Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/FKODHcMCbVnlraW8e3pZVW4Jt1U.roa
File: FKODHcMCbVnlraW8e3pZVW4Jt1U.roa (raw, json)
Hash identifier: on2RzMiODWuSmU08fPG+UPwP9nXYGCG9yiUDZkxUHqE=
Subject key identifier: 14:A3:83:1D:C3:02:6D:59:E5:AD:A5:BC:7B:7A:59:55:6E:09:B7:55
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01985B2C5791DF2D8D7B548899460767FD9C
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/FKODHcMCbVnlraW8e3pZVW4Jt1U.roa
Signing time: Wed 30 Jul 2025 11:51:29 +0000
ROA not before: Wed 30 Jul 2025 11:51:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200436
IP address blocks: 5.57.32.0/24 maxlen: 24
5.57.34.0/24 maxlen: 24
5.57.35.0/24 maxlen: 24
5.57.37.0/24 maxlen: 24
5.57.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 Aug 2025 14:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5b:2c:57:91:df:2d:8d:7b:54:88:99:46:07:67:fd:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jul 30 11:51:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14a3831dc3026d59e5ada5bc7b7a59556e09b755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f6:3a:85:8f:dc:06:12:84:af:60:ea:a0:60:
69:d7:a2:b0:e0:a4:cf:cd:53:1f:74:95:8f:5e:73:
56:f8:38:10:1d:a2:61:f5:c4:d5:f5:dd:0d:5a:7e:
b0:02:83:29:b0:76:bd:c8:9d:f2:b5:91:76:a1:98:
c0:e3:3c:1f:8e:a9:20:b0:aa:c0:d2:14:a4:34:fd:
e9:7d:e0:52:a8:9e:da:ea:cd:7f:69:ab:17:fb:00:
95:90:44:10:9f:1d:54:d8:eb:7d:8d:60:8c:42:d8:
4b:7e:a1:e0:0c:49:ab:c0:5d:94:f7:a6:16:29:3e:
96:b3:6a:da:61:2d:33:37:34:b4:fa:51:cf:44:7a:
af:0a:a6:4d:a8:01:d7:a6:05:91:79:29:62:88:9a:
96:9b:d2:82:1c:de:2e:41:19:fb:be:0c:85:5f:50:
77:4c:0d:56:06:d2:ef:ac:7e:1b:df:ad:f5:cb:37:
87:21:03:57:ea:08:b1:85:21:8f:53:b1:db:9a:65:
c6:e7:2d:84:92:11:48:fb:ee:b7:c5:cf:06:86:00:
06:1c:28:f6:d5:fb:5a:15:b9:5a:a0:03:b3:01:74:
25:9c:8c:6c:71:7e:c5:48:a3:b6:8b:bd:01:07:74:
45:16:27:a1:a7:d0:8c:25:bd:38:c8:2c:22:1d:34:
aa:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A3:83:1D:C3:02:6D:59:E5:AD:A5:BC:7B:7A:59:55:6E:09:B7:55
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/FKODHcMCbVnlraW8e3pZVW4Jt1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.32.0/24
5.57.34.0/23
5.57.37.0/24
5.57.39.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:59:a6:3a:c3:67:a3:48:b2:27:36:90:71:60:47:67:41:8b:
a1:dc:25:9b:b0:bb:cd:5c:93:62:62:6b:34:5b:12:40:3a:32:
1d:8c:63:45:ca:8f:d5:45:b2:78:2e:b1:a9:2a:a3:2a:f4:f5:
bc:71:10:9b:e1:9e:c3:0e:99:0c:69:24:51:50:94:58:e6:ee:
c5:dc:df:3e:aa:ae:30:8a:7c:38:b8:6f:45:2d:c2:50:64:70:
1f:f8:91:9f:ad:37:32:d0:39:de:22:5f:ac:33:fe:57:7a:ef:
13:54:51:f1:89:b5:c1:28:b5:6d:d5:9f:9d:4f:53:b2:0a:67:
6a:52:78:4b:0c:8c:bf:47:7f:c9:40:e7:47:7d:63:33:66:5d:
c1:cb:6f:c4:0a:3d:39:32:8e:5e:68:c0:05:fe:00:7b:a2:a4:
84:c7:bd:a1:26:7b:aa:c9:83:c8:e7:74:69:03:1a:d4:6a:c4:
1b:6c:b7:8c:d0:0e:3e:43:79:81:ac:e2:8a:79:45:c1:ad:a7:
ef:96:70:ba:b4:e2:8d:fe:33:cb:d5:4c:3d:eb:c1:c9:35:f6:
45:c0:55:3a:87:d1:48:73:12:a7:53:ca:eb:54:e6:7d:82:e4:
77:ca:ec:08:1b:e2:a4:b3:58:e1:26:f2:83:61:14:85:fe:bf:
82:a9:43:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhbLFeR3y2Ne1SImUYHZ/2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjUwNzMwMTE1MTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGEzODMxZGMzMDI2ZDU5ZTVhZGE1YmM3YjdhNTk1NTZlMDliNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPY6hY/cBhKEr2DqoGBp16Kw4KTP
zVMfdJWPXnNW+DgQHaJh9cTV9d0NWn6wAoMpsHa9yJ3ytZF2oZjA4zwfjqkgsKrA
0hSkNP3pfeBSqJ7a6s1/aasX+wCVkEQQnx1U2Ot9jWCMQthLfqHgDEmrwF2U96YW
KT6Ws2raYS0zNzS0+lHPRHqvCqZNqAHXpgWReSliiJqWm9KCHN4uQRn7vgyFX1B3
TA1WBtLvrH4b3631yzeHIQNX6gixhSGPU7HbmmXG5y2EkhFI++63xc8GhgAGHCj2
1ftaFblaoAOzAXQlnIxscX7FSKO2i70BB3RFFiehp9CMJb04yCwiHTSqKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBSjgx3DAm1Z5a2lvHt6WVVuCbdVMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvRktPREhjTUNiVm5scmFXOGUzcFpWVzRKdDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABTkgAwQB
BTkiAwQABTklAwQABTknMA0GCSqGSIb3DQEBCwUAA4IBAQArWaY6w2ejSLInNpBx
YEdnQYuh3CWbsLvNXJNiYms0WxJAOjIdjGNFyo/VRbJ4LrGpKqMq9PW8cRCb4Z7D
DpkMaSRRUJRY5u7F3N8+qq4winw4uG9FLcJQZHAf+JGfrTcy0DneIl+sM/5Xeu8T
VFHxibXBKLVt1Z+dT1OyCmdqUnhLDIy/R3/JQOdHfWMzZl3By2/ECj05Mo5eaMAF
/gB7oqSEx72hJnuqyYPI53RpAxrUasQbbLeM0A4+Q3mBrOKKeUXBrafvlnC6tOKN
/jPL1Uw968HJNfZFwFU6h9FIcxKnU8rrVOZ9guR3yuwIG+Kks1jhJvKDYRSF/r+C
qUOF
-----END CERTIFICATE-----
Generated at Thu Jul 31 22:36:41 2025 by rpki-client