Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/bIh6rb6KgAadfuO3R9Ubbeh6oaY.roa
File: bIh6rb6KgAadfuO3R9Ubbeh6oaY.roa (raw, json)
Hash identifier: u3cvjQO/JSlrsYEw7MORRhOpl1pZlSv4+pYCjFsW1wU=
Subject key identifier: 6C:88:7A:AD:BE:8A:80:06:9D:7E:E3:B7:47:D5:1B:6D:E8:7A:A1:A6
Certificate issuer: /CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc
Certificate serial: 019A53A43A3FB565951087F2DE866FFE77E8
Authority key identifier: FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/bIh6rb6KgAadfuO3R9Ubbeh6oaY.roa
Signing time: Wed 05 Nov 2025 10:51:02 +0000
ROA not before: Wed 05 Nov 2025 10:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51057
IP address blocks: 109.235.232.0/21 maxlen: 21
192.145.76.0/22 maxlen: 22
2a0c:600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.mft
rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:a4:3a:3f:b5:65:95:10:87:f2:de:86:6f:fe:77:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd7061c20d4f097613ac0313237a6df2bb2cb5dc
Validity
Not Before: Nov 5 10:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c887aadbe8a80069d7ee3b747d51b6de87aa1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:17:33:d3:9c:11:b5:78:1e:70:83:17:0a:2f:
c9:b6:e5:68:ec:5b:5b:95:a3:7a:21:b9:10:28:a3:
a8:b4:31:73:d0:db:d2:ff:b5:94:3a:aa:5f:6c:7a:
56:30:c3:7f:30:a5:0c:30:84:47:27:6d:f8:01:7a:
99:c2:94:53:23:a2:87:12:dc:98:10:99:82:d4:6d:
dd:85:a0:a3:58:e7:33:44:59:4f:12:c2:48:81:13:
f8:46:d1:42:2e:28:e9:84:36:0b:1a:9f:54:b8:10:
ef:cc:b8:7d:53:e8:55:d7:87:c7:d0:34:09:76:d5:
7d:ca:44:ff:9b:e8:72:2f:67:f6:3c:3b:bb:83:39:
0e:c6:a0:b6:13:78:a8:b6:d0:90:49:b5:59:61:32:
50:6a:01:48:86:fa:68:2a:29:68:50:ce:0c:f7:33:
3f:39:33:33:91:32:cd:1c:89:be:24:e1:5b:a2:09:
3e:60:37:cb:23:a5:9c:3d:3e:8d:bb:dd:be:a9:8f:
2b:9c:f4:54:02:8d:a0:19:f5:cd:2f:95:82:7f:fc:
d7:e1:53:93:b8:c7:d7:c9:e5:b3:5c:7e:b3:47:02:
18:0f:45:71:fe:43:0a:15:ab:10:0e:0c:2b:1d:d7:
2d:3a:7a:24:de:52:36:08:4b:3b:e2:fa:5a:03:2f:
55:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:88:7A:AD:BE:8A:80:06:9D:7E:E3:B7:47:D5:1B:6D:E8:7A:A1:A6
X509v3 Authority Key Identifier:
keyid:FD:70:61:C2:0D:4F:09:76:13:AC:03:13:23:7A:6D:F2:BB:2C:B5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XBhwg1PCXYTrAMTI3pt8rsstdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/bIh6rb6KgAadfuO3R9Ubbeh6oaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/32e3d3-9a8d-4653-94fa-a2019988330f/1/_XBhwg1PCXYTrAMTI3pt8rsstdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.232.0/21
