Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/fsCpcWbx8Z1eo5cYhqs4znqfBw0.roa
File: fsCpcWbx8Z1eo5cYhqs4znqfBw0.roa (raw, json)
Hash identifier: 2EkDKLPS7K1At/yNNFD/xXPTEKBT3zJVxYZiJe5gvgs=
Subject key identifier: 7E:C0:A9:71:66:F1:F1:9D:5E:A3:97:18:86:AB:38:CE:7A:9F:07:0D
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 01973119B4F0EDB5C5D656983F41A64EE51C
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/fsCpcWbx8Z1eo5cYhqs4znqfBw0.roa
Signing time: Mon 02 Jun 2025 14:44:17 +0000
ROA not before: Mon 02 Jun 2025 14:44:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31365
IP address blocks: 85.115.206.0/24 maxlen: 24
85.153.1.0/24 maxlen: 24
85.153.2.0/24 maxlen: 24
85.153.3.0/24 maxlen: 24
85.153.5.0/24 maxlen: 24
85.153.6.0/24 maxlen: 24
85.153.7.0/24 maxlen: 24
85.153.8.0/24 maxlen: 24
85.153.9.0/24 maxlen: 24
85.153.10.0/24 maxlen: 24
85.153.33.0/24 maxlen: 24
85.153.43.0/24 maxlen: 24
85.153.47.0/24 maxlen: 24
85.153.56.0/24 maxlen: 24
85.153.58.0/24 maxlen: 24
85.153.65.0/24 maxlen: 24
85.153.74.0/24 maxlen: 24
85.153.75.0/24 maxlen: 24
85.153.76.0/22 maxlen: 22
85.153.80.0/24 maxlen: 24
85.153.93.0/24 maxlen: 24
85.153.112.0/24 maxlen: 24
85.153.115.0/24 maxlen: 24
85.153.116.0/24 maxlen: 24
85.153.117.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.mft
rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 08:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:19:b4:f0:ed:b5:c5:d6:56:98:3f:41:a6:4e:e5:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jun 2 14:44:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ec0a97166f1f19d5ea3971886ab38ce7a9f070d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0a:84:9f:5a:4a:c6:88:1f:0d:57:6a:ab:e6:
70:ad:0e:cb:f6:a5:f2:b6:3d:57:17:30:6e:66:36:
b6:70:7a:45:09:30:4c:54:d9:62:f7:c8:57:a8:4e:
47:f8:48:0c:54:6c:08:a5:3e:4d:57:66:b4:ad:1c:
17:c0:9a:0a:1d:8c:1a:70:68:f3:1a:f6:0b:60:e4:
76:db:21:7b:0f:d9:70:ec:de:ec:80:33:34:36:25:
8d:64:a1:39:60:73:79:51:98:5a:fa:ea:23:66:86:
9c:10:72:49:01:55:f6:c8:19:97:41:9b:0f:36:8c:
da:0e:da:33:67:9a:62:96:4f:a3:fa:1c:04:8f:54:
5f:6b:1b:65:e2:93:00:c6:e2:83:67:5a:7e:6d:3d:
46:26:d3:d2:c2:1e:58:ab:ba:da:a3:85:1e:a5:9c:
74:db:aa:9c:54:b2:29:d5:e5:7d:94:ac:f4:fe:6a:
2b:3b:fd:96:4b:62:f4:ad:b6:37:ff:f8:9d:23:49:
b2:9a:3d:05:26:16:ad:3a:d8:3d:4d:bd:e8:00:66:
46:0b:f5:96:ff:d6:7f:45:b8:34:d6:ac:f1:0d:7c:
c0:93:29:29:db:a1:06:8c:a4:f4:01:ee:d3:7a:d5:
b3:69:85:6d:ba:77:bc:f8:cb:fd:7e:49:7d:b0:a8:
3c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C0:A9:71:66:F1:F1:9D:5E:A3:97:18:86:AB:38:CE:7A:9F:07:0D
