Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/xGUXIbAREMv-V1pysPMGqJPyYrQ.roa
File: xGUXIbAREMv-V1pysPMGqJPyYrQ.roa (raw, json)
Hash identifier: 8GaytT9yxWXHKMLSPliggwp+AhOIaRE5tpGj4v/Bs/c=
Subject key identifier: C4:65:17:21:B0:11:10:CB:FE:57:5A:72:B0:F3:06:A8:93:F2:62:B4
Certificate issuer: /CN=237084712fdebb1bfc5a8c0262d919a8aa440603
Certificate serial: 019744B2CC22F98D40688E5B06B5E3F3F82C
Authority key identifier: 23:70:84:71:2F:DE:BB:1B:FC:5A:8C:02:62:D9:19:A8:AA:44:06:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3CEcS_euxv8WowCYtkZqKpEBgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/xGUXIbAREMv-V1pysPMGqJPyYrQ.roa
Signing time: Fri 06 Jun 2025 10:04:17 +0000
ROA not before: Fri 06 Jun 2025 10:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41201
IP address blocks: 87.199.0.0/16 maxlen: 32
87.199.0.0/17 maxlen: 32
87.199.0.0/24 maxlen: 24
87.199.1.0/24 maxlen: 24
87.199.2.0/24 maxlen: 24
87.199.3.0/24 maxlen: 24
87.199.4.0/24 maxlen: 24
87.199.5.0/24 maxlen: 24
87.199.6.0/24 maxlen: 24
87.199.7.0/24 maxlen: 24
87.199.8.0/24 maxlen: 24
87.199.9.0/24 maxlen: 24
87.199.10.0/24 maxlen: 24
87.199.11.0/24 maxlen: 24
87.199.12.0/24 maxlen: 24
87.199.13.0/24 maxlen: 24
87.199.14.0/24 maxlen: 24
87.199.15.0/24 maxlen: 24
87.199.16.0/24 maxlen: 24
87.199.17.0/24 maxlen: 24
87.199.18.0/24 maxlen: 24
87.199.19.0/24 maxlen: 24
87.199.20.0/24 maxlen: 24
87.199.21.0/24 maxlen: 24
87.199.22.0/24 maxlen: 24
87.199.23.0/24 maxlen: 24
87.199.24.0/24 maxlen: 24
87.199.25.0/24 maxlen: 24
87.199.26.0/24 maxlen: 24
87.199.27.0/24 maxlen: 24
87.199.28.0/24 maxlen: 24
87.199.29.0/24 maxlen: 24
87.199.30.0/24 maxlen: 24
87.199.31.0/24 maxlen: 24
87.199.32.0/24 maxlen: 24
87.199.33.0/24 maxlen: 24
87.199.34.0/24 maxlen: 24
87.199.35.0/24 maxlen: 24
87.199.36.0/24 maxlen: 24
87.199.37.0/24 maxlen: 24
87.199.38.0/24 maxlen: 24
87.199.39.0/24 maxlen: 24
87.199.40.0/24 maxlen: 24
87.199.41.0/24 maxlen: 24
87.199.42.0/24 maxlen: 24
87.199.43.0/24 maxlen: 24
87.199.44.0/24 maxlen: 24
87.199.45.0/24 maxlen: 24
87.199.46.0/24 maxlen: 24
87.199.47.0/24 maxlen: 24
87.199.48.0/24 maxlen: 24
87.199.49.0/24 maxlen: 24
87.199.50.0/24 maxlen: 24
87.199.51.0/24 maxlen: 24
87.199.52.0/24 maxlen: 24
87.199.53.0/24 maxlen: 24
87.199.54.0/24 maxlen: 24
87.199.55.0/24 maxlen: 24
87.199.56.0/24 maxlen: 24
87.199.57.0/24 maxlen: 24
87.199.58.0/24 maxlen: 24
87.199.59.0/24 maxlen: 24
87.199.60.0/24 maxlen: 24
87.199.61.0/24 maxlen: 24
87.199.62.0/24 maxlen: 24
87.199.63.0/24 maxlen: 24
87.199.64.0/24 maxlen: 24
87.199.65.0/24 maxlen: 24
87.199.66.0/24 maxlen: 24
87.199.67.0/24 maxlen: 24
87.199.68.0/24 maxlen: 24
87.199.69.0/24 maxlen: 24
87.199.70.0/24 maxlen: 24
87.199.71.0/24 maxlen: 24
87.199.72.0/24 maxlen: 24
87.199.73.0/24 maxlen: 24
87.199.74.0/24 maxlen: 24
87.199.75.0/24 maxlen: 24
87.199.76.0/24 maxlen: 24
87.199.77.0/24 maxlen: 24
87.199.78.0/24 maxlen: 24
87.199.79.0/24 maxlen: 24
