Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-87NIKLS7GXn_DupbQG5AjPpHqw.roa
File: 1-87NIKLS7GXn_DupbQG5AjPpHqw.roa (raw, json)
Hash identifier: aC4VgO1KlEZuO/5z+Q1KTrp/hoB70qlOfot/9KnPHR8=
Subject key identifier: FB:CE:CD:20:A2:D2:EC:65:E7:FC:3B:A9:6D:01:B9:02:33:E9:1E:AC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A5457ADBA3F80115BEAC929AE41EA5AA4
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-87NIKLS7GXn_DupbQG5AjPpHqw.roa
Signing time: Wed 05 Nov 2025 14:07:03 +0000
ROA not before: Wed 05 Nov 2025 14:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 266539
IP address blocks: 217.60.12.0/24 maxlen: 24
217.60.14.0/24 maxlen: 24
217.60.198.0/24 maxlen: 24
217.60.242.0/24 maxlen: 24
217.60.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 14:10:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:57:ad:ba:3f:80:11:5b:ea:c9:29:ae:41:ea:5a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 5 14:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbcecd20a2d2ec65e7fc3ba96d01b90233e91eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ca:af:1d:03:5e:c2:d1:d9:dd:12:f0:9b:97:
0c:bf:0c:36:40:5f:8b:73:00:d2:d2:ce:30:9a:60:
0b:bc:12:90:92:b5:b8:91:18:65:7d:6f:c0:31:de:
38:c8:08:a9:f4:b1:61:10:02:94:d1:c3:2e:6a:38:
65:6d:fe:46:65:f0:34:de:5b:73:36:1c:cd:bb:5e:
7d:a1:d8:36:01:ad:8e:40:0f:39:f1:ca:05:94:35:
56:d9:03:0c:36:87:1a:38:26:ec:d6:ba:3d:25:2e:
58:3b:7b:78:24:a5:f2:1d:53:b9:94:1f:74:3c:e9:
7e:64:23:47:f8:eb:c3:f8:d5:15:41:07:d3:75:a8:
5f:57:2c:fd:a1:22:20:24:71:9b:a4:ea:9b:be:79:
02:25:ef:55:4f:ac:4c:da:ed:69:89:8b:f0:d2:68:
aa:18:58:30:72:23:05:b2:20:85:ea:6d:43:8f:99:
d7:c6:18:5a:c6:e1:7a:0e:3e:f5:97:c1:10:37:ce:
21:1d:be:78:fd:01:c4:ba:78:a4:12:36:e4:04:0e:
4f:4d:c6:59:b3:d2:dc:79:a2:4e:14:a7:56:60:72:
c3:46:79:2b:0e:16:c5:08:e1:b8:cc:cd:34:09:aa:
91:04:d0:a4:fe:71:cf:3b:69:eb:ce:3f:9e:74:a2:
e9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:CE:CD:20:A2:D2:EC:65:E7:FC:3B:A9:6D:01:B9:02:33:E9:1E:AC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-87NIKLS7GXn_DupbQG5AjPpHqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.12.0/24
217.60.14.0/24
217.60.198.0/24
217.60.242.0/24
217.60.250.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:1f:a7:c7:80:b1:ad:74:43:64:c9:4a:2c:5b:1b:8d:a0:9c:
c5:01:4f:e5:72:54:7d:c0:f9:de:ff:ed:86:3f:1e:ea:12:f7:
e7:cd:7d:87:cc:d1:5b:0b:ae:2a:6e:6f:39:c5:b1:7d:9d:8f:
30:30:68:1e:66:4e:42:af:ae:f9:f8:b7:26:6a:1c:39:db:02:
d9:f6:c7:87:b8:8e:f8:95:66:ab:cf:27:1e:2f:35:a3:4f:f3:
fb:da:58:45:5c:bc:85:97:a0:3d:4c:09:12:25:13:ae:d7:3c:
cb:63:93:09:bb:8e:07:b3:47:15:94:29:0f:dc:f6:eb:5f:f6:
18:0f:f3:a9:e9:65:8e:ab:ae:ad:45:dd:ed:cb:59:61:b7:0c:
6f:1f:4e:66:57:b5:a8:04:23:de:a5:f1:70:cc:db:98:bd:a3:
3a:5d:c3:f1:ac:29:eb:36:25:97:49:da:82:a2:91:65:6f:4f:
2b:d8:b1:40:84:9c:d7:d7:75:34:c0:99:3f:ab:72:c3:8b:47:
62:8b:f5:0f:21:c3:40:d2:93:fd:b3:80:99:47:fa:d8:80:b8:
c1:ab:c5:1e:b2:49:7a:6d:33:0c:85:a8:3a:1d:61:99:51:a8:
2b:31:a8:fd:9f:ff:c1:f8:bf:31:55:75:47:54:9f:a7:79:20:
67:da:d6:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUV626P4ARW+rJKa5B6lqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTA1MTQwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmNlY2QyMGEyZDJlYzY1ZTdmYzNiYTk2ZDAxYjkwMjMzZTkxZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMqvHQNewtHZ3RLwm5cMvww2QF+L
cwDS0s4wmmALvBKQkrW4kRhlfW/AMd44yAip9LFhEAKU0cMuajhlbf5GZfA03ltz
NhzNu159odg2Aa2OQA858coFlDVW2QMMNocaOCbs1ro9JS5YO3t4JKXyHVO5lB90
POl+ZCNH+OvD+NUVQQfTdahfVyz9oSIgJHGbpOqbvnkCJe9VT6xM2u1piYvw0miq
GFgwciMFsiCF6m1Dj5nXxhhaxuF6Dj71l8EQN84hHb54/QHEunikEjbkBA5PTcZZ
s9LceaJOFKdWYHLDRnkrDhbFCOG4zM00CaqRBNCk/nHPO2nrzj+edKLpNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvOzSCi0uxl5/w7qW0BuQIz6R6sMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS04N05JS0xTN0dYbl9EdXBiUUc1QWpQcEhxdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEANk8DAME
ANk8DgMEANk8xgMEANk88gMEANk8+jANBgkqhkiG9w0BAQsFAAOCAQEAox+nx4Cx
rXRDZMlKLFsbjaCcxQFP5XJUfcD53v/thj8e6hL35819h8zRWwuuKm5vOcWxfZ2P
MDBoHmZOQq+u+fi3JmocOdsC2fbHh7iO+JVmq88nHi81o0/z+9pYRVy8hZegPUwJ
EiUTrtc8y2OTCbuOB7NHFZQpD9z261/2GA/zqelljquurUXd7ctZYbcMbx9OZle1
qAQj3qXxcMzbmL2jOl3D8awp6zYll0nagqKRZW9PK9ixQISc19d1NMCZP6tyw4tH
Yov1DyHDQNKT/bOAmUf62IC4wavFHrJJem0zDIWoOh1hmVGoKzGo/Z//wfi/MVV1
R1Sfp3kgZ9rWgA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 22:43:36 2025 by rpki-client