Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/fOCG8GZHTaRDntl_g9LNFOGmkqw.roa
File: fOCG8GZHTaRDntl_g9LNFOGmkqw.roa (raw, json)
Hash identifier: bR9905Jw5jekH7I9Vxe1eqFMLaQsdQXCVYQbjYCAIBw=
Subject key identifier: 7C:E0:86:F0:66:47:4D:A4:43:9E:D9:7F:83:D2:CD:14:E1:A6:92:AC
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 01990ED9924EAF87F57129C1C0ECCC6D3926
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/fOCG8GZHTaRDntl_g9LNFOGmkqw.roa
Signing time: Wed 03 Sep 2025 09:12:43 +0000
ROA not before: Wed 03 Sep 2025 09:12:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47950
IP address blocks: 193.41.244.0/24 maxlen: 24
193.41.246.0/24 maxlen: 24
2a06:e800::/48 maxlen: 48
2a0d:f400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0e:d9:92:4e:af:87:f5:71:29:c1:c0:ec:cc:6d:39:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Sep 3 09:12:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ce086f066474da4439ed97f83d2cd14e1a692ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3d:a8:7d:be:7d:3a:29:f4:ab:8e:e6:bf:52:
00:34:62:9d:cf:2f:cd:78:8d:da:f9:36:12:9f:56:
ad:7f:3f:ff:71:83:61:99:71:d1:96:ad:e5:7d:47:
e9:13:df:7a:f6:ca:a7:b4:a1:95:38:3f:02:36:b7:
a5:b6:2e:24:b6:9e:7e:ba:8a:eb:d2:ed:f5:19:cf:
02:f3:bb:a5:d7:82:68:57:b4:4e:74:a8:9c:9a:d7:
b9:e3:58:59:59:63:74:dd:13:b3:f4:4c:04:e4:1d:
b5:1e:69:92:b6:cb:fe:77:da:85:bb:d0:42:ed:18:
1c:58:f3:db:bf:9a:c1:f8:a5:9d:b8:b4:30:c9:a2:
24:f2:2a:8b:23:39:05:2f:91:97:3a:86:af:4a:09:
77:29:18:b6:e3:0d:90:b6:15:a6:de:80:35:f0:da:
10:05:50:0e:3c:d6:f3:e3:4a:8e:bf:45:83:c3:b8:
21:83:d1:aa:9f:d7:b5:50:fa:83:d5:79:3b:c1:f9:
2a:fb:64:97:3e:f2:4a:6e:9f:3d:22:00:e1:22:7f:
af:4e:82:c8:5a:dd:61:62:11:b7:4f:eb:82:ca:fd:
24:9c:1f:a5:8f:7c:51:87:31:0a:57:16:03:9b:49:
02:c9:29:5d:36:34:e4:88:95:ec:3a:50:e7:6a:f9:
54:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E0:86:F0:66:47:4D:A4:43:9E:D9:7F:83:D2:CD:14:E1:A6:92:AC
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/fOCG8GZHTaRDntl_g9LNFOGmkqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.244.0/24
193.41.246.0/24
IPv6:
2a06:e800::/48
2a0d:f400::/32
Signature Algorithm: sha256WithRSAEncryption
6d:8a:42:1c:23:51:88:8b:b1:dd:ab:41:d5:f7:ba:e5:e1:68:
30:14:07:e3:29:9a:f4:f6:75:6b:8d:68:fd:e5:e4:c9:b9:f3:
fa:87:a8:bd:d9:e5:54:a3:d6:80:41:80:48:57:47:a6:08:71:
4b:93:f5:62:54:91:c4:2a:c1:29:63:a7:d3:cb:3d:62:9a:db:
ce:a9:4d:28:17:16:dc:b5:58:45:2d:b6:68:35:a6:3b:be:8e:
61:f9:65:34:4e:45:d2:5b:05:ac:23:86:9c:bf:ec:c0:96:df:
4a:f9:5e:01:65:1e:bb:7f:52:18:95:07:fc:29:c0:6e:0a:bd:
e3:d7:62:07:69:8f:c1:38:95:d0:d3:51:74:bb:7e:16:df:fc:
92:dc:0a:86:a7:ef:0f:25:4e:0f:05:bc:5e:d0:20:6d:17:0f:
4f:35:70:ad:c9:51:98:6b:4e:56:14:61:2e:db:05:ce:2a:8e:
b2:73:3c:e0:13:be:82:6f:51:40:e3:67:fb:51:b0:3c:af:4d:
5e:67:c2:dd:bb:8b:ba:13:ee:42:9b:aa:bd:a3:40:3c:45:de:
54:54:bc:ef:15:ca:5d:0a:ec:af:fe:ea:de:cc:93:39:06:75:
6b:7d:d4:a5:80:fb:15:c3:da:3f:b1:c3:b0:2f:95:a1:b6:af:
07:f9:fa:cd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZkO2ZJOr4f1cSnBwOzMbTkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjUwOTAzMDkxMjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2UwODZmMDY2NDc0ZGE0NDM5ZWQ5N2Y4M2QyY2QxNGUxYTY5MmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT2ofb59Oin0q47mv1IANGKdzy/N
eI3a+TYSn1atfz//cYNhmXHRlq3lfUfpE9969sqntKGVOD8CNrelti4ktp5+uorr
0u31Gc8C87ul14JoV7ROdKicmte541hZWWN03ROz9EwE5B21HmmStsv+d9qFu9BC
7RgcWPPbv5rB+KWduLQwyaIk8iqLIzkFL5GXOoavSgl3KRi24w2QthWm3oA18NoQ
BVAOPNbz40qOv0WDw7ghg9Gqn9e1UPqD1Xk7wfkq+2SXPvJKbp89IgDhIn+vToLI
Wt1hYhG3T+uCyv0knB+lj3xRhzEKVxYDm0kCySldNjTkiJXsOlDnavlU1QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHzghvBmR02kQ57Zf4PSzRThppKsMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvZk9DRzhHWkhUYVJEbnRsX2c5TE5GT0dta3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAwSn0AwQA
wSn2MBYEAgACMBADBwAqBugAAAADBQAqDfQAMA0GCSqGSIb3DQEBCwUAA4IBAQBt
ikIcI1GIi7Hdq0HV97rl4WgwFAfjKZr09nVrjWj95eTJufP6h6i92eVUo9aAQYBI
V0emCHFLk/ViVJHEKsEpY6fTyz1imtvOqU0oFxbctVhFLbZoNaY7vo5h+WU0TkXS
WwWsI4acv+zAlt9K+V4BZR67f1IYlQf8KcBuCr3j12IHaY/BOJXQ01F0u34W3/yS
3AqGp+8PJU4PBbxe0CBtFw9PNXCtyVGYa05WFGEu2wXOKo6yczzgE76Cb1FA42f7
UbA8r01eZ8Ldu4u6E+5Cm6q9o0A8Rd5UVLzvFcpdCuyv/urezJM5BnVrfdSlgPsV
w9o/scOwL5Whtq8H+frN
-----END CERTIFICATE-----
Generated at Tue Sep 9 12:35:38 2025 by rpki-client