Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/f-Ywb5xowe8tDfjioe_nZXfczLU.roa
File: f-Ywb5xowe8tDfjioe_nZXfczLU.roa (raw, json)
Hash identifier: Eh27uhobGEnU6Wkcq0s4lL/JH8lOhFcxzQPFqeNpsAM=
Subject key identifier: 7F:E6:30:6F:9C:68:C1:EF:2D:0D:F8:E2:A1:EF:E7:65:77:DC:CC:B5
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 0198AAF0CCD3018590496076F2A6018C503F
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/f-Ywb5xowe8tDfjioe_nZXfczLU.roa
Signing time: Thu 14 Aug 2025 23:36:04 +0000
ROA not before: Thu 14 Aug 2025 23:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 87.58.64.0/24 maxlen: 24
87.58.65.0/24 maxlen: 24
159.254.0.0/24 maxlen: 24
159.254.1.0/24 maxlen: 24
159.254.2.0/24 maxlen: 24
159.254.3.0/24 maxlen: 24
159.254.4.0/24 maxlen: 24
159.254.5.0/24 maxlen: 24
159.254.6.0/24 maxlen: 24
159.254.7.0/24 maxlen: 24
159.254.8.0/24 maxlen: 24
159.254.9.0/24 maxlen: 24
159.254.10.0/24 maxlen: 24
159.254.11.0/24 maxlen: 24
159.254.12.0/24 maxlen: 24
194.9.116.0/24 maxlen: 24
2a03:eec0:3601::/48 maxlen: 48
2a03:eec0:3602::/48 maxlen: 48
2a03:eec0:3603::/48 maxlen: 48
2a03:eec0:3604::/48 maxlen: 48
2a03:eec0:3605::/48 maxlen: 48
2a03:eec0:3606::/48 maxlen: 48
2a03:eec0:3607::/48 maxlen: 48
2a03:eec0:3608::/48 maxlen: 48
2a03:eec0:3609::/48 maxlen: 48
2a03:eec0:360a::/48 maxlen: 48
2a03:eec0:360b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:aa:f0:cc:d3:01:85:90:49:60:76:f2:a6:01:8c:50:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Aug 14 23:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fe6306f9c68c1ef2d0df8e2a1efe76577dcccb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:27:16:5a:71:a3:a2:87:12:91:2b:20:fc:3c:
4e:04:c3:6d:9d:42:80:76:e0:d3:0d:43:9e:50:73:
a7:1e:ba:5f:9d:8b:7e:35:03:a1:e8:7d:8f:bd:9a:
30:53:35:5f:f0:9d:e6:4b:21:80:64:37:66:0b:5d:
8f:08:a0:17:1a:bc:65:18:22:d2:e5:e8:d6:64:6e:
9a:72:a2:36:15:dc:3c:ef:9d:e5:5b:2e:07:98:82:
91:f9:96:70:63:d2:57:78:01:2c:c9:67:9c:40:f8:
0c:8a:40:64:de:65:43:ba:11:5f:99:92:5f:f9:15:
27:ac:e9:79:f1:75:32:c6:cd:81:0a:de:c4:fa:de:
c7:ce:be:73:19:db:93:d6:c3:6f:47:f2:37:1f:4b:
aa:4e:a5:39:aa:e8:cf:b3:11:f0:3c:d8:b9:cd:5b:
57:6a:34:4a:bc:b2:5b:29:8f:bd:75:e8:eb:a2:1c:
7f:f1:bc:b2:63:68:9a:80:40:1e:77:7d:b8:8f:b2:
c6:7c:e0:f9:9f:10:f9:71:40:9f:5a:f1:f8:28:0a:
a4:55:2c:53:e0:9b:54:4b:71:0d:24:69:6c:33:c7:
0f:72:4d:bb:f7:21:29:8a:c5:ec:fb:f3:b7:20:2f:
cd:b6:f1:02:18:41:53:65:00:fe:2b:43:7d:b7:99:
07:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E6:30:6F:9C:68:C1:EF:2D:0D:F8:E2:A1:EF:E7:65:77:DC:CC:B5
