Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/vFmu6getTO6ZcDBt1ceAem1oukw.roa
File: vFmu6getTO6ZcDBt1ceAem1oukw.roa (raw, json)
Hash identifier: rzKqJJAZ5SS3cEXNUKun21Hq6eomf0kRuW01bUYOcwI=
Subject key identifier: BC:59:AE:EA:07:AD:4C:EE:99:70:30:6D:D5:C7:80:7A:6D:68:BA:4C
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0199CF0D9680B7FEB603EDAC95993A19E81A
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/vFmu6getTO6ZcDBt1ceAem1oukw.roa
Signing time: Fri 10 Oct 2025 16:56:38 +0000
ROA not before: Fri 10 Oct 2025 16:56:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 124.198.136.0/22 maxlen: 24
158.173.129.0/24 maxlen: 24
158.173.130.0/23 maxlen: 24
170.62.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cf:0d:96:80:b7:fe:b6:03:ed:ac:95:99:3a:19:e8:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Oct 10 16:56:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc59aeea07ad4cee9970306dd5c7807a6d68ba4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:60:32:70:0b:2f:78:e6:23:b1:3b:85:6d:8b:
c5:40:64:63:f8:b6:aa:27:dd:48:8b:c8:10:89:a4:
70:bd:92:c2:f6:2b:af:a5:f4:c6:75:d8:4f:b0:31:
8c:99:7a:21:62:e0:93:85:cd:e2:16:18:7d:a7:e3:
f7:7e:69:6d:8f:a6:31:75:99:5c:5f:6d:12:a9:49:
80:24:18:28:05:61:b5:40:13:28:df:8e:c4:4e:7b:
fb:71:64:91:70:dd:4a:64:20:18:cc:be:56:38:54:
a6:91:7b:22:bc:30:18:68:4d:b6:ac:16:3c:e0:1d:
07:ee:c5:7d:43:8e:b9:ec:51:e2:fa:94:f2:c7:fa:
cd:40:01:ba:47:94:31:87:01:45:92:89:13:03:0b:
02:e3:1d:2e:09:49:1c:83:4d:11:87:20:06:07:03:
50:b5:60:8f:d4:04:e8:38:85:fe:63:67:5a:5d:df:
30:f0:c3:3b:d8:39:c1:b3:4d:26:0a:a4:47:60:f8:
10:4d:47:58:5c:0a:64:f9:e6:ba:75:5a:4b:ec:19:
4e:af:8c:a1:d4:0e:32:98:50:62:04:ea:eb:5a:4c:
ff:3a:28:cc:68:db:a9:2c:ef:fc:07:c3:15:70:cf:
46:10:49:84:6d:2e:48:b0:28:7d:23:71:c3:d0:23:
73:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:59:AE:EA:07:AD:4C:EE:99:70:30:6D:D5:C7:80:7A:6D:68:BA:4C
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/vFmu6getTO6ZcDBt1ceAem1oukw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.198.136.0/22
158.173.129.0-158.173.131.255
170.62.240.0/22
Signature Algorithm: sha256WithRSAEncryption
95:e0:3f:d3:b5:04:09:43:98:cf:94:f1:e6:d8:3b:63:42:8a:
0f:06:cf:d3:5b:f0:e9:22:a0:db:89:fe:67:37:ff:7f:da:be:
a0:d4:c9:12:a6:ae:62:ff:ec:17:35:1e:a1:5e:b7:e2:be:ba:
ba:37:21:6a:71:a6:4f:63:ce:cb:88:db:81:f3:5a:5b:dc:01:
26:2e:01:d5:02:28:bd:3d:3f:d0:ad:2d:e0:08:5a:92:e5:62:
d0:07:a9:1d:b1:5b:f3:3b:e5:ac:2e:0f:61:54:7f:c2:6e:2c:
ac:70:78:80:24:e0:cd:d7:d6:52:3e:7a:8d:55:bd:c0:aa:f7:
5a:8d:38:29:b9:4a:b0:87:ac:f0:65:84:73:16:0f:d6:03:1d:
b0:0f:12:96:42:4d:19:38:16:f9:f9:fb:76:74:08:54:3b:7d:
5c:a1:b8:ce:a4:69:bf:55:9d:0a:ca:f8:20:a8:1c:4e:1c:9e:
5a:16:6b:f1:3e:15:59:86:b0:74:42:cc:59:be:1a:e9:4b:b9:
ff:a0:15:33:a1:b1:ea:e7:14:ae:cb:f5:13:21:4d:b3:34:5f:
10:fe:70:ac:a2:42:52:e6:0e:69:f6:c8:16:37:41:47:82:fc:
85:eb:50:ce:28:80:65:88:a3:f2:d5:8e:4a:e2:f1:d4:e0:31:
5a:de:d3:5c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZnPDZaAt/62A+2slZk6GegaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUxMDEwMTY1NjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzU5YWVlYTA3YWQ0Y2VlOTk3MDMwNmRkNWM3ODA3YTZkNjhiYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WAycAsveOYjsTuFbYvFQGRj+Laq
J91Ii8gQiaRwvZLC9iuvpfTGddhPsDGMmXohYuCThc3iFhh9p+P3fmltj6YxdZlc
X20SqUmAJBgoBWG1QBMo347ETnv7cWSRcN1KZCAYzL5WOFSmkXsivDAYaE22rBY8
4B0H7sV9Q4657FHi+pTyx/rNQAG6R5QxhwFFkokTAwsC4x0uCUkcg00RhyAGBwNQ
tWCP1AToOIX+Y2daXd8w8MM72DnBs00mCqRHYPgQTUdYXApk+ea6dVpL7BlOr4yh
1A4ymFBiBOrrWkz/OijMaNupLO/8B8MVcM9GEEmEbS5IsCh9I3HD0CNzrwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLxZruoHrUzumXAwbdXHgHptaLpMMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvdkZtdTZnZXRUTzZaY0RCdDFjZUFlbTFvdWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCfMaIMAwD
BACerYEDBAKerYADBAKqPvAwDQYJKoZIhvcNAQELBQADggEBAJXgP9O1BAlDmM+U
8ebYO2NCig8Gz9Nb8OkioNuJ/mc3/3/avqDUyRKmrmL/7Bc1HqFet+K+uro3IWpx
pk9jzsuI24HzWlvcASYuAdUCKL09P9CtLeAIWpLlYtAHqR2xW/M75awuD2FUf8Ju
LKxweIAk4M3X1lI+eo1VvcCq91qNOCm5SrCHrPBlhHMWD9YDHbAPEpZCTRk4Fvn5
+3Z0CFQ7fVyhuM6kab9VnQrK+CCoHE4cnloWa/E+FVmGsHRCzFm+GulLuf+gFTOh
sernFK7L9RMhTbM0XxD+cKyiQlLmDmn2yBY3QUeC/IXrUM4ogGWIo/LVjkri8dTg
MVre01w=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:22 2025 by rpki-client