Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/fofIehVWA2zXhCOwOv2IhEXBsso.roa
File: fofIehVWA2zXhCOwOv2IhEXBsso.roa (raw, json)
Hash identifier: kJbscEJEUxNrQGiXZ0fvylDg/JBnaWx0NntD8rKqeW4=
Subject key identifier: 7E:87:C8:7A:15:56:03:6C:D7:84:23:B0:3A:FD:88:84:45:C1:B2:CA
Certificate issuer: /CN=ca61478e4d659bece8203c5e8ba8e8f82f0470d7
Certificate serial: 0198D5A6F013EB3F44C2E54791172CC75648
Authority key identifier: CA:61:47:8E:4D:65:9B:EC:E8:20:3C:5E:8B:A8:E8:F8:2F:04:70:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ymFHjk1lm-zoIDxei6jo-C8EcNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/fofIehVWA2zXhCOwOv2IhEXBsso.roa
Signing time: Sat 23 Aug 2025 06:39:04 +0000
ROA not before: Sat 23 Aug 2025 06:39:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205899
IP address blocks: 176.117.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/ymFHjk1lm-zoIDxei6jo-C8EcNc.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/ymFHjk1lm-zoIDxei6jo-C8EcNc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ymFHjk1lm-zoIDxei6jo-C8EcNc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:a6:f0:13:eb:3f:44:c2:e5:47:91:17:2c:c7:56:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca61478e4d659bece8203c5e8ba8e8f82f0470d7
Validity
Not Before: Aug 23 06:39:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e87c87a1556036cd78423b03afd888445c1b2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a2:b1:9f:40:76:36:c5:3f:da:2c:f5:31:28:
57:3d:d1:61:5f:c2:7d:2c:06:04:10:25:7a:3e:53:
3f:92:ca:8d:a9:40:e7:47:14:6e:a3:c5:51:12:24:
fe:28:ac:e3:01:ce:47:24:3d:67:da:6a:c2:82:85:
60:0e:db:f8:77:c7:75:63:34:78:77:6c:08:43:3d:
7c:cb:46:0b:8a:b0:15:00:e7:4e:62:a4:07:4c:19:
48:bf:73:7d:99:9e:8c:2b:80:5d:61:54:19:5a:f3:
08:41:f7:48:3d:75:18:95:37:70:e7:7b:64:14:7c:
8f:32:b2:9a:57:ae:f1:90:56:88:34:e1:dd:a4:7e:
42:ec:e0:cb:cf:eb:bc:3b:e5:7c:3d:3a:47:9f:5c:
2c:9f:01:19:f4:2a:2a:bb:b8:75:5a:fc:52:fd:a5:
58:c5:23:3a:c6:3c:09:c8:1f:5c:86:3f:34:d3:82:
d3:e6:25:bf:0f:6c:5c:c4:cb:7b:0c:2b:7b:66:16:
07:01:3f:56:56:ea:a6:ae:db:fb:cd:0a:95:dd:4d:
9a:ac:24:76:49:51:25:bf:e8:73:4d:e6:62:d4:20:
ec:8b:fb:c4:25:38:8c:a5:eb:ce:22:4f:77:e8:36:
4b:6b:db:21:c9:96:10:44:2c:4c:dc:f7:b6:09:f1:
a7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:87:C8:7A:15:56:03:6C:D7:84:23:B0:3A:FD:88:84:45:C1:B2:CA
X509v3 Authority Key Identifier:
keyid:CA:61:47:8E:4D:65:9B:EC:E8:20:3C:5E:8B:A8:E8:F8:2F:04:70:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ymFHjk1lm-zoIDxei6jo-C8EcNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/fofIehVWA2zXhCOwOv2IhEXBsso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/ymFHjk1lm-zoIDxei6jo-C8EcNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.107.0/24