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/f-Ywb5xowe8tDfjioe_nZXfczLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.58.64.0/23
159.254.0.0-159.254.12.255
194.9.116.0/24
IPv6:
2a03:eec0:3601::-2a03:eec0:360b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
84:af:a6:b6:ef:22:ea:7d:4b:9d:e3:f4:9b:02:fa:24:33:02:
c8:8c:11:6d:a8:8e:14:60:c7:50:26:03:32:c4:15:c0:23:e1:
42:47:c6:c5:22:2b:03:64:dc:89:ee:5e:02:62:67:93:30:03:
c9:59:b8:84:c1:43:21:3d:ad:55:14:41:a4:b8:62:65:21:50:
75:9a:35:8b:35:b9:4b:be:d5:81:2e:87:9c:a7:e9:19:63:fe:
51:03:e2:33:9d:5a:7e:22:77:39:55:1e:6a:cc:4a:e5:bd:f1:
5e:c9:d3:69:d5:ca:fb:ab:47:52:35:e0:42:0c:5e:b2:22:00:
f3:f2:2d:40:bd:bb:6b:b0:af:ec:20:e6:27:50:9f:d5:f6:69:
a3:61:d9:48:aa:13:c9:7a:02:19:53:40:3d:63:29:a0:f9:8b:
87:64:07:7f:88:27:43:b3:3f:d4:a9:dd:d4:d9:b6:1b:d0:40:
08:6b:db:49:8b:50:12:43:c8:a0:23:e5:ec:22:ef:3d:4d:99:
33:c4:08:fa:85:c9:38:da:65:1c:48:05:2e:c9:d7:15:80:60:
f5:6f:1b:b2:f0:9a:7d:17:43:e6:fb:6e:ae:7b:3f:03:3b:c9:
13:c9:a7:9a:61:e6:d5:0d:e2:72:26:32:fd:92:69:db:38:1c:
77:4a:26:0c
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZiq8MzTAYWQSWB28qYBjFA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwODE0MjMzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmU2MzA2ZjljNjhjMWVmMmQwZGY4ZTJhMWVmZTc2NTc3ZGNjY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCcWWnGjoocSkSsg/DxOBMNtnUKA
duDTDUOeUHOnHrpfnYt+NQOh6H2PvZowUzVf8J3mSyGAZDdmC12PCKAXGrxlGCLS
5ejWZG6acqI2Fdw8753lWy4HmIKR+ZZwY9JXeAEsyWecQPgMikBk3mVDuhFfmZJf
+RUnrOl58XUyxs2BCt7E+t7Hzr5zGduT1sNvR/I3H0uqTqU5qujPsxHwPNi5zVtX
ajRKvLJbKY+9dejrohx/8byyY2iagEAed324j7LGfOD5nxD5cUCfWvH4KAqkVSxT
4JtUS3ENJGlsM8cPck279yEpisXs+/O3IC/NtvECGEFTZQD+K0N9t5kH8wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFH/mMG+caMHvLQ344qHv52V33My1MB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvZi1Zd2I1eG93ZTh0RGZqaW9lX25aWGZjekxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAfBAIAATAZAwQBVzpAMAsD
AwGf/gMEAJ/+DAMEAMIJdDAaBAIAAjAUMBIDBwAqA+7ANgEDBwIqA+7ANggwDQYJ
KoZIhvcNAQELBQADggEBAISvprbvIup9S53j9JsC+iQzAsiMEW2ojhRgx1AmAzLE
FcAj4UJHxsUiKwNk3InuXgJiZ5MwA8lZuITBQyE9rVUUQaS4YmUhUHWaNYs1uUu+
1YEuh5yn6Rlj/lED4jOdWn4idzlVHmrMSuW98V7J02nVyvurR1I14EIMXrIiAPPy
LUC9u2uwr+wg5idQn9X2aaNh2UiqE8l6AhlTQD1jKaD5i4dkB3+IJ0OzP9Sp3dTZ
thvQQAhr20mLUBJDyKAj5ewi7z1NmTPECPqFyTjaZRxIBS7J1xWAYPVvG7Lwmn0X
Q+b7bq57PwM7yRPJp5ph5tUN4nImMv2Sads4HHdKJgw=
-----END CERTIFICATE-----
Generated at Thu Aug 21 19:02:36 2025 by rpki-client