Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/FMNkZJoHrRisEbCcPWeUHdhI86A.roa
File: FMNkZJoHrRisEbCcPWeUHdhI86A.roa (raw, json)
Hash identifier: paD5OOYCpRpj8ezEgXpHbijclGA5nYbWBOTSmRgeVAk=
Subject key identifier: 14:C3:64:64:9A:07:AD:18:AC:11:B0:9C:3D:67:94:1D:D8:48:F3:A0
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 0197E5465B1CDB5025837BCE3E619441BAEB
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/FMNkZJoHrRisEbCcPWeUHdhI86A.roa
Signing time: Mon 07 Jul 2025 14:24:42 +0000
ROA not before: Mon 07 Jul 2025 14:24:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216157
IP address blocks: 2a0d:f40::/29 maxlen: 29
2a13:80c7::/32 maxlen: 32
2a13:9247::/32 maxlen: 32
2a13:92c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 17:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:46:5b:1c:db:50:25:83:7b:ce:3e:61:94:41:ba:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Jul 7 14:24:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14c364649a07ad18ac11b09c3d67941dd848f3a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:96:6b:a7:b9:a5:cc:af:dd:2e:fe:f9:12:94:
93:00:8b:65:0b:5f:4d:d7:a1:ab:24:52:fb:6a:5f:
01:99:04:2a:67:78:83:ca:c4:a9:ac:83:48:7c:05:
c7:9a:8e:75:23:c5:5e:0c:4a:d6:74:00:64:c3:1a:
26:bb:b1:48:65:0a:94:7e:af:ee:50:0b:1b:71:30:
34:97:ef:ed:5d:9d:1a:d2:67:9c:db:9b:e3:54:1c:
26:38:b6:d9:67:b5:31:b3:79:34:4e:fb:d6:79:ed:
f5:75:85:40:db:78:d5:88:5b:77:89:12:5c:8c:6e:
a6:ad:44:45:ed:05:0c:a4:08:b0:ff:13:f2:b1:53:
a4:b2:d3:b0:ad:c7:cd:ea:f7:23:c4:d7:a4:1d:1e:
54:81:85:f9:80:19:96:98:35:65:34:70:31:7a:de:
66:69:cd:d9:8e:14:77:14:34:6d:c2:c9:6e:dd:a1:
38:a7:08:99:86:e7:09:d8:42:d3:8e:6e:48:39:3c:
90:00:33:50:3f:d6:2f:65:42:a5:ad:f3:7f:8b:4a:
48:43:37:e2:9d:9f:37:be:d2:3d:30:17:c7:62:60:
2f:2b:18:c4:ed:f5:52:29:b0:d7:f5:83:62:b3:27:
03:4e:60:de:c6:fd:ab:a2:28:7b:23:40:c1:0c:19:
64:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C3:64:64:9A:07:AD:18:AC:11:B0:9C:3D:67:94:1D:D8:48:F3:A0
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/FMNkZJoHrRisEbCcPWeUHdhI86A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f40::/29
2a13:80c7::/32
2a13:9247::/32
2a13:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:44:da:88:34:e4:9b:13:f9:51:ee:0a:8c:f1:80:9b:af:f6:
7c:82:29:ff:50:b6:9a:99:07:10:23:48:41:47:7a:13:fd:79:
a9:03:b3:20:dc:81:15:4b:a5:3b:b4:30:05:ce:04:91:76:48:
c3:58:70:33:12:bc:d8:e4:0d:83:f4:6d:0f:84:67:3f:05:06:
64:99:83:04:12:95:3b:79:88:38:8a:79:97:62:5d:2f:5f:5f:
bd:98:1b:46:70:b9:95:20:0e:9f:21:11:97:8c:45:87:49:dc:
58:36:88:fe:66:e7:6a:5a:c2:c1:47:a3:fc:f4:02:2e:33:9f:
65:92:3a:5c:d5:9a:44:09:c0:e4:d8:1d:f4:ed:db:49:4b:31:
96:45:af:76:40:f6:a6:fb:3f:72:cf:4b:59:b2:32:3d:e0:04:
06:e7:b2:14:9c:45:a1:7b:15:23:ee:62:2f:5c:05:69:58:23:
09:89:02:20:2f:db:e8:55:5a:36:23:d1:ab:05:a8:1b:cd:c9:
c5:19:f9:0e:46:1b:18:89:c9:14:c1:65:d9:1e:05:d7:13:6c:
bf:43:d2:00:5d:fb:ce:e9:ab:5a:2b:86:6e:f1:27:fb:3e:97:
d9:3f:4a:37:37:76:5c:ba:6e:2f:82:d9:92:54:38:0a:db:42:
23:80:fa:a2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZflRlsc21Alg3vOPmGUQbrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjUwNzA3MTQyNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGMzNjQ2NDlhMDdhZDE4YWMxMWIwOWMzZDY3OTQxZGQ4NDhmM2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpZrp7mlzK/dLv75EpSTAItlC19N
16GrJFL7al8BmQQqZ3iDysSprINIfAXHmo51I8VeDErWdABkwxomu7FIZQqUfq/u
UAsbcTA0l+/tXZ0a0mec25vjVBwmOLbZZ7Uxs3k0TvvWee31dYVA23jViFt3iRJc
jG6mrURF7QUMpAiw/xPysVOkstOwrcfN6vcjxNekHR5UgYX5gBmWmDVlNHAxet5m
ac3ZjhR3FDRtwslu3aE4pwiZhucJ2ELTjm5IOTyQADNQP9YvZUKlrfN/i0pIQzfi
nZ83vtI9MBfHYmAvKxjE7fVSKbDX9YNisycDTmDexv2roih7I0DBDBlkswIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBTDZGSaB60YrBGwnD1nlB3YSPOgMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvRk1Oa1pKb0hyUmlzRWJDY1BXZVVIZGhJODZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg0PQAMF
ACoTgMcDBQAqE5JHAwUDKhOSwDANBgkqhkiG9w0BAQsFAAOCAQEAhETaiDTkmxP5
Ue4KjPGAm6/2fIIp/1C2mpkHECNIQUd6E/15qQOzINyBFUulO7QwBc4EkXZIw1hw
MxK82OQNg/RtD4RnPwUGZJmDBBKVO3mIOIp5l2JdL19fvZgbRnC5lSAOnyERl4xF
h0ncWDaI/mbnalrCwUej/PQCLjOfZZI6XNWaRAnA5Ngd9O3bSUsxlkWvdkD2pvs/
cs9LWbIyPeAEBueyFJxFoXsVI+5iL1wFaVgjCYkCIC/b6FVaNiPRqwWoG83JxRn5
DkYbGInJFMFl2R4F1xNsv0PSAF37zumrWiuGbvEn+z6X2T9KNzd2XLpuL4LZklQ4
CttCI4D6og==
-----END CERTIFICATE-----
Generated at Sat Jul 26 01:17:31 2025 by rpki-client