Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/58d060-98f2-4003-8ff1-d24c35dfac94/1/pkftKVVmiNveyWOcRoVjEB6YNJc.roa
File: pkftKVVmiNveyWOcRoVjEB6YNJc.roa (raw, json)
Hash identifier: yqLLWSLnILZmgFNtvkmzRb5dEu8dzji64doE8FAEeXg=
Subject key identifier: A6:47:ED:29:55:66:88:DB:DE:C9:63:9C:46:85:63:10:1E:98:34:97
Certificate issuer: /CN=6f7b35c08ba49301a6cc430ada9493ced7ed4218
Certificate serial: 0198F60FEF985878B4D0F2CB5081B7329BFF
Authority key identifier: 6F:7B:35:C0:8B:A4:93:01:A6:CC:43:0A:DA:94:93:CE:D7:ED:42:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3s1wIukkwGmzEMK2pSTztftQhg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/58d060-98f2-4003-8ff1-d24c35dfac94/1/pkftKVVmiNveyWOcRoVjEB6YNJc.roa
Signing time: Fri 29 Aug 2025 13:41:36 +0000
ROA not before: Fri 29 Aug 2025 13:41:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31144
IP address blocks: 217.118.240.0/20 maxlen: 20
217.118.242.0/24 maxlen: 24
217.118.244.0/24 maxlen: 24
217.118.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/58d060-98f2-4003-8ff1-d24c35dfac94/1/b3s1wIukkwGmzEMK2pSTztftQhg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/58d060-98f2-4003-8ff1-d24c35dfac94/1/b3s1wIukkwGmzEMK2pSTztftQhg.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3s1wIukkwGmzEMK2pSTztftQhg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 22:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f6:0f:ef:98:58:78:b4:d0:f2:cb:50:81:b7:32:9b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f7b35c08ba49301a6cc430ada9493ced7ed4218
Validity
Not Before: Aug 29 13:41:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a647ed29556688dbdec9639c468563101e983497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ca:14:cf:17:28:ff:59:58:5b:f8:c5:88:3c:
1e:b6:44:51:e2:20:a7:9b:f3:73:72:ed:77:5f:ee:
27:ce:ea:65:10:03:a1:60:fd:81:f6:a7:a1:88:ef:
c5:15:ee:75:52:94:eb:fd:5c:92:07:f4:d0:a0:c2:
59:e7:58:1e:37:62:1b:75:f9:67:73:71:aa:0e:57:
1b:8b:a2:21:43:f1:15:28:c8:6b:03:ff:a6:b7:3d:
b0:fe:ab:7d:4a:9d:01:fe:95:a9:91:c2:e2:d6:36:
02:6c:8d:bd:72:c0:18:36:c7:c7:2c:e6:e8:7a:93:
93:74:db:ce:53:50:0b:46:18:a8:f7:eb:27:07:3e:
a8:3d:64:a7:e6:fe:d2:83:fe:1e:74:4e:aa:3f:a6:
3b:a3:d1:bd:f3:cb:fa:69:06:3b:ce:d0:1e:c2:13:
a4:f7:21:fe:b5:bd:1f:17:cb:dc:aa:59:98:4a:ee:
44:a7:f0:7f:6c:ab:27:59:c7:3d:67:16:44:78:21:
87:b5:5f:04:52:72:d0:86:44:04:1a:fd:0f:3b:6d:
5a:fb:57:ff:e7:44:d5:46:3b:80:c0:2e:84:3e:42:
90:57:66:da:de:ce:c3:b0:e8:4c:c6:58:01:c2:d3:
9e:24:12:3c:26:29:84:84:0c:99:d1:91:7d:b5:49:
53:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:47:ED:29:55:66:88:DB:DE:C9:63:9C:46:85:63:10:1E:98:34:97
X509v3 Authority Key Identifier:
