Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/f8GuXqyhfJgoeoUeyXI-IyypjfY.roa
File: f8GuXqyhfJgoeoUeyXI-IyypjfY.roa (raw, json)
Hash identifier: dNkJq59g7PsX94lu8T7xH1Ou+GlOdCXHEl3QjmKOdzg=
Subject key identifier: 7F:C1:AE:5E:AC:A1:7C:98:28:7A:85:1E:C9:72:3E:23:2C:A9:8D:F6
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 019A0C7851DD8581DA41BFCFFB4B7A0CD686
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/f8GuXqyhfJgoeoUeyXI-IyypjfY.roa
Signing time: Wed 22 Oct 2025 15:10:03 +0000
ROA not before: Wed 22 Oct 2025 15:10:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 82.206.9.0/24 maxlen: 24
82.206.80.0/24 maxlen: 24
82.206.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:78:51:dd:85:81:da:41:bf:cf:fb:4b:7a:0c:d6:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Oct 22 15:10:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fc1ae5eaca17c98287a851ec9723e232ca98df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:78:ef:c9:fb:e8:22:40:e9:f0:02:1f:91:8a:
b9:53:3d:d3:62:23:1a:bc:d3:b5:05:3e:05:23:74:
28:05:0e:75:4b:13:e4:3e:2b:f4:a5:18:21:fe:c2:
a7:8a:6c:10:ab:ea:df:c6:5b:f0:0c:6e:65:8a:30:
53:29:f3:7f:a5:0c:71:dc:af:df:20:4e:8f:27:dc:
44:93:1d:17:c4:7e:05:c5:f6:78:83:57:29:f8:90:
9b:84:d4:92:28:08:0d:90:66:1a:84:08:e1:a8:03:
61:89:97:81:66:90:3a:57:11:bb:21:91:43:e8:15:
2c:e2:93:6f:7b:7f:bd:02:2a:85:49:20:32:3e:7e:
ce:83:0e:09:21:52:d8:90:03:81:a1:3e:f7:51:c0:
ae:4b:42:12:ed:dc:85:fb:59:5a:bf:d6:b6:ab:0b:
45:9a:f4:a4:a0:0d:7a:7f:e6:3c:9e:4b:bd:fc:fc:
c5:91:a1:90:29:e3:59:db:7a:af:90:01:e1:b9:a9:
c6:ad:8e:c1:f0:12:4b:f0:8d:05:4a:24:40:07:f4:
6d:ee:09:8e:30:c9:1a:a3:b0:7e:45:de:e1:59:f0:
8e:f1:50:63:04:92:3f:8a:55:df:86:40:d8:12:10:
c3:83:a5:55:d1:a0:6a:cc:d1:bb:0d:fe:6d:1e:9f:
36:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C1:AE:5E:AC:A1:7C:98:28:7A:85:1E:C9:72:3E:23:2C:A9:8D:F6
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/f8GuXqyhfJgoeoUeyXI-IyypjfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.9.0/24
82.206.80.0/24
82.206.109.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:e8:94:3c:0f:eb:df:ac:18:fc:cd:48:6e:96:e7:53:34:95:
17:f6:0e:7f:71:02:ab:b9:11:30:9f:16:90:7b:f5:41:08:aa:
08:2d:28:89:79:6c:be:cc:1d:96:1e:e9:f0:8a:c5:70:7d:22:
08:c8:cc:da:25:03:43:98:bd:99:f6:6b:7c:8f:48:58:30:b3:
c6:d5:6a:e5:61:fd:08:a1:4c:29:9e:a9:f5:04:57:8e:2c:41:
9d:8c:ad:2e:1c:01:a1:0b:04:e6:e8:53:af:ac:bb:61:6b:81:
82:72:4c:7a:11:34:5c:3a:89:00:d5:78:7a:ac:50:a1:36:07:
e4:5a:23:f7:2f:00:4b:53:ee:d5:11:42:54:82:7f:38:49:9c:
fb:3a:a4:4d:5a:33:98:da:e8:a6:92:76:13:eb:c4:16:fd:e3:
14:46:b7:a1:c7:3e:ee:35:ce:9d:cd:6b:87:80:b9:1b:1a:7b:
c2:48:54:47:a3:40:cd:70:6b:9a:90:a1:7e:f6:7c:f7:83:e5:
9d:f0:01:aa:d7:25:12:fb:9e:78:d2:80:2b:0f:82:9b:71:24:
1d:ab:df:4e:1d:aa:e9:1e:10:7b:df:ee:49:64:e4:a9:af:f4:
aa:47:13:07:cb:9e:13:a4:40:02:c5:01:62:3a:80:35:5a:be:
eb:9a:d8:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZoMeFHdhYHaQb/P+0t6DNaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUxMDIyMTUxMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmMxYWU1ZWFjYTE3Yzk4Mjg3YTg1MWVjOTcyM2UyMzJjYTk4ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXjvyfvoIkDp8AIfkYq5Uz3TYiMa
vNO1BT4FI3QoBQ51SxPkPiv0pRgh/sKnimwQq+rfxlvwDG5lijBTKfN/pQxx3K/f
IE6PJ9xEkx0XxH4FxfZ4g1cp+JCbhNSSKAgNkGYahAjhqANhiZeBZpA6VxG7IZFD
6BUs4pNve3+9AiqFSSAyPn7Ogw4JIVLYkAOBoT73UcCuS0IS7dyF+1lav9a2qwtF
mvSkoA16f+Y8nku9/PzFkaGQKeNZ23qvkAHhuanGrY7B8BJL8I0FSiRAB/Rt7gmO
MMkao7B+Rd7hWfCO8VBjBJI/ilXfhkDYEhDDg6VV0aBqzNG7Df5tHp82pQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH/Brl6soXyYKHqFHslyPiMsqY32MB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvZjhHdVhxeWhmSmdvZW9VZXlYSS1JeXlwamZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUs4JAwQA
Us5QAwQAUs5tMA0GCSqGSIb3DQEBCwUAA4IBAQAN6JQ8D+vfrBj8zUhuludTNJUX
9g5/cQKruREwnxaQe/VBCKoILSiJeWy+zB2WHunwisVwfSIIyMzaJQNDmL2Z9mt8
j0hYMLPG1WrlYf0IoUwpnqn1BFeOLEGdjK0uHAGhCwTm6FOvrLtha4GCckx6ETRc
OokA1Xh6rFChNgfkWiP3LwBLU+7VEUJUgn84SZz7OqRNWjOY2uimknYT68QW/eMU
Rrehxz7uNc6dzWuHgLkbGnvCSFRHo0DNcGuakKF+9nz3g+Wd8AGq1yUS+5540oAr
D4KbcSQdq99OHarpHhB73+5JZOSpr/SqRxMHy54TpEACxQFiOoA1Wr7rmtjm
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:24:27 2025 by rpki-client