Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/COurHBmKxKzA2XaP35V0TKv22j8.roa
File: COurHBmKxKzA2XaP35V0TKv22j8.roa (raw, json)
Hash identifier: mOJRDgA4eGDtP6pug7iu4FVIpAjMDZJckmCB6cKfpOc=
Subject key identifier: 08:EB:AB:1C:19:8A:C4:AC:C0:D9:76:8F:DF:95:74:4C:AB:F6:DA:3F
Certificate issuer: /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Certificate serial: 01990B173DD2C57B76F9CB1DA26B0C9B36B3
Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/COurHBmKxKzA2XaP35V0TKv22j8.roa
Signing time: Tue 02 Sep 2025 15:41:36 +0000
ROA not before: Tue 02 Sep 2025 15:41:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43180
IP address blocks: 91.239.77.0/24 maxlen: 24
213.111.157.0/24 maxlen: 24
213.111.158.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0b:17:3d:d2:c5:7b:76:f9:cb:1d:a2:6b:0c:9b:36:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Validity
Not Before: Sep 2 15:41:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08ebab1c198ac4acc0d9768fdf95744cabf6da3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4b:5c:32:9d:7f:bf:f7:32:89:9e:5a:f1:bc:
ea:71:df:46:74:4a:d7:79:b4:ea:ec:42:05:fc:91:
d9:b7:ba:99:53:b7:0e:bb:9c:f2:d8:ff:e6:aa:c9:
1e:80:5a:eb:9f:22:ae:d1:5c:d5:7a:b6:68:6e:e2:
11:fa:bc:42:cc:70:11:6d:8e:18:40:5f:25:4e:a9:
57:5b:9d:36:55:d0:fd:aa:9e:02:e8:e9:ea:00:07:
79:48:f5:3d:35:07:59:1c:71:05:fd:a5:7f:c6:ed:
89:11:ed:c2:cd:3f:d3:5c:8b:7f:19:5e:65:9b:02:
ab:2e:48:f8:9d:11:17:e3:24:f6:3a:17:e2:26:5c:
b3:04:d4:f5:e5:5e:92:3b:e0:8e:3a:7c:6a:f8:6e:
b5:6d:3d:80:89:6f:c0:db:03:51:c1:b5:8a:d9:7c:
19:e4:80:92:11:3b:e8:33:f8:aa:f2:f1:c1:3f:63:
13:bd:a9:6e:6f:af:ae:83:d3:03:01:74:55:a0:4e:
54:33:12:52:b5:d1:37:ad:76:a2:17:4a:59:3f:c8:
04:fd:11:34:25:d3:fc:44:85:3d:bd:cf:93:a3:40:
d3:ec:1c:35:73:6b:40:a3:84:ac:a4:5f:10:30:41:
e1:12:f8:9a:44:af:04:fb:d0:a4:0e:f8:9b:ed:c4:
21:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EB:AB:1C:19:8A:C4:AC:C0:D9:76:8F:DF:95:74:4C:AB:F6:DA:3F
X509v3 Authority Key Identifier:
keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/COurHBmKxKzA2XaP35V0TKv22j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.77.0/24
213.111.157.0-213.111.159.255
Signature Algorithm: sha256WithRSAEncryption
05:3e:95:77:f6:9f:08:a7:5b:0d:bd:f6:1f:4a:25:ed:25:17:
2a:e5:25:8a:c0:41:bb:50:d0:5f:e7:a8:00:05:4b:b3:7a:51:
bb:45:fe:6a:24:9d:3f:db:f4:d7:7a:d7:2b:c6:47:b1:d7:ba:
07:d8:7e:06:88:e8:f8:16:b2:b8:54:b3:3c:dc:99:97:4b:57:
9a:ac:e1:c6:f6:ce:1a:6c:14:5d:3a:49:7b:a2:8d:1f:f9:ed:
8b:75:8a:ac:d5:52:2f:d6:5a:a4:f0:a3:b5:1f:e5:d6:cc:2a:
d0:5b:21:72:9b:38:a8:ec:79:20:9e:fc:58:d2:d7:34:39:8a:
d3:be:a0:60:14:8a:78:98:8f:97:9a:1b:e4:43:4d:0e:d5:30:
ff:be:d4:ff:3c:bf:cb:88:1d:ce:61:b1:c4:d8:4a:3e:92:17:
a7:76:ce:ee:51:77:1b:ab:d4:87:b5:6c:3c:2d:93:e6:1d:a0:
e9:e1:50:9d:ad:45:2f:fb:7c:10:72:37:e2:e6:18:eb:0f:bf:
97:d3:48:b7:06:54:08:b0:3c:c8:86:ae:b5:3d:0a:84:ba:3b:
cb:df:fa:72:28:2a:5a:c0:1e:9c:c0:88:87:7f:7e:9a:11:13:
76:4d:be:75:87:c0:88:dd:50:23:b8:69:52:dc:9b:d1:9a:f3:
96:00:b6:f0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZkLFz3SxXt2+csdomsMmzazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl
YmM3MGQwHhcNMjUwOTAyMTU0MTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGViYWIxYzE5OGFjNGFjYzBkOTc2OGZkZjk1NzQ0Y2FiZjZkYTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEtcMp1/v/cyiZ5a8bzqcd9GdErX
ebTq7EIF/JHZt7qZU7cOu5zy2P/mqskegFrrnyKu0VzVerZobuIR+rxCzHARbY4Y
QF8lTqlXW502VdD9qp4C6OnqAAd5SPU9NQdZHHEF/aV/xu2JEe3CzT/TXIt/GV5l
mwKrLkj4nREX4yT2OhfiJlyzBNT15V6SO+COOnxq+G61bT2AiW/A2wNRwbWK2XwZ
5ICSETvoM/iq8vHBP2MTvalub6+ug9MDAXRVoE5UMxJStdE3rXaiF0pZP8gE/RE0
JdP8RIU9vc+To0DT7Bw1c2tAo4SspF8QMEHhEviaRK8E+9CkDvib7cQhbQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAjrqxwZisSswNl2j9+VdEyr9to/MB8GA1UdIwQY
MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt
MDg3M2UzOTk0ZDBlLzEvQ091ckhCbUt4S3pBMlhhUDM1VjBUS3YyMmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl
LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW+9NMAwD
BADVb50DBAXVb4AwDQYJKoZIhvcNAQELBQADggEBAAU+lXf2nwinWw299h9KJe0l
FyrlJYrAQbtQ0F/nqAAFS7N6UbtF/moknT/b9Nd61yvGR7HXugfYfgaI6PgWsrhU
szzcmZdLV5qs4cb2zhpsFF06SXuijR/57Yt1iqzVUi/WWqTwo7Uf5dbMKtBbIXKb
OKjseSCe/FjS1zQ5itO+oGAUiniYj5eaG+RDTQ7VMP++1P88v8uIHc5hscTYSj6S
F6d2zu5Rdxur1Ie1bDwtk+YdoOnhUJ2tRS/7fBByN+LmGOsPv5fTSLcGVAiwPMiG
rrU9CoS6O8vf+nIoKlrAHpzAiId/fpoRE3ZNvnWHwIjdUCO4aVLcm9Ga85YAtvA=
-----END CERTIFICATE-----
Generated at Wed Sep 10 00:47:39 2025 by rpki-client