Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/ALwZhIzMltcNA93bXSkzknwg_14.roa
File: ALwZhIzMltcNA93bXSkzknwg_14.roa (raw, json)
Hash identifier: 8/oCBG94vIxN2asbJtnpsK13+hX56C8+2PdARaHhKJk=
Subject key identifier: 00:BC:19:84:8C:CC:96:D7:0D:03:DD:DB:5D:29:33:92:7C:20:FF:5E
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0198AD03E70530965F739158D41C18EEF00F
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/ALwZhIzMltcNA93bXSkzknwg_14.roa
Signing time: Fri 15 Aug 2025 09:16:10 +0000
ROA not before: Fri 15 Aug 2025 09:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 87.254.11.0/24 maxlen: 24
87.254.29.0/24 maxlen: 24
217.25.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ad:03:e7:05:30:96:5f:73:91:58:d4:1c:18:ee:f0:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Aug 15 09:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00bc19848ccc96d70d03dddb5d2933927c20ff5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:31:7a:f4:10:f4:47:8f:a6:3b:4b:6e:f0:38:
88:05:f7:c7:c9:fb:6e:bc:f5:e8:38:11:72:92:28:
9c:f9:91:af:2f:36:b1:36:c6:d0:3d:c5:4a:a8:5d:
89:8e:b6:99:6d:b8:0b:ef:b3:48:b4:01:22:f2:94:
80:39:2f:5c:76:e6:20:44:f3:ea:3b:18:2c:6a:5f:
6c:82:81:45:51:e0:56:2f:b6:02:a2:7a:8a:98:6b:
fb:43:7e:1d:fa:65:1f:08:08:67:97:7a:05:7f:80:
7f:cc:91:1c:3a:80:41:c7:5c:40:ac:07:d2:81:ac:
6d:4b:6b:22:8f:ff:6e:a0:86:f6:ca:de:22:b0:96:
6e:28:72:b5:52:f5:f7:e4:cc:56:f7:0b:17:9f:49:
54:ed:23:a3:d1:1b:6c:29:d9:fe:b9:80:50:3b:9f:
dc:24:3b:da:76:c9:14:01:8e:99:ba:2e:43:8e:29:
f4:31:66:b5:12:de:a6:8c:a5:e4:cf:d9:99:a2:17:
62:ae:df:45:82:95:c4:6f:71:c2:8b:62:25:2f:a5:
9d:4e:2d:f8:d4:a5:e8:cb:fb:6f:e6:48:85:7b:06:
6a:52:84:7c:47:bf:3e:e9:f4:33:a9:21:98:f4:67:
10:25:bf:60:c8:d8:db:d1:fc:b4:95:e7:cc:94:31:
c0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BC:19:84:8C:CC:96:D7:0D:03:DD:DB:5D:29:33:92:7C:20:FF:5E
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/ALwZhIzMltcNA93bXSkzknwg_14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.11.0/24
87.254.29.0/24
217.25.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:76:ad:0b:d7:8e:8e:b5:55:91:9d:5b:6f:b4:f5:e1:90:ea:
a1:6d:06:f6:4f:7d:64:eb:85:af:83:6f:2b:59:0b:31:67:ac:
7f:40:39:b8:0f:41:5b:2c:e4:80:a9:c0:0f:db:8e:f1:25:82:
8b:01:3a:96:0a:43:d0:34:85:b0:7d:47:ff:ce:42:94:45:01:
91:e7:ef:e9:79:26:46:fa:77:cd:17:5b:9c:4e:9e:4c:39:3f:
ce:40:48:df:49:47:1e:43:af:72:0e:8b:1e:b6:f7:fe:a7:a4:
e7:b6:15:1c:b3:20:b3:9c:30:b4:55:be:79:11:2e:34:f7:97:
fb:25:e9:57:41:3a:ea:25:d7:dc:0e:0a:1b:f7:f4:66:58:1a:
6e:db:d5:b9:45:08:4a:41:f7:e0:4d:3f:a4:43:b9:1b:16:5c:
4c:98:e1:b7:4c:6a:8e:80:dd:3f:3d:02:08:f4:a7:e1:dd:e4:
33:02:b5:63:30:32:28:17:f1:4a:f3:ab:16:36:fa:86:f2:a0:
47:ff:ae:ee:99:5f:34:44:87:16:b6:e6:48:8b:5f:86:03:83:
a0:f3:9b:45:e5:d8:c7:b9:a8:07:73:d1:48:45:89:fc:17:c8:
59:32:0b:70:fc:30:82:44:e9:8c:3f:81:25:df:ac:df:cb:de:
53:7f:a2:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZitA+cFMJZfc5FY1BwY7vAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjUwODE1MDkxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJjMTk4NDhjY2M5NmQ3MGQwM2RkZGI1ZDI5MzM5MjdjMjBmZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojF69BD0R4+mO0tu8DiIBffHyftu
vPXoOBFykiic+ZGvLzaxNsbQPcVKqF2JjraZbbgL77NItAEi8pSAOS9cduYgRPPq
Oxgsal9sgoFFUeBWL7YConqKmGv7Q34d+mUfCAhnl3oFf4B/zJEcOoBBx1xArAfS
gaxtS2sij/9uoIb2yt4isJZuKHK1UvX35MxW9wsXn0lU7SOj0RtsKdn+uYBQO5/c
JDvadskUAY6Zui5Djin0MWa1Et6mjKXkz9mZohdirt9FgpXEb3HCi2IlL6WdTi34
1KXoy/tv5kiFewZqUoR8R78+6fQzqSGY9GcQJb9gyNjb0fy0lefMlDHArQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAC8GYSMzJbXDQPd210pM5J8IP9eMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvQUx3WmhJek1sdGNOQTkzYlhTa3prbndnXzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/4LAwQA
V/4dAwQA2RkDMA0GCSqGSIb3DQEBCwUAA4IBAQAadq0L146OtVWRnVtvtPXhkOqh
bQb2T31k64Wvg28rWQsxZ6x/QDm4D0FbLOSAqcAP247xJYKLATqWCkPQNIWwfUf/
zkKURQGR5+/peSZG+nfNF1ucTp5MOT/OQEjfSUceQ69yDosetvf+p6TnthUcsyCz
nDC0Vb55ES4095f7JelXQTrqJdfcDgob9/RmWBpu29W5RQhKQffgTT+kQ7kbFlxM
mOG3TGqOgN0/PQII9Kfh3eQzArVjMDIoF/FK86sWNvqG8qBH/67umV80RIcWtuZI
i1+GA4Og85tF5djHuagHc9FIRYn8F8hZMgtw/DCCROmMP4El36zfy95Tf6Jl
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:44:53 2025 by rpki-client