Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/BffCIhRumIf23j4KUVM6Jsy3kfA.roa
File: BffCIhRumIf23j4KUVM6Jsy3kfA.roa (raw, json)
Hash identifier: PqvhKnUp58OF2UCOQS1QMhDarSDGbuKqzo/oQf0jV9g=
Subject key identifier: 05:F7:C2:22:14:6E:98:87:F6:DE:3E:0A:51:53:3A:26:CC:B7:91:F0
Certificate issuer: /CN=8eb2f81b8c47c2b588f451d4037c6837870b397f
Certificate serial: 019A59FD5C61E3852B350CB8F869885B8134
Authority key identifier: 8E:B2:F8:1B:8C:47:C2:B5:88:F4:51:D4:03:7C:68:37:87:0B:39:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrL4G4xHwrWI9FHUA3xoN4cLOX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/BffCIhRumIf23j4KUVM6Jsy3kfA.roa
Signing time: Thu 06 Nov 2025 16:26:07 +0000
ROA not before: Thu 06 Nov 2025 16:26:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59639
IP address blocks: 91.199.199.0/24 maxlen: 24
193.200.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/jrL4G4xHwrWI9FHUA3xoN4cLOX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/jrL4G4xHwrWI9FHUA3xoN4cLOX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrL4G4xHwrWI9FHUA3xoN4cLOX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:59:fd:5c:61:e3:85:2b:35:0c:b8:f8:69:88:5b:81:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb2f81b8c47c2b588f451d4037c6837870b397f
Validity
Not Before: Nov 6 16:26:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05f7c222146e9887f6de3e0a51533a26ccb791f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:84:e6:2f:6b:d9:8a:a1:18:7e:58:4f:e2:33:
7b:e0:1f:7d:9d:20:ef:44:37:89:96:41:ba:cb:cc:
3c:48:ef:af:e9:7d:71:3b:3a:cb:aa:e6:94:43:e0:
d8:15:64:b2:35:50:5e:d3:73:d6:27:97:23:f6:8a:
09:52:c3:b1:6e:26:7c:fd:98:48:e0:bc:d0:90:f9:
ab:52:75:a7:b9:e5:5e:11:4c:ba:20:83:a9:bd:77:
b7:01:54:d5:56:b4:fc:08:20:ed:73:05:bb:04:9a:
8f:a0:c8:26:ed:01:67:73:55:75:f7:cc:b6:7c:2c:
dc:f1:c6:f5:35:80:3e:86:97:ac:ea:02:2e:1d:79:
cc:01:72:b0:99:bf:2e:e9:33:ed:ff:9a:1c:74:46:
c4:5f:94:9e:61:a3:39:91:f2:71:33:f6:dc:0e:90:
1a:23:f3:03:d3:b9:04:da:ca:e8:6b:0d:10:40:4a:
cb:4a:fa:a2:43:68:b2:8e:1b:82:24:47:81:fc:cd:
d1:c0:55:df:2e:54:2c:a9:16:9a:dd:d6:13:08:7a:
b2:28:f1:8d:20:c5:1e:b3:f4:c1:14:b3:83:95:0c:
aa:a6:b3:0c:1f:00:bd:31:d3:cd:c2:10:fe:05:e7:
c8:1b:31:de:c0:6a:18:ca:7e:25:96:38:74:7b:62:
85:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F7:C2:22:14:6E:98:87:F6:DE:3E:0A:51:53:3A:26:CC:B7:91:F0
X509v3 Authority Key Identifier:
keyid:8E:B2:F8:1B:8C:47:C2:B5:88:F4:51:D4:03:7C:68:37:87:0B:39:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrL4G4xHwrWI9FHUA3xoN4cLOX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/BffCIhRumIf23j4KUVM6Jsy3kfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/jrL4G4xHwrWI9FHUA3xoN4cLOX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.199.0/24
