Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/87Xl48cBUq5jam9l_wPBnTmXlGI.roa
File: 87Xl48cBUq5jam9l_wPBnTmXlGI.roa (raw, json)
Hash identifier: boX79z65S+x/Pf7MD9UZvJ6gdGMUevgNlx+jhV9Efz4=
Subject key identifier: F3:B5:E5:E3:C7:01:52:AE:63:6A:6F:65:FF:03:C1:9D:39:97:94:62
Certificate issuer: /CN=bbd84bc44dbda5babfc4940bccc1635e153b24b6
Certificate serial: 0198B18908548A104CB385F8A3B9BB0E10AC
Authority key identifier: BB:D8:4B:C4:4D:BD:A5:BA:BF:C4:94:0B:CC:C1:63:5E:15:3B:24:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9hLxE29pbq_xJQLzMFjXhU7JLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/87Xl48cBUq5jam9l_wPBnTmXlGI.roa
Signing time: Sat 16 Aug 2025 06:20:04 +0000
ROA not before: Sat 16 Aug 2025 06:20:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42295
IP address blocks: 85.187.16.0/24 maxlen: 24
93.152.231.0/24 maxlen: 24
93.152.232.0/24 maxlen: 24
185.240.133.0/24 maxlen: 24
195.191.34.0/23 maxlen: 23
2001:67c:530::/48 maxlen: 48
2a0c:2180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/u9hLxE29pbq_xJQLzMFjXhU7JLY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/u9hLxE29pbq_xJQLzMFjXhU7JLY.mft
rsync://rpki.ripe.net/repository/DEFAULT/u9hLxE29pbq_xJQLzMFjXhU7JLY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b1:89:08:54:8a:10:4c:b3:85:f8:a3:b9:bb:0e:10:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd84bc44dbda5babfc4940bccc1635e153b24b6
Validity
Not Before: Aug 16 06:20:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3b5e5e3c70152ae636a6f65ff03c19d39979462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:14:9e:59:94:46:d7:08:aa:f5:5a:34:a0:8e:
72:4e:66:e3:c7:2b:8f:cf:ab:02:23:5f:d1:f7:52:
90:89:c4:43:6a:87:77:a7:19:bd:db:c4:3d:a9:b9:
6b:b6:ca:cd:10:a6:84:75:2e:4d:df:8d:62:08:5b:
67:bb:dd:7f:de:21:a6:56:ed:17:3c:fd:da:5d:d5:
47:ec:05:82:4b:36:ed:06:c2:37:02:e4:5e:05:b0:
c2:14:53:ba:a3:b0:e0:61:7d:03:5a:53:82:f3:6f:
8e:25:73:e6:23:86:59:df:fa:9a:5e:58:72:32:9b:
1d:98:3a:37:8a:52:77:23:eb:5c:9c:ea:98:93:b5:
8d:4b:68:eb:6c:8b:6f:59:55:37:ff:1e:67:91:44:
f3:2a:11:b7:f2:d6:10:d1:3e:53:31:a8:c2:57:28:
52:ee:84:c6:4c:2e:79:83:fb:04:ea:0f:c3:d8:2d:
22:3e:6b:6d:96:4d:b0:a9:de:46:86:7d:84:b1:bd:
c1:34:46:94:06:88:1d:13:f1:9a:f6:46:bd:f7:02:
b6:0b:e4:17:6f:20:84:d9:f6:50:13:67:bb:e0:ff:
7f:20:74:e2:8c:9b:21:e3:e7:6b:07:ba:03:96:1b:
89:ad:a2:54:c4:3d:6d:2d:6f:b3:e1:ab:3a:0c:7c:
78:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B5:E5:E3:C7:01:52:AE:63:6A:6F:65:FF:03:C1:9D:39:97:94:62
X509v3 Authority Key Identifier:
keyid:BB:D8:4B:C4:4D:BD:A5:BA:BF:C4:94:0B:CC:C1:63:5E:15:3B:24:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9hLxE29pbq_xJQLzMFjXhU7JLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/87Xl48cBUq5jam9l_wPBnTmXlGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/u9hLxE29pbq_xJQLzMFjXhU7JLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.16.0/24
