Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/tYTknpLk9RvRNSY158cvWCTO1Fg.roa
File: tYTknpLk9RvRNSY158cvWCTO1Fg.roa (raw, json)
Hash identifier: w0YJSvLd9goLtAZOjo593oFxZ3WGjKKfzlwe7/bqsIY=
Subject key identifier: B5:84:E4:9E:92:E4:F5:1B:D1:35:26:35:E7:C7:2F:58:24:CE:D4:58
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 019A06755214B1DD3DD1952E2F9AD0C35ABC
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/tYTknpLk9RvRNSY158cvWCTO1Fg.roa
Signing time: Tue 21 Oct 2025 11:09:03 +0000
ROA not before: Tue 21 Oct 2025 11:09:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210906
IP address blocks: 86.104.227.0/24 maxlen: 24
162.218.157.0/24 maxlen: 24
193.200.96.0/23 maxlen: 23
194.29.70.0/24 maxlen: 24
194.29.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:06:75:52:14:b1:dd:3d:d1:95:2e:2f:9a:d0:c3:5a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Oct 21 11:09:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b584e49e92e4f51bd1352635e7c72f5824ced458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ad:08:2f:f6:53:8a:99:0e:ff:4b:f5:ed:a0:
3e:9b:c5:0d:0e:a7:c9:30:c1:f3:17:2c:e1:1a:78:
38:a4:55:3e:a4:b2:32:19:1e:42:98:b6:8c:00:20:
41:aa:83:a1:9b:8b:ea:b8:3c:58:76:cf:ba:a3:c0:
4a:59:68:19:fa:0a:61:09:f5:be:da:11:88:a8:a1:
9b:ab:ac:e4:00:46:2b:28:94:60:62:81:b5:0e:56:
f6:66:aa:1c:74:38:d1:35:5f:e0:7c:da:4d:d5:1e:
bb:fb:80:01:d5:02:1e:83:bd:0a:90:48:06:2d:a1:
4a:41:c5:a7:5b:3f:30:2f:e3:9e:be:fe:0b:66:fe:
53:7d:dd:eb:62:fc:90:02:aa:e7:17:12:dd:fb:f7:
b7:7b:de:5c:06:c3:85:d3:c9:a0:f3:d6:64:67:8a:
bc:50:95:59:1f:b1:92:38:f4:00:30:96:4e:27:be:
ec:1a:06:83:87:17:42:07:a3:34:e8:0c:ab:7f:f6:
ff:0a:c3:99:ef:f0:25:f2:af:d1:c5:92:87:2f:c9:
3b:da:8e:76:81:98:44:26:02:eb:13:23:59:53:40:
c3:85:58:9e:1b:c9:78:c7:4c:af:c0:25:88:d2:b4:
48:af:dc:1b:5e:30:7b:c1:f2:d3:59:b8:8d:c5:d4:
49:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:84:E4:9E:92:E4:F5:1B:D1:35:26:35:E7:C7:2F:58:24:CE:D4:58
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/tYTknpLk9RvRNSY158cvWCTO1Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.227.0/24
162.218.157.0/24
193.200.96.0/23
194.29.70.0/24
194.29.80.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:c7:c9:c8:13:40:10:f6:34:a5:96:02:b9:fa:dd:95:4a:a7:
a5:9b:a0:01:9f:d4:36:10:2a:d7:11:a2:21:d9:b5:9e:fc:f8:
08:03:7a:db:a5:69:1c:e7:34:93:31:a2:47:b0:52:55:63:6d:
c7:06:a9:ad:5c:2e:01:df:6d:4a:41:5d:3c:14:58:3e:b6:cf:
ff:a9:48:8b:61:b1:fe:42:cc:c6:11:03:e8:9a:31:99:83:18:
ea:ca:a1:77:59:19:01:bb:f5:d0:81:6c:c0:e9:bd:87:4a:eb:
f6:2c:64:8e:9f:67:07:98:96:bb:5b:fc:f4:f8:d9:d6:b0:33:
39:4d:55:1b:91:f0:c8:d8:09:6b:e8:5d:20:eb:e6:5f:9d:2d:
25:48:15:80:64:ce:80:01:56:ba:ae:c6:c0:91:e1:d9:c9:ff:
cc:42:3e:19:68:a9:29:87:4f:4f:2f:9d:fc:47:31:3a:2d:e1:
65:e0:c5:4e:31:88:65:2f:d4:64:c0:0d:9c:d9:c9:d3:ae:b3:
37:8d:38:35:27:0b:88:70:c8:f2:11:9b:04:94:ea:d5:52:73:
ab:f5:6c:b0:43:6c:55:55:57:60:52:e3:f4:cb:7d:9a:6c:04:
86:2d:37:26:ef:ee:58:c2:9a:9a:07:dc:66:dc:a4:37:25:c8:
41:e9:53:97
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZoGdVIUsd090ZUuL5rQw1q8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjUxMDIxMTEwOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg0ZTQ5ZTkyZTRmNTFiZDEzNTI2MzVlN2M3MmY1ODI0Y2VkNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK0IL/ZTipkO/0v17aA+m8UNDqfJ
MMHzFyzhGng4pFU+pLIyGR5CmLaMACBBqoOhm4vquDxYds+6o8BKWWgZ+gphCfW+
2hGIqKGbq6zkAEYrKJRgYoG1Dlb2ZqocdDjRNV/gfNpN1R67+4AB1QIeg70KkEgG
LaFKQcWnWz8wL+Oevv4LZv5Tfd3rYvyQAqrnFxLd+/e3e95cBsOF08mg89ZkZ4q8
UJVZH7GSOPQAMJZOJ77sGgaDhxdCB6M06Ayrf/b/CsOZ7/Al8q/RxZKHL8k72o52
gZhEJgLrEyNZU0DDhVieG8l4x0yvwCWI0rRIr9wbXjB7wfLTWbiNxdRJewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLWE5J6S5PUb0TUmNefHL1gkztRYMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvdFlUa25wTGs5UnZSTlNZMTU4Y3ZXQ1RPMUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmjjAwQA
otqdAwQBwchgAwQAwh1GAwQAwh1QMA0GCSqGSIb3DQEBCwUAA4IBAQAOx8nIE0AQ
9jSllgK5+t2VSqelm6ABn9Q2ECrXEaIh2bWe/PgIA3rbpWkc5zSTMaJHsFJVY23H
BqmtXC4B321KQV08FFg+ts//qUiLYbH+QszGEQPomjGZgxjqyqF3WRkBu/XQgWzA
6b2HSuv2LGSOn2cHmJa7W/z0+NnWsDM5TVUbkfDI2Alr6F0g6+ZfnS0lSBWAZM6A
AVa6rsbAkeHZyf/MQj4ZaKkph09PL538RzE6LeFl4MVOMYhlL9RkwA2c2cnTrrM3
jTg1JwuIcMjyEZsElOrVUnOr9WywQ2xVVVdgUuP0y32abASGLTcm7+5YwpqaB9xm
3KQ3JchB6VOX
-----END CERTIFICATE-----
Generated at Wed Oct 22 10:21:55 2025 by rpki-client