Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Fmj5pVZy5OvN8NLCj41Ct91Dz4Q.roa
File: Fmj5pVZy5OvN8NLCj41Ct91Dz4Q.roa (raw, json)
Hash identifier: b6KCW/X2plOFMUlkTcMAW819leQcmYV17zwV2DOjFqA=
Subject key identifier: 16:68:F9:A5:56:72:E4:EB:CD:F0:D2:C2:8F:8D:42:B7:DD:43:CF:84
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0197C268E187F01E443605B4076E3C7C3C2A
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Fmj5pVZy5OvN8NLCj41Ct91Dz4Q.roa
Signing time: Mon 30 Jun 2025 19:55:42 +0000
ROA not before: Mon 30 Jun 2025 19:55:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 146.19.21.0/24 maxlen: 24
185.244.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 07:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c2:68:e1:87:f0:1e:44:36:05:b4:07:6e:3c:7c:3c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 30 19:55:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1668f9a55672e4ebcdf0d2c28f8d42b7dd43cf84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:33:ee:df:e9:a4:9d:97:22:c9:a8:36:43:83:
6c:de:b2:0a:67:9b:38:65:3d:89:d6:1a:ca:41:bd:
5f:33:a5:c0:8e:11:53:9d:34:50:1d:fc:4d:7d:0a:
65:f6:0e:7b:86:43:42:02:78:cf:4e:18:ac:fa:22:
7f:7f:0b:f9:ed:81:b5:72:26:10:70:f1:f1:43:18:
4a:5a:29:e6:f7:a7:e4:01:87:fd:12:97:fd:e2:c2:
a5:d8:30:b6:4d:83:83:52:6c:55:30:f5:16:17:8d:
00:0c:f8:b2:95:69:0c:7e:6f:f9:5e:0a:ee:1f:2d:
8f:f4:6d:13:1d:1d:10:5e:96:3b:5f:eb:8a:46:12:
9b:71:d0:4b:7f:91:b7:80:6d:21:c2:e9:3d:01:a2:
6e:fe:5c:08:c1:54:48:e3:34:cd:2b:4a:c6:ac:23:
79:e1:0f:ea:09:74:80:8d:6a:8f:3c:e0:cc:94:b3:
b6:fc:1b:b4:96:8a:64:33:a4:ef:2f:aa:8b:90:f7:
f1:71:6a:14:cd:b7:49:ad:cf:4e:ed:ce:60:bb:e1:
a5:4a:73:59:5c:75:ae:fe:95:55:f4:ef:39:47:ee:
2b:8d:6b:f3:3b:db:38:96:20:5a:f3:c9:8c:f9:6f:
96:e3:de:09:50:40:e7:07:49:38:47:4c:cc:9b:10:
3a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:68:F9:A5:56:72:E4:EB:CD:F0:D2:C2:8F:8D:42:B7:DD:43:CF:84
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Fmj5pVZy5OvN8NLCj41Ct91Dz4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.21.0/24
185.244.104.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:7b:36:24:1b:55:0c:fe:6a:7f:90:00:37:2f:1e:04:2e:08:
c4:78:16:9b:b8:fd:06:16:f3:10:7d:cb:0b:a7:2f:2d:be:9b:
ca:57:c1:5f:23:77:04:9e:ea:28:46:66:83:7d:b9:b6:6d:f3:
d8:c8:94:d7:50:4c:e9:c5:e0:65:c4:6f:96:c7:84:52:9b:58:
2e:86:68:ca:13:d0:1c:d3:4e:7c:28:e8:55:9d:75:41:b9:26:
35:72:11:91:77:e6:2c:f6:55:60:0d:0e:0e:d5:c8:d9:b0:cd:
f8:02:77:4c:85:db:3c:54:06:57:ac:4c:c1:1d:d7:ea:ed:f8:
43:77:4f:18:5e:f3:89:71:de:46:4d:ae:3e:c9:0d:af:b8:b1:
d9:bf:a3:36:44:7b:15:bd:2e:40:fc:74:f6:d7:bf:26:5d:79:
bb:fc:3f:e5:93:aa:95:81:8e:5e:b3:33:b6:15:ef:64:39:4c:
9a:c0:8f:7e:64:e0:db:7e:78:88:b5:96:b4:b8:78:85:ab:3a:
57:7e:f6:e0:5f:96:f6:38:46:19:0d:fa:02:7b:6b:02:3a:8a:
f2:18:5e:c6:78:0f:0b:9d:21:aa:ce:4f:3f:14:03:11:0e:36:
07:cd:eb:18:56:f7:26:32:07:90:e4:e9:47:f5:76:81:46:39:
9a:f1:32:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfCaOGH8B5ENgW0B248fDwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNjMwMTk1NTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjY4ZjlhNTU2NzJlNGViY2RmMGQyYzI4ZjhkNDJiN2RkNDNjZjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzPu3+mknZciyag2Q4Ns3rIKZ5s4
ZT2J1hrKQb1fM6XAjhFTnTRQHfxNfQpl9g57hkNCAnjPThis+iJ/fwv57YG1ciYQ
cPHxQxhKWinm96fkAYf9Epf94sKl2DC2TYODUmxVMPUWF40ADPiylWkMfm/5Xgru
Hy2P9G0THR0QXpY7X+uKRhKbcdBLf5G3gG0hwuk9AaJu/lwIwVRI4zTNK0rGrCN5
4Q/qCXSAjWqPPODMlLO2/Bu0lopkM6TvL6qLkPfxcWoUzbdJrc9O7c5gu+GlSnNZ
XHWu/pVV9O85R+4rjWvzO9s4liBa88mM+W+W494JUEDnB0k4R0zMmxA6yQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBZo+aVWcuTrzfDSwo+NQrfdQ8+EMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvRm1qNXBWWnk1T3ZOOE5MQ2o0MUN0OTFEejRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhMVAwQA
ufRoMA0GCSqGSIb3DQEBCwUAA4IBAQDWezYkG1UM/mp/kAA3Lx4ELgjEeBabuP0G
FvMQfcsLpy8tvpvKV8FfI3cEnuooRmaDfbm2bfPYyJTXUEzpxeBlxG+Wx4RSm1gu
hmjKE9Ac0058KOhVnXVBuSY1chGRd+Ys9lVgDQ4O1cjZsM34AndMhds8VAZXrEzB
Hdfq7fhDd08YXvOJcd5GTa4+yQ2vuLHZv6M2RHsVvS5A/HT2178mXXm7/D/lk6qV
gY5eszO2Fe9kOUyawI9+ZODbfniItZa0uHiFqzpXfvbgX5b2OEYZDfoCe2sCOory
GF7GeA8LnSGqzk8/FAMRDjYHzesYVvcmMgeQ5OlH9XaBRjma8TJm
-----END CERTIFICATE-----
Generated at Wed Jul 2 12:06:21 2025 by rpki-client