Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Svef5LFeH613Ao667gVglrsaghk.roa
File: Svef5LFeH613Ao667gVglrsaghk.roa (raw, json)
Hash identifier: BGOf36TG6QKEO5yBu6lP6NS/yI14EB3CzaUenwuygTg=
Subject key identifier: 4A:F7:9F:E4:B1:5E:1F:AD:77:02:8E:BA:EE:05:60:96:BB:1A:82:19
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0199A07FA0D9AC1EB1BB69E5E055F5D1D959
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Svef5LFeH613Ao667gVglrsaghk.roa
Signing time: Wed 01 Oct 2025 15:59:02 +0000
ROA not before: Wed 01 Oct 2025 15:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 167.17.32.0/21 maxlen: 21
167.17.41.0/24 maxlen: 24
167.17.42.0/23 maxlen: 23
167.17.44.0/23 maxlen: 23
167.17.46.0/24 maxlen: 24
206.245.136.0/21 maxlen: 21
206.245.144.0/21 maxlen: 21
208.123.184.0/24 maxlen: 24
208.123.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a0:7f:a0:d9:ac:1e:b1:bb:69:e5:e0:55:f5:d1:d9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 1 15:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4af79fe4b15e1fad77028ebaee056096bb1a8219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1d:e0:f2:5e:5e:28:18:a9:da:d5:aa:4a:a0:
9a:1e:1b:17:b3:02:4d:85:2e:d1:88:17:82:c3:83:
48:80:4d:8f:54:a1:fb:4b:ed:de:ec:cf:e2:3f:05:
c8:d7:87:a1:65:3f:2b:af:b2:06:31:03:4f:7b:87:
29:70:c2:d0:1f:6d:21:65:f1:f7:4b:81:06:11:0e:
f5:d2:0e:97:45:f2:44:fa:6b:82:a8:2c:89:27:a8:
6b:eb:e9:2a:3e:b2:6f:27:d6:10:ea:7f:2f:2c:3c:
75:13:72:46:8e:02:c6:32:61:0a:ee:69:9f:cd:68:
c5:81:32:22:04:14:34:9a:ac:82:65:40:f4:31:fc:
8b:99:3a:c3:af:b0:7d:3a:46:77:6e:41:70:4e:b0:
27:61:43:dd:8c:56:f5:25:cf:2d:26:d6:10:7b:9e:
6b:bd:b1:68:3e:af:85:d1:0b:d7:47:07:1e:70:f6:
a8:97:06:2b:c8:47:a6:e0:a6:2d:c6:dc:77:5c:55:
8f:de:41:90:58:64:62:03:97:33:fd:8b:1c:c3:64:
e7:29:fa:81:36:8a:df:3b:15:11:8c:57:2d:b4:83:
b1:92:f5:50:33:0c:d1:95:0e:25:79:61:5e:41:ab:
85:d7:fc:26:d2:53:32:91:b0:91:15:60:01:53:c3:
fa:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F7:9F:E4:B1:5E:1F:AD:77:02:8E:BA:EE:05:60:96:BB:1A:82:19
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Svef5LFeH613Ao667gVglrsaghk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.17.32.0/21
167.17.41.0-167.17.46.255
206.245.136.0-206.245.151.255
208.123.184.0/24
208.123.186.0/24
Signature Algorithm: sha256WithRSAEncryption
56:64:b6:bc:ad:45:e0:3c:a8:d3:a1:9e:64:06:6c:f3:96:6d:
e4:b2:f3:7c:43:5c:51:58:8a:f9:74:a3:51:0f:65:09:f6:be:
52:ef:8f:c7:6a:7e:b0:7a:50:8e:ff:cf:e3:45:3b:aa:1f:db:
54:be:53:e8:bd:47:2b:86:8f:c9:82:e5:14:8a:75:68:01:30:
eb:d1:3b:e9:8b:47:89:1a:79:3b:e5:38:44:76:25:2f:ae:8e:
8c:a8:ff:57:b5:43:d2:35:e9:55:d1:74:c8:cb:19:ae:48:a8:
bc:e8:48:82:a9:3a:15:3b:15:57:94:a7:37:54:87:6e:b4:3c:
3e:56:76:37:ff:9a:09:2b:92:08:b9:d4:f5:fb:a3:e6:59:45:
2a:81:87:94:8c:8e:48:db:21:95:72:61:44:37:ae:c7:06:4c:
8f:8f:be:e7:f4:57:71:b4:2c:70:3a:1f:f2:d4:29:11:b5:46:
4b:e3:06:52:62:e1:95:21:bc:8d:69:8b:18:8f:24:9a:12:99:
06:53:06:b9:d0:0e:2b:c0:fc:5a:49:13:cd:90:ca:96:35:7f:
23:a4:dc:4d:db:48:9c:ad:e0:1a:db:c2:2a:02:fd:a7:c3:e8:
76:13:e5:2b:8a:e1:c2:9c:6a:a2:ec:7e:d2:41:a4:16:f1:4b:
82:9b:49:52
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZmgf6DZrB6xu2nl4FX10dlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUxMDAxMTU1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWY3OWZlNGIxNWUxZmFkNzcwMjhlYmFlZTA1NjA5NmJiMWE4MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4B3g8l5eKBip2tWqSqCaHhsXswJN
hS7RiBeCw4NIgE2PVKH7S+3e7M/iPwXI14ehZT8rr7IGMQNPe4cpcMLQH20hZfH3
S4EGEQ710g6XRfJE+muCqCyJJ6hr6+kqPrJvJ9YQ6n8vLDx1E3JGjgLGMmEK7mmf
zWjFgTIiBBQ0mqyCZUD0MfyLmTrDr7B9OkZ3bkFwTrAnYUPdjFb1Jc8tJtYQe55r
vbFoPq+F0QvXRwcecPaolwYryEem4KYtxtx3XFWP3kGQWGRiA5cz/Yscw2TnKfqB
NorfOxURjFcttIOxkvVQMwzRlQ4leWFeQauF1/wm0lMykbCRFWABU8P6LwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEr3n+SxXh+tdwKOuu4FYJa7GoIZMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvU3ZlZjVMRmVINjEzQW82NjdnVmdscnNhZ2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQDpxEgMAwD
BACnESkDBACnES4wDAMEA871iAMEA871kAMEANB7uAMEANB7ujANBgkqhkiG9w0B
AQsFAAOCAQEAVmS2vK1F4Dyo06GeZAZs85Zt5LLzfENcUViK+XSjUQ9lCfa+Uu+P
x2p+sHpQjv/P40U7qh/bVL5T6L1HK4aPyYLlFIp1aAEw69E76YtHiRp5O+U4RHYl
L66OjKj/V7VD0jXpVdF0yMsZrkiovOhIgqk6FTsVV5SnN1SHbrQ8PlZ2N/+aCSuS
CLnU9fuj5llFKoGHlIyOSNshlXJhRDeuxwZMj4++5/RXcbQscDof8tQpEbVGS+MG
UmLhlSG8jWmLGI8kmhKZBlMGudAOK8D8WkkTzZDKljV/I6TcTdtInK3gGtvCKgL9
p8PodhPlK4rhwpxqoux+0kGkFvFLgptJUg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:05:09 2025 by rpki-client