Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/w4zzq3GKAiXTtkaxwc19NwVaitc.roa
File: w4zzq3GKAiXTtkaxwc19NwVaitc.roa (raw, json)
Hash identifier: J/2FTFkZfxRTxJNhlHUgf8n7TYgo+AXQ4IVYmjTCUKM=
Subject key identifier: C3:8C:F3:AB:71:8A:02:25:D3:B6:46:B1:C1:CD:7D:37:05:5A:8A:D7
Certificate issuer: /CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Certificate serial: 019906DC2AC4329C84F173EFE7158BF830E6
Authority key identifier: FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/w4zzq3GKAiXTtkaxwc19NwVaitc.roa
Signing time: Mon 01 Sep 2025 19:58:36 +0000
ROA not before: Mon 01 Sep 2025 19:58:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203420
IP address blocks: 194.50.176.0/24 maxlen: 24
2a0a:4540::/48 maxlen: 48
2a0a:4540:3000::/48 maxlen: 48
2a0a:4545::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:06:dc:2a:c4:32:9c:84:f1:73:ef:e7:15:8b:f8:30:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Validity
Not Before: Sep 1 19:58:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c38cf3ab718a0225d3b646b1c1cd7d37055a8ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:34:88:0b:a3:89:39:79:51:a8:02:01:0e:4d:
70:3c:e6:67:ff:de:a9:36:03:04:45:f7:fe:0d:0d:
8b:c8:6b:af:26:a1:d6:a7:55:df:f2:ea:2b:a1:08:
cb:de:81:ba:6a:c7:0c:06:26:de:65:75:55:07:01:
66:4a:95:c1:5c:3a:79:6d:b1:f1:4d:bf:3b:b6:bf:
03:1b:df:a1:8b:a3:5d:71:c6:88:ad:50:33:e4:4d:
fd:62:f9:ce:8c:77:a5:2d:f7:f6:e7:e2:65:96:bd:
39:d4:f2:9f:f8:28:18:92:e6:1c:51:d2:1a:d2:d5:
68:09:d3:c5:3b:c1:ad:87:99:8f:68:18:55:cd:b2:
37:dc:ed:5b:b2:2b:c9:00:ca:0a:df:c4:f0:6b:00:
73:d4:ec:33:12:c1:20:f2:38:1e:68:0b:24:12:cd:
f0:fd:89:ec:01:47:43:ce:e7:f1:e2:99:5b:bd:ae:
c5:48:c8:ac:a7:f3:42:9e:96:f4:59:08:ec:3d:84:
fd:1c:9f:db:aa:47:1e:36:79:b0:4e:d5:1d:3c:ae:
11:97:79:5d:55:d2:dd:89:61:24:ff:fe:e1:05:c6:
bc:a6:28:48:fa:cb:45:f9:39:c4:3a:08:41:83:6c:
20:9e:c8:e5:fd:cf:17:ce:50:54:37:55:a6:c7:6f:
99:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8C:F3:AB:71:8A:02:25:D3:B6:46:B1:C1:CD:7D:37:05:5A:8A:D7
X509v3 Authority Key Identifier:
keyid:FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/w4zzq3GKAiXTtkaxwc19NwVaitc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.176.0/24
IPv6:
2a0a:4540::/48
2a0a:4540:3000::/48
2a0a:4545::/32
Signature Algorithm: sha256WithRSAEncryption
84:cf:99:b3:2d:22:6c:90:90:55:3e:b6:8d:a9:db:69:9e:55:
d7:7f:51:db:1f:ea:ba:27:ed:f2:c2:3d:06:25:74:ea:54:7b:
