Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/FKfpXlklu-w0UnrhkTOoss8rNJI.roa
File: FKfpXlklu-w0UnrhkTOoss8rNJI.roa (raw, json)
Hash identifier: rpXmd4bsDkUdxce7+QWIHh2UliURkTxLOg/dAC0t8qY=
Subject key identifier: 14:A7:E9:5E:59:25:BB:EC:34:52:7A:E1:91:33:A8:B2:CF:2B:34:92
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0197F94F8985447837D5AEE3570C352A8677
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/FKfpXlklu-w0UnrhkTOoss8rNJI.roa
Signing time: Fri 11 Jul 2025 11:47:08 +0000
ROA not before: Fri 11 Jul 2025 11:47:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8311
IP address blocks: 194.143.196.0/24 maxlen: 24
194.143.200.0/24 maxlen: 24
194.143.211.0/24 maxlen: 24
194.143.212.0/23 maxlen: 23
194.143.214.0/24 maxlen: 24
194.143.215.0/24 maxlen: 24
213.220.10.0/23 maxlen: 23
213.220.12.0/22 maxlen: 22
213.220.16.0/22 maxlen: 22
213.220.24.0/21 maxlen: 24
213.220.32.0/22 maxlen: 22
213.220.40.0/22 maxlen: 22
213.220.44.0/22 maxlen: 22
213.220.48.0/21 maxlen: 21
213.220.58.0/23 maxlen: 24
213.220.60.0/23 maxlen: 24
213.220.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f9:4f:89:85:44:78:37:d5:ae:e3:57:0c:35:2a:86:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jul 11 11:47:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14a7e95e5925bbec34527ae19133a8b2cf2b3492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8e:2f:17:81:1f:7c:ea:90:77:31:78:79:38:
ea:a0:92:ce:b3:2e:dd:7c:68:e7:8f:01:b6:3e:9e:
69:0d:8a:c2:2d:50:64:3a:7a:cf:5d:15:90:5a:7b:
38:81:3a:31:16:c0:30:20:02:63:3a:95:08:52:5e:
a4:e7:65:39:65:aa:3f:a9:d3:04:bd:da:d5:da:21:
69:45:dc:92:b8:64:c4:7c:59:88:55:aa:02:03:f1:
dd:4d:8e:34:ad:d4:ca:36:2c:e0:28:ad:69:73:2d:
19:87:30:59:c9:d3:60:3c:ec:eb:46:60:3d:fa:56:
d9:f0:90:4f:b4:65:a5:22:c6:81:75:43:1a:05:4d:
67:69:97:e8:4f:69:ce:ac:b4:57:06:df:b0:7f:de:
a1:ea:ea:3b:21:2a:9a:39:b3:d1:4a:f6:a6:ad:4f:
e4:8a:29:6d:f9:1a:a9:95:bf:0b:8b:57:f2:43:83:
dd:f3:f9:01:88:1a:e9:85:6f:a7:24:50:5b:c0:e5:
51:18:a9:88:15:ae:d3:47:52:2a:48:50:5a:7e:2b:
91:54:78:13:bb:c9:5d:92:c5:1d:e2:fa:46:7c:88:
d6:ff:29:d2:6a:c3:81:50:30:ca:75:d0:ce:37:27:
ba:f5:72:42:8e:4c:e7:5c:d1:42:49:97:0b:5e:e1:
0a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A7:E9:5E:59:25:BB:EC:34:52:7A:E1:91:33:A8:B2:CF:2B:34:92
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/FKfpXlklu-w0UnrhkTOoss8rNJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.196.0/24
194.143.200.0/24
