Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/gt3jbvK7kO8d_xTYIGYJD2cUiGE.roa
File: gt3jbvK7kO8d_xTYIGYJD2cUiGE.roa (raw, json)
Hash identifier: 4UbuDpyze6Z3g+LOHqr6qp0gaoTqf6iKQVEolNVaZbk=
Subject key identifier: 82:DD:E3:6E:F2:BB:90:EF:1D:FF:14:D8:20:66:09:0F:67:14:88:61
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 01997E0BC1DEFAECC0456C969CF5C25E3712
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/gt3jbvK7kO8d_xTYIGYJD2cUiGE.roa
Signing time: Wed 24 Sep 2025 23:25:23 +0000
ROA not before: Wed 24 Sep 2025 23:25:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 87.58.64.0/24 maxlen: 24
87.58.65.0/24 maxlen: 24
159.254.0.0/24 maxlen: 24
159.254.1.0/24 maxlen: 24
159.254.2.0/24 maxlen: 24
159.254.3.0/24 maxlen: 24
159.254.4.0/24 maxlen: 24
159.254.5.0/24 maxlen: 24
159.254.6.0/24 maxlen: 24
159.254.7.0/24 maxlen: 24
159.254.8.0/24 maxlen: 24
159.254.9.0/24 maxlen: 24
159.254.10.0/24 maxlen: 24
159.254.11.0/24 maxlen: 24
159.254.12.0/24 maxlen: 24
159.254.80.0/24 maxlen: 24
159.254.81.0/24 maxlen: 24
159.254.82.0/24 maxlen: 24
194.9.116.0/24 maxlen: 24
2a03:eec0:3601::/48 maxlen: 48
2a03:eec0:3602::/48 maxlen: 48
2a03:eec0:3603::/48 maxlen: 48
2a03:eec0:3604::/48 maxlen: 48
2a03:eec0:3605::/48 maxlen: 48
2a03:eec0:3606::/48 maxlen: 48
2a03:eec0:3607::/48 maxlen: 48
2a03:eec0:3608::/48 maxlen: 48
2a03:eec0:3609::/48 maxlen: 48
2a03:eec0:360a::/48 maxlen: 48
2a03:eec0:360b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7e:0b:c1:de:fa:ec:c0:45:6c:96:9c:f5:c2:5e:37:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Sep 24 23:25:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82dde36ef2bb90ef1dff14d82066090f67148861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4a:b4:b2:11:53:90:3f:4c:31:c5:b6:61:cc:
40:4e:8b:5c:aa:59:66:a2:51:b0:05:74:a8:27:f6:
82:59:64:8b:04:c4:eb:d4:eb:4b:4a:5c:9c:dd:ea:
8d:70:c4:61:9a:e2:b1:8c:5a:55:7b:7b:0f:d2:fc:
5e:6f:df:58:f9:68:4f:5c:97:43:7f:8e:dc:cc:23:
cc:47:23:07:a4:13:85:c7:c3:cb:e7:1a:c1:dc:25:
78:8a:f1:1b:b1:c2:db:89:5c:8e:f1:5f:4b:ca:4c:
e1:87:d6:4e:ea:59:1f:ac:f8:78:b2:c4:59:fc:26:
1f:76:25:87:e9:61:12:2a:a9:00:d8:80:28:d4:09:
1c:0e:c8:4d:50:b1:83:dd:1d:03:36:d5:1b:8f:32:
77:0e:31:a5:d8:eb:e8:cd:16:7d:2e:49:0c:66:bd:
c2:5b:a6:9a:81:1d:a0:1c:0a:89:26:8c:d2:85:3e:
71:71:f5:ed:57:fa:c4:88:6c:4c:0e:24:71:39:31:
f7:7c:af:3a:5f:eb:66:58:70:0f:83:d5:6e:c8:bf:
de:57:1a:6d:4f:2a:88:ab:0b:99:ec:0b:6f:f4:a5:
cb:aa:9b:b8:d3:ba:39:81:ef:e4:e9:5f:3b:c4:69:
db:d9:27:23:5f:44:ed:40:f7:89:49:d0:db:24:9c:
