Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/uI_gKbcPZaZHJAm3PiXw7iTliwE.roa
File: uI_gKbcPZaZHJAm3PiXw7iTliwE.roa (raw, json)
Hash identifier: 6ODFDFFqbYIdwHTQdnmzNH2UrGHl3zeupniurriUEhg=
Subject key identifier: B8:8F:E0:29:B7:0F:65:A6:47:24:09:B7:3E:25:F0:EE:24:E5:8B:01
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019A29CF4E4F7BB44266C92A2C110B9911B3
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/uI_gKbcPZaZHJAm3PiXw7iTliwE.roa
Signing time: Tue 28 Oct 2025 07:54:03 +0000
ROA not before: Tue 28 Oct 2025 07:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 79.175.103.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
188.255.242.0/24 maxlen: 24
188.255.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:cf:4e:4f:7b:b4:42:66:c9:2a:2c:11:0b:99:11:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 28 07:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b88fe029b70f65a6472409b73e25f0ee24e58b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:8e:f3:a9:86:2d:f7:ef:81:06:e7:90:9f:f0:
5a:46:6b:b4:a2:e4:a7:57:21:61:f2:9c:1e:3e:1a:
c3:95:03:dd:38:c3:2e:0e:18:a8:de:27:35:a9:6c:
55:68:48:50:7e:4f:5f:db:e6:71:81:bc:7b:43:ea:
eb:d5:33:f3:70:f2:75:34:9b:4c:a8:5e:02:5c:48:
17:ac:50:1c:ca:d0:59:6e:ce:71:a4:cc:a7:30:03:
2c:06:e6:15:cb:7f:3a:14:da:5e:3e:85:d8:85:7f:
8a:51:d4:41:aa:cf:55:34:49:b5:44:54:58:f9:74:
ea:ae:9d:1f:d5:76:c8:29:44:c1:28:fd:50:b6:6b:
ef:e8:fc:4c:7d:e2:6a:e0:18:e6:5c:26:04:a5:eb:
c4:20:d4:d2:d0:51:d7:9d:5c:4f:8d:a7:70:64:ac:
e3:47:56:cf:5d:1a:97:56:e3:69:ee:d7:28:51:bd:
ee:b6:23:55:3c:14:bd:6a:4f:1e:62:da:15:fd:2f:
8a:cd:9a:59:54:14:fc:9e:a7:8e:a3:1d:c5:63:d3:
63:dc:2b:90:df:48:51:30:24:29:98:69:d4:b5:98:
d2:43:2f:2a:61:30:e0:c4:fe:fa:93:2c:d7:3b:81:
40:8b:a4:54:2c:17:43:3b:99:57:46:29:1d:20:dc:
16:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:8F:E0:29:B7:0F:65:A6:47:24:09:B7:3E:25:F0:EE:24:E5:8B:01
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/uI_gKbcPZaZHJAm3PiXw7iTliwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.103.0/24
109.121.37.0/24
109.121.42.0/24
109.121.45.0/24
109.121.47.0/24
188.255.242.0/24
188.255.247.0/24
Signature Algorithm: sha256WithRSAEncryption
74:6a:23:8c:64:de:58:5a:ef:f0:d4:e6:bc:24:96:a5:d3:de:
1c:f5:c8:b8:be:07:15:14:86:4c:4c:e8:d3:1e:63:43:58:de:
ec:48:00:d8:d1:cf:4f:ad:74:19:65:c7:a1:ca:4e:0b:cc:29:
b4:37:e4:9f:3a:f7:9d:74:bc:98:13:da:a4:74:8c:db:32:ee:
a0:f4:76:31:7c:b9:06:f2:65:fe:4e:c2:de:d6:aa:75:7f:9a:
92:ea:ba:f4:e7:cf:93:07:4e:68:2a:e6:40:b8:14:76:1f:dc:
17:a2:26:c4:fc:c2:9b:46:2e:ed:ad:66:54:72:be:27:9a:ef:
a3:e7:32:73:86:29:ca:e6:04:bd:2f:10:e5:72:ba:a2:77:f7:
ea:54:88:05:56:ea:a7:1e:e8:5a:99:3e:85:24:0d:52:70:60:
77:3c:b3:c8:2c:4d:3a:35:b1:0f:49:c6:82:a0:81:76:18:ce:
c7:4a:77:64:44:7e:58:e6:a9:6c:93:e2:01:5b:0a:49:58:7f:
2a:44:e5:1d:2e:2b:bb:92:95:48:66:9a:df:44:11:31:50:b4:
43:ae:30:11:8b:ef:21:e2:cd:c0:28:a5:ed:4f:89:3f:ac:32:
90:b1:00:b9:4e:18:95:0f:8b:1f:ed:13:c0:9b:92:7a:e4:da:
1e:54:2b:cc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZopz05Pe7RCZskqLBELmRGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUxMDI4MDc1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODhmZTAyOWI3MGY2NWE2NDcyNDA5YjczZTI1ZjBlZTI0ZTU4YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+I7zqYYt9++BBueQn/BaRmu0ouSn
VyFh8pwePhrDlQPdOMMuDhio3ic1qWxVaEhQfk9f2+Zxgbx7Q+rr1TPzcPJ1NJtM
qF4CXEgXrFAcytBZbs5xpMynMAMsBuYVy386FNpePoXYhX+KUdRBqs9VNEm1RFRY
+XTqrp0f1XbIKUTBKP1Qtmvv6PxMfeJq4BjmXCYEpevEINTS0FHXnVxPjadwZKzj
R1bPXRqXVuNp7tcoUb3utiNVPBS9ak8eYtoV/S+KzZpZVBT8nqeOox3FY9Nj3CuQ
30hRMCQpmGnUtZjSQy8qYTDgxP76kyzXO4FAi6RULBdDO5lXRikdINwWUwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLiP4Cm3D2WmRyQJtz4l8O4k5YsBMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvdUlfZ0tiY1BaYVpISkFtM1BpWHc3aVRsaXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAT69nAwQA
bXklAwQAbXkqAwQAbXktAwQAbXkvAwQAvP/yAwQAvP/3MA0GCSqGSIb3DQEBCwUA
A4IBAQB0aiOMZN5YWu/w1Oa8JJal094c9ci4vgcVFIZMTOjTHmNDWN7sSADY0c9P
rXQZZcehyk4LzCm0N+SfOveddLyYE9qkdIzbMu6g9HYxfLkG8mX+TsLe1qp1f5qS
6rr058+TB05oKuZAuBR2H9wXoibE/MKbRi7trWZUcr4nmu+j5zJzhinK5gS9LxDl
crqid/fqVIgFVuqnHuhamT6FJA1ScGB3PLPILE06NbEPScaCoIF2GM7HSndkRH5Y
5qlsk+IBWwpJWH8qROUdLiu7kpVIZprfRBExULRDrjARi+8h4s3AKKXtT4k/rDKQ
sQC5ThiVD4sf7RPAm5J65NoeVCvM
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:04:19 2025 by rpki-client