Signature Algorithm: sha256WithRSAEncryption
12:01:ad:25:77:74:6a:61:c3:16:b3:f8:b2:65:e1:27:17:95:
6c:f7:c1:f7:25:ad:14:d3:b1:95:90:7a:db:0f:42:5b:c5:ab:
8f:22:33:7b:90:0c:78:10:ef:f9:5e:c6:d2:21:73:d3:47:bb:
0d:6b:d4:e1:31:8f:fa:c9:af:ba:c9:55:5b:9f:e7:f4:33:d5:
55:01:1e:fc:03:2b:dc:9a:6d:5e:3b:da:a9:c2:b7:a9:59:14:
77:57:72:5a:8b:8d:bf:2e:02:f0:54:c7:5e:88:3f:9e:a3:10:
25:70:0d:07:87:a9:74:cc:2a:e1:7e:f5:1a:86:b1:39:9a:97:
8c:47:a1:a3:c5:a4:53:41:73:e8:0e:4b:9c:1f:4b:97:b1:81:
46:79:c0:5b:88:31:60:94:59:7b:99:f5:0c:5c:0e:df:c5:20:
a2:01:3f:13:03:c6:f8:d3:ac:9f:ca:60:4b:07:71:53:6c:77:
a6:c5:79:38:08:04:6d:58:2a:68:33:d6:75:e5:7c:d9:e8:d2:
4b:53:ed:8d:15:eb:29:6e:f1:6c:5b:fb:34:3e:67:76:fa:dc:
60:1d:b4:84:bd:47:0c:d8:fe:0a:f5:fe:f7:c8:42:2b:4c:4b:
b2:87:b2:62:d4:27:fb:5b:f8:0c:64:39:5a:f7:2b:36:b4:50:
dc:65:ea:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjVpvAT6z9EwuVHkRcsx1ZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNjE0NzhlNGQ2NTliZWNlODIwM2M1ZThiYThlOGY4MmYw
NDcwZDcwHhcNMjUwODIzMDYzOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTg3Yzg3YTE1NTYwMzZjZDc4NDIzYjAzYWZkODg4NDQ1YzFiMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KKxn0B2NsU/2iz1MShXPdFhX8J9
LAYEECV6PlM/ksqNqUDnRxRuo8VREiT+KKzjAc5HJD1n2mrCgoVgDtv4d8d1YzR4
d2wIQz18y0YLirAVAOdOYqQHTBlIv3N9mZ6MK4BdYVQZWvMIQfdIPXUYlTdw53tk
FHyPMrKaV67xkFaINOHdpH5C7ODLz+u8O+V8PTpHn1wsnwEZ9Coqu7h1WvxS/aVY
xSM6xjwJyB9chj8004LT5iW/D2xcxMt7DCt7ZhYHAT9WVuqmrtv7zQqV3U2arCR2
SVElv+hzTeZi1CDsi/vEJTiMpevOIk936DZLa9shyZYQRCxM3Pe2CfGnFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH6HyHoVVgNs14QjsDr9iIRFwbLKMB8GA1UdIwQY
MBaAFMphR45NZZvs6CA8Xouo6PgvBHDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW1GSGprMWxtLXpvSUR4ZWk2am8tQzhFY05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNzliNjYtMzhmMS00MWE1LTkwZTIt
OTQ2ZGE1ZjVlZmJiLzEvZm9mSWVoVldBMnpYaENPd092MkloRVhCc3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNzliNjYtMzhmMS00MWE1LTkwZTItOTQ2ZGE1ZjVlZmJi
LzEveW1GSGprMWxtLXpvSUR4ZWk2am8tQzhFY05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHVrMA0G
CSqGSIb3DQEBCwUAA4IBAQASAa0ld3RqYcMWs/iyZeEnF5Vs98H3Ja0U07GVkHrb
D0JbxauPIjN7kAx4EO/5XsbSIXPTR7sNa9ThMY/6ya+6yVVbn+f0M9VVAR78Ayvc
mm1eO9qpwrepWRR3V3Jai42/LgLwVMdeiD+eoxAlcA0Hh6l0zCrhfvUahrE5mpeM
R6GjxaRTQXPoDkucH0uXsYFGecBbiDFglFl7mfUMXA7fxSCiAT8TA8b406yfymBL
B3FTbHemxXk4CARtWCpoM9Z15XzZ6NJLU+2NFespbvFsW/s0Pmd2+txgHbSEvUcM
2P4K9f73yEIrTEuyh7Ji1Cf7W/gMZDla9ys2tFDcZeoB
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:15:25 2025 by rpki-client