d2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:DD:E3:6E:F2:BB:90:EF:1D:FF:14:D8:20:66:09:0F:67:14:88:61
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/gt3jbvK7kO8d_xTYIGYJD2cUiGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.58.64.0/23
159.254.0.0-159.254.12.255
159.254.80.0-159.254.82.255
194.9.116.0/24
IPv6:
2a03:eec0:3601::-2a03:eec0:360b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1f:4d:f1:31:5e:d1:be:0f:e0:e7:b8:54:4d:90:62:b2:be:28:
3b:92:bf:8c:86:63:5e:88:c7:2d:29:87:f4:d4:5a:8c:be:b4:
ff:9f:10:ad:bb:f9:2f:9d:4c:e4:58:df:4a:21:76:b4:cb:d0:
5e:8f:8d:22:33:ab:c2:19:30:d3:71:0d:36:0d:79:7f:37:d5:
9e:6b:8c:64:4d:9b:de:da:4a:86:c9:83:df:be:fa:41:9f:02:
76:f2:13:5b:27:77:a4:c7:2f:14:fd:a5:f6:59:83:b9:af:21:
3b:dc:08:60:ba:a7:a2:81:98:6e:c6:92:dd:70:eb:0c:57:c4:
e0:fb:ea:3f:c3:81:3d:3d:db:ce:b5:b6:dd:c2:70:79:4f:2f:
d9:8d:a6:1b:f3:06:04:8b:4d:b2:58:24:cc:33:2f:d9:9a:fc:
67:31:cc:ef:4b:89:6c:09:b2:2e:89:f5:ff:3f:c6:6c:12:46:
b3:6f:8a:c2:9e:ab:a0:73:81:0a:40:e9:b9:9c:d0:fb:88:48:
03:45:f3:31:e4:2e:f4:32:a7:08:1b:58:fb:73:81:0d:57:56:
c9:8f:44:68:9e:90:64:44:84:09:d3:5c:ed:6b:a9:0b:d0:fe:
84:89:ba:ae:d3:64:28:01:15:fd:d1:c5:2c:d4:e7:85:c4:51:
ea:48:bc:ed
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZl+C8He+uzARWyWnPXCXjcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwOTI0MjMyNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmRkZTM2ZWYyYmI5MGVmMWRmZjE0ZDgyMDY2MDkwZjY3MTQ4ODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEq0shFTkD9MMcW2YcxATotcqllm
olGwBXSoJ/aCWWSLBMTr1OtLSlyc3eqNcMRhmuKxjFpVe3sP0vxeb99Y+WhPXJdD
f47czCPMRyMHpBOFx8PL5xrB3CV4ivEbscLbiVyO8V9Lykzhh9ZO6lkfrPh4ssRZ
/CYfdiWH6WESKqkA2IAo1AkcDshNULGD3R0DNtUbjzJ3DjGl2OvozRZ9LkkMZr3C
W6aagR2gHAqJJozShT5xcfXtV/rEiGxMDiRxOTH3fK86X+tmWHAPg9VuyL/eVxpt
TyqIqwuZ7Atv9KXLqpu407o5ge/k6V87xGnb2ScjX0TtQPeJSdDbJJzSUQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFILd427yu5DvHf8U2CBmCQ9nFIhhMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvZ3QzamJ2SzdrTzhkX3hUWUlHWUpEMmNVaUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAtBAIAATAnAwQBVzpAMAsD
AwGf/gMEAJ/+DDAMAwQEn/5QAwQAn/5SAwQAwgl0MBoEAgACMBQwEgMHACoD7sA2
AQMHAioD7sA2CDANBgkqhkiG9w0BAQsFAAOCAQEAH03xMV7Rvg/g57hUTZBisr4o
O5K/jIZjXojHLSmH9NRajL60/58Qrbv5L51M5FjfSiF2tMvQXo+NIjOrwhkw03EN
Ng15fzfVnmuMZE2b3tpKhsmD3776QZ8CdvITWyd3pMcvFP2l9lmDua8hO9wIYLqn
ooGYbsaS3XDrDFfE4PvqP8OBPT3bzrW23cJweU8v2Y2mG/MGBItNslgkzDMv2Zr8
ZzHM70uJbAmyLon1/z/GbBJGs2+Kwp6roHOBCkDpuZzQ+4hIA0XzMeQu9DKnCBtY
+3OBDVdWyY9EaJ6QZESECdNc7WupC9D+hIm6rtNkKAEV/dHFLNTnhcRR6ki87Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:24:07 2025 by rpki-client