Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/fCgmJ5doD3FbIucqbIpGMlmtVvM.roa
File: fCgmJ5doD3FbIucqbIpGMlmtVvM.roa (raw, json)
Hash identifier: SfDUMiHPovragI5UdBifWGkDZRcp8pAn1e8WMKiD3hU=
Subject key identifier: 7C:28:26:27:97:68:0F:71:5B:22:E7:2A:6C:8A:46:32:59:AD:56:F3
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0199065A51FEE344FC11DCB6D5134D26275D
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/fCgmJ5doD3FbIucqbIpGMlmtVvM.roa
Signing time: Mon 01 Sep 2025 17:36:46 +0000
ROA not before: Mon 01 Sep 2025 17:36:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47232
IP address blocks: 5.39.200.0/22 maxlen: 24
5.39.200.0/23 maxlen: 23
46.29.224.0/21 maxlen: 32
46.29.228.0/23 maxlen: 32
78.111.112.0/20 maxlen: 32
78.111.114.0/23 maxlen: 32
78.111.116.0/23 maxlen: 32
91.192.32.0/22 maxlen: 22
93.91.144.0/20 maxlen: 32
93.91.149.0/24 maxlen: 32
93.91.150.0/23 maxlen: 32
93.91.152.0/24 maxlen: 32
93.91.153.0/24 maxlen: 32
93.91.154.0/24 maxlen: 32
109.235.0.0/21 maxlen: 24
185.15.108.0/22 maxlen: 32
185.52.172.0/24 maxlen: 32
185.64.220.0/22 maxlen: 32
185.125.128.0/22 maxlen: 32
213.108.162.0/23 maxlen: 32
217.75.208.0/20 maxlen: 32
2a02:17a0::/29 maxlen: 48
2a02:17a0:d000::/36 maxlen: 36
2a03:2a80::/29 maxlen: 48
2a03:2a82::/31 maxlen: 48
2a04:7bc0::/29 maxlen: 48
2a04:7bc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 06:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:06:5a:51:fe:e3:44:fc:11:dc:b6:d5:13:4d:26:27:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Sep 1 17:36:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c28262797680f715b22e72a6c8a463259ad56f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b9:e7:ba:f7:33:46:5e:65:c2:f5:4d:f1:f6:
dd:af:aa:d0:e3:70:02:00:90:d9:10:ea:d0:2c:54:
fb:3c:db:7a:bd:82:5f:5f:ea:1d:b9:75:1b:12:9d:
5b:c5:4f:97:06:29:26:ff:50:94:c1:30:8d:09:47:
e3:6f:c4:a1:cd:ba:09:55:27:17:dc:e8:41:b8:dd:
c0:b2:5e:bc:28:3d:78:97:ca:ad:eb:b3:c0:b7:e3:
f3:fb:4e:bb:4e:26:b3:80:9f:ab:8f:98:57:01:17:
0e:5e:1f:87:1e:40:ee:72:51:60:16:58:bf:d5:be:
88:f2:bb:93:f2:2b:12:fd:17:b4:93:c2:9a:09:46:
e5:32:c7:d5:cf:d7:ca:69:12:ab:93:18:ab:09:13:
c8:c2:fa:60:be:db:a6:44:64:b3:89:4c:1f:e7:1c:
b5:94:b6:15:a6:70:fd:5d:c8:28:ed:40:81:fd:b2:
82:fd:c5:c0:2c:c4:1e:38:b6:d9:ce:5d:60:a6:ca:
a2:b5:f7:85:48:41:3d:d7:71:d2:23:31:e8:82:c9:
58:ee:fa:e7:8b:d6:ca:46:6b:f6:4e:de:b6:2a:ec:
b2:d2:0a:57:08:17:4a:46:6c:23:3a:72:73:1c:b4:
60:7e:11:ae:cd:93:66:fa:3e:77:b8:ed:83:0a:ff:
ed:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:28:26:27:97:68:0F:71:5B:22:E7:2A:6C:8A:46:32:59:AD:56:F3
