Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/fDHqccAxGBwcRdQbqtjCoAejdvo.roa
File: fDHqccAxGBwcRdQbqtjCoAejdvo.roa (raw, json)
Hash identifier: B7rBR/ZZ4ZRNUkFQDW8EJw17bYDRxiAAOyxuCQDYhlQ=
Subject key identifier: 7C:31:EA:71:C0:31:18:1C:1C:45:D4:1B:AA:D8:C2:A0:07:A3:76:FA
Certificate issuer: /CN=19e06155fc1e37652b2b79c9a536d2e6144d04f7
Certificate serial: 019A0056C932EDFE82C1D5CB70B8F56501C9
Authority key identifier: 19:E0:61:55:FC:1E:37:65:2B:2B:79:C9:A5:36:D2:E6:14:4D:04:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GeBhVfweN2UrK3nJpTbS5hRNBPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/fDHqccAxGBwcRdQbqtjCoAejdvo.roa
Signing time: Mon 20 Oct 2025 06:37:58 +0000
ROA not before: Mon 20 Oct 2025 06:37:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47292
IP address blocks: 86.58.198.0/23 maxlen: 23
2a00:49c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/GeBhVfweN2UrK3nJpTbS5hRNBPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/GeBhVfweN2UrK3nJpTbS5hRNBPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/GeBhVfweN2UrK3nJpTbS5hRNBPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:56:c9:32:ed:fe:82:c1:d5:cb:70:b8:f5:65:01:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19e06155fc1e37652b2b79c9a536d2e6144d04f7
Validity
Not Before: Oct 20 06:37:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c31ea71c031181c1c45d41baad8c2a007a376fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:73:53:e1:8f:61:63:2d:0d:2b:6a:7e:af:1a:
cf:f3:97:51:d9:35:4c:20:22:b6:67:82:76:d7:82:
03:65:ce:f3:6d:4f:41:cd:75:9e:5b:34:47:3f:d4:
18:55:11:38:72:b9:d2:68:3b:04:0f:27:e5:c7:8e:
93:53:0a:b0:e9:20:af:94:49:2a:92:dc:c2:e4:ea:
24:12:1d:1d:fb:51:60:34:00:eb:45:71:c8:a6:31:
65:9d:cb:92:90:23:de:aa:ad:2c:92:99:b6:8f:e4:
f1:5d:c3:be:10:6d:bb:65:64:94:e2:36:4c:c9:cf:
a8:1f:a1:b3:97:1a:35:12:b3:4a:95:6d:5a:57:ff:
49:39:4e:08:48:bb:53:b6:dd:1b:c4:59:ae:3e:af:
af:f3:6e:8d:25:5c:a6:b2:cb:e6:12:1c:6a:e0:51:
50:dd:61:58:59:80:9b:dc:63:a1:57:88:dd:a1:b0:
55:0a:36:05:35:d5:05:c0:a4:3a:17:a1:2f:db:d5:
20:31:11:21:fa:b1:68:70:31:1c:b4:b0:a6:0d:ce:
cf:d7:06:8a:f9:e2:dc:c8:3a:47:af:74:cd:e4:cb:
db:51:17:4b:9e:33:4d:d8:ca:ba:68:4e:76:90:49:
27:99:c9:50:e7:b2:f9:0a:73:cd:3c:da:c1:0f:e0:
17:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:31:EA:71:C0:31:18:1C:1C:45:D4:1B:AA:D8:C2:A0:07:A3:76:FA
X509v3 Authority Key Identifier:
keyid:19:E0:61:55:FC:1E:37:65:2B:2B:79:C9:A5:36:D2:E6:14:4D:04:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GeBhVfweN2UrK3nJpTbS5hRNBPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/fDHqccAxGBwcRdQbqtjCoAejdvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/bb85d7-7cde-4e1c-b9df-79eeb6321eb7/1/GeBhVfweN2UrK3nJpTbS5hRNBPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.58.198.0/23