87.199.80.0/24 maxlen: 24
87.199.81.0/24 maxlen: 24
87.199.82.0/24 maxlen: 24
87.199.83.0/24 maxlen: 24
87.199.84.0/24 maxlen: 24
87.199.85.0/24 maxlen: 24
87.199.86.0/24 maxlen: 24
87.199.87.0/24 maxlen: 24
87.199.88.0/24 maxlen: 24
87.199.89.0/24 maxlen: 24
87.199.90.0/24 maxlen: 24
87.199.214.0/24 maxlen: 24
87.199.215.0/24 maxlen: 24
87.199.216.0/24 maxlen: 24
87.199.217.0/24 maxlen: 24
87.199.218.0/24 maxlen: 24
87.199.219.0/24 maxlen: 24
87.199.220.0/24 maxlen: 24
87.199.221.0/24 maxlen: 24
87.199.222.0/24 maxlen: 24
87.199.223.0/24 maxlen: 24
87.199.224.0/24 maxlen: 24
87.199.225.0/24 maxlen: 24
87.199.226.0/24 maxlen: 24
87.199.227.0/24 maxlen: 24
87.199.228.0/24 maxlen: 24
87.199.229.0/24 maxlen: 24
87.199.230.0/24 maxlen: 24
87.199.231.0/24 maxlen: 24
87.199.232.0/24 maxlen: 24
87.199.233.0/24 maxlen: 24
87.199.234.0/24 maxlen: 24
87.199.235.0/24 maxlen: 24
87.199.236.0/24 maxlen: 24
87.199.237.0/24 maxlen: 24
87.199.238.0/24 maxlen: 24
87.199.239.0/24 maxlen: 24
87.199.240.0/24 maxlen: 24
87.199.241.0/24 maxlen: 24
87.199.242.0/24 maxlen: 24
87.199.243.0/24 maxlen: 24
87.199.244.0/24 maxlen: 24
87.199.245.0/24 maxlen: 24
87.199.246.0/24 maxlen: 24
87.199.247.0/24 maxlen: 24
87.199.248.0/24 maxlen: 24
87.199.249.0/24 maxlen: 24
87.199.250.0/24 maxlen: 24
87.199.251.0/24 maxlen: 24
87.199.252.0/24 maxlen: 24
87.199.253.0/24 maxlen: 24
87.199.254.0/24 maxlen: 24
87.199.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/I3CEcS_euxv8WowCYtkZqKpEBgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/I3CEcS_euxv8WowCYtkZqKpEBgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/I3CEcS_euxv8WowCYtkZqKpEBgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 22:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:b2:cc:22:f9:8d:40:68:8e:5b:06:b5:e3:f3:f8:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237084712fdebb1bfc5a8c0262d919a8aa440603
Validity
Not Before: Jun 6 10:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4651721b01110cbfe575a72b0f306a893f262b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:9e:a3:90:07:2f:16:55:aa:07:22:7f:a9:
23:57:60:08:87:96:fe:fa:46:ea:a5:cf:13:bb:42:
5d:6b:aa:3e:f4:15:86:8a:7c:f0:7a:63:c1:fb:e8:
ac:53:20:0b:47:58:e4:9f:1b:c2:f0:61:85:50:f6:
1d:32:01:a8:a5:35:74:ac:cb:a9:67:7d:fb:a8:d5:
0f:df:86:87:b6:d9:34:a6:4a:d1:b2:17:c8:06:0d:
4e:2a:7c:35:8f:38:10:06:56:ec:36:a0:b8:f1:13:
44:4e:ec:0b:9a:7f:6a:ca:3a:29:42:e3:e0:50:ef:
c0:64:c9:81:c8:0b:2b:04:18:8a:05:4b:61:d3:31:
91:cf:30:05:3e:63:0a:c5:53:bd:30:9b:34:f7:03:
7c:41:69:26:df:df:31:d7:b5:ad:29:10:67:3e:c2:
14:0c:97:1e:b3:9f:7d:86:5c:81:e9:18:45:41:4e:
68:53:c3:65:6c:ea:6c:0e:c6:42:da:8b:0b:9e:bd:
7c:48:35:5e:18:e1:5a:87:76:ed:a1:cd:fb:66:92:
24:e6:72:58:42:de:cb:76:bf:25:00:b2:a7:ff:35:
7c:ca:7e:ad:0f:e3:32:01:5b:0b:31:1c:79:82:be:
34:46:60:b3:73:8a:93:c5:a1:32:36:8a:16:45:32:
5d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:65:17:21:B0:11:10:CB:FE:57:5A:72:B0:F3:06:A8:93:F2:62:B4
