Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/K-6qcyau0lpKH3EPaspNOEmcv1o.roa
File: K-6qcyau0lpKH3EPaspNOEmcv1o.roa (raw, json)
Hash identifier: PFVub7EytLYBkg+86PA0qkwP1NNkte9tjEJxcbX+D1w=
Subject key identifier: 2B:EE:AA:73:26:AE:D2:5A:4A:1F:71:0F:6A:CA:4D:38:49:9C:BF:5A
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0197F580807D01744121A2CBF7EBFA686F0E
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/K-6qcyau0lpKH3EPaspNOEmcv1o.roa
Signing time: Thu 10 Jul 2025 18:02:08 +0000
ROA not before: Thu 10 Jul 2025 18:02:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198584
IP address blocks: 87.254.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f5:80:80:7d:01:74:41:21:a2:cb:f7:eb:fa:68:6f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jul 10 18:02:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2beeaa7326aed25a4a1f710f6aca4d38499cbf5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:e6:a1:1b:e1:76:98:af:20:8a:c4:9b:22:
f7:05:ee:d4:ea:ca:3a:34:e7:bc:42:65:5d:05:60:
2c:e6:d0:89:d2:3d:97:70:f5:16:a5:9c:10:f7:65:
0b:9b:2d:95:1e:1b:6d:27:f8:65:d9:2f:a3:3d:fb:
7e:eb:85:96:83:26:e7:47:6e:6a:0e:8f:eb:2c:e1:
e4:0a:32:b1:a0:90:40:17:9e:e9:bd:6b:dd:09:5b:
48:31:0d:8c:30:18:96:55:57:ae:ce:0a:d3:88:a7:
71:bb:c2:3f:92:36:fb:fb:c7:64:0f:20:88:72:b7:
aa:9c:9d:02:5f:ff:93:f3:03:5c:90:48:bf:14:7b:
3b:98:2b:20:8a:a5:6f:3a:63:8c:6c:42:f3:04:3b:
51:4c:7f:8c:aa:ce:b4:f6:79:56:16:7c:a8:32:f2:
9a:7a:5b:8c:d5:f9:5a:72:a0:33:eb:e6:9e:f5:f5:
b0:7e:43:14:5a:f0:1d:22:25:3c:bc:17:fe:b4:04:
bb:b1:52:d1:13:35:0a:77:f5:7c:8f:83:5a:f1:f4:
24:3b:a5:b7:06:fc:d8:9c:f3:d6:87:01:05:06:09:
30:30:fd:c8:ba:30:ae:49:96:36:4a:ee:c2:2d:68:
26:62:7c:48:7b:f7:76:74:83:a1:d6:cc:e7:61:8a:
71:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:EE:AA:73:26:AE:D2:5A:4A:1F:71:0F:6A:CA:4D:38:49:9C:BF:5A
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/K-6qcyau0lpKH3EPaspNOEmcv1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.29.0/24
Signature Algorithm: sha256WithRSAEncryption
38:8e:84:ea:17:50:d6:c8:81:bf:05:8f:d0:a7:9f:05:b1:e3:
dd:bf:33:9f:27:37:4d:77:d4:23:0f:66:69:8d:9a:7d:40:9e:
53:88:dc:54:5f:4b:65:6e:68:36:9b:e2:e1:99:35:e5:4a:89:
13:5c:3a:6c:34:92:05:4b:21:ca:00:a8:4b:90:c3:87:b4:9e:
20:9d:25:bb:01:e3:bd:23:5f:3d:ca:09:2a:f0:ff:1d:c8:e7:
e3:cd:4b:d0:13:a8:a3:03:a4:7e:9a:e3:19:80:e4:59:39:14:
ed:9e:52:0e:f7:23:bb:52:bf:be:99:ed:d4:c7:15:03:15:53:
d8:12:89:6a:5b:1d:8a:fb:7e:87:b9:78:24:c2:40:a5:35:ea:
8e:33:88:00:23:d1:30:ba:2a:96:5f:b9:db:60:d4:d4:33:ed:
3e:4b:3c:fc:77:45:66:48:f3:ad:cc:59:92:4a:83:d5:ec:5d:
38:77:7f:cd:0a:32:f5:a6:ac:59:eb:ff:ca:bb:b4:c0:15:3e:
7d:cf:28:d4:f7:b3:dd:88:b3:6a:ec:07:65:9c:c7:cf:1f:4e:
ee:d7:e0:19:72:3d:8f:b0:0f:9a:7f:c0:ca:af:51:1f:f4:92:
c9:78:e7:71:47:99:c9:15:de:36:6a:34:62:75:53:cf:f4:c8:
85:2e:77:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZf1gIB9AXRBIaLL9+v6aG8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjUwNzEwMTgwMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmVlYWE3MzI2YWVkMjVhNGExZjcxMGY2YWNhNGQzODQ5OWNiZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUfmoRvhdpivIIrEmyL3Be7U6so6
NOe8QmVdBWAs5tCJ0j2XcPUWpZwQ92ULmy2VHhttJ/hl2S+jPft+64WWgybnR25q
Do/rLOHkCjKxoJBAF57pvWvdCVtIMQ2MMBiWVVeuzgrTiKdxu8I/kjb7+8dkDyCI
creqnJ0CX/+T8wNckEi/FHs7mCsgiqVvOmOMbELzBDtRTH+Mqs609nlWFnyoMvKa
eluM1flacqAz6+ae9fWwfkMUWvAdIiU8vBf+tAS7sVLREzUKd/V8j4Na8fQkO6W3
BvzYnPPWhwEFBgkwMP3IujCuSZY2Su7CLWgmYnxIe/d2dIOh1sznYYpx/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvuqnMmrtJaSh9xD2rKTThJnL9aMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvSy02cWN5YXUwbHBLSDNFUGFzcE5PRW1jdjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/4dMA0G
CSqGSIb3DQEBCwUAA4IBAQA4joTqF1DWyIG/BY/Qp58FsePdvzOfJzdNd9QjD2Zp
jZp9QJ5TiNxUX0tlbmg2m+LhmTXlSokTXDpsNJIFSyHKAKhLkMOHtJ4gnSW7AeO9
I189ygkq8P8dyOfjzUvQE6ijA6R+muMZgORZORTtnlIO9yO7Ur++me3UxxUDFVPY
EolqWx2K+36HuXgkwkClNeqOM4gAI9EwuiqWX7nbYNTUM+0+Szz8d0VmSPOtzFmS
SoPV7F04d3/NCjL1pqxZ6//Ku7TAFT59zyjU97PdiLNq7AdlnMfPH07u1+AZcj2P
sA+af8DKr1Ef9JLJeOdxR5nJFd42ajRidVPP9MiFLnfA
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:13:03 2025 by rpki-client