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/fCgmJ5doD3FbIucqbIpGMlmtVvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.200.0/22
46.29.224.0/21
78.111.112.0/20
91.192.32.0/22
93.91.144.0/20
109.235.0.0/21
185.15.108.0/22
185.52.172.0/24
185.64.220.0/22
185.125.128.0/22
213.108.162.0/23
217.75.208.0/20
IPv6:
2a02:17a0::/29
2a03:2a80::/29
2a04:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
a4:c9:e7:78:25:27:fe:95:9a:4d:4a:69:d4:f9:2c:0f:1b:b9:
c5:35:a2:e8:b9:bb:df:b2:74:2b:a1:48:22:c6:04:cf:09:09:
3c:28:a5:d3:96:23:c1:c0:19:bb:78:31:12:ad:82:c6:fb:de:
e9:bf:93:cc:68:8d:b3:42:63:12:ac:1f:b0:15:c9:d4:54:60:
15:a2:c3:dc:be:58:37:19:ee:47:d1:5c:4a:67:23:f2:43:c0:
72:d6:2b:1c:8f:d4:06:d7:7c:cb:1d:1e:29:61:4a:ca:3f:86:
87:36:b2:f4:78:35:e6:ee:6f:34:ed:f0:79:6b:41:74:b7:44:
b6:36:80:ea:a7:d4:d9:8f:52:26:d6:45:e7:42:0a:0e:83:7e:
ae:09:b3:54:a6:7e:50:3e:23:55:dd:cb:73:a4:b8:aa:79:1d:
be:30:e1:53:ac:e8:ed:c2:b0:d8:59:40:e2:9f:b5:e4:2c:cb:
0a:09:5e:09:24:81:81:91:b2:11:10:cd:5b:88:2f:7b:0e:91:
b4:0d:ae:e0:39:c1:9a:1f:a4:67:5c:d5:1c:92:ce:11:fa:ad:
73:a3:a0:d8:02:82:3c:e7:78:c5:92:c6:94:ba:80:2a:db:71:
cb:47:ab:ed:05:95:3a:b4:26:4c:fd:7c:a0:f6:c1:e8:cb:f5:
25:51:cf:32
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZkGWlH+40T8Edy21RNNJiddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwOTAxMTczNjQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzI4MjYyNzk3NjgwZjcxNWIyMmU3MmE2YzhhNDYzMjU5YWQ1NmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrnnuvczRl5lwvVN8fbdr6rQ43AC
AJDZEOrQLFT7PNt6vYJfX+oduXUbEp1bxU+XBikm/1CUwTCNCUfjb8ShzboJVScX
3OhBuN3Asl68KD14l8qt67PAt+Pz+067TiazgJ+rj5hXARcOXh+HHkDuclFgFli/
1b6I8ruT8isS/Re0k8KaCUblMsfVz9fKaRKrkxirCRPIwvpgvtumRGSziUwf5xy1
lLYVpnD9Xcgo7UCB/bKC/cXALMQeOLbZzl1gpsqitfeFSEE913HSIzHogslY7vrn
i9bKRmv2Tt62Kuyy0gpXCBdKRmwjOnJzHLRgfhGuzZNm+j53uO2DCv/tZQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFHwoJieXaA9xWyLnKmyKRjJZrVbzMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvZkNnbUo1ZG9EM0ZiSXVjcWJJcEdNbG10VnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBOBAIAATBIAwQCBSfIAwQD
Lh3gAwQETm9wAwQCW8AgAwQEXVuQAwQDbesAAwQCuQ9sAwQAuTSsAwQCuUDcAwQC
uX2AAwQB1WyiAwQE2UvQMBsEAgACMBUDBQMqAhegAwUDKgMqgAMFAyoEe8AwDQYJ
KoZIhvcNAQELBQADggEBAKTJ53glJ/6Vmk1KadT5LA8bucU1oui5u9+ydCuhSCLG
BM8JCTwopdOWI8HAGbt4MRKtgsb73um/k8xojbNCYxKsH7AVydRUYBWiw9y+WDcZ
7kfRXEpnI/JDwHLWKxyP1AbXfMsdHilhSso/hoc2svR4NebubzTt8HlrQXS3RLY2
gOqn1NmPUibWRedCCg6Dfq4Js1SmflA+I1Xdy3OkuKp5Hb4w4VOs6O3CsNhZQOKf
teQsywoJXgkkgYGRshEQzVuIL3sOkbQNruA5wZofpGdc1RySzhH6rXOjoNgCgjzn
eMWSxpS6gCrbcctHq+0FlTq0Jkz9fKD2wejL9SVRzzI=
-----END CERTIFICATE-----
Generated at Wed Sep 10 14:15:53 2025 by rpki-client