Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/Fk-RTc_x_EZ5p-h1OUyJsVVtDV0.roa
File: Fk-RTc_x_EZ5p-h1OUyJsVVtDV0.roa (raw, json)
Hash identifier: oolZPOnT9pMIdCNLzjvt7CZ7qXkkFGvNdRAoF9kj0Tw=
Subject key identifier: 16:4F:91:4D:CF:F1:FC:46:79:A7:E8:75:39:4C:89:B1:55:6D:0D:5D
Certificate issuer: /CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Certificate serial: 01980E5C0C8E7CB0C34D2FF3BBDB55730BDA
Authority key identifier: 58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/Fk-RTc_x_EZ5p-h1OUyJsVVtDV0.roa
Signing time: Tue 15 Jul 2025 13:52:50 +0000
ROA not before: Tue 15 Jul 2025 13:52:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208208
IP address blocks: 185.230.160.0/24 maxlen: 24
185.230.161.0/24 maxlen: 24
185.230.162.0/24 maxlen: 24
185.230.163.0/24 maxlen: 24
185.240.240.0/24 maxlen: 24
185.240.241.0/24 maxlen: 24
185.240.242.0/24 maxlen: 24
185.240.243.0/24 maxlen: 24
2a09:6301::/32 maxlen: 32
2a09:6302::/32 maxlen: 32
2a09:6305::/32 maxlen: 32
2a09:6306::/32 maxlen: 32
2a09:6307::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:5c:0c:8e:7c:b0:c3:4d:2f:f3:bb:db:55:73:0b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Validity
Not Before: Jul 15 13:52:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=164f914dcff1fc4679a7e875394c89b1556d0d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:90:e2:67:2b:d4:29:5a:f6:e4:17:5b:46:e4:
5f:d6:71:f7:62:17:61:fd:f5:db:46:fb:78:44:77:
97:8a:4c:4f:c7:a2:f8:d0:f5:9e:1e:98:f9:be:00:
5f:f1:57:f9:9c:26:3b:02:82:bd:79:35:8c:a5:67:
58:d3:27:3b:28:a3:ad:bb:cc:34:68:8e:f1:cd:a9:
08:83:48:f5:9d:89:78:cc:c0:35:74:c5:8c:dd:04:
92:67:a3:25:e2:ae:87:c5:53:3f:00:4a:24:81:12:
f3:f6:53:64:56:76:da:34:23:d3:a5:3b:e3:07:e1:
6b:1e:04:ec:6f:42:9c:b6:a8:77:cc:6b:b0:00:86:
3c:34:17:f8:5e:d2:50:1e:fe:cc:30:d2:d3:3b:91:
53:ce:30:cd:e5:7f:64:b3:1e:c2:32:dc:10:35:ac:
54:cf:11:74:04:d4:54:d0:cf:0c:86:c4:47:a0:49:
33:25:a9:94:1c:a0:f0:6c:07:93:9d:f7:24:ca:ce:
41:80:86:1e:a0:8e:9c:31:cc:59:94:78:51:8d:a7:
b8:36:55:5c:cd:aa:26:33:ae:37:0e:bc:74:fa:1d:
ae:b8:5b:42:d1:79:a4:37:c9:c3:fe:57:d9:1b:9f:
6b:bb:ef:29:a6:f2:48:67:72:a2:b6:d1:90:e6:33:
71:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4F:91:4D:CF:F1:FC:46:79:A7:E8:75:39:4C:89:B1:55:6D:0D:5D
X509v3 Authority Key Identifier:
keyid:58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/Fk-RTc_x_EZ5p-h1OUyJsVVtDV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.160.0/22
185.240.240.0/22
IPv6:
2a09:6301::-2a09:6302:ffff:ffff:ffff:ffff:ffff:ffff