192.145.76.0/22
IPv6:
2a0c:600::/29
Signature Algorithm: sha256WithRSAEncryption
32:6e:39:e6:bd:19:bb:90:79:75:07:7c:91:56:d1:99:21:2c:
c8:4f:64:2a:73:5a:6a:b6:86:20:9d:76:c9:2f:6f:ac:d8:a5:
c8:23:cc:b5:15:71:65:9e:1f:36:0f:d3:1c:59:6e:f5:f4:13:
d5:84:7c:6f:4f:9f:50:6d:cc:5f:64:cf:fe:a2:8f:ad:91:21:
eb:88:5c:d1:5b:f8:75:65:3b:de:e6:69:dc:61:4a:41:c2:c1:
9a:d0:80:fa:9b:11:ce:82:f5:77:9a:fe:17:8d:9a:c4:56:42:
67:3e:c2:27:c5:4c:72:1c:b7:14:9d:f7:65:5d:e9:83:a8:68:
e2:77:67:1b:9c:af:e2:93:82:c6:92:cc:21:9c:f1:b6:77:b7:
87:01:bd:7a:29:4b:87:a3:c7:f9:ef:9f:fd:d9:13:33:04:ca:
85:17:8c:7e:61:b9:49:8d:61:96:b6:3d:50:81:6e:39:9e:2e:
4a:9e:ca:9b:03:a7:82:74:a4:b4:b1:e6:01:39:6d:e9:47:56:
b1:2c:a8:85:0f:06:8f:2f:63:27:34:10:d9:cd:20:3d:e6:54:
e8:f2:8b:1e:65:1b:5d:b7:b5:74:af:85:00:c8:7a:de:25:27:
7c:0e:ab:71:a4:0c:ff:f3:06:69:7d:60:c4:f2:0c:8f:31:79:
bc:28:b5:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZpTpDo/tWWVEIfy3oZv/nfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzA2MWMyMGQ0ZjA5NzYxM2FjMDMxMzIzN2E2ZGYyYmIy
Y2I1ZGMwHhcNMjUxMTA1MTA1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg4N2FhZGJlOGE4MDA2OWQ3ZWUzYjc0N2Q1MWI2ZGU4N2FhMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBcz05wRtXgecIMXCi/JtuVo7Ftb
laN6IbkQKKOotDFz0NvS/7WUOqpfbHpWMMN/MKUMMIRHJ234AXqZwpRTI6KHEtyY
EJmC1G3dhaCjWOczRFlPEsJIgRP4RtFCLijphDYLGp9UuBDvzLh9U+hV14fH0DQJ
dtV9ykT/m+hyL2f2PDu7gzkOxqC2E3iottCQSbVZYTJQagFIhvpoKiloUM4M9zM/
OTMzkTLNHIm+JOFbogk+YDfLI6WcPT6Nu92+qY8rnPRUAo2gGfXNL5WCf/zX4VOT
uMfXyeWzXH6zRwIYD0Vx/kMKFasQDgwrHdctOnok3lI2CEs74vpaAy9VRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGyIeq2+ioAGnX7jt0fVG23oeqGmMB8GA1UdIwQY
MBaAFP1wYcINTwl2E6wDEyN6bfK7LLXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEt
YTIwMTk5ODgzMzBmLzEvYkloNnJiNktnQWFkZnVPM1I5VWJiZWg2b2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zMmUzZDMtOWE4ZC00NjUzLTk0ZmEtYTIwMTk5ODgzMzBm
LzEvX1hCaHdnMVBDWFlUckFNVEkzcHQ4cnNzdGR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbevoAwQC
wJFMMA0EAgACMAcDBQMqDAYAMA0GCSqGSIb3DQEBCwUAA4IBAQAybjnmvRm7kHl1
B3yRVtGZISzIT2Qqc1pqtoYgnXbJL2+s2KXII8y1FXFlnh82D9McWW719BPVhHxv
T59QbcxfZM/+oo+tkSHriFzRW/h1ZTve5mncYUpBwsGa0ID6mxHOgvV3mv4XjZrE
VkJnPsInxUxyHLcUnfdlXemDqGjid2cbnK/ik4LGkswhnPG2d7eHAb16KUuHo8f5
75/92RMzBMqFF4x+YblJjWGWtj1QgW45ni5KnsqbA6eCdKS0seYBOW3pR1axLKiF
DwaPL2MnNBDZzSA95lTo8oseZRtdt7V0r4UAyHreJSd8DqtxpAz/8wZpfWDE8gyP
MXm8KLUg
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:49:26 2025 by rpki-client