Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/FuRKLU71dK-uOJuHOesdxUGwG-Y.roa
File: FuRKLU71dK-uOJuHOesdxUGwG-Y.roa (raw, json)
Hash identifier: PWjqMSjY8+kswHCVdXjlDqQ/YWbyG5B7gZsBsEmTQGM=
Subject key identifier: 16:E4:4A:2D:4E:F5:74:AF:AE:38:9B:87:39:EB:1D:C5:41:B0:1B:E6
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B369FD17388A054029AE0FE1667D62
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/FuRKLU71dK-uOJuHOesdxUGwG-Y.roa
Signing time: Mon 14 Jul 2025 16:10:09 +0000
ROA not before: Mon 14 Jul 2025 16:10:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56630
IP address blocks: 185.40.5.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
185.232.168.0/24 maxlen: 24
194.53.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 20:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b3:69:fd:17:38:8a:05:40:29:ae:0f:e1:66:7d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:10:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16e44a2d4ef574afae389b8739eb1dc541b01be6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:aa:6a:4b:81:aa:43:9e:6c:ca:53:15:b7:e7:
84:36:2d:14:5f:ba:94:f2:39:0c:dd:f0:98:15:5f:
32:b7:dc:a1:6a:5c:52:29:f7:da:85:88:54:ac:8a:
f0:dd:8f:f0:b4:09:39:ed:fe:54:a9:e8:cc:08:c8:
d8:33:3b:27:43:2b:ee:83:2d:26:d1:bd:29:83:e7:
2a:ef:c0:b9:df:cf:fc:14:b7:e9:eb:19:c9:c7:da:
dd:45:10:8a:32:12:fa:98:fe:bf:0b:21:da:98:7c:
7e:d0:dd:e6:66:20:5c:79:84:85:ea:1c:01:9d:d1:
e8:44:1e:25:ac:b8:fc:a8:3f:43:d3:5a:62:b3:41:
21:95:2f:ba:1b:05:f2:e0:be:ab:b0:29:2a:9b:68:
05:df:27:d6:d6:5a:26:c3:f0:f5:90:d0:b1:5f:96:
6a:2f:a4:54:96:f6:b8:d0:91:36:5e:52:d8:dc:55:
cb:8c:e1:d4:cf:23:da:ac:98:cf:d7:2d:04:32:57:
c7:66:38:3e:48:82:96:79:dd:1f:67:18:8d:01:85:
f8:ce:1a:89:0d:0d:fc:d6:df:db:55:2a:c3:37:b2:
74:39:c9:c3:d5:91:57:24:a0:62:90:fc:32:6f:c8:
1f:f3:3b:8e:01:07:fd:d4:d8:a0:b4:d2:6f:c7:22:
e2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:E4:4A:2D:4E:F5:74:AF:AE:38:9B:87:39:EB:1D:C5:41:B0:1B:E6
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/FuRKLU71dK-uOJuHOesdxUGwG-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.5.0/24
185.117.117.0/24
185.232.168.0/24
194.53.55.0/24
Signature Algorithm: sha256WithRSAEncryption
51:f4:af:1b:80:7e:94:17:79:a7:6a:b0:26:c5:7a:1f:38:91:
b1:ae:ae:bf:49:b6:e5:d0:48:f1:79:59:9f:fa:1d:90:7d:7c:
03:21:87:b9:35:e0:e4:f8:38:c4:a7:6a:60:00:d9:e7:e0:d8:
19:f1:50:42:35:e4:8b:ad:5f:12:0c:a2:72:56:50:af:57:bf:
51:0a:0e:8f:6e:1f:a6:f3:15:86:a2:c3:f5:56:3c:45:ba:46:
59:9f:09:0a:36:3c:8b:ce:df:24:fd:d5:1d:3c:34:a6:6e:e6:
b6:6e:80:b7:96:ba:76:2f:06:b3:07:3f:78:dd:40:b7:e1:da:
9a:7d:23:b4:d3:5b:65:95:75:47:75:ee:98:72:47:8d:0d:c4:
d6:21:cb:a3:2f:43:44:2f:70:d1:1f:e3:0d:2b:a1:62:7f:02:
6d:3e:eb:e4:bd:5f:ef:86:d0:ad:e9:6e:76:f1:74:84:4d:4e:
2b:d9:ee:4a:17:c3:3d:a7:ca:c2:1a:97:b6:6c:84:95:15:31:
de:ef:96:01:85:76:2a:55:82:53:02:c3:2b:5a:0f:ef:91:ab:
b5:ab:26:f5:56:d0:ed:6e:01:a6:e9:8a:e6:0b:73:43:63:ce:
07:83:0d:5b:9a:a6:88:a9:87:45:69:4c:a1:2e:b8:aa:1d:12:
c7:c9:7f:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgJs2n9FziKBUAprg/hZn1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYxMDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmU0NGEyZDRlZjU3NGFmYWUzODliODczOWViMWRjNTQxYjAxYmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKpqS4GqQ55sylMVt+eENi0UX7qU
8jkM3fCYFV8yt9yhalxSKffahYhUrIrw3Y/wtAk57f5UqejMCMjYMzsnQyvugy0m
0b0pg+cq78C538/8FLfp6xnJx9rdRRCKMhL6mP6/CyHamHx+0N3mZiBceYSF6hwB
ndHoRB4lrLj8qD9D01pis0EhlS+6GwXy4L6rsCkqm2gF3yfW1lomw/D1kNCxX5Zq
L6RUlva40JE2XlLY3FXLjOHUzyParJjP1y0EMlfHZjg+SIKWed0fZxiNAYX4zhqJ
DQ381t/bVSrDN7J0OcnD1ZFXJKBikPwyb8gf8zuOAQf91NigtNJvxyLi+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBbkSi1O9XSvrjibhznrHcVBsBvmMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvRnVSS0xVNzFkSy11T0p1SE9lc2R4VUd3Ry1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuSgFAwQA
uXV1AwQAueioAwQAwjU3MA0GCSqGSIb3DQEBCwUAA4IBAQBR9K8bgH6UF3mnarAm
xXofOJGxrq6/Sbbl0EjxeVmf+h2QfXwDIYe5NeDk+DjEp2pgANnn4NgZ8VBCNeSL
rV8SDKJyVlCvV79RCg6Pbh+m8xWGosP1VjxFukZZnwkKNjyLzt8k/dUdPDSmbua2
boC3lrp2LwazBz943UC34dqafSO001tllXVHde6YckeNDcTWIcujL0NEL3DRH+MN
K6FifwJtPuvkvV/vhtCt6W528XSETU4r2e5KF8M9p8rCGpe2bISVFTHe75YBhXYq
VYJTAsMrWg/vkau1qyb1VtDtbgGm6YrmC3NDY84Hgw1bmqaIqYdFaUyhLriqHRLH
yX+D
-----END CERTIFICATE-----
Generated at Tue Jul 22 05:09:25 2025 by rpki-client