2a09:6305::-2a09:6307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9a:a9:a8:c2:7a:72:48:8b:96:49:8a:53:86:05:31:42:72:2d:
8f:3c:31:b8:19:f9:18:e1:99:0a:93:22:0a:e1:7f:ca:08:d0:
3c:f2:b5:d7:8b:ad:36:95:c5:ab:ff:46:8a:9c:03:b7:a8:d3:
4a:fb:fc:81:e1:29:2a:a1:5e:9e:6f:7d:39:79:c7:53:e4:f5:
aa:6e:c8:da:88:43:c0:4e:1a:44:ce:3d:f5:57:3b:5a:a0:88:
9e:65:cb:76:be:b3:c5:78:13:0c:ff:0a:bb:e6:13:09:de:fd:
13:a1:52:c3:f6:bc:6b:25:7f:12:55:2b:41:d2:04:a4:fd:c3:
e5:c2:8a:09:ae:e0:b9:a4:1f:37:10:dc:07:4f:e8:7f:ac:4f:
5a:26:3e:4a:db:56:82:1f:6e:6f:d0:13:d1:53:1a:a4:a9:43:
76:82:63:92:21:ce:b1:c7:e2:23:fd:7e:16:bf:ec:71:3d:0f:
d6:68:fb:10:f4:c9:d3:3f:4d:c3:49:23:b7:09:0e:df:fa:9f:
d5:a1:1a:c4:d7:77:1b:76:5f:51:0c:93:7d:a7:cb:ac:df:b7:
db:61:d8:f5:fe:98:44:62:93:73:da:fb:13:bf:fa:4f:56:d5:
7b:18:bb:2c:2e:c0:a5:a9:67:e1:b4:82:b6:12:8e:6d:7c:a1:
dc:8c:59:55
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZgOXAyOfLDDTS/zu9tVcwvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGIxMDI0ZWEwNTZlNWVkNDk4ZjZlOWRkYzIwNjMyYmRm
NmM5YzUwHhcNMjUwNzE1MTM1MjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjRmOTE0ZGNmZjFmYzQ2NzlhN2U4NzUzOTRjODliMTU1NmQwZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJDiZyvUKVr25BdbRuRf1nH3Yhdh
/fXbRvt4RHeXikxPx6L40PWeHpj5vgBf8Vf5nCY7AoK9eTWMpWdY0yc7KKOtu8w0
aI7xzakIg0j1nYl4zMA1dMWM3QSSZ6Ml4q6HxVM/AEokgRLz9lNkVnbaNCPTpTvj
B+FrHgTsb0Kctqh3zGuwAIY8NBf4XtJQHv7MMNLTO5FTzjDN5X9ksx7CMtwQNaxU
zxF0BNRU0M8MhsRHoEkzJamUHKDwbAeTnfckys5BgIYeoI6cMcxZlHhRjae4NlVc
zaomM643Drx0+h2uuFtC0XmkN8nD/lfZG59ru+8ppvJIZ3KittGQ5jNx3wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBZPkU3P8fxGeafodTlMibFVbQ1dMB8GA1UdIwQY
MBaAFFiLECTqBW5e1Jj26d3CBjK99snFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2Qt
NTY2MjhhNDZkZjQwLzEvRmstUlRjX3hfRVo1cC1oMU9VeUpzVlZ0RFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2QtNTY2MjhhNDZkZjQw
LzEvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDASBAIAATAMAwQCueagAwQC
ufDwMCYEAgACMCAwDgMFACoJYwEDBQAqCWMCMA4DBQAqCWMFAwUDKgljADANBgkq
hkiG9w0BAQsFAAOCAQEAmqmownpySIuWSYpThgUxQnItjzwxuBn5GOGZCpMiCuF/
ygjQPPK114utNpXFq/9GipwDt6jTSvv8geEpKqFenm99OXnHU+T1qm7I2ohDwE4a
RM499Vc7WqCInmXLdr6zxXgTDP8Ku+YTCd79E6FSw/a8ayV/ElUrQdIEpP3D5cKK
Ca7guaQfNxDcB0/of6xPWiY+SttWgh9ub9AT0VMapKlDdoJjkiHOscfiI/1+Fr/s
cT0P1mj7EPTJ0z9Nw0kjtwkO3/qf1aEaxNd3G3ZfUQyTfafLrN+322HY9f6YRGKT
c9r7E7/6T1bVexi7LC7Apaln4bSCthKObXyh3IxZVQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:27:27 2025 by rpki-client