Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/FFPDMHJ-Jqx3kk-gvkD1qDp-v9k.roa
File: FFPDMHJ-Jqx3kk-gvkD1qDp-v9k.roa (raw, json)
Hash identifier: Ymsup5BEwzDp7E2mJg5hRNMRIrzKpWGEglwuk0pdV74=
Subject key identifier: 14:53:C3:30:72:7E:26:AC:77:92:4F:A0:BE:40:F5:A8:3A:7E:BF:D9
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 01983691F14EEAD8CEDC73EF9A3DABE3DFCF
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/FFPDMHJ-Jqx3kk-gvkD1qDp-v9k.roa
Signing time: Wed 23 Jul 2025 09:16:30 +0000
ROA not before: Wed 23 Jul 2025 09:16:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 5.129.192.0/18 maxlen: 24
5.129.240.0/24 maxlen: 24
5.129.241.0/24 maxlen: 24
5.129.242.0/24 maxlen: 24
5.129.243.0/24 maxlen: 24
5.129.244.0/24 maxlen: 24
5.129.245.0/24 maxlen: 24
5.129.246.0/24 maxlen: 24
5.129.247.0/24 maxlen: 24
5.129.249.0/24 maxlen: 24
5.129.250.0/24 maxlen: 24
5.129.251.0/24 maxlen: 24
5.129.252.0/24 maxlen: 24
5.129.253.0/24 maxlen: 24
5.129.254.0/24 maxlen: 24
5.129.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:36:91:f1:4e:ea:d8:ce:dc:73:ef:9a:3d:ab:e3:df:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Jul 23 09:16:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1453c330727e26ac77924fa0be40f5a83a7ebfd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8a:3b:18:49:04:6c:1a:6c:7b:45:eb:b8:d3:
9f:09:04:a7:1b:81:66:3a:08:5c:e7:df:2a:5c:b4:
85:f3:92:0e:48:87:bd:28:b3:75:f9:0a:0c:8e:b7:
4d:2e:fb:78:e2:93:45:c7:f2:f8:3e:69:b7:8c:a0:
03:b9:52:d9:6e:0c:5c:b0:79:4a:18:44:ec:81:dd:
72:d2:23:a5:4e:48:dc:61:a6:f2:12:2d:ba:57:b2:
d9:fc:e8:a9:1e:ae:92:5e:9c:86:93:9f:53:7f:91:
78:f5:9a:b5:6e:a9:a5:0e:17:ae:47:d6:7b:ec:28:
c6:50:78:fc:04:db:eb:a5:1a:7f:b9:33:1a:10:99:
56:81:01:3a:df:6e:82:73:02:d9:52:76:3b:d2:c9:
56:05:c7:a3:f1:96:9b:cf:63:01:cd:09:05:21:2c:
8b:23:2c:21:c2:53:63:c7:cc:ca:83:b5:92:73:00:
47:8f:7f:a6:5a:e0:93:6c:08:f3:ff:b8:af:5f:42:
63:9a:3d:be:f3:eb:2b:70:ed:42:cd:88:63:4c:70:
8c:ca:17:9a:a5:d1:79:f2:63:6d:c1:ab:5c:da:37:
08:8b:76:1e:40:92:95:55:2a:db:d1:95:ed:03:47:
e4:f6:62:b0:e3:f6:21:2a:30:ce:8d:d2:73:e9:b9:
40:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:53:C3:30:72:7E:26:AC:77:92:4F:A0:BE:40:F5:A8:3A:7E:BF:D9
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/FFPDMHJ-Jqx3kk-gvkD1qDp-v9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.129.192.0/18
Signature Algorithm: sha256WithRSAEncryption
7b:79:b7:24:90:15:2f:72:91:2d:e0:db:fe:27:0c:fb:e1:3e:
9c:1c:4e:df:4f:23:a7:bc:c7:cf:ad:53:db:f3:c8:bc:e7:d2:
fa:81:4e:4a:c1:22:52:03:6b:63:17:c1:c1:cd:3b:c3:ca:b1:
2f:6b:98:ba:06:62:ca:19:74:23:bc:d4:59:8e:11:31:10:67:
55:0a:d3:4b:ca:19:4f:8c:fb:3d:94:c4:33:55:f3:c6:f6:c1:
38:b8:06:17:4e:d2:82:dd:28:c1:4e:35:cb:b3:3a:b1:03:0d:
ba:85:b2:e6:4c:70:88:3c:a4:09:ed:38:54:b7:cf:fc:57:04:
42:1c:2b:9c:a0:78:b6:c6:5f:d2:bf:77:29:58:58:46:95:10:
99:a3:09:b5:1b:fe:46:a6:18:c9:8e:c3:63:3c:87:fe:64:2f:
19:32:00:10:95:9b:90:55:6d:79:05:66:37:90:fe:22:84:a3:
8b:e9:7e:34:c5:63:22:de:3b:04:e1:3f:71:47:0b:e8:7e:30:
eb:f2:61:5f:49:f9:d4:23:40:19:fa:71:73:7a:b8:15:98:cb:
34:18:b5:5a:50:2b:53:6f:31:f1:56:52:10:91:5b:92:ff:5d:
c9:db:fe:b8:86:f7:27:ea:ee:46:7f:89:3c:81:40:32:e0:e6:
4c:a1:39:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZg2kfFO6tjO3HPvmj2r49/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjUwNzIzMDkxNjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDUzYzMzMDcyN2UyNmFjNzc5MjRmYTBiZTQwZjVhODNhN2ViZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoo7GEkEbBpse0XruNOfCQSnG4Fm
Oghc598qXLSF85IOSIe9KLN1+QoMjrdNLvt44pNFx/L4Pmm3jKADuVLZbgxcsHlK
GETsgd1y0iOlTkjcYabyEi26V7LZ/OipHq6SXpyGk59Tf5F49Zq1bqmlDheuR9Z7
7CjGUHj8BNvrpRp/uTMaEJlWgQE6326CcwLZUnY70slWBcej8Zabz2MBzQkFISyL
IywhwlNjx8zKg7WScwBHj3+mWuCTbAjz/7ivX0Jjmj2+8+srcO1CzYhjTHCMyhea
pdF58mNtwatc2jcIi3YeQJKVVSrb0ZXtA0fk9mKw4/YhKjDOjdJz6blA6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBRTwzByfiasd5JPoL5A9ag6fr/ZMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEvRkZQRE1ISi1KcXgza2stZ3ZrRDFxRHAtdjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGBYHAMA0G
CSqGSIb3DQEBCwUAA4IBAQB7ebckkBUvcpEt4Nv+Jwz74T6cHE7fTyOnvMfPrVPb
88i859L6gU5KwSJSA2tjF8HBzTvDyrEva5i6BmLKGXQjvNRZjhExEGdVCtNLyhlP
jPs9lMQzVfPG9sE4uAYXTtKC3SjBTjXLszqxAw26hbLmTHCIPKQJ7ThUt8/8VwRC
HCucoHi2xl/Sv3cpWFhGlRCZowm1G/5GphjJjsNjPIf+ZC8ZMgAQlZuQVW15BWY3
kP4ihKOL6X40xWMi3jsE4T9xRwvofjDr8mFfSfnUI0AZ+nFzergVmMs0GLVaUCtT
bzHxVlIQkVuS/13J2/64hvcn6u5Gf4k8gUAy4OZMoTlE
-----END CERTIFICATE-----
Generated at Thu Jul 24 23:18:03 2025 by rpki-client