93.152.231.0-93.152.232.255
185.240.133.0/24
195.191.34.0/23
IPv6:
2001:67c:530::/48
2a0c:2180::/32
Signature Algorithm: sha256WithRSAEncryption
56:1e:37:3d:44:fd:4b:d9:83:4a:78:8f:8b:95:99:ed:44:73:
79:35:5e:e4:fd:cf:7e:38:63:00:52:de:99:50:b2:0c:00:22:
08:b2:0a:6e:24:bc:ad:b6:0b:06:c5:90:2e:2e:e6:19:99:d4:
cb:55:7b:53:34:71:3d:48:a9:a2:c4:b8:b4:76:bd:e4:80:b5:
e7:3f:43:7a:3c:29:b6:68:bb:f3:ab:e3:20:34:bc:be:6b:83:
10:4f:51:21:4f:09:46:5f:a0:83:9c:d6:41:24:a1:51:4e:58:
92:80:97:fd:b1:45:05:81:51:68:43:e2:d1:9c:75:5f:d8:e3:
3b:87:f8:e5:48:a0:cb:46:93:79:53:28:40:2b:53:84:49:39:
26:5a:ce:26:87:95:dd:10:41:96:4e:f6:b3:d4:67:b4:97:a3:
ba:be:6d:07:e8:92:79:55:19:61:07:7b:db:1c:87:f6:5d:e1:
9f:e0:f2:aa:fa:56:6a:31:f9:c3:59:22:b3:bc:60:a7:0e:38:
14:54:6f:96:45:5b:49:bc:01:0c:bf:0a:1a:02:26:0e:5d:0d:
f1:6e:d7:f8:64:64:43:93:2d:f0:ff:1e:d9:39:82:75:d5:11:
c7:55:bf:38:11:6a:1f:4c:7c:3a:20:fe:8f:f7:ba:2d:12:4b:
e9:e7:59:45
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZixiQhUihBMs4X4o7m7DhCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDg0YmM0NGRiZGE1YmFiZmM0OTQwYmNjYzE2MzVlMTUz
YjI0YjYwHhcNMjUwODE2MDYyMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2I1ZTVlM2M3MDE1MmFlNjM2YTZmNjVmZjAzYzE5ZDM5OTc5NDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBSeWZRG1wiq9Vo0oI5yTmbjxyuP
z6sCI1/R91KQicRDaod3pxm928Q9qblrtsrNEKaEdS5N341iCFtnu91/3iGmVu0X
PP3aXdVH7AWCSzbtBsI3AuReBbDCFFO6o7DgYX0DWlOC82+OJXPmI4ZZ3/qaXlhy
MpsdmDo3ilJ3I+tcnOqYk7WNS2jrbItvWVU3/x5nkUTzKhG38tYQ0T5TMajCVyhS
7oTGTC55g/sE6g/D2C0iPmttlk2wqd5Ghn2Esb3BNEaUBogdE/Ga9ka99wK2C+QX
byCE2fZQE2e74P9/IHTijJsh4+drB7oDlhuJraJUxD1tLW+z4as6DHx4nwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPO15ePHAVKuY2pvZf8DwZ05l5RiMB8GA1UdIwQY
MBaAFLvYS8RNvaW6v8SUC8zBY14VOyS2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTloTHhFMjlwYnFfeEpRTHpNRmpYaFU3SkxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS82MzliZTQtOTNlNi00MTgzLWFiNmYt
ZGZkZGIxMzY0MzYzLzEvODdYbDQ4Y0JVcTVqYW05bF93UEJuVG1YbEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS82MzliZTQtOTNlNi00MTgzLWFiNmYtZGZkZGIxMzY0MzYz
LzEvdTloTHhFMjlwYnFfeEpRTHpNRmpYaFU3SkxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgAwQAVbsQMAwD
BABdmOcDBABdmOgDBAC58IUDBAHDvyIwFgQCAAIwEAMHACABBnwFMAMFACoMIYAw
DQYJKoZIhvcNAQELBQADggEBAFYeNz1E/UvZg0p4j4uVme1Ec3k1XuT9z344YwBS
3plQsgwAIgiyCm4kvK22CwbFkC4u5hmZ1MtVe1M0cT1IqaLEuLR2veSAtec/Q3o8
KbZou/Or4yA0vL5rgxBPUSFPCUZfoIOc1kEkoVFOWJKAl/2xRQWBUWhD4tGcdV/Y
4zuH+OVIoMtGk3lTKEArU4RJOSZaziaHld0QQZZO9rPUZ7SXo7q+bQfoknlVGWEH
e9sch/Zd4Z/g8qr6Vmox+cNZIrO8YKcOOBRUb5ZFW0m8AQy/ChoCJg5dDfFu1/hk
ZEOTLfD/Htk5gnXVEcdVvzgRah9MfDog/o/3ui0SS+nnWUU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:13:10 2025 by rpki-client