keyid:6F:7B:35:C0:8B:A4:93:01:A6:CC:43:0A:DA:94:93:CE:D7:ED:42:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3s1wIukkwGmzEMK2pSTztftQhg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/58d060-98f2-4003-8ff1-d24c35dfac94/1/pkftKVVmiNveyWOcRoVjEB6YNJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/58d060-98f2-4003-8ff1-d24c35dfac94/1/b3s1wIukkwGmzEMK2pSTztftQhg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
9e:55:ed:15:c8:73:e3:f8:44:a2:87:eb:93:7a:cc:d3:4a:11:
bc:bc:1d:f6:92:7d:a6:7e:c0:e2:ef:9f:3a:df:f3:61:3d:5e:
aa:95:a1:f5:62:eb:bd:4c:0a:bf:ca:4a:85:19:24:a8:ca:86:
1c:0d:8b:64:29:c4:e2:1b:ac:3f:ec:6f:af:52:99:74:ba:4d:
71:e8:99:2d:76:04:3a:7a:ea:12:5f:41:91:c4:d1:b7:6e:1f:
c3:9d:61:5d:3c:34:89:e9:69:18:2b:51:ef:33:7f:b2:af:40:
d6:e4:63:3b:28:08:60:c0:a5:0f:1f:5e:cc:d6:b6:e8:56:02:
4b:9a:cb:a9:7c:d6:2d:c5:dc:98:92:d3:ee:9c:0b:10:0c:d8:
e8:a2:ee:c4:38:4c:d1:7c:7f:54:43:c3:d7:fe:ae:24:37:23:
08:04:52:f8:0f:21:46:42:42:71:79:76:47:30:f9:1b:d3:c0:
27:ca:ad:cc:0e:af:0c:ff:fb:1c:76:d2:01:c1:4d:e0:04:7e:
08:02:11:70:0f:5d:7d:5c:51:79:b4:d5:54:28:27:28:36:f1:
e6:4e:aa:ec:c5:e5:29:1e:40:26:73:bf:e5:a9:1d:8d:dc:ed:
39:e7:4e:2d:ce:33:d1:f0:71:13:48:a3:83:e2:b3:25:5d:7f:
10:12:8e:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZj2D++YWHi00PLLUIG3Mpv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmN2IzNWMwOGJhNDkzMDFhNmNjNDMwYWRhOTQ5M2NlZDdl
ZDQyMTgwHhcNMjUwODI5MTM0MTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQ3ZWQyOTU1NjY4OGRiZGVjOTYzOWM0Njg1NjMxMDFlOTgzNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscoUzxco/1lYW/jFiDwetkRR4iCn
m/Nzcu13X+4nzuplEAOhYP2B9qehiO/FFe51UpTr/VySB/TQoMJZ51geN2Ibdfln
c3GqDlcbi6IhQ/EVKMhrA/+mtz2w/qt9Sp0B/pWpkcLi1jYCbI29csAYNsfHLObo
epOTdNvOU1ALRhio9+snBz6oPWSn5v7Sg/4edE6qP6Y7o9G988v6aQY7ztAewhOk
9yH+tb0fF8vcqlmYSu5Ep/B/bKsnWcc9ZxZEeCGHtV8EUnLQhkQEGv0PO21a+1f/
50TVRjuAwC6EPkKQV2ba3s7DsOhMxlgBwtOeJBI8JimEhAyZ0ZF9tUlTtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZH7SlVZojb3sljnEaFYxAemDSXMB8GA1UdIwQY
MBaAFG97NcCLpJMBpsxDCtqUk87X7UIYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNzMXdJdWtrd0dtekVNSzJwU1R6dGZ0UWhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81OGQwNjAtOThmMi00MDAzLThmZjEt
ZDI0YzM1ZGZhYzk0LzEvcGtmdEtWVm1pTnZleVdPY1JvVmpFQjZZTkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81OGQwNjAtOThmMi00MDAzLThmZjEtZDI0YzM1ZGZhYzk0
LzEvYjNzMXdJdWtrd0dtekVNSzJwU1R6dGZ0UWhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2XbwMA0G
CSqGSIb3DQEBCwUAA4IBAQCeVe0VyHPj+ESih+uTeszTShG8vB32kn2mfsDi7586
3/NhPV6qlaH1Yuu9TAq/ykqFGSSoyoYcDYtkKcTiG6w/7G+vUpl0uk1x6JktdgQ6
euoSX0GRxNG3bh/DnWFdPDSJ6WkYK1HvM3+yr0DW5GM7KAhgwKUPH17M1rboVgJL
msupfNYtxdyYktPunAsQDNjoou7EOEzRfH9UQ8PX/q4kNyMIBFL4DyFGQkJxeXZH
MPkb08Anyq3MDq8M//scdtIBwU3gBH4IAhFwD119XFF5tNVUKCcoNvHmTqrsxeUp
HkAmc7/lqR2N3O05504tzjPR8HETSKOD4rMlXX8QEo4T
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:06:46 2025 by rpki-client