Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa
File: 1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa (raw, json)
Hash identifier: 32fP/D02b4404J0+5cPNK59TuFMj1f7NhGygcv25yuI=
Subject key identifier: F9:F3:70:50:59:4E:E9:F0:FA:8B:77:FF:D5:28:5E:2F:95:15:5B:48
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01980885474DA036059CECB683CCFA6EC767
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa
Signing time: Mon 14 Jul 2025 10:40:08 +0000
ROA not before: Mon 14 Jul 2025 10:40:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31708
IP address blocks: 93.113.110.0/23 maxlen: 23
93.114.86.0/23 maxlen: 23
93.114.184.0/23 maxlen: 23
93.114.234.0/23 maxlen: 23
176.56.56.0/21 maxlen: 21
176.56.56.0/24 maxlen: 24
185.17.180.0/22 maxlen: 22
185.65.40.0/22 maxlen: 22
185.164.196.0/22 maxlen: 22
188.212.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 15:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:85:47:4d:a0:36:05:9c:ec:b6:83:cc:fa:6e:c7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jul 14 10:40:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9f37050594ee9f0fa8b77ffd5285e2f95155b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7a:60:b8:31:3d:e2:c5:ac:52:88:10:9c:1c:
ec:c3:9f:19:3a:17:05:35:32:5b:6b:d3:a5:be:43:
fe:30:3c:ea:78:2a:63:92:ff:93:80:64:78:02:32:
7f:d5:d7:ad:b0:0b:4c:c2:95:eb:ea:a6:bc:63:e3:
9e:f6:f4:a8:fc:0d:f6:2c:e9:c3:bd:39:8f:a1:c9:
0c:b3:71:97:bb:d2:88:1a:60:fe:8d:9e:db:70:9d:
06:2f:24:7c:13:d6:5d:08:68:79:2b:34:05:b6:fd:
5a:d4:f2:83:7e:b4:37:fd:7b:7b:be:dd:20:ff:5c:
b6:d6:a0:b2:e9:1d:be:b8:1c:6e:3c:88:60:6d:72:
25:63:c2:57:a7:d0:4b:9c:0c:80:ca:82:0c:b6:80:
36:73:90:29:88:31:da:f5:4d:12:c1:d4:4c:fe:00:
a6:3f:3e:a8:4f:0f:bd:39:ce:09:49:2c:16:d4:4f:
62:47:ab:0d:85:8d:ec:b2:d2:bc:ad:34:26:ce:ce:
e5:37:9e:ef:01:e9:bb:d0:9c:89:e1:c2:6c:27:01:
94:81:d5:bc:c2:40:63:87:46:2c:b7:d8:ad:a1:5c:
76:1e:3e:7f:c6:f5:73:c7:77:e3:6f:cf:ea:17:9b:
59:08:fe:07:0e:64:bb:b0:9e:f0:8b:f6:ae:d1:df:
58:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F3:70:50:59:4E:E9:F0:FA:8B:77:FF:D5:28:5E:2F:95:15:5B:48
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.110.0/23
93.114.86.0/23
93.114.184.0/23
93.114.234.0/23
176.56.56.0/21
185.17.180.0/22
185.65.40.0/22
185.164.196.0/22
188.212.34.0/23
Signature Algorithm: sha256WithRSAEncryption
13:12:d0:7c:18:df:a5:e0:9b:8b:ed:88:51:48:6a:91:62:61:
99:21:83:93:e1:d1:3f:e1:35:25:1d:fd:24:ca:20:77:6a:38:
fc:a0:1d:9d:8c:a7:32:d5:b3:fd:f7:d2:5c:18:7a:87:5b:69:
81:1e:bb:07:55:35:00:4d:f9:00:5d:3f:dc:ad:17:4c:42:a4:
3f:58:83:0a:b9:58:c7:78:84:75:87:d3:a3:58:5a:d9:94:62:
11:24:34:a3:75:d5:ed:de:c5:16:c7:24:4f:bd:78:7c:4b:ef:
a5:1f:e8:13:04:59:03:c6:a1:56:4f:43:9b:84:4c:b1:26:6b:
fb:1c:de:5d:16:d5:ec:a8:fb:58:67:eb:f0:6a:92:3f:66:7f:
10:9a:92:6e:79:df:b8:ed:a6:5f:71:f6:fa:89:2f:7e:a2:19:
13:13:f8:99:4b:5a:dd:13:3d:2a:ec:69:e8:ba:2e:10:2b:48:
1a:a3:76:46:b8:0d:c4:4d:f8:ef:48:14:60:0a:b0:ab:f4:bb:
da:39:62:2f:29:b9:97:48:74:e1:b9:ed:6f:04:53:a8:68:72:
0a:aa:46:ef:21:c9:69:af:bf:e6:32:87:70:ce:b5:e4:9c:27:
41:c8:ca:ae:ec:5a:93:73:b5:a2:82:b8:fb:8f:64:4c:ce:90:
27:17:49:a3
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZgIhUdNoDYFnOy2g8z6bsdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwNzE0MTA0MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWYzNzA1MDU5NGVlOWYwZmE4Yjc3ZmZkNTI4NWUyZjk1MTU1YjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHpguDE94sWsUogQnBzsw58ZOhcF
NTJba9OlvkP+MDzqeCpjkv+TgGR4AjJ/1detsAtMwpXr6qa8Y+Oe9vSo/A32LOnD
vTmPockMs3GXu9KIGmD+jZ7bcJ0GLyR8E9ZdCGh5KzQFtv1a1PKDfrQ3/Xt7vt0g
/1y21qCy6R2+uBxuPIhgbXIlY8JXp9BLnAyAyoIMtoA2c5ApiDHa9U0SwdRM/gCm
Pz6oTw+9Oc4JSSwW1E9iR6sNhY3sstK8rTQmzs7lN57vAem70JyJ4cJsJwGUgdW8
wkBjh0Yst9itoVx2Hj5/xvVzx3fjb8/qF5tZCP4HDmS7sJ7wi/au0d9YTQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPnzcFBZTunw+ot3/9UoXi+VFVtIMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvMS1mTndVRmxPNmZENmkzZl8xU2hlTDVVVlcwZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWYvMjIyM2NhLWNlMzgtNDliYi1iMTI1LWNjYTM3NjA2YmYx
OC8xL1VzMmFaUkxiOGxwZkdiZ24xNkxINGlvdTZOMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAV1xbgME
AV1yVgMEAV1yuAMEAV1y6gMEA7A4OAMEArkRtAMEArlBKAMEArmkxAMEAbzUIjAN
BgkqhkiG9w0BAQsFAAOCAQEAExLQfBjfpeCbi+2IUUhqkWJhmSGDk+HRP+E1JR39
JMogd2o4/KAdnYynMtWz/ffSXBh6h1tpgR67B1U1AE35AF0/3K0XTEKkP1iDCrlY
x3iEdYfTo1ha2ZRiESQ0o3XV7d7FFsckT714fEvvpR/oEwRZA8ahVk9Dm4RMsSZr
+xzeXRbV7Kj7WGfr8GqSP2Z/EJqSbnnfuO2mX3H2+okvfqIZExP4mUta3RM9Kuxp
6LouECtIGqN2RrgNxE3470gUYAqwq/S72jliLym5l0h04bntbwRTqGhyCqpG7yHJ
aa+/5jKHcM615JwnQcjKruxak3O1ooK4+49kTM6QJxdJow==
-----END CERTIFICATE-----
Generated at Sat Jul 26 21:17:14 2025 by rpki-client