Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b87Ytvc_OnLAU1-AiNzrR9Ndx_A.roa
File: b87Ytvc_OnLAU1-AiNzrR9Ndx_A.roa (raw, json)
Hash identifier: V6H++cmx7ABhwsJs47K6MKjpAOnt/75CprhxJ6Gbmq0=
Subject key identifier: 6F:CE:D8:B6:F7:3F:3A:72:C0:53:5F:80:88:DC:EB:47:D3:5D:C7:F0
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0197821892EA599340FA48D21802B88D13E4
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b87Ytvc_OnLAU1-AiNzrR9Ndx_A.roa
Signing time: Wed 18 Jun 2025 08:12:17 +0000
ROA not before: Wed 18 Jun 2025 08:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22516
IP address blocks: 109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:18:92:ea:59:93:40:fa:48:d2:18:02:b8:8d:13:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 18 08:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fced8b6f73f3a72c0535f8088dceb47d35dc7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7e:f4:f6:23:79:e0:ce:ee:f0:7c:d3:30:27:
0b:d3:9b:b2:8b:5a:d9:4d:03:c7:03:75:3f:6c:8f:
ac:c2:bd:31:0a:93:20:11:a8:61:7f:1c:4b:e6:36:
7d:7a:e3:89:8b:dc:35:fe:c1:ee:4d:c9:35:41:d0:
0a:a1:04:d6:db:f1:b6:e6:81:0d:53:e0:20:7f:0d:
8e:06:0f:f0:48:bb:60:cd:a3:9c:7c:96:45:16:88:
11:6a:fc:3d:db:33:f6:81:dd:51:8c:3c:6d:b3:42:
e7:9c:1c:36:34:7f:07:fa:53:9f:6f:eb:ce:d6:2c:
29:28:12:c4:35:9a:33:97:5b:93:e2:cd:2d:f5:e7:
da:8f:94:bf:3e:fd:05:16:89:fe:e8:48:59:4c:24:
ea:bf:7c:83:2e:c8:fe:eb:cb:8f:23:0f:65:50:f2:
86:49:16:8c:4a:7d:0c:a9:18:14:c8:ba:78:12:56:
36:5c:99:06:b4:c8:e9:23:b5:58:41:d9:8b:9e:d3:
0c:8a:f7:66:3b:2d:09:ed:77:d3:c4:af:39:b8:7b:
58:97:0c:b5:35:95:3e:4a:18:9a:5c:34:18:46:10:
aa:ec:85:1d:58:b6:6a:7d:03:bf:e4:63:59:68:e0:
b5:e6:6e:d5:87:11:d8:31:43:10:0f:d4:af:26:ff:
f9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:CE:D8:B6:F7:3F:3A:72:C0:53:5F:80:88:DC:EB:47:D3:5D:C7:F0
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b87Ytvc_OnLAU1-AiNzrR9Ndx_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.40.0/24
109.121.43.0/24
109.233.184.0/23
178.253.237.0/24
Signature Algorithm: sha256WithRSAEncryption
57:25:18:23:8d:c0:a3:69:9a:15:7d:70:90:f3:a0:0f:7f:ee:
98:a9:c3:7f:96:d6:43:82:59:08:81:5e:0c:75:3a:ca:65:a8:
b7:36:9d:13:6c:2b:ae:70:a4:e4:b1:01:80:d7:0e:ea:2d:9a:
e0:18:f8:aa:88:ae:24:bd:43:94:b9:0a:5f:39:fe:5e:e6:ea:
6a:c0:c4:67:e5:e8:3a:bc:5b:aa:c0:88:4f:36:66:d5:82:5c:
be:c8:b2:fa:10:ad:39:3c:09:e7:4a:1f:83:03:bf:d3:09:ce:
7e:da:a8:3f:aa:11:5a:af:80:56:49:b5:ec:a3:6e:e5:a2:7e:
03:89:04:25:ed:c5:51:eb:99:70:dc:ca:1e:5a:fb:3a:c1:a5:
40:68:0c:26:c8:91:d9:ef:0f:8b:77:27:50:01:ff:a2:6a:19:
cf:58:f4:a1:82:3c:cf:db:f2:f0:a1:4e:a1:e6:30:5a:92:e1:
60:4b:aa:45:ff:9e:10:e9:52:a9:73:41:40:c8:4e:6a:9a:aa:
79:2c:f3:c2:2d:66:2a:22:cd:c3:f7:be:22:01:fc:ce:e2:2f:
21:9f:81:c0:95:a0:21:e9:47:7d:e3:92:22:ec:17:a3:6e:0b:
c5:87:c2:26:4d:20:b3:4d:45:8f:0b:e2:38:00:cb:20:51:88:
b9:57:3d:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeCGJLqWZNA+kjSGAK4jRPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwNjE4MDgxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmNlZDhiNmY3M2YzYTcyYzA1MzVmODA4OGRjZWI0N2QzNWRjN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH709iN54M7u8HzTMCcL05uyi1rZ
TQPHA3U/bI+swr0xCpMgEahhfxxL5jZ9euOJi9w1/sHuTck1QdAKoQTW2/G25oEN
U+Agfw2OBg/wSLtgzaOcfJZFFogRavw92zP2gd1RjDxts0LnnBw2NH8H+lOfb+vO
1iwpKBLENZozl1uT4s0t9efaj5S/Pv0FFon+6EhZTCTqv3yDLsj+68uPIw9lUPKG
SRaMSn0MqRgUyLp4ElY2XJkGtMjpI7VYQdmLntMMivdmOy0J7XfTxK85uHtYlwy1
NZU+ShiaXDQYRhCq7IUdWLZqfQO/5GNZaOC15m7VhxHYMUMQD9SvJv/5aQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG/O2Lb3PzpywFNfgIjc60fTXcfwMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYjg3WXR2Y19PbkxBVTEtQWlOenJSOU5keF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbXkoAwQA
bXkrAwQBbem4AwQAsv3tMA0GCSqGSIb3DQEBCwUAA4IBAQBXJRgjjcCjaZoVfXCQ
86APf+6YqcN/ltZDglkIgV4MdTrKZai3Np0TbCuucKTksQGA1w7qLZrgGPiqiK4k
vUOUuQpfOf5e5upqwMRn5eg6vFuqwIhPNmbVgly+yLL6EK05PAnnSh+DA7/TCc5+
2qg/qhFar4BWSbXso27lon4DiQQl7cVR65lw3MoeWvs6waVAaAwmyJHZ7w+LdydQ
Af+iahnPWPShgjzP2/LwoU6h5jBakuFgS6pF/54Q6VKpc0FAyE5qmqp5LPPCLWYq
Is3D974iAfzO4i8hn4HAlaAh6Ud945Ii7BejbgvFh8ImTSCzTUWPC+I4AMsgUYi5
Vz2S
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:42:11 2025 by rpki-client