Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/61OauEk4aR4RdOwIz0OQU3rMU3s.roa
File: 61OauEk4aR4RdOwIz0OQU3rMU3s.roa (raw, json)
Hash identifier: 1kMThTr+BqkZKn0SD3w3zyzqfsMl7fX9Yzd9ybVSUZM=
Subject key identifier: EB:53:9A:B8:49:38:69:1E:11:74:EC:08:CF:43:90:53:7A:CC:53:7B
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019A2B3BB017B9953EEBAB8CC415D1E9022E
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/61OauEk4aR4RdOwIz0OQU3rMU3s.roa
Signing time: Tue 28 Oct 2025 14:32:03 +0000
ROA not before: Tue 28 Oct 2025 14:32:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 168.199.129.0/24 maxlen: 24
168.199.131.0/24 maxlen: 24
168.199.160.0/24 maxlen: 24
168.199.161.0/24 maxlen: 24
168.199.162.0/24 maxlen: 24
168.199.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2b:3b:b0:17:b9:95:3e:eb:ab:8c:c4:15:d1:e9:02:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Oct 28 14:32:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb539ab84938691e1174ec08cf4390537acc537b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:7c:f2:e6:41:cd:73:e0:4e:f8:aa:ae:4a:f2:
02:d5:38:61:83:c0:94:56:10:43:c5:ed:1b:b0:eb:
46:c6:a4:1e:a8:3b:87:e1:ce:ef:d9:b4:3e:f9:38:
4e:fb:e9:cc:41:14:ff:e7:f5:3e:ba:3d:97:4a:e8:
50:37:b4:bf:c6:da:78:33:e9:02:ee:8a:d4:e1:44:
d9:b2:87:c6:2c:8a:2e:b5:67:36:00:58:ef:e2:64:
60:6e:87:f0:22:f0:1c:3f:6a:c5:fb:be:57:23:d0:
15:f1:e3:49:8e:b3:3e:80:26:7b:ac:a4:6c:b7:8a:
9b:0e:31:e3:32:ce:4f:ca:97:44:fe:b4:57:29:08:
b4:65:00:7a:31:1f:90:12:02:e6:26:58:6d:0f:c4:
71:b4:e4:02:89:62:bf:f9:5c:c1:b1:05:29:14:fa:
99:fc:65:5b:05:53:77:6c:99:ee:0d:0e:d2:bf:1d:
e4:b9:e7:72:80:59:bb:42:64:56:a7:4f:7f:65:f2:
48:c3:80:a0:40:da:b9:05:f7:88:c6:4b:d4:4d:7d:
f2:89:9b:9b:64:e7:e2:8c:a9:ab:48:8a:4f:5e:09:
e3:84:3e:13:a0:79:b6:49:e8:57:d1:94:0c:df:54:
c3:61:4e:4c:a8:e1:26:ed:83:65:ea:c3:dd:12:ac:
32:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:53:9A:B8:49:38:69:1E:11:74:EC:08:CF:43:90:53:7A:CC:53:7B
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/61OauEk4aR4RdOwIz0OQU3rMU3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.129.0/24
168.199.131.0/24
168.199.160.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:60:66:ec:b8:30:5f:09:e1:f7:8a:ae:62:4f:7b:7b:9f:0b:
4e:87:23:4f:9b:8f:d5:d5:66:2d:47:0e:2c:5b:35:6c:aa:ce:
e2:27:8d:d5:92:7e:fe:9d:86:7f:ba:a3:55:16:58:a4:f7:ac:
7b:49:37:58:87:75:ff:b5:74:ea:39:69:cb:4d:ec:3d:b9:96:
94:c5:52:b1:5b:5d:81:b9:e3:93:c4:1d:88:3c:62:73:32:11:
1f:a5:bc:34:63:0e:7d:cb:93:6a:02:19:b9:67:5f:a4:64:65:
6b:32:18:11:8b:a8:66:f3:82:b8:f7:e8:0f:db:8a:34:09:c4:
89:62:e9:8a:2e:f4:19:a3:a1:91:da:3b:db:a8:51:9e:aa:ba:
d8:69:91:c6:73:2b:43:88:1a:6d:c9:07:82:58:d0:41:e4:97:
93:49:0f:6b:67:e4:12:8a:df:92:7a:0f:c4:c8:88:c4:7e:6b:
c3:11:66:13:4e:49:f7:78:96:4d:05:9a:ae:69:08:d6:05:aa:
03:7a:54:b2:0b:56:d6:70:d2:10:b7:bd:dd:1a:4f:82:a1:da:
89:f5:90:ba:84:97:15:1a:a3:a7:dd:0d:3a:5c:f6:36:15:04:
34:44:79:72:63:53:28:4e:3e:f3:01:48:5f:9c:d8:13:8a:57:
7a:0d:e2:1f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZorO7AXuZU+66uMxBXR6QIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjUxMDI4MTQzMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjUzOWFiODQ5Mzg2OTFlMTE3NGVjMDhjZjQzOTA1MzdhY2M1MzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nzy5kHNc+BO+KquSvIC1Thhg8CU
VhBDxe0bsOtGxqQeqDuH4c7v2bQ++ThO++nMQRT/5/U+uj2XSuhQN7S/xtp4M+kC
7orU4UTZsofGLIoutWc2AFjv4mRgbofwIvAcP2rF+75XI9AV8eNJjrM+gCZ7rKRs
t4qbDjHjMs5PypdE/rRXKQi0ZQB6MR+QEgLmJlhtD8RxtOQCiWK/+VzBsQUpFPqZ
/GVbBVN3bJnuDQ7Svx3kuedygFm7QmRWp09/ZfJIw4CgQNq5BfeIxkvUTX3yiZub
ZOfijKmrSIpPXgnjhD4ToHm2SehX0ZQM31TDYU5MqOEm7YNl6sPdEqwymQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOtTmrhJOGkeEXTsCM9DkFN6zFN7MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvNjFPYXVFazRhUjRSZE93SXowT1FVM3JNVTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAqMeBAwQA
qMeDAwQCqMegMA0GCSqGSIb3DQEBCwUAA4IBAQBrYGbsuDBfCeH3iq5iT3t7nwtO
hyNPm4/V1WYtRw4sWzVsqs7iJ43Vkn7+nYZ/uqNVFlik96x7STdYh3X/tXTqOWnL
Tew9uZaUxVKxW12BueOTxB2IPGJzMhEfpbw0Yw59y5NqAhm5Z1+kZGVrMhgRi6hm
84K49+gP24o0CcSJYumKLvQZo6GR2jvbqFGeqrrYaZHGcytDiBptyQeCWNBB5JeT
SQ9rZ+QSit+Seg/EyIjEfmvDEWYTTkn3eJZNBZquaQjWBaoDelSyC1bWcNIQt73d
Gk+CodqJ9ZC6hJcVGqOn3Q06XPY2FQQ0RHlyY1MoTj7zAUhfnNgTild6DeIf
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:36:48 2025 by rpki-client