Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/vux6kFwpBUkuJvt9MGI0-OndmYQ.roa
File: vux6kFwpBUkuJvt9MGI0-OndmYQ.roa (raw, json)
Hash identifier: SsewcomJRN+4b8wQ2MGVZVNLvCQFuWU8SrIutsyFvJo=
Subject key identifier: BE:EC:7A:90:5C:29:05:49:2E:26:FB:7D:30:62:34:F8:E9:DD:99:84
Certificate issuer: /CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Certificate serial: 0199BDE8E9097B8C0A83CB2AE9F20721E7A0
Authority key identifier: 01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/vux6kFwpBUkuJvt9MGI0-OndmYQ.roa
Signing time: Tue 07 Oct 2025 09:03:01 +0000
ROA not before: Tue 07 Oct 2025 09:03:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8638
IP address blocks: 87.123.208.0/22 maxlen: 22
89.27.161.0/24 maxlen: 24
89.247.220.0/24 maxlen: 24
94.134.81.0/24 maxlen: 24
2001:1438:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 18:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bd:e8:e9:09:7b:8c:0a:83:cb:2a:e9:f2:07:21:e7:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Validity
Not Before: Oct 7 09:03:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=beec7a905c2905492e26fb7d306234f8e9dd9984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cc:07:f3:b9:be:4c:0b:4f:93:10:bb:84:5f:
eb:6f:80:45:4d:3b:28:de:6d:3a:4e:e6:ed:5f:ae:
39:2f:cd:10:d2:50:c4:3f:29:17:a2:fe:af:63:f0:
4c:eb:af:80:f1:21:b3:41:53:40:58:cf:72:bf:02:
74:5c:d9:74:82:80:1d:a8:bf:d5:da:dc:48:48:45:
4b:d4:04:0e:55:92:5d:4e:ca:6f:84:46:97:8a:bd:
00:e7:fa:ae:7a:dc:dc:ae:28:06:fe:c3:d1:d9:47:
4b:02:0f:b1:6a:24:0b:9c:c6:95:9c:1d:a8:2a:b2:
cd:f5:a9:f5:02:83:5e:86:91:f9:1a:82:1f:25:e5:
4d:bb:02:2e:1a:08:09:ca:03:80:30:e9:49:0e:17:
4d:cd:89:93:fa:00:85:80:96:0a:9b:4e:0d:36:16:
57:ce:59:cd:14:ae:08:7c:98:ae:a8:3c:8b:71:c9:
bc:27:c6:f4:ab:be:57:16:1b:9b:f3:79:92:57:92:
b1:83:cb:1e:66:45:c9:cb:e2:cd:11:7a:13:af:eb:
1b:d7:8a:dd:cd:aa:75:f3:c5:2e:be:00:5a:c8:9c:
d3:62:26:ee:bf:bc:b0:9d:d7:e1:e2:ed:fd:23:6f:
0a:71:88:63:5b:fd:2d:9f:2b:db:b5:7a:a4:77:40:
8a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:EC:7A:90:5C:29:05:49:2E:26:FB:7D:30:62:34:F8:E9:DD:99:84
X509v3 Authority Key Identifier:
keyid:01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/vux6kFwpBUkuJvt9MGI0-OndmYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.123.208.0/22
89.27.161.0/24
89.247.220.0/24
94.134.81.0/24
IPv6:
2001:1438:f000::/36
Signature Algorithm: sha256WithRSAEncryption
