Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/erwtukyREIOI_fgB30OM6s45ao4.roa
File: erwtukyREIOI_fgB30OM6s45ao4.roa (raw, json)
Hash identifier: BYxgKedtTpgRdTLRbJ4ACUBjch0Jxu5pVEtIA6gWnlc=
Subject key identifier: 7A:BC:2D:BA:4C:91:10:83:88:FD:F8:01:DF:43:8C:EA:CE:39:6A:8E
Certificate issuer: /CN=fd658693ec327ead4fe83a57b82601cc2552aabd
Certificate serial: 019A4B3BD28B374B167B828588EA83E1AC74
Authority key identifier: FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/erwtukyREIOI_fgB30OM6s45ao4.roa
Signing time: Mon 03 Nov 2025 19:40:03 +0000
ROA not before: Mon 03 Nov 2025 19:40:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 185.130.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4b:3b:d2:8b:37:4b:16:7b:82:85:88:ea:83:e1:ac:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd658693ec327ead4fe83a57b82601cc2552aabd
Validity
Not Before: Nov 3 19:40:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7abc2dba4c91108388fdf801df438ceace396a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:af:42:2d:98:97:01:94:10:3c:b7:3d:39:f8:
89:59:3d:b5:b8:a0:eb:72:32:ed:ad:f1:0e:7b:87:
8f:5a:56:7a:a9:8a:74:df:c8:7c:e7:16:1a:a8:75:
95:b5:cb:61:26:b0:b7:ac:96:42:1b:9a:20:6f:d3:
f9:4d:f2:6a:6e:4a:d0:ec:89:c5:fc:c4:00:14:24:
fe:5b:ca:9e:0c:5b:40:f7:44:96:2a:de:9f:52:36:
b6:b9:2d:ee:17:dd:54:ac:4a:25:84:4b:c6:23:31:
e5:9e:5c:fa:8d:6a:c4:c9:db:8f:81:cc:cf:8e:b0:
b3:3c:0a:53:39:84:c0:c8:cf:1a:3b:5a:a9:e6:f6:
40:84:1a:6b:92:00:bc:70:8a:9d:3c:05:39:ea:21:
1e:67:a4:f6:01:61:fc:f1:26:3f:62:62:8c:c9:c9:
82:02:d6:f6:88:f3:76:ed:2f:51:a8:0b:84:be:74:
7f:1d:7b:25:d5:34:64:bf:ba:fa:fa:af:be:07:74:
bc:ab:4e:fc:d2:3a:9b:5c:e0:db:9d:8b:41:0d:6a:
29:01:0e:5f:b3:1e:62:d8:35:1c:be:79:f0:25:cb:
85:cd:71:ff:e2:59:b6:e7:a8:dd:3a:7d:fb:f4:fc:
d6:be:d8:e5:50:3b:d1:5f:f6:bb:b2:28:ff:07:85:
7f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BC:2D:BA:4C:91:10:83:88:FD:F8:01:DF:43:8C:EA:CE:39:6A:8E
X509v3 Authority Key Identifier:
keyid:FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/erwtukyREIOI_fgB30OM6s45ao4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.89.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:98:b0:26:73:f0:d8:e7:33:37:88:f8:1f:9b:43:81:0d:08:
e4:80:ca:3f:f5:ce:e2:a6:1b:df:4c:67:ed:44:97:51:13:71:
1f:09:29:8b:75:d3:3f:f1:29:09:d7:2b:b0:19:92:3d:79:89:
f3:d9:50:82:13:d0:69:e9:74:7f:27:b1:42:b3:96:76:1c:20:
50:c1:f4:97:c1:42:2b:b3:f3:80:19:27:a2:b3:98:60:d2:f4:
fd:f0:44:fe:25:07:77:95:c9:5a:6c:58:8e:c3:15:f5:88:41:
4d:1f:c9:06:28:49:1c:05:79:9b:83:fd:b3:cc:57:c0:4a:e7:
5c:01:04:b6:9a:21:dc:e9:cb:02:b2:48:fc:78:96:ec:02:16:
98:3f:78:ce:75:f8:19:0a:33:ef:d8:52:7d:27:c9:97:70:d3:
91:1a:cc:ea:2b:89:03:13:93:82:9b:d0:94:04:1a:cf:71:c6:
c0:d9:49:91:91:fb:c3:ad:fd:a9:99:b2:b6:ee:7e:1d:3a:dc:
46:7d:ef:ed:0b:c1:d9:99:67:6e:7f:44:c7:7b:1e:df:88:24:
e3:3b:0e:b6:c3:c7:7e:55:15:cb:6f:02:ed:cc:6b:36:d5:0c:
02:87:83:24:bd:ae:fe:db:1b:41:4e:b0:2e:3e:7b:8c:3c:16:
fd:35:7f:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZpLO9KLN0sWe4KFiOqD4ax0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNjU4NjkzZWMzMjdlYWQ0ZmU4M2E1N2I4MjYwMWNjMjU1
MmFhYmQwHhcNMjUxMTAzMTk0MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJjMmRiYTRjOTExMDgzODhmZGY4MDFkZjQzOGNlYWNlMzk2YThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq9CLZiXAZQQPLc9OfiJWT21uKDr
cjLtrfEOe4ePWlZ6qYp038h85xYaqHWVtcthJrC3rJZCG5ogb9P5TfJqbkrQ7InF
/MQAFCT+W8qeDFtA90SWKt6fUja2uS3uF91UrEolhEvGIzHlnlz6jWrEyduPgczP
jrCzPApTOYTAyM8aO1qp5vZAhBprkgC8cIqdPAU56iEeZ6T2AWH88SY/YmKMycmC
Atb2iPN27S9RqAuEvnR/HXsl1TRkv7r6+q++B3S8q0780jqbXODbnYtBDWopAQ5f
sx5i2DUcvnnwJcuFzXH/4lm256jdOn379PzWvtjlUDvRX/a7sij/B4V/7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHq8LbpMkRCDiP34Ad9DjOrOOWqOMB8GA1UdIwQY
MBaAFP1lhpPsMn6tT+g6V7gmAcwlUqq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUt
OTVmZjVjNWRiYjUwLzEvZXJ3dHVreVJFSU9JX2ZnQjMwT002czQ1YW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUtOTVmZjVjNWRiYjUw
LzEvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYJZMA0G
CSqGSIb3DQEBCwUAA4IBAQCNmLAmc/DY5zM3iPgfm0OBDQjkgMo/9c7iphvfTGft
RJdRE3EfCSmLddM/8SkJ1yuwGZI9eYnz2VCCE9Bp6XR/J7FCs5Z2HCBQwfSXwUIr
s/OAGSeis5hg0vT98ET+JQd3lclabFiOwxX1iEFNH8kGKEkcBXmbg/2zzFfASudc
AQS2miHc6csCskj8eJbsAhaYP3jOdfgZCjPv2FJ9J8mXcNORGszqK4kDE5OCm9CU
BBrPccbA2UmRkfvDrf2pmbK27n4dOtxGfe/tC8HZmWduf0THex7fiCTjOw62w8d+
VRXLbwLtzGs21QwCh4Mkva7+2xtBTrAuPnuMPBb9NX+t
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:47:06 2025 by rpki-client