Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/_7L0Acw4ztEdkPRBoAymbB9GhBg.roa
File: _7L0Acw4ztEdkPRBoAymbB9GhBg.roa (raw, json)
Hash identifier: 8jN78r9jqAv4DYGKhFwbbm0pahreTH8x5yN86nYU05g=
Subject key identifier: FF:B2:F4:01:CC:38:CE:D1:1D:90:F4:41:A0:0C:A6:6C:1F:46:84:18
Certificate issuer: /CN=bfac971076263bddb0eecf5bea6574a405b985de
Certificate serial: 019A17C1B8CE87D4727FAAD704B1B774D5E5
Authority key identifier: BF:AC:97:10:76:26:3B:DD:B0:EE:CF:5B:EA:65:74:A4:05:B9:85:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6yXEHYmO92w7s9b6mV0pAW5hd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/_7L0Acw4ztEdkPRBoAymbB9GhBg.roa
Signing time: Fri 24 Oct 2025 19:46:02 +0000
ROA not before: Fri 24 Oct 2025 19:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 80.244.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/v6yXEHYmO92w7s9b6mV0pAW5hd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/v6yXEHYmO92w7s9b6mV0pAW5hd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/v6yXEHYmO92w7s9b6mV0pAW5hd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:17:c1:b8:ce:87:d4:72:7f:aa:d7:04:b1:b7:74:d5:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfac971076263bddb0eecf5bea6574a405b985de
Validity
Not Before: Oct 24 19:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffb2f401cc38ced11d90f441a00ca66c1f468418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5a:55:17:ab:5a:22:fb:fd:06:5b:22:09:c1:
2c:78:63:cc:44:8f:69:ad:bf:8a:5c:55:31:ec:dc:
4f:26:0f:7f:93:1b:fa:c6:a8:15:c0:6f:b6:ad:a6:
5a:3d:9e:50:e8:b3:eb:e7:5c:c5:6d:1f:64:82:8b:
1a:0c:87:8e:15:ac:a9:cf:87:9d:d5:b4:b7:ce:8a:
7d:92:c6:c6:de:70:f1:8a:e8:06:a2:57:0c:99:c3:
46:bb:67:55:5a:7a:7c:c8:b0:74:ae:bb:3f:a7:7c:
e9:9a:a0:98:4c:4d:47:47:cb:f5:d2:e6:69:b5:a2:
61:73:de:3b:8f:1b:3f:f2:b2:a6:a1:b7:0e:fd:4b:
d8:b0:a1:26:57:99:c0:11:5b:8d:91:d5:d4:3b:b7:
d1:d4:d6:f6:81:01:c4:4b:97:6f:2b:4b:8e:da:0f:
cb:ed:bf:73:d2:ad:61:1f:fb:d2:d6:e7:37:f0:b5:
60:9c:1f:83:58:5b:17:c6:38:dc:9b:d0:77:e3:9f:
26:a3:a5:e9:f1:2e:c6:22:be:47:2a:3c:2e:5c:5b:
2d:ea:63:79:b2:53:51:e6:49:73:e2:05:c2:68:2c:
69:00:7d:70:ae:9a:9e:0a:01:2f:03:0b:e0:a5:d0:
eb:b3:c4:fe:cb:38:3c:d0:0a:c3:96:c7:73:5d:aa:
ba:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B2:F4:01:CC:38:CE:D1:1D:90:F4:41:A0:0C:A6:6C:1F:46:84:18
X509v3 Authority Key Identifier:
keyid:BF:AC:97:10:76:26:3B:DD:B0:EE:CF:5B:EA:65:74:A4:05:B9:85:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6yXEHYmO92w7s9b6mV0pAW5hd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/_7L0Acw4ztEdkPRBoAymbB9GhBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/067837-baa0-4085-aa23-8023d945497a/1/v6yXEHYmO92w7s9b6mV0pAW5hd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.13.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:e8:cf:26:ef:ed:4e:bd:55:c3:2d:a4:07:27:8b:3d:32:28:
bd:d8:28:ba:26:19:5c:8b:61:9e:1b:60:27:a9:c4:44:a9:10:
bd:a2:9b:e3:fe:20:55:20:f7:c9:0a:14:77:be:e0:a0:03:8f:
a7:d9:07:71:27:3a:9c:11:bc:9c:7c:ea:bf:60:17:c6:e8:2f:
b3:fc:9d:08:ed:99:0c:cd:3c:30:df:0b:b9:98:ed:be:a4:1e:
e4:76:9e:ea:14:0d:4d:ed:4e:12:40:31:14:55:e2:cb:dd:15:
94:85:08:44:f2:47:f7:04:d0:ad:aa:03:4a:18:c4:61:50:23:
9e:f8:c8:22:b2:64:10:b2:94:95:df:a7:44:8c:66:c6:6e:e5:
f0:8a:ef:25:48:9d:30:c8:46:4c:5a:a5:12:51:09:8d:8b:73:
06:e9:17:bc:d3:3c:bf:5e:e9:e1:70:27:9d:1f:33:f5:8f:41:
d9:d5:3d:b1:e3:9f:70:66:a1:6b:e9:48:fd:92:5b:28:9e:9f:
cb:b8:4e:3d:5b:6b:7d:96:e9:18:71:c3:8e:b5:a4:92:1d:a5:
f6:f0:6e:e5:52:78:82:31:5b:9c:0a:55:b3:77:16:ad:13:87:
43:20:32:14:46:97:34:1a:e5:ba:57:88:12:6c:26:7d:8b:db:
c0:e3:61:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoXwbjOh9Ryf6rXBLG3dNXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYWM5NzEwNzYyNjNiZGRiMGVlY2Y1YmVhNjU3NGE0MDVi
OTg1ZGUwHhcNMjUxMDI0MTk0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmIyZjQwMWNjMzhjZWQxMWQ5MGY0NDFhMDBjYTY2YzFmNDY4NDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFpVF6taIvv9BlsiCcEseGPMRI9p
rb+KXFUx7NxPJg9/kxv6xqgVwG+2raZaPZ5Q6LPr51zFbR9kgosaDIeOFaypz4ed
1bS3zop9ksbG3nDxiugGolcMmcNGu2dVWnp8yLB0rrs/p3zpmqCYTE1HR8v10uZp
taJhc947jxs/8rKmobcO/UvYsKEmV5nAEVuNkdXUO7fR1Nb2gQHES5dvK0uO2g/L
7b9z0q1hH/vS1uc38LVgnB+DWFsXxjjcm9B3458mo6Xp8S7GIr5HKjwuXFst6mN5
slNR5klz4gXCaCxpAH1wrpqeCgEvAwvgpdDrs8T+yzg80ArDlsdzXaq6GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP+y9AHMOM7RHZD0QaAMpmwfRoQYMB8GA1UdIwQY
MBaAFL+slxB2JjvdsO7PW+pldKQFuYXeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZ5WEVIWW1POTJ3N3M5YjZtVjBwQVc1aGQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNjc4MzctYmFhMC00MDg1LWFhMjMt
ODAyM2Q5NDU0OTdhLzEvXzdMMEFjdzR6dEVka1BSQm9BeW1iQjlHaEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNjc4MzctYmFhMC00MDg1LWFhMjMtODAyM2Q5NDU0OTdh
LzEvdjZ5WEVIWW1POTJ3N3M5YjZtVjBwQVc1aGQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPQNMA0G
CSqGSIb3DQEBCwUAA4IBAQAK6M8m7+1OvVXDLaQHJ4s9Mii92Ci6Jhlci2GeG2An
qcREqRC9opvj/iBVIPfJChR3vuCgA4+n2QdxJzqcEbycfOq/YBfG6C+z/J0I7ZkM
zTww3wu5mO2+pB7kdp7qFA1N7U4SQDEUVeLL3RWUhQhE8kf3BNCtqgNKGMRhUCOe
+MgismQQspSV36dEjGbGbuXwiu8lSJ0wyEZMWqUSUQmNi3MG6Re80zy/XunhcCed
HzP1j0HZ1T2x459wZqFr6Uj9klsonp/LuE49W2t9lukYccOOtaSSHaX28G7lUniC
MVucClWzdxatE4dDIDIURpc0GuW6V4gSbCZ9i9vA42HN
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:40:01 2025 by rpki-client