Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/v1_Oe6iRi7nhGpfrA6gha27-nJo.roa
File: v1_Oe6iRi7nhGpfrA6gha27-nJo.roa (raw, json)
Hash identifier: cdOhD3ONYUtzujLioxlWqeQ2ICgB31GEyK7VTaJTD2Q=
Subject key identifier: BF:5F:CE:7B:A8:91:8B:B9:E1:1A:97:EB:03:A8:21:6B:6E:FE:9C:9A
Certificate issuer: /CN=582e2170a7bcbec310154f2bce99833fec2801fb
Certificate serial: 01982D3070837F7C3BC690D31A796528A51A
Authority key identifier: 58:2E:21:70:A7:BC:BE:C3:10:15:4F:2B:CE:99:83:3F:EC:28:01:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WC4hcKe8vsMQFU8rzpmDP-woAfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/v1_Oe6iRi7nhGpfrA6gha27-nJo.roa
Signing time: Mon 21 Jul 2025 13:33:25 +0000
ROA not before: Mon 21 Jul 2025 13:33:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200184
IP address blocks: 67.63.56.0/24 maxlen: 24
67.63.57.0/24 maxlen: 24
67.63.58.0/24 maxlen: 24
67.63.60.0/24 maxlen: 24
67.63.61.0/24 maxlen: 24
67.63.62.0/24 maxlen: 24
67.63.63.0/24 maxlen: 24
80.75.216.0/24 maxlen: 24
2a13:f800::/29 maxlen: 64
2a13:f800:1001::/48 maxlen: 48
2a13:f800:3101::/48 maxlen: 48
2a13:f800:3102::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/WC4hcKe8vsMQFU8rzpmDP-woAfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/WC4hcKe8vsMQFU8rzpmDP-woAfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/WC4hcKe8vsMQFU8rzpmDP-woAfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:30:70:83:7f:7c:3b:c6:90:d3:1a:79:65:28:a5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=582e2170a7bcbec310154f2bce99833fec2801fb
Validity
Not Before: Jul 21 13:33:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf5fce7ba8918bb9e11a97eb03a8216b6efe9c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:74:c6:73:66:fc:bb:7d:bf:b6:2d:6c:3e:a9:
51:b1:dd:e5:9a:a6:1f:5e:78:6d:df:20:b3:e4:75:
cb:fe:b4:df:11:ac:b7:2c:d4:0b:6d:fa:bb:15:5d:
a0:96:b0:fc:99:14:35:52:91:ab:db:e5:82:a0:00:
5d:03:5c:62:46:06:36:87:7c:f3:70:33:ed:d2:16:
90:2f:67:19:c4:1e:ae:db:fc:9a:0d:ad:4c:b5:37:
0d:45:30:78:b4:d0:22:e2:f3:71:ba:e1:d0:3e:15:
be:8d:e0:4f:2a:c1:ea:00:ab:f8:f0:a5:e7:d8:b3:
8c:f3:2b:9f:53:d5:46:17:28:29:4b:ad:f4:a1:6f:
3f:e9:e4:45:9a:64:ee:29:85:7e:25:28:31:36:8e:
f0:fb:5c:72:24:27:b2:39:e4:33:93:7a:a1:f1:1c:
4d:ae:02:cf:eb:77:8b:0c:bc:a2:37:74:40:ac:22:
4d:37:e9:cf:39:fc:26:bc:5a:8e:00:e9:38:a7:a4:
d2:6d:86:5c:47:d2:c7:a1:dc:49:13:3d:71:c6:c6:
82:b4:de:57:3c:4b:46:f7:32:01:5a:62:7a:7c:d4:
14:0a:68:66:a7:5a:77:07:f9:86:d7:3d:95:fa:e6:
3b:2a:ae:33:a3:6d:5a:8a:08:ef:15:84:e4:6e:c4:
7c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5F:CE:7B:A8:91:8B:B9:E1:1A:97:EB:03:A8:21:6B:6E:FE:9C:9A
X509v3 Authority Key Identifier:
keyid:58:2E:21:70:A7:BC:BE:C3:10:15:4F:2B:CE:99:83:3F:EC:28:01:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WC4hcKe8vsMQFU8rzpmDP-woAfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/v1_Oe6iRi7nhGpfrA6gha27-nJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/81ed41-e36b-45f7-90e7-b2fd9bf097f8/1/WC4hcKe8vsMQFU8rzpmDP-woAfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
