Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/F-cQvzjqojG98iksKOqY89-HxVM.roa
File: F-cQvzjqojG98iksKOqY89-HxVM.roa (raw, json)
Hash identifier: SAzu/ZYd9aynp8O7I3fVFxtOAPAPfbYe3bEEnXU267Y=
Subject key identifier: 17:E7:10:BF:38:EA:A2:31:BD:F2:29:2C:28:EA:98:F3:DF:87:C5:53
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0197FF211A29238E140FD4253EF8BA99532C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/F-cQvzjqojG98iksKOqY89-HxVM.roa
Signing time: Sat 12 Jul 2025 14:54:08 +0000
ROA not before: Sat 12 Jul 2025 14:54:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 86.106.80.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
188.215.72.0/24 maxlen: 24
188.215.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ff:21:1a:29:23:8e:14:0f:d4:25:3e:f8:ba:99:53:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jul 12 14:54:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17e710bf38eaa231bdf2292c28ea98f3df87c553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ce:17:2b:ba:78:0c:73:fb:b0:4b:00:f5:5a:
3c:b7:2c:b5:a1:ac:0b:2f:bb:44:d4:e7:81:87:a4:
f4:a4:a8:9f:59:3b:e8:19:db:65:de:19:fb:cb:76:
f1:af:f5:10:b4:93:45:17:5b:17:39:c6:e7:50:a7:
b0:3b:61:47:d8:c4:b3:fc:84:6a:84:4a:8a:0b:2a:
14:f0:98:2c:f5:dd:cc:d9:b4:9e:5f:a0:bc:31:5e:
eb:35:1a:38:a9:ee:6e:be:62:da:38:e6:8e:b7:2f:
0a:af:79:d2:e4:73:29:84:45:8c:f7:12:d1:c3:02:
3a:dc:4b:48:25:b5:69:36:47:35:59:5d:92:51:c4:
2c:42:c1:21:29:7a:7e:81:da:9e:6a:f8:84:fc:5d:
0a:3e:2b:6a:74:9e:6f:27:0e:53:54:40:e8:b1:27:
86:59:2f:82:5e:e3:d1:ba:a1:51:9a:ec:88:27:80:
7c:b3:dd:25:69:9c:64:9b:dd:9d:d2:e7:05:96:d7:
28:bd:cd:c6:34:af:99:5b:d7:9e:18:8b:37:13:59:
79:bc:03:a4:b1:2c:77:98:58:a4:db:1e:3b:a3:83:
df:46:64:4c:20:32:ad:3c:02:f4:d1:f8:4b:ad:a0:
6a:4f:d2:69:c1:e7:61:d4:c8:85:15:e7:e5:ac:a5:
5d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E7:10:BF:38:EA:A2:31:BD:F2:29:2C:28:EA:98:F3:DF:87:C5:53
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/F-cQvzjqojG98iksKOqY89-HxVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.80.0/24
89.45.34.0/24
93.114.187.0/24
188.215.72.0/24
188.215.95.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:09:03:4c:27:da:24:4c:13:fa:92:2d:df:39:48:ca:02:c7:
60:39:03:9f:66:95:3d:20:ea:a9:fa:88:0a:c8:f2:05:32:c0:
37:98:e5:fa:34:e3:91:93:68:be:25:6c:ef:0b:c0:b3:6c:56:
b1:18:31:1a:9f:44:6e:80:76:d4:c5:40:74:c5:98:94:cf:ed:
63:20:66:88:fb:aa:01:f1:4b:2a:2c:ce:53:aa:97:50:22:d5:
40:36:a4:ad:6c:ca:38:91:7e:4b:1c:fe:40:9e:48:30:3f:23:
f6:41:07:7e:ab:96:c0:de:4e:75:6c:65:f5:b9:f8:30:92:62:
dc:48:ea:89:ef:6f:e6:e7:a5:c6:7e:62:85:f9:57:66:84:07:
64:c2:64:6a:a0:8f:53:61:ee:79:9b:97:8d:f4:fa:6b:3d:32:
ee:58:fc:a5:1c:b2:11:e2:1b:a8:1e:28:9d:72:c9:60:0c:4b:
e3:71:36:5d:7d:c4:63:c7:9c:2a:79:6e:d3:cf:49:9a:12:fd:
c9:52:99:0a:a6:e7:93:26:ad:18:6d:7d:9a:b8:96:92:7f:49:
f3:8f:b7:4e:85:89:fd:7a:9f:80:ab:17:97:47:a7:fd:07:5f:
ef:b4:8d:67:db:cc:bf:37:07:51:b4:19:69:e4:45:a8:5b:d9:
9c:da:d4:a2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZf/IRopI44UD9QlPvi6mVMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwNzEyMTQ1NDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2U3MTBiZjM4ZWFhMjMxYmRmMjI5MmMyOGVhOThmM2RmODdjNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc4XK7p4DHP7sEsA9Vo8tyy1oawL
L7tE1OeBh6T0pKifWTvoGdtl3hn7y3bxr/UQtJNFF1sXOcbnUKewO2FH2MSz/IRq
hEqKCyoU8Jgs9d3M2bSeX6C8MV7rNRo4qe5uvmLaOOaOty8Kr3nS5HMphEWM9xLR
wwI63EtIJbVpNkc1WV2SUcQsQsEhKXp+gdqeaviE/F0KPitqdJ5vJw5TVEDosSeG
WS+CXuPRuqFRmuyIJ4B8s90laZxkm92d0ucFltcovc3GNK+ZW9eeGIs3E1l5vAOk
sSx3mFik2x47o4PfRmRMIDKtPAL00fhLraBqT9Jpwedh1MiFFeflrKVdXwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBfnEL846qIxvfIpLCjqmPPfh8VTMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvRi1jUXZ6anFvakc5OGlrc0tPcVk4OS1IeFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmpQAwQA
WS0iAwQAXXK7AwQAvNdIAwQAvNdfMA0GCSqGSIb3DQEBCwUAA4IBAQCcCQNMJ9ok
TBP6ki3fOUjKAsdgOQOfZpU9IOqp+ogKyPIFMsA3mOX6NOORk2i+JWzvC8CzbFax
GDEan0RugHbUxUB0xZiUz+1jIGaI+6oB8UsqLM5TqpdQItVANqStbMo4kX5LHP5A
nkgwPyP2QQd+q5bA3k51bGX1ufgwkmLcSOqJ72/m56XGfmKF+VdmhAdkwmRqoI9T
Ye55m5eN9PprPTLuWPylHLIR4huoHiidcslgDEvjcTZdfcRjx5wqeW7Tz0maEv3J
UpkKpueTJq0YbX2auJaSf0nzj7dOhYn9ep+AqxeXR6f9B1/vtI1n28y/NwdRtBlp
5EWoW9mc2tSi
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:33:14 2025 by rpki-client