47:78:e6:43:72:90:7d:3b:9f:e0:a4:05:80:a9:67:23:4b:1f:
66:0c:d1:26:05:e5:69:c7:84:49:3a:33:d6:cc:be:49:b4:bf:
07:05:2c:5d:da:8d:57:87:95:96:d0:8b:7a:8a:87:c5:92:c3:
c9:20:d8:cc:c1:c6:00:75:3c:e7:da:98:2c:b4:5e:b5:c9:33:
54:eb:6a:e3:26:4b:4a:99:12:d7:42:49:36:e9:eb:09:2e:ca:
8b:d2:a3:d7:d6:95:93:71:84:fa:5d:75:41:25:cf:9e:b9:74:
dc:81:f3:5b:bb:4a:5e:fe:99:a2:9e:6a:ec:70:47:72:71:d0:
da:76:a0:1b:6b:f8:72:61:9c:b0:cd:37:e3:11:7e:44:f3:da:
88:dc:63:b6:6b:02:55:8e:37:d9:4b:4f:9f:a4:0a:09:6e:ab:
70:e4:c3:f0:60:a2:3e:fc:a2:45:22:90:90:c2:ba:a9:03:dd:
a9:9b:85:b1:8b:6a:27:cc:96:5d:56:e2:37:ad:2d:56:81:b6:
9b:45:82:5b:b7:81:1b:c3:fb:cb:75:3b:cc:f6:46:2e:e7:85:
ba:0e:f1:af
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZkG3CrEMpyE8XPv5xWL+DDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYWM1MGYxOWQ5OTMwYWVlYzA5Y2QyN2Y1MDhmYzUwMmVh
MTRkMWYwHhcNMjUwOTAxMTk1ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhjZjNhYjcxOGEwMjI1ZDNiNjQ2YjFjMWNkN2QzNzA1NWE4YWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDSIC6OJOXlRqAIBDk1wPOZn/96p
NgMERff+DQ2LyGuvJqHWp1Xf8uoroQjL3oG6ascMBibeZXVVBwFmSpXBXDp5bbHx
Tb87tr8DG9+hi6NdccaIrVAz5E39YvnOjHelLff25+Jllr051PKf+CgYkuYcUdIa
0tVoCdPFO8Gth5mPaBhVzbI33O1bsivJAMoK38TwawBz1OwzEsEg8jgeaAskEs3w
/YnsAUdDzufx4plbva7FSMisp/NCnpb0WQjsPYT9HJ/bqkceNnmwTtUdPK4Rl3ld
VdLdiWEk//7hBca8pihI+stF+TnEOghBg2wgnsjl/c8XzlBUN1Wmx2+ZHQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMOM86txigIl07ZGscHNfTcFWorXMB8GA1UdIwQY
MBaAFPusUPGdmTCu7AnNJ/UI/FAuoU0fMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS02eFE4WjJaTUs3c0NjMG45UWo4VUM2aFRSOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04Yjkx
LWQ2MmU0NTRiZjM3Zi8xL3c0enpxM0dLQWlYVHRrYXh3YzE5TndWYWl0Yy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04YjkxLWQ2MmU0NTRiZjM3
Zi8xLzEtNnhROFoyWk1LN3NDYzBuOVFqOFVDNmhUUjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMAwEAgABMAYDBADCMrAw
HwQCAAIwGQMHACoKRUAAAAMHACoKRUAwAAMFACoKRUUwDQYJKoZIhvcNAQELBQAD
ggEBAITPmbMtImyQkFU+to2p22meVdd/Udsf6ron7fLCPQYldOpUe0d45kNykH07
n+CkBYCpZyNLH2YM0SYF5WnHhEk6M9bMvkm0vwcFLF3ajVeHlZbQi3qKh8WSw8kg
2MzBxgB1POfamCy0XrXJM1TrauMmS0qZEtdCSTbp6wkuyovSo9fWlZNxhPpddUEl
z565dNyB81u7Sl7+maKeauxwR3Jx0Np2oBtr+HJhnLDNN+MRfkTz2ojcY7ZrAlWO
N9lLT5+kCgluq3Dkw/Bgoj78okUikJDCuqkD3ambhbGLaifMll1W4jetLVaBtptF
glu3gRvD+8t1O8z2Ri7nhboO8a8=
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:13:00 2025 by rpki-client