IPv6:
2a00:49c0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:84:55:09:36:1b:b9:e7:5a:e0:53:c5:eb:39:1d:11:2f:9e:
ba:56:23:34:45:8a:3c:70:5c:2f:21:2d:39:63:09:be:ce:85:
6a:a4:01:ac:42:89:83:2a:5f:5e:86:5e:2d:61:d0:b8:7a:5c:
4c:72:a8:b7:e5:b7:0f:43:c7:7a:57:7a:ca:c2:f2:8f:52:c0:
54:5c:9d:f0:8d:fc:33:d0:8a:19:00:fc:ba:d0:a7:7b:bb:db:
ec:3e:e7:79:32:dc:60:33:35:c2:f7:5d:78:48:ab:60:e8:f0:
3b:18:a8:d8:f8:aa:af:ef:ed:27:74:07:b7:cf:38:65:85:00:
b6:de:13:93:68:45:fc:a1:5b:18:fe:3c:c8:c1:5b:bd:ca:5d:
b6:b1:da:a0:f4:f1:01:1e:d4:bd:6b:27:d6:c1:47:11:4b:05:
69:ad:e6:08:d1:28:db:96:16:45:b6:e9:06:46:ce:4e:8b:7d:
f8:09:85:fa:37:93:f5:8b:6d:3c:34:1d:b9:d3:af:c4:e5:b0:
42:4f:59:5c:76:87:12:0f:ae:06:2e:a4:50:87:24:37:b0:95:
58:7e:5a:0d:7f:59:4a:73:b0:45:58:0d:c2:3d:d2:6e:a2:fd:
31:8f:48:e0:42:26:f5:d2:7d:88:f8:ec:1e:e8:82:29:ce:dc:
e2:1a:23:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZoAVsky7f6CwdXLcLj1ZQHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZTA2MTU1ZmMxZTM3NjUyYjJiNzljOWE1MzZkMmU2MTQ0
ZDA0ZjcwHhcNMjUxMDIwMDYzNzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzMxZWE3MWMwMzExODFjMWM0NWQ0MWJhYWQ4YzJhMDA3YTM3NmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHNT4Y9hYy0NK2p+rxrP85dR2TVM
ICK2Z4J214IDZc7zbU9BzXWeWzRHP9QYVRE4crnSaDsEDyflx46TUwqw6SCvlEkq
ktzC5OokEh0d+1FgNADrRXHIpjFlncuSkCPeqq0skpm2j+TxXcO+EG27ZWSU4jZM
yc+oH6Gzlxo1ErNKlW1aV/9JOU4ISLtTtt0bxFmuPq+v826NJVymssvmEhxq4FFQ
3WFYWYCb3GOhV4jdobBVCjYFNdUFwKQ6F6Ev29UgMREh+rFocDEctLCmDc7P1waK
+eLcyDpHr3TN5MvbURdLnjNN2Mq6aE52kEknmclQ57L5CnPNPNrBD+AXnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHwx6nHAMRgcHEXUG6rYwqAHo3b6MB8GA1UdIwQY
MBaAFBngYVX8HjdlKyt5yaU20uYUTQT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2VCaFZmd2VOMlVySzNuSnBUYlM1aFJOQlBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iYjg1ZDctN2NkZS00ZTFjLWI5ZGYt
NzllZWI2MzIxZWI3LzEvZkRIcWNjQXhHQndjUmRRYnF0akNvQWVqZHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iYjg1ZDctN2NkZS00ZTFjLWI5ZGYtNzllZWI2MzIxZWI3
LzEvR2VCaFZmd2VOMlVySzNuSnBUYlM1aFJOQlBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBVjrGMA0E
AgACMAcDBQAqAEnAMA0GCSqGSIb3DQEBCwUAA4IBAQBvhFUJNhu551rgU8XrOR0R
L566ViM0RYo8cFwvIS05Ywm+zoVqpAGsQomDKl9ehl4tYdC4elxMcqi35bcPQ8d6
V3rKwvKPUsBUXJ3wjfwz0IoZAPy60Kd7u9vsPud5MtxgMzXC9114SKtg6PA7GKjY
+Kqv7+0ndAe3zzhlhQC23hOTaEX8oVsY/jzIwVu9yl22sdqg9PEBHtS9ayfWwUcR
SwVpreYI0SjblhZFtukGRs5Oi334CYX6N5P1i208NB2506/E5bBCT1lcdocSD64G
LqRQhyQ3sJVYfloNf1lKc7BFWA3CPdJuov0xj0jgQib10n2I+Owe6IIpztziGiM4
-----END CERTIFICATE-----
Generated at Mon Oct 27 06:29:36 2025 by rpki-client