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/fsCpcWbx8Z1eo5cYhqs4znqfBw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.206.0/24
85.153.1.0-85.153.3.255
85.153.5.0-85.153.10.255
85.153.33.0/24
85.153.43.0/24
85.153.47.0/24
85.153.56.0/24
85.153.58.0/24
85.153.65.0/24
85.153.74.0-85.153.80.255
85.153.93.0/24
85.153.112.0/24
85.153.115.0-85.153.117.255
85.153.120.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:16:36:6c:ec:54:ef:a1:4a:06:e5:ad:86:ab:68:02:dc:6b:
0f:25:78:9f:b5:50:51:78:7c:ab:42:d0:e3:6a:a3:bd:0d:aa:
ad:36:2d:6b:04:ac:d8:56:53:24:ac:9b:2a:05:3b:bd:26:1e:
25:ab:f9:61:80:5f:71:a7:15:a6:88:49:80:a8:85:fd:2a:ba:
3f:59:94:69:ba:b1:aa:34:09:cf:d1:f0:01:03:2e:aa:a8:bd:
30:71:d8:b6:d8:84:00:a2:f0:21:6b:6f:92:98:08:09:47:f9:
be:03:64:94:98:2f:f3:42:ec:78:52:f5:dd:ce:00:1f:67:dd:
4c:12:ae:cc:ec:f4:77:08:df:65:e2:c6:c9:af:68:c8:fb:01:
6e:a0:1e:1d:2d:d3:f4:0d:c0:7e:4d:b7:c0:05:a5:a8:29:8f:
91:62:66:89:92:16:22:70:51:16:e5:69:a3:aa:89:f8:f9:2b:
b2:12:94:c8:4e:a7:9c:50:d3:91:dd:23:87:f8:1c:cd:14:e4:
2a:c9:b4:06:79:f6:a2:75:23:9f:3f:50:61:31:61:e8:17:b1:
9b:82:2c:8c:f5:3a:b7:8f:5a:4b:d6:80:8d:9b:d5:c0:35:9b:
04:71:5b:5b:3a:d9:32:5c:19:5c:0a:40:a4:d0:02:70:8f:2d:
9f:ce:31:7e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZcxGbTw7bXF1laYP0GmTuUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjUwNjAyMTQ0NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWMwYTk3MTY2ZjFmMTlkNWVhMzk3MTg4NmFiMzhjZTdhOWYwNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQqEn1pKxogfDVdqq+ZwrQ7L9qXy
tj1XFzBuZja2cHpFCTBMVNli98hXqE5H+EgMVGwIpT5NV2a0rRwXwJoKHYwacGjz
GvYLYOR22yF7D9lw7N7sgDM0NiWNZKE5YHN5UZha+uojZoacEHJJAVX2yBmXQZsP
NozaDtozZ5pilk+j+hwEj1Rfaxtl4pMAxuKDZ1p+bT1GJtPSwh5Yq7rao4UepZx0
26qcVLIp1eV9lKz0/morO/2WS2L0rbY3//idI0mymj0FJhatOtg9Tb3oAGZGC/WW
/9Z/Rbg01qzxDXzAkykp26EGjKT0Ae7TetWzaYVtune8+Mv9fkl9sKg8CQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFH7AqXFm8fGdXqOXGIarOM56nwcNMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvZnNDcGNXYng4WjFlbzVjWWhxczR6bnFmQncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFVzzjAM
AwQAVZkBAwQCVZkAMAwDBABVmQUDBABVmQoDBABVmSEDBABVmSsDBABVmS8DBABV
mTgDBABVmToDBABVmUEwDAMEAVWZSgMEAFWZUAMEAFWZXQMEAFWZcDAMAwQAVZlz
AwQBVZl0AwQCVZl4MA0GCSqGSIb3DQEBCwUAA4IBAQBNFjZs7FTvoUoG5a2Gq2gC
3GsPJXiftVBReHyrQtDjaqO9DaqtNi1rBKzYVlMkrJsqBTu9Jh4lq/lhgF9xpxWm
iEmAqIX9Kro/WZRpurGqNAnP0fABAy6qqL0wcdi22IQAovAha2+SmAgJR/m+A2SU
mC/zQux4UvXdzgAfZ91MEq7M7PR3CN9l4sbJr2jI+wFuoB4dLdP0DcB+TbfABaWo
KY+RYmaJkhYicFEW5Wmjqon4+SuyEpTITqecUNOR3SOH+BzNFOQqybQGefaidSOf
P1BhMWHoF7GbgiyM9Tq3j1pL1oCNm9XANZsEcVtbOtkyXBlcCkCk0AJwjy2fzjF+
-----END CERTIFICATE-----
Generated at Thu Jun 12 18:12:24 2025 by rpki-client