Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/FBNO6npvtm0ONb-jYOMfpxVIrnM.roa
File: FBNO6npvtm0ONb-jYOMfpxVIrnM.roa (raw, json)
Hash identifier: FnFMVMWax54UgBMAdC/sjIfxm+ayTB/gAK9ZpT1w5G0=
Subject key identifier: 14:13:4E:EA:7A:6F:B6:6D:0E:35:BF:A3:60:E3:1F:A7:15:48:AE:73
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 0197D4B1D48A690892EC7F6A01D1AAEF57ED
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/FBNO6npvtm0ONb-jYOMfpxVIrnM.roa
Signing time: Fri 04 Jul 2025 09:08:33 +0000
ROA not before: Fri 04 Jul 2025 09:08:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 195.226.82.0/24 maxlen: 24
195.226.83.0/24 maxlen: 24
195.226.84.0/24 maxlen: 24
195.226.85.0/24 maxlen: 24
195.226.86.0/24 maxlen: 24
195.226.87.0/24 maxlen: 24
195.226.92.0/24 maxlen: 24
195.226.93.0/24 maxlen: 24
195.226.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:b1:d4:8a:69:08:92:ec:7f:6a:01:d1:aa:ef:57:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Jul 4 09:08:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14134eea7a6fb66d0e35bfa360e31fa71548ae73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8f:2b:d5:19:fe:b2:a6:5f:45:d1:1c:d7:5a:
bd:d6:61:75:ef:98:7e:c9:3f:42:7e:30:59:96:ab:
05:51:85:65:77:bb:6b:9b:1c:8a:d8:aa:57:0a:04:
f9:53:d2:5c:b2:4d:81:f2:41:ec:bf:9d:1c:04:e7:
b4:e0:ed:27:2b:40:cd:20:f7:b0:e8:9d:ef:8a:85:
5d:29:d1:c1:6b:3b:b9:41:cc:14:96:49:45:2b:85:
19:2e:ff:63:71:5f:ae:73:1f:b4:90:db:99:7f:50:
33:1e:82:3c:60:97:90:c9:7a:3e:60:ed:3b:67:a8:
d5:f8:6b:67:16:0c:7b:ad:c5:69:4b:d2:de:c4:6e:
28:64:43:9a:e2:ac:75:47:b0:bb:71:ae:23:95:0f:
64:89:a1:56:a4:e8:df:d1:05:62:0c:1a:05:d5:64:
82:f1:ab:86:a8:3f:85:2c:04:9d:79:25:b3:f4:f3:
8d:58:41:8d:b1:1c:30:9f:93:27:fe:8e:65:10:bd:
54:aa:4e:4b:1e:25:4c:b6:70:c4:c0:53:d6:a9:0a:
a8:5a:d7:95:ed:5c:fc:d9:d5:78:86:dd:c8:eb:21:
f2:99:45:32:6b:8e:b4:49:aa:eb:aa:e6:0f:3e:35:
43:64:d5:ce:ab:c5:f9:d4:ee:30:25:95:38:f3:d5:
37:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:13:4E:EA:7A:6F:B6:6D:0E:35:BF:A3:60:E3:1F:A7:15:48:AE:73
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/FBNO6npvtm0ONb-jYOMfpxVIrnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.82.0-195.226.87.255
195.226.92.0-195.226.94.255
Signature Algorithm: sha256WithRSAEncryption
69:c3:b8:c3:98:59:55:2f:f0:47:4e:f8:c7:5b:a9:1c:0b:ff:
48:d7:fb:4b:22:6d:97:05:14:d7:b5:05:fb:0d:ba:98:bb:9e:
fd:8f:26:e9:39:a5:3e:6c:4d:cd:c4:91:5b:b4:f6:8f:3a:d2:
1d:61:48:27:b6:af:6e:ee:c5:b1:a8:85:db:42:b0:95:45:a0:
e9:3b:9f:af:d1:3d:93:a9:ed:46:3b:03:b0:95:75:7a:23:89:
96:f8:77:b4:a4:17:4a:56:5a:17:78:4b:78:52:d3:dc:94:49:
36:eb:7a:b0:82:2d:8e:c2:4a:ca:ac:c0:6c:11:64:f7:de:b5:
93:97:e3:ce:b7:8e:99:ef:52:fe:a0:5c:ce:7b:99:1c:3e:46:
39:63:a7:0b:12:00:1c:ed:0e:e1:26:d8:a1:47:1f:33:8b:c6:
18:4c:e9:f9:84:93:b3:a1:d7:12:ea:37:c5:05:ea:c7:a3:30:
8a:1b:11:05:96:db:cb:f8:0a:50:ed:5c:cf:ee:ad:d3:c2:da:
5a:63:3a:3e:bf:96:df:95:84:8a:e6:5e:74:e4:e7:63:9d:0b:
b6:5f:38:ac:ce:dc:13:33:7a:ed:fe:2b:c3:7b:52:74:ca:68:
44:3a:7d:fa:c1:d6:1a:3a:b6:65:92:4a:01:98:20:f6:08:3b:
00:63:76:17
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZfUsdSKaQiS7H9qAdGq71ftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjUwNzA0MDkwODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDEzNGVlYTdhNmZiNjZkMGUzNWJmYTM2MGUzMWZhNzE1NDhhZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto8r1Rn+sqZfRdEc11q91mF175h+
yT9CfjBZlqsFUYVld7trmxyK2KpXCgT5U9Jcsk2B8kHsv50cBOe04O0nK0DNIPew
6J3vioVdKdHBazu5QcwUlklFK4UZLv9jcV+ucx+0kNuZf1AzHoI8YJeQyXo+YO07
Z6jV+GtnFgx7rcVpS9LexG4oZEOa4qx1R7C7ca4jlQ9kiaFWpOjf0QViDBoF1WSC
8auGqD+FLASdeSWz9PONWEGNsRwwn5Mn/o5lEL1Uqk5LHiVMtnDEwFPWqQqoWteV
7Vz82dV4ht3I6yHymUUya460SarrquYPPjVDZNXOq8X51O4wJZU489U3xwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBQTTup6b7ZtDjW/o2DjH6cVSK5zMB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvRkJOTzZucHZ0bTBPTmItallPTWZweFZJcm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAHD4lID
BAPD4lAwDAMEAsPiXAMEAMPiXjANBgkqhkiG9w0BAQsFAAOCAQEAacO4w5hZVS/w
R074x1upHAv/SNf7SyJtlwUU17UF+w26mLue/Y8m6TmlPmxNzcSRW7T2jzrSHWFI
J7avbu7FsaiF20KwlUWg6Tufr9E9k6ntRjsDsJV1eiOJlvh3tKQXSlZaF3hLeFLT
3JRJNut6sIItjsJKyqzAbBFk9961k5fjzreOme9S/qBcznuZHD5GOWOnCxIAHO0O
4SbYoUcfM4vGGEzp+YSTs6HXEuo3xQXqx6MwihsRBZbby/gKUO1cz+6t08LaWmM6
Pr+W35WEiuZedOTnY50Ltl84rM7cEzN67f4rw3tSdMpoRDp9+sHWGjq2ZZJKAZgg
9gg7AGN2Fw==
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:08:54 2025 by rpki-client