Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FU3SDfCnB79Ju5-rNHjRUPfyumE.roa
File: FU3SDfCnB79Ju5-rNHjRUPfyumE.roa (raw, json)
Hash identifier: 8uVIbplwluXjIvn92PqGYIZdoCQ0eu3es3sMSZK7V54=
Subject key identifier: 15:4D:D2:0D:F0:A7:07:BF:49:BB:9F:AB:34:78:D1:50:F7:F2:BA:61
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0197FA23F24C590A9C2D9D0622445EB097D6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FU3SDfCnB79Ju5-rNHjRUPfyumE.roa
Signing time: Fri 11 Jul 2025 15:39:09 +0000
ROA not before: Fri 11 Jul 2025 15:39:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:fa:23:f2:4c:59:0a:9c:2d:9d:06:22:44:5e:b0:97:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 11 15:39:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=154dd20df0a707bf49bb9fab3478d150f7f2ba61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0f:1e:72:da:da:3e:70:73:75:09:58:0b:5a:
63:96:75:10:bb:fd:5a:0f:2a:d0:fe:f5:93:71:25:
ce:79:86:3f:d5:30:23:6c:09:fd:dd:45:b2:33:4a:
b6:f6:07:48:fc:75:23:55:8a:5b:06:a2:aa:23:ef:
66:2c:2f:ef:07:88:30:91:2c:dc:0f:79:c1:b4:dd:
41:f6:b1:41:f8:80:87:0d:24:06:57:34:a9:5f:f7:
73:0a:90:e4:fd:c9:be:5c:75:66:1b:40:f7:06:d4:
24:0e:bc:95:b9:28:bc:f3:54:63:a2:ad:ca:5b:1b:
76:58:5b:20:47:db:07:e6:72:b2:23:50:92:6a:78:
6d:88:89:72:cb:4d:e0:c4:fb:ca:c8:fc:4c:ff:94:
88:49:7c:78:79:e7:9f:99:35:bb:f9:f6:37:17:37:
ba:ba:f4:cc:bc:16:45:e2:c2:37:be:ee:73:a4:fc:
18:b1:5d:67:3f:8a:eb:7a:39:97:7b:e2:6a:f2:d7:
7e:8a:92:ec:dc:4f:31:67:7b:93:77:64:51:fb:e2:
0c:e4:5c:45:9b:49:b6:bb:42:75:ae:ab:08:48:53:
2a:14:6c:a4:0d:2f:f2:4d:a7:98:d1:6d:ef:13:de:
0d:2b:66:c4:ed:e8:10:ac:b9:ff:71:c2:ea:11:81:
a0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:4D:D2:0D:F0:A7:07:BF:49:BB:9F:AB:34:78:D1:50:F7:F2:BA:61
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FU3SDfCnB79Ju5-rNHjRUPfyumE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.104.0/24
89.213.123.0/24
213.210.52.0/23
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
32:5c:1a:e7:8d:49:a0:eb:a6:f0:3f:3a:2b:9d:23:f6:4e:76:
16:89:4a:92:57:ae:98:1d:39:3d:2a:57:76:db:15:2d:8d:d9:
6f:a9:0c:71:fa:62:51:24:9c:61:d9:01:e5:f0:07:b5:d6:8d:
fd:62:e9:da:58:f6:23:f7:54:7a:e8:3c:b7:c7:66:af:8f:b5:
a6:0b:3e:6c:34:24:44:8e:29:1d:d1:aa:de:19:82:d9:16:71:
42:fb:09:34:aa:e4:12:28:13:1f:6c:b5:e7:2a:f5:94:b2:b7:
79:c1:31:12:68:fa:8d:57:71:ed:5f:c3:00:f6:12:41:f1:8f:
40:da:fc:78:b8:fa:ce:2f:0f:54:37:e1:7f:b5:20:a8:2d:58:
41:f2:04:45:96:9e:b9:9a:6d:da:18:e8:d3:ff:32:81:ee:1f:
61:ea:7f:b0:6f:27:7b:05:ef:e4:2d:d9:e7:c0:b4:02:17:3f:
dd:78:78:72:37:11:14:62:a0:36:62:71:db:81:f6:76:49:29:
af:09:19:2b:95:0a:67:aa:18:60:27:26:25:b7:16:08:f5:7e:
d6:af:9f:6c:dd:bd:93:29:8c:f5:1c:74:88:6a:d7:35:93:a9:
e9:85:62:dc:43:15:ba:37:e4:89:a8:f3:8f:35:c7:4a:6d:e8:
82:0a:4a:ef
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZf6I/JMWQqcLZ0GIkResJfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNzExMTUzOTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTRkZDIwZGYwYTcwN2JmNDliYjlmYWIzNDc4ZDE1MGY3ZjJiYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAww8ectraPnBzdQlYC1pjlnUQu/1a
DyrQ/vWTcSXOeYY/1TAjbAn93UWyM0q29gdI/HUjVYpbBqKqI+9mLC/vB4gwkSzc
D3nBtN1B9rFB+ICHDSQGVzSpX/dzCpDk/cm+XHVmG0D3BtQkDryVuSi881Rjoq3K
Wxt2WFsgR9sH5nKyI1CSanhtiIlyy03gxPvKyPxM/5SISXx4eeefmTW7+fY3Fze6
uvTMvBZF4sI3vu5zpPwYsV1nP4rrejmXe+Jq8td+ipLs3E8xZ3uTd2RR++IM5FxF
m0m2u0J1rqsISFMqFGykDS/yTaeY0W3vE94NK2bE7egQrLn/ccLqEYGgIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBVN0g3wpwe/SbufqzR40VD38rphMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRlUzU0RmQ25CNzlKdTUtck5IalJVUGZ5dW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpiOAwQA
WdVoAwQAWdV7AwQB1dI0AwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQAyXBrnjUmg
66bwPzornSP2TnYWiUqSV66YHTk9Kld22xUtjdlvqQxx+mJRJJxh2QHl8Ae11o39
YunaWPYj91R66Dy3x2avj7WmCz5sNCREjikd0areGYLZFnFC+wk0quQSKBMfbLXn
KvWUsrd5wTESaPqNV3HtX8MA9hJB8Y9A2vx4uPrOLw9UN+F/tSCoLVhB8gRFlp65
mm3aGOjT/zKB7h9h6n+wbyd7Be/kLdnnwLQCFz/deHhyNxEUYqA2YnHbgfZ2SSmv
CRkrlQpnqhhgJyYltxYI9X7Wr59s3b2TKYz1HHSIatc1k6nphWLcQxW6N+SJqPOP
NcdKbeiCCkrv
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:33:50 2025 by rpki-client