194.143.211.0-194.143.215.255
213.220.10.0-213.220.19.255
213.220.24.0-213.220.35.255
213.220.40.0-213.220.55.255
213.220.58.0-213.220.61.255
213.220.63.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:91:05:f9:42:70:06:21:28:d9:25:41:8a:c5:8d:1d:0b:91:
2e:19:80:ae:da:d3:90:ee:76:5f:a3:c4:8c:34:eb:bc:7f:ae:
77:4b:bc:73:69:4b:cc:0f:94:a6:21:40:1c:04:b4:06:49:17:
6b:00:8e:3d:7b:14:53:fd:eb:0e:d9:ac:af:ad:24:35:18:ea:
91:b2:65:03:45:fa:92:20:0e:77:65:22:5a:16:1c:bb:61:39:
ec:ef:1e:f7:1f:89:49:af:71:7e:54:01:2e:4a:76:d9:ed:1a:
d1:db:8e:6d:2b:f4:1b:b5:f5:58:2c:ea:fe:b6:5e:70:20:32:
e6:c4:ba:16:33:e3:0b:30:79:8b:5b:eb:54:e7:db:4d:6b:a6:
b7:c8:12:be:77:d3:4c:a0:cd:35:d1:36:c2:49:a3:96:5b:6d:
d3:99:b1:79:19:23:f0:fe:0e:fa:25:c9:9e:e7:54:f6:72:14:
0d:e6:c0:ad:d0:ad:82:d6:24:d3:25:3d:67:4e:c0:20:d6:7b:
cf:e2:9a:19:10:57:5f:d7:9f:48:92:bd:15:a6:52:e8:a7:60:
89:fb:36:9c:87:f6:6d:44:b1:1d:3f:3d:34:20:31:9d:e7:f0:
e7:30:c8:d7:f8:0a:65:ba:b7:1e:10:1c:47:3b:6f:9a:45:45:
49:a6:68:96
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZf5T4mFRHg31a7jVww1KoZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNzExMTE0NzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGE3ZTk1ZTU5MjViYmVjMzQ1MjdhZTE5MTMzYThiMmNmMmIzNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt44vF4EffOqQdzF4eTjqoJLOsy7d
fGjnjwG2Pp5pDYrCLVBkOnrPXRWQWns4gToxFsAwIAJjOpUIUl6k52U5Zao/qdME
vdrV2iFpRdySuGTEfFmIVaoCA/HdTY40rdTKNizgKK1pcy0ZhzBZydNgPOzrRmA9
+lbZ8JBPtGWlIsaBdUMaBU1naZfoT2nOrLRXBt+wf96h6uo7ISqaObPRSvamrU/k
iilt+Rqplb8Li1fyQ4Pd8/kBiBrphW+nJFBbwOVRGKmIFa7TR1IqSFBafiuRVHgT
u8ldksUd4vpGfIjW/ynSasOBUDDKddDONye69XJCjkznXNFCSZcLXuEK5QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFBSn6V5ZJbvsNFJ64ZEzqLLPKzSSMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvRktmcFhsa2x1LXcwVW5yaGtUT29zczhyTkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAwo/EAwQA
wo/IMAwDBADCj9MDBAPCj9AwDAMEAdXcCgMEAtXcEDAMAwQD1dwYAwQC1dwgMAwD
BAPV3CgDBAPV3DAwDAMEAdXcOgMEAdXcPAMEANXcPzANBgkqhkiG9w0BAQsFAAOC
AQEAX5EF+UJwBiEo2SVBisWNHQuRLhmArtrTkO52X6PEjDTrvH+ud0u8c2lLzA+U
piFAHAS0BkkXawCOPXsUU/3rDtmsr60kNRjqkbJlA0X6kiAOd2UiWhYcu2E57O8e
9x+JSa9xflQBLkp22e0a0duObSv0G7X1WCzq/rZecCAy5sS6FjPjCzB5i1vrVOfb
TWumt8gSvnfTTKDNNdE2wkmjlltt05mxeRkj8P4O+iXJnudU9nIUDebArdCtgtYk
0yU9Z07AINZ7z+KaGRBXX9efSJK9FaZS6Kdgifs2nIf2bUSxHT89NCAxnefw5zDI
1/gKZbq3HhAcRztvmkVFSaZolg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:06:44 2025 by rpki-client