Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/6v-BFuQou1RToVsVaba5LPHMaOU.roa
File: 6v-BFuQou1RToVsVaba5LPHMaOU.roa (raw, json)
Hash identifier: 38dJnJfCMMCxnGi8gWT/Xh/Yh7yI6SjOhDbhb3ZTXA8=
Subject key identifier: EA:FF:81:16:E4:28:BB:54:53:A1:5B:15:69:B6:B9:2C:F1:CC:68:E5
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0199C065C1F175A9A2A7A0A96D424410F559
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/6v-BFuQou1RToVsVaba5LPHMaOU.roa
Signing time: Tue 07 Oct 2025 20:38:38 +0000
ROA not before: Tue 07 Oct 2025 20:38:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204957
IP address blocks: 88.214.48.0/24 maxlen: 24
88.214.49.0/24 maxlen: 24
193.8.75.0/24 maxlen: 24
193.176.21.0/24 maxlen: 24
193.176.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c0:65:c1:f1:75:a9:a2:a7:a0:a9:6d:42:44:10:f5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Oct 7 20:38:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eaff8116e428bb5453a15b1569b6b92cf1cc68e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6f:e6:dd:a3:39:ab:62:50:09:7a:bb:d1:0e:
9a:0f:86:a2:2c:5a:79:86:6a:e9:01:6b:d4:99:7c:
92:d3:f1:23:ff:0a:af:b0:9b:de:17:ce:2e:6a:e1:
a2:67:49:40:58:66:da:f7:7a:50:43:ee:dd:0b:fa:
9a:01:0c:6e:1c:7e:fe:45:1b:89:f4:46:70:d3:61:
7e:a1:41:30:a6:23:18:3e:7e:cd:51:4a:7b:f5:c8:
ac:b0:ae:f3:b7:aa:9b:af:32:97:7c:6b:00:32:53:
49:ab:2f:59:11:e1:91:32:d4:5d:12:10:84:36:e7:
be:76:66:f6:5e:6a:5f:30:86:38:0c:c1:8f:75:db:
7c:13:7a:64:5f:81:75:22:6b:c8:03:69:66:4b:e3:
88:33:42:33:78:82:83:84:14:4d:de:35:3e:4b:32:
77:83:f0:4f:d1:84:ed:b1:c7:dc:e1:22:b3:09:de:
df:fd:71:a4:5f:cf:c3:7e:ab:17:f1:ef:76:9c:ae:
4c:2c:37:5d:9c:40:27:51:df:cc:58:a8:c4:08:e6:
84:03:42:58:f0:e9:03:5b:2c:e1:da:c4:1a:57:eb:
c4:e0:e3:30:61:fa:e7:05:21:a6:60:e7:3b:6f:84:
aa:64:45:fe:11:82:af:f0:0d:10:2c:d3:3c:ec:39:
0d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:FF:81:16:E4:28:BB:54:53:A1:5B:15:69:B6:B9:2C:F1:CC:68:E5
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/6v-BFuQou1RToVsVaba5LPHMaOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.48.0/23
193.8.75.0/24
193.176.21.0/24
193.176.23.0/24
Signature Algorithm: sha256WithRSAEncryption
23:4f:b9:5a:77:42:28:bb:15:a7:8d:88:d8:98:83:90:6d:39:
a8:55:61:98:2a:58:16:29:f7:6b:18:25:b4:61:22:73:a0:a8:
05:4b:c5:13:a7:04:cf:f0:e6:77:1a:17:1d:dd:8f:2b:c0:05:
43:01:15:97:e7:e7:72:a7:ac:a7:55:ce:36:3b:85:70:1d:63:
85:7a:01:f5:8c:b0:dd:db:1d:8b:37:f8:75:bb:a5:0c:de:f2:
7d:0d:e9:9c:cb:5b:fb:77:a6:30:fb:b0:2a:9b:54:25:8c:68:
7b:b9:92:9a:fc:d0:fd:62:15:2b:5a:fb:1c:c4:14:1a:03:cd:
da:88:ba:47:66:b3:a1:63:2e:a7:ca:df:63:87:a8:17:25:41:
c5:c2:3d:a5:83:a3:e8:63:d4:f8:3b:8d:2b:ec:85:80:fb:78:
70:f2:c0:1e:4d:4a:f5:de:f1:76:9e:a4:99:3d:bc:11:3b:46:
fa:68:90:97:1f:71:e6:35:d4:6e:bd:6d:52:6e:31:da:39:2f:
79:6f:e0:1e:55:91:1f:f2:6f:ad:1b:98:34:4a:80:f1:46:99:
4a:a3:00:be:52:50:04:6d:a4:17:cf:31:fd:51:ae:01:a4:22:
25:1c:2e:38:bc:e9:a5:d7:93:85:a5:b3:96:dd:f2:ca:23:2d:
4b:9f:f0:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZnAZcHxdamip6CpbUJEEPVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUxMDA3MjAzODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWZmODExNmU0MjhiYjU0NTNhMTViMTU2OWI2YjkyY2YxY2M2OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW/m3aM5q2JQCXq70Q6aD4aiLFp5
hmrpAWvUmXyS0/Ej/wqvsJveF84uauGiZ0lAWGba93pQQ+7dC/qaAQxuHH7+RRuJ
9EZw02F+oUEwpiMYPn7NUUp79cissK7zt6qbrzKXfGsAMlNJqy9ZEeGRMtRdEhCE
Nue+dmb2XmpfMIY4DMGPddt8E3pkX4F1ImvIA2lmS+OIM0IzeIKDhBRN3jU+SzJ3
g/BP0YTtscfc4SKzCd7f/XGkX8/DfqsX8e92nK5MLDddnEAnUd/MWKjECOaEA0JY
8OkDWyzh2sQaV+vE4OMwYfrnBSGmYOc7b4SqZEX+EYKv8A0QLNM87DkNxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOr/gRbkKLtUU6FbFWm2uSzxzGjlMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvNnYtQkZ1UW91MVJUb1ZzVmFiYTVMUEhNYU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWNYwAwQA
wQhLAwQAwbAVAwQAwbAXMA0GCSqGSIb3DQEBCwUAA4IBAQAjT7lad0IouxWnjYjY
mIOQbTmoVWGYKlgWKfdrGCW0YSJzoKgFS8UTpwTP8OZ3Ghcd3Y8rwAVDARWX5+dy
p6ynVc42O4VwHWOFegH1jLDd2x2LN/h1u6UM3vJ9Demcy1v7d6Yw+7Aqm1QljGh7
uZKa/ND9YhUrWvscxBQaA83aiLpHZrOhYy6nyt9jh6gXJUHFwj2lg6PoY9T4O40r
7IWA+3hw8sAeTUr13vF2nqSZPbwRO0b6aJCXH3HmNdRuvW1SbjHaOS95b+AeVZEf
8m+tG5g0SoDxRplKowC+UlAEbaQXzzH9Ua4BpCIlHC44vOml15OFpbOW3fLKIy1L
n/Cz
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:14:02 2025 by rpki-client