Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fba8q-62f_l_7Y5Vgpid3qly8o8.roa
File: fba8q-62f_l_7Y5Vgpid3qly8o8.roa (raw, json)
Hash identifier: 0ZZ/CxRAaayGOUXF8hGoPxV1Q5vJ5ngvWtBoASNp8Nk=
Subject key identifier: 7D:B6:BC:AB:EE:B6:7F:F9:7F:ED:8E:55:82:98:9D:DE:A9:72:F2:8F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198460010E4EAB281B6242FBA2A6BC35034
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fba8q-62f_l_7Y5Vgpid3qly8o8.roa
Signing time: Sat 26 Jul 2025 09:11:06 +0000
ROA not before: Sat 26 Jul 2025 09:11:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 31.58.237.0/24 maxlen: 24
217.60.199.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:46:00:10:e4:ea:b2:81:b6:24:2f:ba:2a:6b:c3:50:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 26 09:11:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7db6bcabeeb67ff97fed8e5582989ddea972f28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:22:00:46:3c:9e:be:06:37:df:0e:db:14:0d:
c3:c5:c1:db:53:d6:1f:6d:d2:5b:75:56:14:5a:a5:
97:25:c1:b6:10:ef:2b:f9:5c:47:ce:01:72:b3:38:
b2:d5:e6:c9:de:7a:f3:6a:50:5d:f5:91:9f:da:f5:
72:4a:41:16:4f:61:ae:a6:56:0e:60:01:bc:2e:8d:
f0:a3:5e:7a:d8:f6:5c:4c:56:cf:e2:f6:18:fc:f4:
ee:5c:9a:7a:7a:57:16:c5:47:99:21:c3:b4:da:3d:
e6:55:4d:77:16:57:e2:72:29:34:9a:db:cc:8a:ae:
b3:da:4c:75:f7:c4:bd:93:0d:a5:78:17:b4:40:28:
71:4a:51:e5:61:fe:3c:05:bd:7e:ff:87:82:27:99:
3d:63:14:b3:64:75:20:eb:e3:51:96:06:cb:5c:72:
a3:92:c3:61:54:59:b9:c1:43:c7:4d:32:79:d3:b6:
0b:e7:1e:bc:51:fb:78:c1:1a:fa:f9:13:45:31:8c:
74:48:86:2b:37:1e:ee:16:88:b1:df:cb:47:9b:67:
9a:6c:72:64:eb:3b:f7:9a:9b:4b:7a:22:3c:ef:8e:
ff:f5:f4:72:79:21:a2:2f:db:71:c0:1f:50:e0:17:
15:63:0f:ad:e1:8b:95:51:a1:c1:b5:ac:d9:be:f3:
49:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B6:BC:AB:EE:B6:7F:F9:7F:ED:8E:55:82:98:9D:DE:A9:72:F2:8F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fba8q-62f_l_7Y5Vgpid3qly8o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.237.0/24
217.60.199.0/24
217.60.237.0-217.60.238.255
Signature Algorithm: sha256WithRSAEncryption
86:f0:d8:99:d7:99:5d:cd:05:7c:5a:5c:1b:2d:8c:77:47:a5:
f2:7d:2a:99:cf:93:bb:d5:a9:ac:18:1d:9d:8d:9a:fc:75:94:
0a:72:d5:be:64:d8:7f:14:81:e8:4a:14:8e:91:4e:22:6a:98:
f3:13:2c:86:3d:ef:d1:29:10:49:31:67:46:13:eb:9e:84:fb:
ed:98:09:e1:49:fd:ae:09:a8:87:1a:ed:32:f0:3f:fa:a3:11:
29:13:40:79:fd:c0:12:14:32:29:9c:72:ca:92:61:c1:91:45:
7f:71:9a:ce:78:95:3f:98:12:e3:b4:b9:d0:36:38:55:77:71:
0e:13:06:9f:61:77:60:c1:eb:c1:a8:e9:60:5c:65:48:b9:ba:
7b:f2:46:b4:54:f6:61:e5:f2:45:c0:e7:59:11:d6:ca:1e:46:
f7:54:e6:97:56:59:12:e7:95:35:e5:54:cf:47:1e:1e:7a:5b:
b1:9b:63:49:88:b5:b6:d5:9d:2c:2f:c9:b5:0f:bc:a2:66:9d:
19:4e:f1:b1:38:7a:ca:3a:0e:ea:30:32:40:04:b9:ce:a9:ae:
55:67:fb:87:28:c1:9f:69:8e:70:9a:f9:65:40:fc:da:14:2e:
71:40:f8:38:4d:8d:b7:08:df:5a:71:59:98:34:6d:b0:e5:96:
a5:98:48:1e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZhGABDk6rKBtiQvuiprw1A0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzI2MDkxMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGI2YmNhYmVlYjY3ZmY5N2ZlZDhlNTU4Mjk4OWRkZWE5NzJmMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiIARjyevgY33w7bFA3DxcHbU9Yf
bdJbdVYUWqWXJcG2EO8r+VxHzgFysziy1ebJ3nrzalBd9ZGf2vVySkEWT2GuplYO
YAG8Lo3wo1562PZcTFbP4vYY/PTuXJp6elcWxUeZIcO02j3mVU13Flficik0mtvM
iq6z2kx198S9kw2leBe0QChxSlHlYf48Bb1+/4eCJ5k9YxSzZHUg6+NRlgbLXHKj
ksNhVFm5wUPHTTJ507YL5x68Uft4wRr6+RNFMYx0SIYrNx7uFoix38tHm2eabHJk
6zv3mptLeiI8747/9fRyeSGiL9txwB9Q4BcVYw+t4YuVUaHBtazZvvNJvwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH22vKvutn/5f+2OVYKYnd6pcvKPMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZmJhOHEtNjJmX2xfN1k1VmdwaWQzcWx5OG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAHzrtAwQA
2TzHMAwDBADZPO0DBADZPO4wDQYJKoZIhvcNAQELBQADggEBAIbw2JnXmV3NBXxa
XBstjHdHpfJ9KpnPk7vVqawYHZ2Nmvx1lApy1b5k2H8UgehKFI6RTiJqmPMTLIY9
79EpEEkxZ0YT656E++2YCeFJ/a4JqIca7TLwP/qjESkTQHn9wBIUMimccsqSYcGR
RX9xms54lT+YEuO0udA2OFV3cQ4TBp9hd2DB68Go6WBcZUi5unvyRrRU9mHl8kXA
51kR1soeRvdU5pdWWRLnlTXlVM9HHh56W7GbY0mItbbVnSwvybUPvKJmnRlO8bE4
eso6DuowMkAEuc6prlVn+4cowZ9pjnCa+WVA/NoULnFA+DhNjbcI31pxWZg0bbDl
lqWYSB4=
-----END CERTIFICATE-----
Generated at Sat Jul 26 21:07:55 2025 by rpki-client