Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/P67W-sp0mORZMv4IJYWq4ebl3DI.roa
File: P67W-sp0mORZMv4IJYWq4ebl3DI.roa (raw, json)
Hash identifier: 1jNCeGYTIsfay6y/1fIn4OYexq/lwmYvxij2ON0v7bU=
Subject key identifier: 3F:AE:D6:FA:CA:74:98:E4:59:32:FE:08:25:85:AA:E1:E6:E5:DC:32
Certificate issuer: /CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Certificate serial: 0198E0BB3E4C141C4501E122B90674EA0056
Authority key identifier: 87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/P67W-sp0mORZMv4IJYWq4ebl3DI.roa
Signing time: Mon 25 Aug 2025 10:17:04 +0000
ROA not before: Mon 25 Aug 2025 10:17:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210275
IP address blocks: 83.229.65.0/24 maxlen: 24
152.114.228.0/22 maxlen: 24
176.105.148.0/22 maxlen: 24
185.35.78.0/23 maxlen: 24
185.169.32.0/22 maxlen: 24
185.169.33.0/24 maxlen: 24
2a13:2400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 22:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e0:bb:3e:4c:14:1c:45:01:e1:22:b9:06:74:ea:00:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Validity
Not Before: Aug 25 10:17:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3faed6faca7498e45932fe082585aae1e6e5dc32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:12:fc:e7:90:7d:fb:ac:f9:43:c6:71:47:
47:7b:5d:6a:80:12:00:5a:4b:88:b8:d8:ee:a9:72:
52:14:64:67:b1:1b:43:47:79:4a:d6:9d:47:41:50:
b3:1c:73:81:35:c3:c3:3a:41:2a:85:47:e1:1d:59:
0d:ba:b3:0f:70:c9:64:11:47:e1:57:5b:56:fa:95:
2b:b8:a4:5d:d3:ca:7c:0e:6a:85:6b:eb:ec:52:99:
3d:48:1e:bc:b2:2e:97:f9:28:ea:27:fa:8f:1b:d5:
1f:9d:d4:62:0f:c6:64:d2:c9:7a:4c:58:4b:03:2b:
5c:c1:8a:a7:79:5b:04:1a:62:c8:f9:f3:a5:b1:5f:
dd:15:f9:7c:d5:21:bd:f4:4f:47:2d:f2:2b:f8:28:
1a:fe:07:ab:93:59:0c:00:e2:c9:75:66:e1:d0:7b:
73:3a:74:98:8f:97:af:e3:07:a9:a8:d4:7c:f9:47:
15:51:79:7a:aa:0a:2d:92:2e:36:c1:10:4a:a4:2c:
00:1e:c4:0a:22:d4:9f:90:0a:27:9c:89:d8:a1:7c:
5d:93:37:67:a5:13:65:ec:87:ac:22:d6:85:31:5e:
91:20:14:ac:1f:36:d2:25:d2:cf:5d:ad:ac:68:a7:
f8:03:97:0f:09:8e:96:c6:76:58:cd:8e:fa:1f:2f:
14:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:AE:D6:FA:CA:74:98:E4:59:32:FE:08:25:85:AA:E1:E6:E5:DC:32
X509v3 Authority Key Identifier:
keyid:87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/P67W-sp0mORZMv4IJYWq4ebl3DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.65.0/24
152.114.228.0/22
176.105.148.0/22
185.35.78.0/23
185.169.32.0/22
IPv6:
2a13:2400::/29
