
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/aoaJWVMr3LsKp6dIyxA_4pNUFaI.roa
File: aoaJWVMr3LsKp6dIyxA_4pNUFaI.roa (raw, json)
Hash identifier: t+OBdb8RsaFvnnVMtpxSRATSZxEyzbE7ET03LsrS4po=
Subject key identifier: 6A:86:89:59:53:2B:DC:BB:0A:A7:A7:48:CB:10:3F:E2:93:54:15:A2
Certificate issuer: /CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b
Certificate serial: 0199B463C1ABC4E0CFDED952BF0F8C860496
Authority key identifier: EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/aoaJWVMr3LsKp6dIyxA_4pNUFaI.roa
Signing time: Sun 05 Oct 2025 12:41:00 +0000
ROA not before: Sun 05 Oct 2025 12:41:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 80.64.220.0/24 maxlen: 24
80.64.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.mft
rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b4:63:c1:ab:c4:e0:cf:de:d9:52:bf:0f:8c:86:04:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b
Validity
Not Before: Oct 5 12:41:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a868959532bdcbb0aa7a748cb103fe2935415a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:16:cf:12:1c:38:3f:99:fe:c7:93:4c:00:24:
c8:02:78:3b:bb:c5:aa:99:2c:53:6b:b6:58:b2:44:
92:05:da:e2:55:d6:a0:5b:31:94:dc:cd:ae:2a:82:
80:75:f1:64:38:01:e4:c6:2d:3f:1c:b6:0f:fa:04:
44:a3:54:94:08:26:a8:60:80:04:29:e0:13:4e:b4:
8b:56:00:a8:17:d1:7d:83:75:0a:60:8e:be:5c:d2:
90:64:81:c0:0d:fc:7f:31:ac:3a:37:5c:1e:9d:d5:
0f:f7:ea:36:e8:93:e1:77:0e:2c:97:bc:c8:f7:a4:
63:1e:9a:2b:42:ab:51:58:2f:da:72:be:eb:dc:f0:
b0:09:21:4f:d8:5d:a4:36:5b:3d:2b:77:8e:dc:62:
a0:6d:bd:cc:85:3e:76:72:5b:d7:91:5a:b9:9f:be:
ce:e2:90:c2:f0:eb:05:6f:94:7e:54:e4:d5:3c:d5:
22:20:1b:e6:19:39:f6:f7:8a:e5:c8:8b:2c:e0:80:
0c:29:31:a9:ed:15:b0:7d:3d:4f:0f:a9:0c:48:8d:
2f:2f:80:65:50:bc:b1:da:7f:30:9c:cf:02:db:53:
3a:f6:83:00:47:88:2c:12:b2:b2:7f:62:9a:31:5d:
f6:6e:c1:cf:d8:6c:67:e9:c7:dc:5d:7b:5f:3a:b4:
70:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:86:89:59:53:2B:DC:BB:0A:A7:A7:48:CB:10:3F:E2:93:54:15:A2
X509v3 Authority Key Identifier:
keyid:EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/aoaJWVMr3LsKp6dIyxA_4pNUFaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.220.0/24
80.64.223.0/24
Signature Algorithm: sha256WithRSAEncryption
49:15:ad:e6:98:82:86:8b:7b:21:5d:fd:74:c6:c1:2a:4d:bb:
f7:b0:bd:8c:b3:4d:9c:a0:5b:d3:01:f1:89:67:0f:9d:0c:27:
50:ee:eb:58:6c:7b:ab:c5:32:de:87:ee:84:f7:9d:2d:b5:51:
54:3e:7e:0c:60:2c:fe:be:1f:55:b3:5d:a5:dc:6d:21:d3:d2:
88:c5:75:8f:cd:93:e2:65:56:ab:72:8b:17:43:c5:cf:f2:54:
15:68:eb:a8:fa:5c:18:fc:67:6a:b9:7e:ce:15:dc:15:9c:f4:
e6:06:5f:a1:ce:14:3b:d8:1e:1a:3a:eb:63:37:b9:67:f1:09:
9d:a6:61:1f:f2:78:b2:88:61:69:27:bb:fd:77:0e:37:5f:00:
84:f1:41:fd:1d:be:5b:a7:41:00:f1:f5:b4:7e:8e:a6:39:50:
1a:c0:7d:a9:14:be:48:38:c8:90:dd:12:3c:7e:be:8e:4b:fe:
85:ff:2f:9f:7c:bb:73:a8:d8:8d:ce:0f:e9:c7:5e:8e:16:bb:
31:49:4e:61:17:4b:58:26:58:65:d1:b4:17:37:63:99:3f:b7:
24:58:dc:8f:c2:0c:3a:74:ca:5e:64:75:f6:96:ee:f6:3d:ce:
ec:a2:bc:06:5c:d7:94:18:8a:46:bc:8d:0a:ae:2b:e2:7b:32:
bb:68:cd:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZm0Y8GrxODP3tlSvw+MhgSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2YzMWJkNmQ5ODVlNDUyOTljMzFkMDUyY2E0YThlYmVm
NTU3OGIwHhcNMjUxMDA1MTI0MTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg2ODk1OTUzMmJkY2JiMGFhN2E3NDhjYjEwM2ZlMjkzNTQxNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRbPEhw4P5n+x5NMACTIAng7u8Wq
mSxTa7ZYskSSBdriVdagWzGU3M2uKoKAdfFkOAHkxi0/HLYP+gREo1SUCCaoYIAE
KeATTrSLVgCoF9F9g3UKYI6+XNKQZIHADfx/Maw6N1wendUP9+o26JPhdw4sl7zI
96RjHporQqtRWC/acr7r3PCwCSFP2F2kNls9K3eO3GKgbb3MhT52clvXkVq5n77O
4pDC8OsFb5R+VOTVPNUiIBvmGTn294rlyIss4IAMKTGp7RWwfT1PD6kMSI0vL4Bl
ULyx2n8wnM8C21M69oMAR4gsErKyf2KaMV32bsHP2Gxn6cfcXXtfOrRwQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGqGiVlTK9y7CqenSMsQP+KTVBWiMB8GA1UdIwQY
MBaAFO9/Mb1tmF5FKZwx0FLKSo6+9VeLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQt
YTc2M2RmM2FlZTZkLzEvYW9hSldWTXIzTHNLcDZkSXl4QV80cE5VRmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQtYTc2M2RmM2FlZTZk
LzEvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEDcAwQA
UEDfMA0GCSqGSIb3DQEBCwUAA4IBAQBJFa3mmIKGi3shXf10xsEqTbv3sL2Ms02c
oFvTAfGJZw+dDCdQ7utYbHurxTLeh+6E950ttVFUPn4MYCz+vh9Vs12l3G0h09KI
xXWPzZPiZVarcosXQ8XP8lQVaOuo+lwY/GdquX7OFdwVnPTmBl+hzhQ72B4aOutj
N7ln8QmdpmEf8niyiGFpJ7v9dw43XwCE8UH9Hb5bp0EA8fW0fo6mOVAawH2pFL5I
OMiQ3RI8fr6OS/6F/y+ffLtzqNiNzg/px16OFrsxSU5hF0tYJlhl0bQXN2OZP7ck
WNyPwgw6dMpeZHX2lu72Pc7sorwGXNeUGIpGvI0KriviezK7aM0u
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:10:12 2025 by rpki-client