Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/FJOFGWXD3VTTT2WV_P0e7Bs_AJg.roa
File: FJOFGWXD3VTTT2WV_P0e7Bs_AJg.roa (raw, json)
Hash identifier: JEofwhWwyCHUGzPrbMphpJXd78/dFdYz2MuQwQR1yJ8=
Subject key identifier: 14:93:85:19:65:C3:DD:54:D3:4F:65:95:FC:FD:1E:EC:1B:3F:00:98
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0198F9A377472418E11CC675B689060DBB55
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/FJOFGWXD3VTTT2WV_P0e7Bs_AJg.roa
Signing time: Sat 30 Aug 2025 06:21:36 +0000
ROA not before: Sat 30 Aug 2025 06:21:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204650
IP address blocks: 37.32.40.0/24 maxlen: 24
37.32.42.0/24 maxlen: 24
37.32.44.0/24 maxlen: 24
37.32.45.0/24 maxlen: 24
178.239.156.0/24 maxlen: 24
178.239.159.0/24 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
185.243.49.0/24 maxlen: 24
185.243.50.0/24 maxlen: 24
2a00:7040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 21:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f9:a3:77:47:24:18:e1:1c:c6:75:b6:89:06:0d:bb:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Aug 30 06:21:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1493851965c3dd54d34f6595fcfd1eec1b3f0098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9d:58:56:a0:fa:5a:d5:d3:5b:af:f0:c1:0e:
82:08:75:10:11:7d:cb:6b:4d:90:91:c0:f1:51:2b:
3d:d1:4c:f8:f6:58:52:df:68:b3:15:ab:b0:46:6c:
54:7e:76:f8:e6:42:31:2e:d2:5a:6a:3a:2d:a2:a4:
b7:c7:f1:e4:f7:1c:8f:ca:ea:4d:b8:de:1a:65:27:
2c:ee:e4:da:dd:7b:19:63:c4:43:6b:34:ce:83:ba:
1c:b2:ba:9c:bc:e5:c0:c0:20:78:2d:07:74:a7:ca:
98:07:5f:71:f7:86:83:0f:7b:91:fc:e8:14:f7:43:
cf:8c:d2:1c:0b:66:69:82:f5:f9:70:db:54:54:6d:
d1:9b:df:5e:47:47:be:70:96:9e:71:68:92:fa:c7:
95:08:97:cd:5f:05:ea:10:6b:55:76:c5:39:4a:fe:
46:9d:d7:df:18:57:15:ba:d6:fc:30:10:bf:b5:f7:
72:82:3f:ed:42:aa:02:31:17:c5:80:30:32:4c:46:
62:11:36:e0:62:8a:ae:cd:6b:bb:d5:05:f5:4f:ec:
54:08:de:53:f1:70:5a:d5:d1:53:ba:6a:f9:0f:1a:
ef:41:25:26:0d:d1:76:0d:65:0b:5d:92:52:d6:cd:
85:12:0e:00:7f:b7:bf:94:97:68:3d:3c:b3:52:d3:
5a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:93:85:19:65:C3:DD:54:D3:4F:65:95:FC:FD:1E:EC:1B:3F:00:98
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/FJOFGWXD3VTTT2WV_P0e7Bs_AJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.40.0/24
37.32.42.0/24
37.32.44.0/23
178.239.156.0/24
178.239.159.0/24
185.26.34.0/23
185.124.173.0/24
185.212.48.0/24
185.243.49.0-185.243.50.255
IPv6:
2a00:7040::/32
Signature Algorithm: sha256WithRSAEncryption
7f:3b:14:f0:ad:86:2e:d7:4e:2a:04:59:e6:ea:06:1a:38:25:
7a:12:4a:10:f5:e1:db:a1:6d:f7:68:ce:04:cd:f2:52:f4:de:
c1:14:9e:86:79:dc:67:19:bf:e5:3a:91:9d:e1:e4:22:fa:69:
d5:1f:30:a5:0c:25:27:3c:1e:fd:25:72:2e:76:05:3a:5c:f5:
95:cc:44:cd:59:c4:72:f8:b2:1d:b3:33:7b:71:b3:36:cf:f7:
a0:4b:0e:af:9f:8e:71:87:db:90:bc:a4:a2:01:0c:87:3d:da:
95:f4:51:14:e0:0d:ea:b9:56:88:d4:f6:7d:39:14:dc:6b:67:
18:ff:da:62:05:11:76:06:9b:18:f8:e3:fb:4e:4d:ff:f7:61:
9f:3e:5f:61:24:f3:2f:85:d9:62:65:aa:48:e1:78:d0:69:de:
8b:b8:c1:d7:e2:78:f9:c4:97:60:e9:3d:62:58:91:13:fc:a5:
88:23:7c:2e:e1:36:d2:2a:fa:b5:32:2a:d3:e6:f4:83:31:11:
60:41:29:50:dd:8c:64:29:5a:cd:5b:a6:d4:4c:25:a7:7d:21:
f7:e8:a3:62:70:39:ef:70:9b:05:ad:2f:f5:7b:ba:ad:2f:8e:
20:70:8d:6a:93:a8:16:ff:07:03:93:91:f3:f2:76:9b:e8:7a:
b2:08:e6:91
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZj5o3dHJBjhHMZ1tokGDbtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjUwODMwMDYyMTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDkzODUxOTY1YzNkZDU0ZDM0ZjY1OTVmY2ZkMWVlYzFiM2YwMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z1YVqD6WtXTW6/wwQ6CCHUQEX3L
a02QkcDxUSs90Uz49lhS32izFauwRmxUfnb45kIxLtJaajotoqS3x/Hk9xyPyupN
uN4aZScs7uTa3XsZY8RDazTOg7ocsrqcvOXAwCB4LQd0p8qYB19x94aDD3uR/OgU
90PPjNIcC2ZpgvX5cNtUVG3Rm99eR0e+cJaecWiS+seVCJfNXwXqEGtVdsU5Sv5G
ndffGFcVutb8MBC/tfdygj/tQqoCMRfFgDAyTEZiETbgYoquzWu71QX1T+xUCN5T
8XBa1dFTumr5DxrvQSUmDdF2DWULXZJS1s2FEg4Af7e/lJdoPTyzUtNa5wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFBSThRllw91U009llfz9HuwbPwCYMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvRkpPRkdXWEQzVlRUVDJXVl9QMGU3QnNfQUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQAJSAoAwQA
JSAqAwQBJSAsAwQAsu+cAwQAsu+fAwQBuRoiAwQAuXytAwQAudQwMAwDBAC58zED
BAC58zIwDQQCAAIwBwMFACoAcEAwDQYJKoZIhvcNAQELBQADggEBAH87FPCthi7X
TioEWebqBho4JXoSShD14duhbfdozgTN8lL03sEUnoZ53GcZv+U6kZ3h5CL6adUf
MKUMJSc8Hv0lci52BTpc9ZXMRM1ZxHL4sh2zM3txszbP96BLDq+fjnGH25C8pKIB
DIc92pX0URTgDeq5VojU9n05FNxrZxj/2mIFEXYGmxj44/tOTf/3YZ8+X2Ek8y+F
2WJlqkjheNBp3ou4wdfiePnEl2DpPWJYkRP8pYgjfC7hNtIq+rUyKtPm9IMxEWBB
KVDdjGQpWs1bptRMJad9Iffoo2JwOe9wmwWtL/V7uq0vjiBwjWqTqBb/BwOTkfPy
dpvoerII5pE=
-----END CERTIFICATE-----
Generated at Wed Sep 10 03:51:02 2025 by rpki-client