67.63.56.0-67.63.58.255
67.63.60.0/22
80.75.216.0/24
IPv6:
2a13:f800::/29
Signature Algorithm: sha256WithRSAEncryption
44:91:a1:d5:51:36:39:6f:54:84:44:66:95:73:89:d2:af:36:
5a:f6:32:94:c8:aa:d3:6c:65:af:91:8e:59:a1:a8:90:67:da:
cb:ce:0c:85:04:35:e4:2b:0a:87:99:54:1d:6c:a4:3e:dd:5e:
11:03:3c:0a:17:9a:51:ce:ce:c3:38:6b:e0:44:c8:22:a3:27:
79:2c:4c:c1:c3:4e:49:d3:5c:e3:58:e8:50:0d:79:b1:48:83:
ea:04:d9:ca:12:66:40:d9:e6:a1:e9:74:3b:21:d7:b0:c7:19:
1c:24:4a:81:6a:02:93:63:79:28:4a:7c:5a:f0:d9:ef:7d:8a:
db:02:52:53:37:78:57:9a:cf:52:72:71:eb:7e:15:dd:2a:79:
0a:a1:82:57:1a:76:4c:42:9e:54:55:c1:f1:f1:a7:c4:90:65:
f2:9b:4b:76:d2:9c:d5:6b:f8:25:ab:b1:28:23:ed:6b:ec:b1:
be:95:9e:1c:b2:f8:ee:9d:4d:be:07:c2:03:4f:ad:47:18:1c:
8b:7a:29:41:fa:84:f1:b0:76:27:1f:b9:75:34:3f:c5:5d:d5:
dd:0d:14:d3:b8:4a:17:1e:f1:5c:16:e6:95:9e:cb:ae:79:69:
09:92:34:03:37:38:d1:b0:f0:53:0e:a7:7d:1a:17:c7:f0:5f:
e0:79:23:b0
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZgtMHCDf3w7xpDTGnllKKUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MmUyMTcwYTdiY2JlYzMxMDE1NGYyYmNlOTk4MzNmZWMy
ODAxZmIwHhcNMjUwNzIxMTMzMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjVmY2U3YmE4OTE4YmI5ZTExYTk3ZWIwM2E4MjE2YjZlZmU5YzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13TGc2b8u32/ti1sPqlRsd3lmqYf
Xnht3yCz5HXL/rTfEay3LNQLbfq7FV2glrD8mRQ1UpGr2+WCoABdA1xiRgY2h3zz
cDPt0haQL2cZxB6u2/yaDa1MtTcNRTB4tNAi4vNxuuHQPhW+jeBPKsHqAKv48KXn
2LOM8yufU9VGFygpS630oW8/6eRFmmTuKYV+JSgxNo7w+1xyJCeyOeQzk3qh8RxN
rgLP63eLDLyiN3RArCJNN+nPOfwmvFqOAOk4p6TSbYZcR9LHodxJEz1xxsaCtN5X
PEtG9zIBWmJ6fNQUCmhmp1p3B/mG1z2V+uY7Kq4zo21aigjvFYTkbsR8AQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFL9fznuokYu54RqX6wOoIWtu/pyaMB8GA1UdIwQY
MBaAFFguIXCnvL7DEBVPK86Zgz/sKAH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0M0aGNLZTh2c01RRlU4cnpwbURQLXdvQWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi84MWVkNDEtZTM2Yi00NWY3LTkwZTct
YjJmZDliZjA5N2Y4LzEvdjFfT2U2aVJpN25oR3BmckE2Z2hhMjctbkpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi84MWVkNDEtZTM2Yi00NWY3LTkwZTctYjJmZDliZjA5N2Y4
LzEvV0M0aGNLZTh2c01RRlU4cnpwbURQLXdvQWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBANDPzgD
BABDPzoDBAJDPzwDBABQS9gwDQQCAAIwBwMFAyoT+AAwDQYJKoZIhvcNAQELBQAD
ggEBAESRodVRNjlvVIREZpVzidKvNlr2MpTIqtNsZa+RjlmhqJBn2svODIUENeQr
CoeZVB1spD7dXhEDPAoXmlHOzsM4a+BEyCKjJ3ksTMHDTknTXONY6FANebFIg+oE
2coSZkDZ5qHpdDsh17DHGRwkSoFqApNjeShKfFrw2e99itsCUlM3eFeaz1Jycet+
Fd0qeQqhglcadkxCnlRVwfHxp8SQZfKbS3bSnNVr+CWrsSgj7Wvssb6Vnhyy+O6d
Tb4HwgNPrUcYHIt6KUH6hPGwdicfuXU0P8Vd1d0NFNO4Shce8VwW5pWey655aQmS
NAM3ONGw8FMOp30aF8fwX+B5I7A=
-----END CERTIFICATE-----
Generated at Fri Aug 8 10:14:47 2025 by rpki-client