X509v3 Authority Key Identifier:
keyid:23:70:84:71:2F:DE:BB:1B:FC:5A:8C:02:62:D9:19:A8:AA:44:06:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3CEcS_euxv8WowCYtkZqKpEBgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/xGUXIbAREMv-V1pysPMGqJPyYrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/I3CEcS_euxv8WowCYtkZqKpEBgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.199.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:2c:f3:e5:d6:ab:a1:2e:24:40:8c:fe:03:54:fd:b4:e0:78:
7a:8c:d1:b8:37:36:01:29:e2:b9:be:46:04:80:8b:44:75:14:
77:86:46:3e:39:22:03:89:8c:ab:50:c5:c3:b4:a2:61:ce:c6:
4b:8b:f0:53:93:5c:8f:c2:8e:c2:a8:2c:d6:71:84:34:bd:09:
41:23:6b:2d:ac:cd:74:de:9b:93:1c:3b:fa:4d:43:1e:7e:aa:
dc:05:7a:2b:17:dd:b7:a8:26:bd:2d:ad:22:95:07:02:8a:3a:
fa:ac:16:e6:ba:52:a8:35:f9:c9:68:b9:96:7f:c1:c6:c2:e1:
be:61:63:14:68:ce:c8:76:94:5b:e1:d6:9f:18:ff:36:49:d8:
0b:8c:73:b6:06:52:1a:7d:e2:fd:a9:af:df:53:3c:a8:5f:94:
5d:81:54:e4:38:70:9a:00:af:0f:ef:81:a4:9e:56:6c:24:91:
1b:16:10:bf:0e:bb:65:84:66:8a:b3:78:e5:cf:e9:0c:4b:49:
af:4a:0b:99:ca:9f:f8:51:38:26:89:67:20:a2:fd:85:a7:d5:
86:a2:ba:04:26:a2:f1:fa:b6:f7:f9:fd:89:b4:e3:1c:ed:7d:
42:7c:33:07:29:4a:d1:25:1b:ec:52:25:82:4b:d1:c9:47:55:
08:53:5f:ee
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZdEsswi+Y1AaI5bBrXj8/gsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzA4NDcxMmZkZWJiMWJmYzVhOGMwMjYyZDkxOWE4YWE0
NDA2MDMwHhcNMjUwNjA2MTAwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY1MTcyMWIwMTExMGNiZmU1NzVhNzJiMGYzMDZhODkzZjI2MmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLyeo5AHLxZVqgcif6kjV2AIh5b+
+kbqpc8Tu0Jda6o+9BWGinzwemPB++isUyALR1jknxvC8GGFUPYdMgGopTV0rMup
Z337qNUP34aHttk0pkrRshfIBg1OKnw1jzgQBlbsNqC48RNETuwLmn9qyjopQuPg
UO/AZMmByAsrBBiKBUth0zGRzzAFPmMKxVO9MJs09wN8QWkm398x17WtKRBnPsIU
DJces599hlyB6RhFQU5oU8NlbOpsDsZC2osLnr18SDVeGOFah3btoc37ZpIk5nJY
Qt7Ldr8lALKn/zV8yn6tD+MyAVsLMRx5gr40RmCzc4qTxaEyNooWRTJd0QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMRlFyGwERDL/ldacrDzBqiT8mK0MB8GA1UdIwQY
MBaAFCNwhHEv3rsb/FqMAmLZGaiqRAYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNDRWNTX2V1eHY4V293Q1l0a1pxS3BFQmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lN2U5ZWUtMTdkOC00ZTdlLWJjMjgt
N2UxMzI5ZTA1ZmY0LzEveEdVWEliQVJFTXYtVjFweXNQTUdxSlB5WXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lN2U5ZWUtMTdkOC00ZTdlLWJjMjgtN2UxMzI5ZTA1ZmY0
LzEvSTNDRWNTX2V1eHY4V293Q1l0a1pxS3BFQmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAV8cwDQYJ
KoZIhvcNAQELBQADggEBAG0s8+XWq6EuJECM/gNU/bTgeHqM0bg3NgEp4rm+RgSA
i0R1FHeGRj45IgOJjKtQxcO0omHOxkuL8FOTXI/CjsKoLNZxhDS9CUEjay2szXTe
m5McO/pNQx5+qtwFeisX3beoJr0trSKVBwKKOvqsFua6Uqg1+clouZZ/wcbC4b5h
YxRozsh2lFvh1p8Y/zZJ2AuMc7YGUhp94v2pr99TPKhflF2BVOQ4cJoArw/vgaSe
VmwkkRsWEL8Ou2WEZoqzeOXP6QxLSa9KC5nKn/hROCaJZyCi/YWn1YaiugQmovH6
tvf5/Ym04xztfUJ8MwcpStElG+xSJYJL0clHVQhTX+4=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:35:58 2025 by rpki-client