Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/fmg5GUDKj3L9SuYf_M-1A94BHqQ.roa
File: fmg5GUDKj3L9SuYf_M-1A94BHqQ.roa (raw, json)
Hash identifier: 1LrtxsZqEizRlM+kerihrTQg03P7e3dIyw1N/Vnu3/Y=
Subject key identifier: 7E:68:39:19:40:CA:8F:72:FD:4A:E6:1F:FC:CF:B5:03:DE:01:1E:A4
Certificate issuer: /CN=b6f3db35659133315d2fcf93058dce350a4cb17a
Certificate serial: 0198984D63E53AC5EE7E073E7F6EA9892845
Authority key identifier: B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/fmg5GUDKj3L9SuYf_M-1A94BHqQ.roa
Signing time: Mon 11 Aug 2025 08:44:25 +0000
ROA not before: Mon 11 Aug 2025 08:44:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212955
IP address blocks: 194.44.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 23:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:4d:63:e5:3a:c5:ee:7e:07:3e:7f:6e:a9:89:28:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6f3db35659133315d2fcf93058dce350a4cb17a
Validity
Not Before: Aug 11 08:44:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e68391940ca8f72fd4ae61ffccfb503de011ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:00:c8:b8:be:55:20:5d:fc:f8:42:06:4c:5e:
69:8f:29:93:f1:1c:36:7a:60:44:39:2c:bf:2c:a2:
16:e6:a0:2a:c3:4e:c0:72:1d:9d:2f:5b:5a:db:ae:
b9:a3:c0:2e:30:82:41:81:ff:03:00:24:ca:58:c8:
43:02:7b:37:82:1b:8b:e6:25:b5:3c:ab:e3:a0:1b:
39:39:37:42:12:6a:42:69:26:67:aa:09:97:fd:64:
48:a6:03:35:01:1b:d7:aa:7d:77:19:0e:8e:8c:55:
52:45:a1:35:eb:67:1e:a9:49:60:22:49:d1:7c:cb:
15:83:ba:39:e3:c4:67:ad:f3:4b:06:17:6d:42:10:
34:72:b6:cc:5b:15:6d:65:a7:6c:e0:c6:4d:43:22:
84:e0:58:7b:71:d1:a4:c1:11:e3:40:a7:25:0f:f2:
1f:48:d8:4d:3f:d6:d1:d9:ca:7a:82:f7:56:20:14:
58:3a:2b:47:32:a7:98:12:d4:dc:bc:58:07:c1:c6:
d1:e6:e7:4c:62:2b:78:bb:cb:bf:89:ba:2c:93:d6:
17:65:be:db:e5:e8:19:60:af:88:94:d1:53:09:dc:
41:82:68:3c:1c:f8:e3:dc:b9:65:73:49:46:46:9e:
fa:a0:5a:44:46:5d:3a:29:d5:0b:02:ce:88:3e:ab:
bf:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:68:39:19:40:CA:8F:72:FD:4A:E6:1F:FC:CF:B5:03:DE:01:1E:A4
X509v3 Authority Key Identifier:
keyid:B6:F3:DB:35:65:91:33:31:5D:2F:CF:93:05:8D:CE:35:0A:4C:B1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvPbNWWRMzFdL8-TBY3ONQpMsXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/fmg5GUDKj3L9SuYf_M-1A94BHqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/70bffe-b4f3-449e-81ed-549ee6d30fb6/1/tvPbNWWRMzFdL8-TBY3ONQpMsXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.44.21.0/24
