Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ccc73b-9c87-45d5-81c4-3f922b40168a/1/Bofs4ohNskP7oRhXntEkamcTByY.roa
File: Bofs4ohNskP7oRhXntEkamcTByY.roa (raw, json)
Hash identifier: 2wFqF3IDJ9WWoiEwRf3HPN+kDBVLZG7FcftR+HQ+PQ0=
Subject key identifier: 06:87:EC:E2:88:4D:B2:43:FB:A1:18:57:9E:D1:24:6A:67:13:07:26
Certificate issuer: /CN=c9f23c9b7b3ea0549142b701597706fc7a6385e7
Certificate serial: 019A3432E90EE8EF5C221D4DCC42D6865CED
Authority key identifier: C9:F2:3C:9B:7B:3E:A0:54:91:42:B7:01:59:77:06:FC:7A:63:85:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yfI8m3s-oFSRQrcBWXcG_Hpjhec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/ccc73b-9c87-45d5-81c4-3f922b40168a/1/Bofs4ohNskP7oRhXntEkamcTByY.roa
Signing time: Thu 30 Oct 2025 08:19:02 +0000
ROA not before: Thu 30 Oct 2025 08:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 79.140.192.0/23 maxlen: 23
79.140.192.0/24 maxlen: 24
79.140.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/ccc73b-9c87-45d5-81c4-3f922b40168a/1/yfI8m3s-oFSRQrcBWXcG_Hpjhec.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/ccc73b-9c87-45d5-81c4-3f922b40168a/1/yfI8m3s-oFSRQrcBWXcG_Hpjhec.mft
rsync://rpki.ripe.net/repository/DEFAULT/yfI8m3s-oFSRQrcBWXcG_Hpjhec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 15:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:34:32:e9:0e:e8:ef:5c:22:1d:4d:cc:42:d6:86:5c:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9f23c9b7b3ea0549142b701597706fc7a6385e7
Validity
Not Before: Oct 30 08:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0687ece2884db243fba118579ed1246a67130726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0a:e3:9f:43:ca:6b:73:0e:6f:ae:fb:ff:db:
4d:73:99:ab:ce:55:dc:ba:4d:90:3d:8d:08:0e:c2:
ad:0d:4d:2f:55:e4:4e:94:72:6c:74:1c:0c:be:4c:
7c:84:45:13:fb:3c:fb:6e:48:31:91:f3:74:eb:3f:
56:97:c7:69:e9:25:b6:e8:84:50:30:0d:1f:d9:aa:
83:a4:e0:f2:bd:4e:27:0d:d6:4c:fe:65:52:3f:97:
82:b1:ea:53:f2:5d:cf:a1:92:5b:15:e4:25:96:04:
e5:c5:25:f1:8c:16:ed:55:39:7c:29:3e:d3:08:ac:
f9:a0:e6:90:fe:67:3d:f5:c1:dd:c6:d5:0b:54:64:
30:b0:af:0d:af:af:54:18:cf:7b:19:86:d7:38:31:
2c:85:93:f4:34:23:43:a0:1d:77:33:32:57:11:cb:
41:cb:88:c4:08:e5:2c:45:71:94:c4:dd:db:19:b4:
4b:73:47:74:2d:9c:67:5a:24:96:0e:e1:e9:03:70:
2f:db:2b:d6:c4:7c:bb:75:e7:b5:ff:84:a6:df:26:
41:2c:b8:78:87:86:42:f5:78:04:39:a8:28:0e:17:
e9:48:1c:09:e0:d1:f6:f7:58:14:83:26:89:e3:fd:
68:9b:41:52:71:fb:b0:72:5d:95:f9:44:3f:77:a4:
ef:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:87:EC:E2:88:4D:B2:43:FB:A1:18:57:9E:D1:24:6A:67:13:07:26
X509v3 Authority Key Identifier:
