Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/b6FcRNX7XsUjrp_KvsdQmPN64w8.roa
File: b6FcRNX7XsUjrp_KvsdQmPN64w8.roa (raw, json)
Hash identifier: GVPLJgY6O9ecyKKO4fYSe4zA+PN70li9WJFB02NFBmM=
Subject key identifier: 6F:A1:5C:44:D5:FB:5E:C5:23:AE:9F:CA:BE:C7:50:98:F3:7A:E3:0F
Certificate issuer: /CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Certificate serial: 0198E252A7CDCBAB643E1A90CA8589663A41
Authority key identifier: 96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/b6FcRNX7XsUjrp_KvsdQmPN64w8.roa
Signing time: Mon 25 Aug 2025 17:42:04 +0000
ROA not before: Mon 25 Aug 2025 17:42:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206164
IP address blocks: 85.203.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e2:52:a7:cd:cb:ab:64:3e:1a:90:ca:85:89:66:3a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Validity
Not Before: Aug 25 17:42:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fa15c44d5fb5ec523ae9fcabec75098f37ae30f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e4:9e:e0:0d:f1:e3:27:40:a0:ed:ca:64:38:
dc:bc:07:ef:55:00:a3:7e:b9:79:f8:f9:4b:e3:02:
5a:d9:bf:c6:ca:d1:23:b5:76:d2:e2:03:d0:af:c9:
1b:94:7c:12:1b:af:d0:87:69:e0:c6:f1:8a:93:bb:
0a:99:c3:39:28:c7:45:33:7a:3e:d9:65:71:51:9f:
0e:da:26:96:40:67:46:79:8f:00:c2:b3:a8:b0:fa:
a9:d2:fc:e7:a7:38:a6:c7:ad:a7:67:a4:93:24:0c:
ba:36:0e:5a:fa:4d:5f:f9:87:93:2d:b9:18:7b:45:
01:47:56:db:76:c6:e5:14:22:8a:48:37:7c:7d:b4:
95:86:9e:e6:9d:28:52:d3:b9:9d:df:25:57:1c:df:
86:0b:1d:1d:2e:8f:3a:fe:98:5f:07:d8:14:4d:c4:
0e:f3:ce:18:77:8d:cb:e3:cb:62:01:59:4e:f0:70:
9b:5a:ea:73:36:31:b6:19:f3:d9:22:7b:78:e9:fb:
0a:c1:d5:60:9c:51:98:8c:33:af:7f:3a:bc:87:0b:
6e:f6:b4:20:f0:99:1d:3e:12:06:17:25:b0:d7:59:
ed:aa:31:02:b0:dc:6b:d0:f3:be:d8:f0:d3:d6:25:
58:83:d1:25:07:69:9b:d8:cf:3a:97:7b:63:7f:42:
7d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A1:5C:44:D5:FB:5E:C5:23:AE:9F:CA:BE:C7:50:98:F3:7A:E3:0F
X509v3 Authority Key Identifier:
keyid:96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/b6FcRNX7XsUjrp_KvsdQmPN64w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.37.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ee:97:d2:e2:2a:f5:31:44:48:19:d9:15:d3:3b:6a:79:b2:
5c:5a:c2:f7:78:1a:65:a5:ff:61:33:cb:75:e7:94:c4:d1:c9:
39:f9:67:1b:a0:07:4d:c3:7c:9e:a2:df:b4:e6:e1:86:f3:7c:
a2:f1:9c:02:9e:3d:bc:23:1b:18:05:47:7b:d6:3b:e7:62:83:
1f:32:ca:8f:d7:2c:86:c2:80:aa:c3:87:4a:43:65:30:98:e5:
50:84:ca:eb:8d:46:00:c5:2b:83:e9:9a:00:ab:6a:c1:eb:df:
05:14:fb:d5:b6:6f:b7:65:ba:be:b5:ea:4a:95:d5:df:7d:bd:
88:96:05:94:76:a9:29:ca:c6:94:98:ae:16:4d:1c:3d:8b:50:
92:d2:f8:d7:fa:ef:01:52:32:a7:90:6c:08:25:d1:a9:0f:8d:
ea:c8:69:a4:09:59:a4:d6:a3:7b:b8:db:11:c9:fd:67:c9:05:
c3:92:d6:2e:a2:e1:8e:31:7c:22:bc:43:fd:07:7e:7b:c5:88:
dc:e8:bb:53:51:d5:86:ec:34:38:b0:e4:94:25:8b:56:6e:1f:
ef:49:02:04:dc:3d:b6:60:b4:a4:15:04:16:41:41:ea:d3:ec:
0d:63:25:78:97:26:1c:1c:a8:90:0c:6f:24:7a:c4:c4:9f:f9:
bb:d4:03:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjiUqfNy6tkPhqQyoWJZjpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmJkNzZhNWNhYzI4M2VjZTBhMGY4ZWFiMmM5NzAyMTQw
MWZiODkwHhcNMjUwODI1MTc0MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmExNWM0NGQ1ZmI1ZWM1MjNhZTlmY2FiZWM3NTA5OGYzN2FlMzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeSe4A3x4ydAoO3KZDjcvAfvVQCj
frl5+PlL4wJa2b/GytEjtXbS4gPQr8kblHwSG6/Qh2ngxvGKk7sKmcM5KMdFM3o+
2WVxUZ8O2iaWQGdGeY8AwrOosPqp0vznpzimx62nZ6STJAy6Ng5a+k1f+YeTLbkY
e0UBR1bbdsblFCKKSDd8fbSVhp7mnShS07md3yVXHN+GCx0dLo86/phfB9gUTcQO
884Yd43L48tiAVlO8HCbWupzNjG2GfPZInt46fsKwdVgnFGYjDOvfzq8hwtu9rQg
8JkdPhIGFyWw11ntqjECsNxr0PO+2PDT1iVYg9ElB2mb2M86l3tjf0J9LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+hXETV+17FI66fyr7HUJjzeuMPMB8GA1UdIwQY
MBaAFJYr12pcrCg+zgoPjqsslwIUAfuJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMt
NmFiMTExNTVmNmZiLzEvYjZGY1JOWDdYc1VqcnBfS3ZzZFFtUE42NHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMtNmFiMTExNTVmNmZi
LzEvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcslMA0G
CSqGSIb3DQEBCwUAA4IBAQCB7pfS4ir1MURIGdkV0ztqebJcWsL3eBplpf9hM8t1
55TE0ck5+WcboAdNw3yeot+05uGG83yi8ZwCnj28IxsYBUd71jvnYoMfMsqP1yyG
woCqw4dKQ2UwmOVQhMrrjUYAxSuD6ZoAq2rB698FFPvVtm+3Zbq+tepKldXffb2I
lgWUdqkpysaUmK4WTRw9i1CS0vjX+u8BUjKnkGwIJdGpD43qyGmkCVmk1qN7uNsR
yf1nyQXDktYuouGOMXwivEP9B357xYjc6LtTUdWG7DQ4sOSUJYtWbh/vSQIE3D22
YLSkFQQWQUHq0+wNYyV4lyYcHKiQDG8kesTEn/m71ANE
-----END CERTIFICATE-----
Generated at Sat Sep 6 07:32:39 2025 by rpki-client