Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/R0kpMB4FLa57YlT9gQTxUhUxTi4.roa
File: R0kpMB4FLa57YlT9gQTxUhUxTi4.roa (raw, json)
Hash identifier: v4gil0pPlLS8kPjffYF1yPMZ2JnOTspISeu5FIjRwfg=
Subject key identifier: 47:49:29:30:1E:05:2D:AE:7B:62:54:FD:81:04:F1:52:15:31:4E:2E
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 0199CA0F8342EE748AF4E74D788E17275019
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/R0kpMB4FLa57YlT9gQTxUhUxTi4.roa
Signing time: Thu 09 Oct 2025 17:40:38 +0000
ROA not before: Thu 09 Oct 2025 17:40:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 185.165.92.0/24 maxlen: 24
2a0d:f40::/29 maxlen: 32
2a13:80c0::/30 maxlen: 30
2a13:80c4::/30 maxlen: 30
2a13:9240::/30 maxlen: 30
2a13:9244::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ca:0f:83:42:ee:74:8a:f4:e7:4d:78:8e:17:27:50:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Oct 9 17:40:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=474929301e052dae7b6254fd8104f15215314e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:07:93:5c:f3:e3:26:e8:bd:5f:6d:12:a5:41:
58:c8:f8:05:37:86:eb:fc:a4:82:8a:d7:58:9a:c0:
61:54:e5:51:e1:1a:57:73:83:a6:54:d9:c9:47:25:
26:2d:e6:56:1a:e5:08:c2:dd:19:1e:02:5d:84:eb:
39:c3:c5:31:4f:5a:d3:b8:79:4f:9b:da:b3:d5:41:
25:56:dc:b8:b6:dd:82:c5:2f:8c:fd:84:de:d5:cc:
f7:d3:96:31:a9:19:84:d2:44:12:30:b1:60:4b:88:
b5:c4:bd:2c:6b:86:4a:1b:02:7c:f8:c1:de:e6:ab:
a8:ed:1e:61:da:05:d8:64:f5:07:cd:d4:68:e4:a5:
4d:cd:9b:89:9b:95:81:a2:50:b1:26:e9:43:dd:c9:
6d:a0:45:df:00:c0:19:e2:f1:55:3d:67:5b:b2:a8:
fe:85:37:1b:7c:25:63:55:83:89:3f:4b:ef:cb:7a:
b0:a5:8b:67:ee:5f:43:fd:d8:9a:78:0d:6e:e3:fa:
c8:c6:ba:f7:b2:da:db:8f:4b:27:32:ea:15:01:b3:
ad:11:7e:ad:ad:62:9f:aa:30:49:3c:2a:a9:77:c0:
e1:46:f7:bc:45:57:30:03:fd:91:c8:ce:2a:30:a8:
d5:37:fd:0c:bf:e6:9b:81:52:8d:ac:bb:6c:b2:e7:
2e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:49:29:30:1E:05:2D:AE:7B:62:54:FD:81:04:F1:52:15:31:4E:2E
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/R0kpMB4FLa57YlT9gQTxUhUxTi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.92.0/24
IPv6:
2a0d:f40::/29
2a13:80c0::/29
2a13:9240::/29
Signature Algorithm: sha256WithRSAEncryption
17:a0:0c:d2:9e:e1:63:dc:a3:c0:83:0b:03:bd:23:43:04:67:
66:bb:f8:bb:71:03:4b:ec:e3:15:9f:63:e8:e8:71:2c:db:ad:
5f:aa:24:42:83:19:41:75:65:1a:31:98:db:ab:83:04:a5:0b:
3c:a2:97:9b:bf:44:d6:8f:bc:82:ca:54:fb:8a:27:a3:63:1b:
28:04:c6:e1:fd:c0:13:9c:e1:bc:ea:3c:50:9b:39:fa:e5:d3:
49:dc:b5:5b:2d:49:b5:7b:73:da:2d:68:92:e3:35:2a:c9:9c:
1a:a1:38:ce:a0:c9:e5:7d:25:1f:23:d0:62:c1:3f:85:ce:a9:
55:65:9a:c5:93:64:79:d0:1d:cf:c4:e2:1b:fd:46:a8:95:eb:
9c:9c:51:3e:7c:e3:1d:2d:89:f9:17:10:28:8f:64:3a:0e:71:
67:fc:0a:80:24:72:7c:e4:37:73:91:7e:90:94:df:76:5a:1d:
a6:30:26:01:9d:95:9d:9d:97:52:b4:db:2f:0e:c5:2f:45:44:
f0:94:56:bb:1c:99:53:61:ff:01:4c:f4:01:a2:c6:3b:b4:68:
c0:a6:1b:b9:51:78:43:b4:49:4a:a9:70:bc:c7:26:95:a8:64:
7b:7e:42:b3:d4:87:2b:e1:c6:5a:97:9e:02:5d:2b:39:11:48:
78:a3:8b:e1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZnKD4NC7nSK9OdNeI4XJ1AZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjUxMDA5MTc0MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQ5MjkzMDFlMDUyZGFlN2I2MjU0ZmQ4MTA0ZjE1MjE1MzE0ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAeTXPPjJui9X20SpUFYyPgFN4br
/KSCitdYmsBhVOVR4RpXc4OmVNnJRyUmLeZWGuUIwt0ZHgJdhOs5w8UxT1rTuHlP
m9qz1UElVty4tt2CxS+M/YTe1cz305YxqRmE0kQSMLFgS4i1xL0sa4ZKGwJ8+MHe
5quo7R5h2gXYZPUHzdRo5KVNzZuJm5WBolCxJulD3cltoEXfAMAZ4vFVPWdbsqj+
hTcbfCVjVYOJP0vvy3qwpYtn7l9D/diaeA1u4/rIxrr3strbj0snMuoVAbOtEX6t
rWKfqjBJPCqpd8DhRve8RVcwA/2RyM4qMKjVN/0Mv+abgVKNrLtssucuKwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEdJKTAeBS2ue2JU/YEE8VIVMU4uMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvUjBrcE1CNEZMYTU3WWxUOWdRVHhVaFV4VGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAuaVcMBsE
AgACMBUDBQMqDQ9AAwUDKhOAwAMFAyoTkkAwDQYJKoZIhvcNAQELBQADggEBABeg
DNKe4WPco8CDCwO9I0MEZ2a7+LtxA0vs4xWfY+jocSzbrV+qJEKDGUF1ZRoxmNur
gwSlCzyil5u/RNaPvILKVPuKJ6NjGygExuH9wBOc4bzqPFCbOfrl00nctVstSbV7
c9otaJLjNSrJnBqhOM6gyeV9JR8j0GLBP4XOqVVlmsWTZHnQHc/E4hv9RqiV65yc
UT584x0tifkXECiPZDoOcWf8CoAkcnzkN3ORfpCU33ZaHaYwJgGdlZ2dl1K02y8O
xS9FRPCUVrscmVNh/wFM9AGixju0aMCmG7lReEO0SUqpcLzHJpWoZHt+QrPUhyvh
xlqXngJdKzkRSHiji+E=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:30 2025 by rpki-client