Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fDGfzDILw7718yKHQOwJ7CwgpOI.roa
File: fDGfzDILw7718yKHQOwJ7CwgpOI.roa (raw, json)
Hash identifier: GZmKamsZEhRxKpthjCN0/u/8BaVqZvt3aO2GXGen9GU=
Subject key identifier: 7C:31:9F:CC:32:0B:C3:BE:F5:F3:22:87:40:EC:09:EC:2C:20:A4:E2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01995319FB7CCE3FC31B7610A4ABC6F7EBAB
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fDGfzDILw7718yKHQOwJ7CwgpOI.roa
Signing time: Tue 16 Sep 2025 15:17:15 +0000
ROA not before: Tue 16 Sep 2025 15:17:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.108.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 16:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:53:19:fb:7c:ce:3f:c3:1b:76:10:a4:ab:c6:f7:eb:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 16 15:17:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c319fcc320bc3bef5f3228740ec09ec2c20a4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c9:c3:9f:c0:18:4e:76:cf:52:a5:73:8e:46:
b2:8a:e8:c1:29:c0:c6:42:70:24:9e:c2:b0:f0:8e:
ca:50:70:1d:5d:32:d0:8e:c7:fc:de:4b:7a:57:33:
cc:a7:17:f2:03:bd:19:81:3f:26:75:ad:bc:8e:ec:
a1:ca:18:ad:b6:14:83:34:cd:81:47:59:6b:69:62:
25:12:3f:5d:07:9f:e7:6f:ed:ab:18:50:63:44:39:
30:a7:d6:99:ef:2e:bd:ab:e3:3c:9f:56:34:7d:9a:
48:53:b6:8d:57:d9:af:5a:ba:2e:8a:91:e9:bd:bc:
03:f7:8f:1f:5e:55:3d:cb:9f:ce:15:24:5a:e5:fb:
d0:44:91:fa:24:93:a0:89:4b:7b:c6:0a:74:f9:4f:
48:ae:8b:04:a5:91:e6:ec:bb:c4:8e:6c:5b:87:a7:
ad:fb:2f:e7:2e:eb:b5:43:7f:42:14:e5:ab:7f:23:
30:25:c7:45:e2:3a:ef:d5:1e:42:89:12:0f:9a:e4:
9c:04:aa:d0:50:26:d5:d9:f8:c3:a0:cc:dd:69:75:
f2:27:c5:fe:59:70:64:ce:cf:06:82:19:60:98:61:
1f:c2:15:ec:94:00:b8:dd:0c:75:68:32:48:a6:09:
36:2e:de:1e:ea:fa:c3:3d:48:71:10:fb:d3:f1:ec:
d2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:31:9F:CC:32:0B:C3:BE:F5:F3:22:87:40:EC:09:EC:2C:20:A4:E2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fDGfzDILw7718yKHQOwJ7CwgpOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/23
45.81.113.0/24
45.81.115.0/24
45.88.139.0/24
45.94.170.0/24
45.132.181.0/24
45.151.3.0/24
85.209.120.0/24
193.57.41.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
61:1c:14:fa:b4:59:81:ad:8a:f4:73:ef:3d:2e:7d:60:fb:c2:
67:4c:9a:20:a5:9f:88:95:66:15:df:f9:bc:12:03:bb:10:7e:
98:bf:ea:2c:81:55:8c:87:76:68:98:7e:bf:f4:6e:98:08:db:
59:7d:c2:7f:a0:3c:68:31:29:fe:b0:ac:f9:48:79:7f:f7:47:
c5:93:6f:65:fc:4d:03:cd:6c:9c:6a:00:93:1a:5e:12:44:21:
ea:bd:95:4b:cf:19:1e:24:69:c9:98:1b:57:3f:d0:0b:b4:30:
80:da:a9:47:48:8d:c1:7a:de:93:04:f8:1c:a8:ba:d3:04:19:
71:92:3e:27:33:e3:4a:bb:6b:1d:bb:46:e4:ee:59:09:46:35:
63:ee:37:1e:b3:1a:30:bb:79:84:10:b3:30:39:36:d5:7f:28:
e4:06:e2:7f:37:b7:11:ce:6a:00:c1:f7:88:42:c8:2b:97:dc:
b4:aa:dd:4c:f6:c1:bf:4a:a9:23:d6:64:fc:17:21:74:f1:d5:
32:06:6e:f4:c0:cd:fd:6f:f8:2e:a6:8e:4a:2d:49:cf:78:df:
30:57:e8:38:48:29:50:b8:7b:38:f5:20:07:69:64:4e:8e:93:
d3:cf:3c:fd:6e:88:2a:f8:3a:13:0a:e2:67:0f:1a:76:4f:d9:
89:d5:96:d7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZlTGft8zj/DG3YQpKvG9+urMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwOTE2MTUxNzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzMxOWZjYzMyMGJjM2JlZjVmMzIyODc0MGVjMDllYzJjMjBhNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMnDn8AYTnbPUqVzjkayiujBKcDG
QnAknsKw8I7KUHAdXTLQjsf83kt6VzPMpxfyA70ZgT8mda28juyhyhitthSDNM2B
R1lraWIlEj9dB5/nb+2rGFBjRDkwp9aZ7y69q+M8n1Y0fZpIU7aNV9mvWrouipHp
vbwD948fXlU9y5/OFSRa5fvQRJH6JJOgiUt7xgp0+U9IrosEpZHm7LvEjmxbh6et
+y/nLuu1Q39CFOWrfyMwJcdF4jrv1R5CiRIPmuScBKrQUCbV2fjDoMzdaXXyJ8X+
WXBkzs8GghlgmGEfwhXslAC43Qx1aDJIpgk2Lt4e6vrDPUhxEPvT8ezSkQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHwxn8wyC8O+9fMih0DsCewsIKTiMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZkRHZnpESUx3NzcxOHlLSFFPd0o3Q3dncE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBAjhsAwQA
LVFxAwQALVFzAwQALViLAwQALV6qAwQALYS1AwQALZcDAwQAVdF4AwQAwTkpAwQA
wg80MA0GCSqGSIb3DQEBCwUAA4IBAQBhHBT6tFmBrYr0c+89Ln1g+8JnTJogpZ+I
lWYV3/m8EgO7EH6Yv+osgVWMh3ZomH6/9G6YCNtZfcJ/oDxoMSn+sKz5SHl/90fF
k29l/E0DzWycagCTGl4SRCHqvZVLzxkeJGnJmBtXP9ALtDCA2qlHSI3Bet6TBPgc
qLrTBBlxkj4nM+NKu2sdu0bk7lkJRjVj7jcesxowu3mEELMwOTbVfyjkBuJ/N7cR
zmoAwfeIQsgrl9y0qt1M9sG/Sqkj1mT8FyF08dUyBm70wM39b/gupo5KLUnPeN8w
V+g4SClQuHs49SAHaWROjpPTzzz9bogq+DoTCuJnDxp2T9mJ1ZbX
-----END CERTIFICATE-----
Generated at Sat Sep 20 00:07:07 2025 by rpki-client