE:5F:81:DA:24:6A:41:59:2B
X509v3 Authority Key Identifier:
keyid:E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/_VM6Mj4CguVY0d_OX4HaJGpBWSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.168.0/22
87.247.178.0/24
87.247.184.0/21
194.34.160.0-194.34.162.255
Signature Algorithm: sha256WithRSAEncryption
80:83:f1:b4:81:65:52:54:d3:cd:8c:e9:ec:77:6f:6e:95:20:
e9:4b:45:5a:41:03:0a:e0:a5:d5:31:82:10:29:41:c5:0e:48:
03:0f:68:78:3d:dc:a0:d2:e6:b9:b1:51:7e:70:b2:c4:42:43:
bb:6c:b4:d3:fa:3e:ea:6b:30:46:e9:67:3e:b8:db:b7:06:13:
f6:5b:1b:41:c4:df:61:7f:69:52:53:43:2c:88:c2:5b:c0:09:
68:3b:59:68:79:e4:70:ec:97:8b:9f:d8:f3:e5:a6:15:10:5f:
c4:ff:53:f8:95:91:4a:dd:c4:ae:eb:47:28:b7:63:3b:a8:1c:
5f:7f:ed:9c:8a:d2:b3:4b:79:e2:3b:3c:59:b7:fa:60:41:67:
9d:e3:9c:3b:14:a8:dd:26:57:e7:ca:3b:86:4c:54:51:8f:d6:
1c:2e:f0:e4:4e:72:8d:69:f0:a6:fb:1e:a4:f3:96:cc:89:f6:
8f:ba:c9:d6:d9:22:07:d8:b6:be:3a:f7:e0:18:b1:7f:8b:ae:
74:83:8b:fc:ae:03:78:0c:c0:88:8d:2b:d4:dc:11:ef:42:f2:
32:cb:b0:e8:d7:b4:65:9a:50:94:82:d5:e8:79:f5:4c:ab:e3:
c9:1d:27:7d:35:54:76:c2:32:dd:36:1b:30:5e:3b:62:86:51:
04:2a:44:e0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZfBK7NnwobOysdPBjwwbUr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTEzNmZlZmYzNTc0ZWY5YjIyNjJkZTU5YjA2YTIxOTA4
ZmFiM2UwHhcNMjUwNjMwMTQwOTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDUzM2EzMjNlMDI4MmU1NThkMWRmY2U1ZjgxZGEyNDZhNDE1OTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuZ7kYTC41RyHoNPhtRPa3g73taw
cH63k6nlY3f4uruwePQpOXIr0Lr3ABF181z9JXe8B8JrhCdcblaD+HosV6OmuKTb
8HeBSNQ3Xc2FA9Mm9bvZ8YM6mxpJbSrOsZEarobNsdyWe+lj4A9/8aFmKI9ozC/m
nneAhAC2ry3+rGz8w+0Yi7iy4y2N9D/rL4UfNWxTzxWkK8wIGZ4hI6JBZV96Gq1Z
IuNRgMnLv2jfBoms28vj5kYY9h8k+3tJ2XrBR7tNUKEliVNE8mnJaT5sn6+GX8Pc
rTnAkHQlY1q7DgQjn1MyrLL1bjF7QEi7n0h1z5i133/5yi77LAO+TNF+IwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFP1TOjI+AoLlWNHfzl+B2iRqQVkrMB8GA1UdIwQY
MBaAFOFRNv7/NXTvmyJi3lmwaiGQj6s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMt
MDQxMzEyMjQyZmYzLzEvX1ZNNk1qNENndVZZMGRfT1g0SGFKR3BCV1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMtMDQxMzEyMjQyZmYz
LzEvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCV/eoAwQA
V/eyAwQDV/e4MAwDBAXCIqADBADCIqIwDQYJKoZIhvcNAQELBQADggEBAICD8bSB
ZVJU082M6ex3b26VIOlLRVpBAwrgpdUxghApQcUOSAMPaHg93KDS5rmxUX5wssRC
Q7tstNP6PuprMEbpZz6427cGE/ZbG0HE32F/aVJTQyyIwlvACWg7WWh55HDsl4uf
2PPlphUQX8T/U/iVkUrdxK7rRyi3YzuoHF9/7ZyK0rNLeeI7PFm3+mBBZ53jnDsU
qN0mV+fKO4ZMVFGP1hwu8OROco1p8Kb7HqTzlsyJ9o+6ydbZIgfYtr469+AYsX+L
rnSDi/yuA3gMwIiNK9TcEe9C8jLLsOjXtGWaUJSC1eh59Uyr48kdJ301VHbCMt02
GzBeO2KGUQQqROA=
-----END CERTIFICATE-----
Generated at Sun Jul 27 11:21:24 2025 by rpki-client