Signature Algorithm: sha256WithRSAEncryption
4d:cb:bb:af:2d:9c:9b:74:1e:c7:1f:dd:09:1c:a6:74:fc:d6:
89:e5:a7:3c:9c:84:9f:6e:76:31:34:b4:3d:91:da:c8:ad:a7:
7d:cb:48:59:2d:31:f6:e0:44:8a:f4:0b:f9:ce:c0:9a:2d:86:
50:9f:70:1d:73:09:32:60:e7:93:33:a5:12:e1:a1:1d:c5:48:
e3:c7:be:61:96:c2:89:13:60:f2:a6:da:e4:44:a8:54:d7:95:
f7:63:2e:6c:7a:0c:d8:64:e0:c3:8f:c3:e7:04:47:7e:ff:9f:
dc:57:cb:7e:f9:c3:f9:04:61:c2:0a:44:d5:6d:72:f5:65:6a:
10:d9:86:82:e3:0c:7d:f0:16:bd:86:75:87:48:92:d9:7c:cd:
9b:3b:04:60:ba:87:db:63:4b:55:71:5b:2c:94:e0:d2:5c:7c:
fc:a4:2d:eb:54:fd:cc:a4:c4:d6:62:9c:78:92:c5:3f:9f:1c:
02:99:3f:89:88:53:f5:f4:65:aa:cf:f8:51:a8:a2:bc:39:57:
17:f2:87:0c:02:4d:6d:58:91:7b:09:2e:35:ec:2a:6f:bc:70:
c8:94:60:2b:57:62:1d:44:f5:fc:b6:55:e1:b7:81:58:2e:09:
c1:70:2b:fe:55:f4:a8:18:85:c6:dd:cb:b5:4a:11:f3:48:07:
45:00:c0:09
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZjguz5MFBxFAeEiuQZ06gBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZTk2NWU3ODgzMWE4OGJhOGZhNDE5NDMyYTlkN2JhYzlk
YjM4YTMwHhcNMjUwODI1MTAxNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmFlZDZmYWNhNzQ5OGU0NTkzMmZlMDgyNTg1YWFlMWU2ZTVkYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwkS/OeQffus+UPGcUdHe11qgBIA
WkuIuNjuqXJSFGRnsRtDR3lK1p1HQVCzHHOBNcPDOkEqhUfhHVkNurMPcMlkEUfh
V1tW+pUruKRd08p8DmqFa+vsUpk9SB68si6X+SjqJ/qPG9UfndRiD8Zk0sl6TFhL
AytcwYqneVsEGmLI+fOlsV/dFfl81SG99E9HLfIr+Cga/gerk1kMAOLJdWbh0Htz
OnSYj5ev4wepqNR8+UcVUXl6qgotki42wRBKpCwAHsQKItSfkAonnInYoXxdkzdn
pRNl7IesItaFMV6RIBSsHzbSJdLPXa2saKf4A5cPCY6WxnZYzY76Hy8UFQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFD+u1vrKdJjkWTL+CCWFquHm5dwyMB8GA1UdIwQY
MBaAFIfpZeeIMaiLqPpBlDKp17rJ2zijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQt
Y2VlM2I0OTI5MDJlLzEvUDY3Vy1zcDBtT1JaTXY0SUpZV3E0ZWJsM0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQtY2VlM2I0OTI5MDJl
LzEvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAU+VBAwQC
mHLkAwQCsGmUAwQBuSNOAwQCuakgMA0EAgACMAcDBQMqEyQAMA0GCSqGSIb3DQEB
CwUAA4IBAQBNy7uvLZybdB7HH90JHKZ0/NaJ5ac8nISfbnYxNLQ9kdrIrad9y0hZ
LTH24ESK9Av5zsCaLYZQn3AdcwkyYOeTM6US4aEdxUjjx75hlsKJE2DyptrkRKhU
15X3Yy5segzYZODDj8PnBEd+/5/cV8t++cP5BGHCCkTVbXL1ZWoQ2YaC4wx98Ba9
hnWHSJLZfM2bOwRguofbY0tVcVsslODSXHz8pC3rVP3MpMTWYpx4ksU/nxwCmT+J
iFP19GWqz/hRqKK8OVcX8ocMAk1tWJF7CS417CpvvHDIlGArV2IdRPX8tlXht4FY
LgnBcCv+VfSoGIXG3cu1ShHzSAdFAMAJ
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:41:15 2025 by rpki-client