2d:e0:37:6d:0b:37:2b:62:df:ef:bf:e9:b3:49:78:fc:a8:8b:
bc:60:1b:f6:69:a9:d1:c5:bb:a2:aa:b3:0a:f1:e3:e2:82:b4:
ff:33:08:79:e3:ad:d5:17:bc:27:4d:c9:6d:9c:91:81:be:e8:
ec:5a:f4:0a:be:cc:79:5e:cb:f2:c6:93:8c:dc:4d:4f:2c:7b:
c8:5c:2f:4a:d0:ec:0c:e7:30:7d:54:53:2b:1e:d4:08:6f:69:
9b:3b:27:b7:ea:d5:ab:b1:e5:01:34:6c:27:50:ea:2d:24:d9:
ae:9b:6b:d9:1a:d2:71:14:1c:c5:a0:61:2d:b0:5c:bb:9d:01:
a6:7f:7d:77:3a:fa:25:d1:5a:50:34:83:7a:a4:ca:b0:f6:1c:
72:1d:64:ad:61:5c:53:09:2c:00:f4:fe:5b:65:dd:af:d8:8d:
c3:32:36:95:c9:60:95:bc:d7:6f:5b:b4:17:d6:84:0f:9f:4e:
53:b0:39:b6:a7:4c:81:60:da:4e:b8:57:46:fc:aa:2e:a2:8b:
ee:49:25:8e:e5:3b:c6:87:92:02:16:5e:ba:0b:1c:1b:10:c9:
ad:22:c4:ca:40:fe:54:cb:70:ec:66:21:42:fe:eb:a9:8a:3e:
17:e5:29:4e:bb:bb:82:7f:1e:89:8b:b0:c4:7c:b0:6a:bb:58:
e2:74:ed:03
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZm96OkJe4wKg8sq6fIHIeegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDFhMTM1M2Y3ZjhiNTA1ZmM5ODc1MGU4Njc4N2Y0ZTA0
NjQzMmUwHhcNMjUxMDA3MDkwMzAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWVjN2E5MDVjMjkwNTQ5MmUyNmZiN2QzMDYyMzRmOGU5ZGQ5OTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiswH87m+TAtPkxC7hF/rb4BFTTso
3m06TubtX645L80Q0lDEPykXov6vY/BM66+A8SGzQVNAWM9yvwJ0XNl0goAdqL/V
2txISEVL1AQOVZJdTspvhEaXir0A5/quetzcrigG/sPR2UdLAg+xaiQLnMaVnB2o
KrLN9an1AoNehpH5GoIfJeVNuwIuGggJygOAMOlJDhdNzYmT+gCFgJYKm04NNhZX
zlnNFK4IfJiuqDyLccm8J8b0q75XFhub83mSV5Kxg8seZkXJy+LNEXoTr+sb14rd
zap188UuvgBayJzTYibuv7ywndfh4u39I28KcYhjW/0tnyvbtXqkd0CKxwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFL7sepBcKQVJLib7fTBiNPjp3ZmEMB8GA1UdIwQY
MBaAFAHRoTU/f4tQX8mHUOhnh/TgRkMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEt
NjQzYTQxNTlhYjQ2LzEvdnV4NmtGd3BCVWt1SnZ0OU1HSTAtT25kbVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEtNjQzYTQxNTlhYjQ2
LzEvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCV3vQAwQA
WRuhAwQAWffcAwQAXoZRMA4EAgACMAgDBgQgARQ48DANBgkqhkiG9w0BAQsFAAOC
AQEALeA3bQs3K2Lf77/ps0l4/KiLvGAb9mmp0cW7oqqzCvHj4oK0/zMIeeOt1Re8
J03JbZyRgb7o7Fr0Cr7MeV7L8saTjNxNTyx7yFwvStDsDOcwfVRTKx7UCG9pmzsn
t+rVq7HlATRsJ1DqLSTZrptr2RrScRQcxaBhLbBcu50Bpn99dzr6JdFaUDSDeqTK
sPYcch1krWFcUwksAPT+W2Xdr9iNwzI2lclglbzXb1u0F9aED59OU7A5tqdMgWDa
TrhXRvyqLqKL7kkljuU7xoeSAhZeugscGxDJrSLEykD+VMtw7GYhQv7rqYo+F+Up
Tru7gn8eiYuwxHywartY4nTtAw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:49:21 2025 by rpki-client