
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/FafnGioXQ9wljFkhuJJdCKFjkww.roa
File: FafnGioXQ9wljFkhuJJdCKFjkww.roa (raw, json)
Hash identifier: eKLUYDySvMyLsJDItXiTd2pY6vCov8KOTfhRVaTgfs8=
Subject key identifier: 15:A7:E7:1A:2A:17:43:DC:25:8C:59:21:B8:92:5D:08:A1:63:93:0C
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 01982DE78A6B54FEA852B6BCC9EAFE59BA46
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/FafnGioXQ9wljFkhuJJdCKFjkww.roa
Signing time: Mon 21 Jul 2025 16:53:25 +0000
ROA not before: Mon 21 Jul 2025 16:53:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:b785::/32 maxlen: 32
2a12:4c06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:e7:8a:6b:54:fe:a8:52:b6:bc:c9:ea:fe:59:ba:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jul 21 16:53:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15a7e71a2a1743dc258c5921b8925d08a163930c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f2:48:ab:59:ad:b5:11:59:80:3a:5e:ba:6a:
1a:52:b5:78:5d:57:8b:ab:67:f1:c7:17:40:0b:73:
54:af:1a:34:90:11:37:6d:b2:89:43:f5:0b:10:f7:
89:22:64:b7:57:fd:1f:e7:a1:2e:63:ba:86:ed:2a:
d0:c3:38:34:f5:26:51:8a:57:11:98:35:45:19:33:
0e:85:a1:40:44:9c:1c:90:50:19:2f:03:17:93:2f:
d3:5c:f4:e5:a2:83:ec:45:df:e3:62:7e:4a:9d:45:
33:8c:46:f9:5d:02:b4:3c:f9:71:92:bc:3f:de:17:
ec:3a:32:f2:ab:70:ae:8d:69:90:31:8a:b4:74:f0:
51:33:1f:57:38:dd:e8:a9:96:03:83:5f:46:61:79:
3d:02:5f:2a:5d:8f:0b:0c:e5:97:34:e1:44:01:ad:
3a:a3:b1:2c:ef:80:f6:dd:74:98:ee:97:dc:cb:e0:
69:01:1d:8e:15:2f:05:07:eb:c8:23:9d:70:45:bd:
5c:97:93:18:d6:60:b6:fb:27:5b:9a:e9:ea:be:2b:
29:1d:89:86:3e:22:57:5c:bc:60:3e:75:86:6a:62:
89:37:c8:2d:ef:fa:a5:a5:5b:74:bb:23:cb:93:ab:
c3:99:c5:0b:3a:8f:92:a5:fb:0f:79:f8:05:98:ee:
e0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:A7:E7:1A:2A:17:43:DC:25:8C:59:21:B8:92:5D:08:A1:63:93:0C
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/FafnGioXQ9wljFkhuJJdCKFjkww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b785::/32
2a12:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
25:5b:09:12:57:10:ce:ce:d7:82:82:61:a7:14:bd:68:42:8c:
a0:ad:33:32:a9:6a:9e:38:e9:4e:ce:c8:1e:26:bf:61:5f:12:
25:d1:0e:7f:fc:f1:ab:e0:4a:ef:95:63:68:57:d7:21:dd:b3:
be:be:45:69:28:4e:00:ac:31:82:17:83:e2:7a:4d:62:15:36:
5e:13:d9:ce:c4:fd:7e:55:2d:74:89:23:c6:53:23:bb:e9:a5:
a1:96:de:87:4b:f1:1c:91:fe:5c:57:d5:85:67:2c:9d:f1:4c:
70:56:97:f2:6a:96:d9:3a:44:5d:e3:ee:3c:24:9b:17:87:ba:
8e:6a:33:2b:66:6c:fd:c4:30:90:5c:28:47:16:41:f0:37:bc:
85:f6:61:e8:8a:85:0a:26:85:cf:60:e5:2c:01:11:c2:6f:09:
38:9b:03:7b:d3:e5:4a:e7:e1:f0:8a:15:a9:25:8f:c9:d1:f5:
02:d7:b3:3d:99:6f:95:e2:37:d5:e1:fe:33:91:4c:31:0d:06:
71:d2:f9:7a:c5:39:c9:60:4b:c2:54:53:f0:db:aa:29:6d:40:
d8:82:fb:5a:ad:fb:54:4e:6b:6c:39:5b:e4:4c:da:29:14:f8:
14:3b:b6:7a:f9:d8:e1:11:4d:53:3f:e9:0e:87:0a:72:3d:4e:
ae:ed:26:cb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZgt54prVP6oUra8yer+WbpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNzIxMTY1MzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWE3ZTcxYTJhMTc0M2RjMjU4YzU5MjFiODkyNWQwOGExNjM5MzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/JIq1mttRFZgDpeumoaUrV4XVeL
q2fxxxdAC3NUrxo0kBE3bbKJQ/ULEPeJImS3V/0f56EuY7qG7SrQwzg09SZRilcR
mDVFGTMOhaFARJwckFAZLwMXky/TXPTlooPsRd/jYn5KnUUzjEb5XQK0PPlxkrw/
3hfsOjLyq3CujWmQMYq0dPBRMx9XON3oqZYDg19GYXk9Al8qXY8LDOWXNOFEAa06
o7Es74D23XSY7pfcy+BpAR2OFS8FB+vII51wRb1cl5MY1mC2+ydbmunqvispHYmG
PiJXXLxgPnWGamKJN8gt7/qlpVt0uyPLk6vDmcULOo+SpfsPefgFmO7gSwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBWn5xoqF0PcJYxZIbiSXQihY5MMMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvRmFmbkdpb1hROXdsakZraHVKSmRDS0Zqa3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhG3hQMF
ACoSTAYwDQYJKoZIhvcNAQELBQADggEBACVbCRJXEM7O14KCYacUvWhCjKCtMzKp
ap446U7OyB4mv2FfEiXRDn/88avgSu+VY2hX1yHds76+RWkoTgCsMYIXg+J6TWIV
Nl4T2c7E/X5VLXSJI8ZTI7vppaGW3odL8RyR/lxX1YVnLJ3xTHBWl/Jqltk6RF3j
7jwkmxeHuo5qMytmbP3EMJBcKEcWQfA3vIX2YeiKhQomhc9g5SwBEcJvCTibA3vT
5Urn4fCKFaklj8nR9QLXsz2Zb5XiN9Xh/jORTDENBnHS+XrFOclgS8JUU/Dbqilt
QNiC+1qt+1ROa2w5W+RM2ikU+BQ7tnr52OERTVM/6Q6HCnI9Tq7tJss=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:29:21 2025 by rpki-client