keyid:C9:F2:3C:9B:7B:3E:A0:54:91:42:B7:01:59:77:06:FC:7A:63:85:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yfI8m3s-oFSRQrcBWXcG_Hpjhec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ccc73b-9c87-45d5-81c4-3f922b40168a/1/Bofs4ohNskP7oRhXntEkamcTByY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ccc73b-9c87-45d5-81c4-3f922b40168a/1/yfI8m3s-oFSRQrcBWXcG_Hpjhec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.192.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:72:c5:e6:c4:ac:6b:e5:ff:7d:45:9e:69:af:78:21:3d:5b:
1a:2d:c5:58:3c:91:9a:1f:fe:ea:2a:9d:a4:50:49:22:8d:bc:
d0:c6:b9:84:60:74:1e:a7:41:ce:c0:b4:78:90:22:e8:1d:91:
85:a5:67:d9:d7:af:34:70:a1:66:7a:e8:30:b5:d5:9f:4f:d0:
d3:54:83:8b:5e:58:70:0a:1a:a3:3e:48:c4:39:bb:d5:38:6d:
d7:7f:91:b7:fa:3e:a0:a1:4d:9a:47:af:e6:06:c2:44:5d:5b:
17:02:fd:56:9f:95:b7:be:c1:8a:83:4e:62:cd:94:de:94:73:
f7:49:89:d9:af:eb:d4:90:bd:d5:2b:b9:51:ce:d9:a3:3d:f4:
81:45:34:67:cf:df:45:c6:e5:7d:c2:01:eb:04:1c:f9:e4:ea:
09:9b:a3:17:b8:56:73:32:c8:fa:d9:ce:3d:56:85:78:c7:f1:
42:ee:6a:e3:d6:34:1b:1a:69:74:ac:3b:6c:4c:39:bd:c5:56:
ee:c6:b1:ae:1d:bd:f2:24:1c:67:66:12:7b:81:ff:6d:95:35:
95:79:4b:42:21:f9:3e:dd:05:14:56:11:05:b5:2c:d4:22:fe:
97:a6:c8:1b:d9:26:79:db:bc:8c:88:e2:b2:8d:9a:35:86:cf:
19:14:99:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZo0MukO6O9cIh1NzELWhlztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZjIzYzliN2IzZWEwNTQ5MTQyYjcwMTU5NzcwNmZjN2E2
Mzg1ZTcwHhcNMjUxMDMwMDgxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjg3ZWNlMjg4NGRiMjQzZmJhMTE4NTc5ZWQxMjQ2YTY3MTMwNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQrjn0PKa3MOb677/9tNc5mrzlXc
uk2QPY0IDsKtDU0vVeROlHJsdBwMvkx8hEUT+zz7bkgxkfN06z9Wl8dp6SW26IRQ
MA0f2aqDpODyvU4nDdZM/mVSP5eCsepT8l3PoZJbFeQllgTlxSXxjBbtVTl8KT7T
CKz5oOaQ/mc99cHdxtULVGQwsK8Nr69UGM97GYbXODEshZP0NCNDoB13MzJXEctB
y4jECOUsRXGUxN3bGbRLc0d0LZxnWiSWDuHpA3Av2yvWxHy7dee1/4Sm3yZBLLh4
h4ZC9XgEOagoDhfpSBwJ4NH291gUgyaJ4/1om0FScfuwcl2V+UQ/d6TvxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAaH7OKITbJD+6EYV57RJGpnEwcmMB8GA1UdIwQY
MBaAFMnyPJt7PqBUkUK3AVl3Bvx6Y4XnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWZJOG0zcy1vRlNSUXJjQldYY0dfSHBqaGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9jY2M3M2ItOWM4Ny00NWQ1LTgxYzQt
M2Y5MjJiNDAxNjhhLzEvQm9mczRvaE5za1A3b1JoWG50RWthbWNUQnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9jY2M3M2ItOWM4Ny00NWQ1LTgxYzQtM2Y5MjJiNDAxNjhh
LzEveWZJOG0zcy1vRlNSUXJjQldYY0dfSHBqaGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBT4zAMA0G
CSqGSIb3DQEBCwUAA4IBAQAOcsXmxKxr5f99RZ5pr3ghPVsaLcVYPJGaH/7qKp2k
UEkijbzQxrmEYHQep0HOwLR4kCLoHZGFpWfZ1680cKFmeugwtdWfT9DTVIOLXlhw
ChqjPkjEObvVOG3Xf5G3+j6goU2aR6/mBsJEXVsXAv1Wn5W3vsGKg05izZTelHP3
SYnZr+vUkL3VK7lRztmjPfSBRTRnz99FxuV9wgHrBBz55OoJm6MXuFZzMsj62c49
VoV4x/FC7mrj1jQbGml0rDtsTDm9xVbuxrGuHb3yJBxnZhJ7gf9tlTWVeUtCIfk+
3QUUVhEFtSzUIv6Xpsgb2SZ527yMiOKyjZo1hs8ZFJlT
-----END CERTIFICATE-----
Generated at Mon Nov 3 21:51:00 2025 by rpki-client