Signature Algorithm: sha256WithRSAEncryption
81:da:ca:c2:fc:6c:8a:5c:04:67:f7:72:fc:6a:73:4c:64:b2:
a0:e3:7d:6e:da:fb:56:90:22:70:67:ef:18:aa:f5:1e:86:c8:
4a:e1:c0:7e:7d:f7:35:33:45:f9:05:38:f4:71:ef:80:8e:7a:
4b:e5:4a:2b:ea:d8:7f:ae:b1:49:ab:7a:69:ba:49:ed:2d:2f:
d0:27:ac:c5:c4:4e:48:bb:e8:70:e2:7b:23:d9:58:b2:b0:04:
25:82:82:c0:0c:03:33:c0:57:0e:c1:80:01:bc:7b:ec:43:93:
f3:a3:f0:de:fe:5f:93:ad:23:73:81:20:ba:2e:23:c3:d3:d1:
50:f5:be:dd:7a:62:d4:fa:04:eb:ea:da:f7:6f:39:76:bd:85:
a4:10:ea:62:b6:5b:2f:c7:2c:64:ee:21:5d:57:71:4b:d0:89:
fa:5c:79:ae:a2:ef:9c:1c:5c:06:9e:1b:d2:52:00:0a:33:15:
63:40:b3:9b:e3:1f:be:a5:ce:20:5a:ac:f5:76:71:a6:8d:b0:
15:f6:ae:66:c7:e1:75:09:f0:3d:fb:45:03:e4:83:fa:64:42:
d0:04:c2:f9:17:79:7d:c6:78:d9:9c:6f:39:84:3b:18:8f:b3:
04:ec:5f:b9:85:1e:98:81:b1:63:82:42:6b:42:a8:1c:af:3e:
fe:24:eb:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiYTWPlOsXufgc+f26piShFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZjNkYjM1NjU5MTMzMzE1ZDJmY2Y5MzA1OGRjZTM1MGE0
Y2IxN2EwHhcNMjUwODExMDg0NDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTY4MzkxOTQwY2E4ZjcyZmQ0YWU2MWZmY2NmYjUwM2RlMDExZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgDIuL5VIF38+EIGTF5pjymT8Rw2
emBEOSy/LKIW5qAqw07Ach2dL1ta2665o8AuMIJBgf8DACTKWMhDAns3ghuL5iW1
PKvjoBs5OTdCEmpCaSZnqgmX/WRIpgM1ARvXqn13GQ6OjFVSRaE162ceqUlgIknR
fMsVg7o548RnrfNLBhdtQhA0crbMWxVtZads4MZNQyKE4Fh7cdGkwRHjQKclD/If
SNhNP9bR2cp6gvdWIBRYOitHMqeYEtTcvFgHwcbR5udMYit4u8u/ibosk9YXZb7b
5egZYK+IlNFTCdxBgmg8HPjj3Lllc0lGRp76oFpERl06KdULAs6IPqu//wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5oORlAyo9y/UrmH/zPtQPeAR6kMB8GA1UdIwQY
MBaAFLbz2zVlkTMxXS/PkwWNzjUKTLF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQt
NTQ5ZWU2ZDMwZmI2LzEvZm1nNUdVREtqM0w5U3VZZl9NLTFBOTRCSHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83MGJmZmUtYjRmMy00NDllLTgxZWQtNTQ5ZWU2ZDMwZmI2
LzEvdHZQYk5XV1JNekZkTDgtVEJZM09OUXBNc1hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiwVMA0G
CSqGSIb3DQEBCwUAA4IBAQCB2srC/GyKXARn93L8anNMZLKg431u2vtWkCJwZ+8Y
qvUehshK4cB+ffc1M0X5BTj0ce+AjnpL5Uor6th/rrFJq3ppukntLS/QJ6zFxE5I
u+hw4nsj2ViysAQlgoLADAMzwFcOwYABvHvsQ5Pzo/De/l+TrSNzgSC6LiPD09FQ
9b7demLU+gTr6tr3bzl2vYWkEOpitlsvxyxk7iFdV3FL0In6XHmuou+cHFwGnhvS
UgAKMxVjQLOb4x++pc4gWqz1dnGmjbAV9q5mx+F1CfA9+0UD5IP6ZELQBML5F3l9
xnjZnG85hDsYj7ME7F+5hR6YgbFjgkJrQqgcrz7+JOux
-----END CERTIFICATE-----
Generated at Thu Aug 21 05:02:03 2025 by rpki-client