193.200.89.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ff:91:a6:75:03:2d:dd:99:e3:ad:65:b5:93:aa:7a:91:72:
ba:a1:bf:7e:bf:7f:93:6e:9e:86:04:c3:8c:d0:be:e6:a4:04:
c4:c1:1b:91:fc:12:61:e1:e8:69:98:ba:1f:57:5a:06:a4:65:
23:b8:24:07:00:d7:18:02:29:80:ce:a1:c6:e8:76:84:75:8f:
47:9d:ff:df:d3:3f:2a:67:bb:4f:8e:65:14:4c:a5:a3:22:0d:
2f:79:cd:f9:f5:e9:aa:4d:1e:50:44:56:09:ec:46:ac:a0:03:
3f:1c:3f:22:86:65:50:d2:b1:f5:90:1f:3a:3c:7b:49:c3:d1:
6e:86:cb:89:94:cc:7c:c0:9d:04:f5:2e:5f:7f:29:0b:ee:61:
e2:26:97:38:c8:76:ab:43:97:11:1b:97:87:26:40:40:85:d7:
dc:be:71:a4:aa:b7:82:c8:42:a2:d4:de:9c:20:54:36:6c:6a:
8e:06:fb:c6:6c:c5:0a:bf:33:1c:7c:ec:61:7c:b0:75:d5:cc:
10:62:ac:a3:8b:f6:8f:9e:38:fa:78:d8:70:98:51:6a:80:2a:
90:e2:2f:c9:fc:fb:36:17:e5:21:b9:0b:02:c6:b9:eb:4d:d0:
86:cf:07:86:44:a3:65:cd:dd:ec:12:ad:57:55:53:cf:c6:f1:
8d:aa:7f:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpZ/Vxh44UrNQy4+GmIW4E0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjJmODFiOGM0N2MyYjU4OGY0NTFkNDAzN2M2ODM3ODcw
YjM5N2YwHhcNMjUxMTA2MTYyNjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWY3YzIyMjE0NmU5ODg3ZjZkZTNlMGE1MTUzM2EyNmNjYjc5MWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYTmL2vZiqEYflhP4jN74B99nSDv
RDeJlkG6y8w8SO+v6X1xOzrLquaUQ+DYFWSyNVBe03PWJ5cj9ooJUsOxbiZ8/ZhI
4LzQkPmrUnWnueVeEUy6IIOpvXe3AVTVVrT8CCDtcwW7BJqPoMgm7QFnc1V198y2
fCzc8cb1NYA+hpes6gIuHXnMAXKwmb8u6TPt/5ocdEbEX5SeYaM5kfJxM/bcDpAa
I/MD07kE2sroaw0QQErLSvqiQ2iyjhuCJEeB/M3RwFXfLlQsqRaa3dYTCHqyKPGN
IMUes/TBFLODlQyqprMMHwC9MdPNwhD+BefIGzHewGoYyn4lljh0e2KFowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAX3wiIUbpiH9t4+ClFTOibMt5HwMB8GA1UdIwQY
MBaAFI6y+BuMR8K1iPRR1AN8aDeHCzl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJMNEc0eEh3cldJOUZIVUEzeG9ONGNMT1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS85ZTFmNDYtODAyYi00OWQxLTkxYjgt
NDgzZmM5MDcwOGQ1LzEvQmZmQ0loUnVtSWYyM2o0S1VWTTZKc3kza2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS85ZTFmNDYtODAyYi00OWQxLTkxYjgtNDgzZmM5MDcwOGQ1
LzEvanJMNEc0eEh3cldJOUZIVUEzeG9ONGNMT1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8fHAwQA
wchZMA0GCSqGSIb3DQEBCwUAA4IBAQBo/5GmdQMt3ZnjrWW1k6p6kXK6ob9+v3+T
bp6GBMOM0L7mpATEwRuR/BJh4ehpmLofV1oGpGUjuCQHANcYAimAzqHG6HaEdY9H
nf/f0z8qZ7tPjmUUTKWjIg0vec359emqTR5QRFYJ7EasoAM/HD8ihmVQ0rH1kB86
PHtJw9FuhsuJlMx8wJ0E9S5ffykL7mHiJpc4yHarQ5cRG5eHJkBAhdfcvnGkqreC
yEKi1N6cIFQ2bGqOBvvGbMUKvzMcfOxhfLB11cwQYqyji/aPnjj6eNhwmFFqgCqQ
4i/J/Ps2F+UhuQsCxrnrTdCGzweGRKNlzd3sEq1XVVPPxvGNqn8W
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:30 2025 by rpki-client