Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/fi24CSDfzgi2n-8tyhCDy6VJEbk.roa
File: fi24CSDfzgi2n-8tyhCDy6VJEbk.roa (raw, json)
Hash identifier: iy2pQ7aLpFevwnqwFGwKuv5XmpdEYHW9K5mNM+qd43g=
Subject key identifier: 7E:2D:B8:09:20:DF:CE:08:B6:9F:EF:2D:CA:10:83:CB:A5:49:11:B9
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019A2F7895A8E4F1CA2F4EE993BEA4FC6C63
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/fi24CSDfzgi2n-8tyhCDy6VJEbk.roa
Signing time: Wed 29 Oct 2025 10:17:03 +0000
ROA not before: Wed 29 Oct 2025 10:17:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.22.142.0/23 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.112.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2f:78:95:a8:e4:f1:ca:2f:4e:e9:93:be:a4:fc:6c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 29 10:17:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e2db80920dfce08b69fef2dca1083cba54911b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d3:b2:a7:0e:87:07:75:9d:b5:ea:45:22:19:
9f:dd:98:15:0a:70:26:77:bc:c3:22:e7:15:b0:ff:
a7:f4:6d:19:8d:4a:72:3e:dc:9c:67:dd:40:1e:77:
b7:97:ec:cb:fb:8c:eb:75:f4:99:f0:cd:33:1b:e6:
32:af:6b:5c:6b:28:a3:fb:b9:07:ed:4c:64:18:c2:
8b:be:6d:da:7d:47:f6:0f:07:c3:99:9d:ae:32:34:
5b:d0:ba:88:5d:18:de:86:ea:fb:65:85:37:2f:32:
a5:59:39:b0:21:62:b8:a4:4c:0c:0c:c2:68:b6:93:
aa:c7:31:03:84:be:31:2e:2b:5b:3b:f3:2b:53:4d:
e0:02:65:2e:ef:45:c8:c0:13:b8:c6:3f:4e:85:71:
6b:a4:cb:59:93:14:45:5b:ce:bb:84:03:68:99:32:
61:4b:17:9e:cf:c7:4b:c9:5a:47:5e:4a:25:bb:db:
3c:b3:41:4a:08:af:c2:1e:17:66:99:9c:fd:38:52:
ae:b0:c4:3d:d2:51:db:07:68:10:0a:c2:cc:e1:0a:
e6:7a:63:03:2b:92:dc:1a:21:7c:63:1c:da:6e:09:
65:82:8d:a6:b5:ac:ee:91:21:9d:1b:c6:6c:e2:31:
ad:eb:84:6d:36:b6:67:8c:2a:6c:cb:fd:33:d2:4c:
25:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2D:B8:09:20:DF:CE:08:B6:9F:EF:2D:CA:10:83:CB:A5:49:11:B9
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/fi24CSDfzgi2n-8tyhCDy6VJEbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.142.0/23
89.185.0.0/22
109.72.112.0/24
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
88:1a:ef:07:1f:a3:9f:9a:0a:73:cc:dd:3e:e4:45:30:fd:17:
cf:d9:74:27:e8:85:be:5c:09:60:62:d2:c1:dd:42:9e:13:a1:
7d:b8:d6:e8:7a:4d:40:d4:b1:bd:7f:d8:53:53:bc:ce:dd:8e:
74:60:c8:50:78:01:fd:76:24:25:f4:6e:98:ff:fb:e1:98:7b:
53:8b:3a:20:cb:03:ef:17:36:b3:f1:e9:1e:79:3d:18:f6:2b:
cf:18:ab:82:3c:8b:2c:ad:9f:8c:7e:fa:33:e5:2b:68:47:1a:
3c:d2:ce:15:71:bd:c5:84:1c:ee:35:f8:b0:37:8d:b0:87:44:
f9:f9:bd:a0:f0:36:98:e4:75:93:36:52:c0:bf:82:7f:15:ff:
f9:ae:af:28:ff:f8:92:5f:f1:0d:65:13:4e:4e:f1:81:9c:8a:
8d:fb:a2:c8:bd:57:88:4d:70:0b:df:09:44:14:3e:69:c5:e9:
5b:62:6d:a6:39:bf:9e:40:2b:3d:ac:c7:11:c9:f9:3a:9c:c5:
21:52:42:51:1b:fb:64:30:fe:e7:42:b3:d6:45:fe:5e:d6:b0:
99:5c:b6:66:f7:47:1b:27:8b:80:82:6f:76:93:13:15:2c:0c:
96:66:8e:80:53:19:5d:e5:ac:f6:28:c1:27:73:b7:49:5f:47:
d9:65:53:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZoveJWo5PHKL07pk76k/GxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUxMDI5MTAxNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTJkYjgwOTIwZGZjZTA4YjY5ZmVmMmRjYTEwODNjYmE1NDkxMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdOypw6HB3WdtepFIhmf3ZgVCnAm
d7zDIucVsP+n9G0ZjUpyPtycZ91AHne3l+zL+4zrdfSZ8M0zG+Yyr2tcayij+7kH
7UxkGMKLvm3afUf2DwfDmZ2uMjRb0LqIXRjehur7ZYU3LzKlWTmwIWK4pEwMDMJo
tpOqxzEDhL4xLitbO/MrU03gAmUu70XIwBO4xj9OhXFrpMtZkxRFW867hANomTJh
Sxeez8dLyVpHXkolu9s8s0FKCK/CHhdmmZz9OFKusMQ90lHbB2gQCsLM4QrmemMD
K5LcGiF8Yxzabgllgo2mtazukSGdG8Zs4jGt64RtNrZnjCpsy/0z0kwlbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH4tuAkg384Itp/vLcoQg8ulSRG5MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZmkyNENTRGZ6Z2kybi04dHloQ0R5NlZKRWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBURaOAwQC
WbkAAwQAbUhwAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCIGu8HH6OfmgpzzN0+
5EUw/RfP2XQn6IW+XAlgYtLB3UKeE6F9uNboek1A1LG9f9hTU7zO3Y50YMhQeAH9
diQl9G6Y//vhmHtTizogywPvFzaz8ekeeT0Y9ivPGKuCPIssrZ+Mfvoz5StoRxo8
0s4Vcb3FhBzuNfiwN42wh0T5+b2g8DaY5HWTNlLAv4J/Ff/5rq8o//iSX/ENZRNO
TvGBnIqN+6LIvVeITXAL3wlEFD5pxelbYm2mOb+eQCs9rMcRyfk6nMUhUkJRG/tk
MP7nQrPWRf5e1rCZXLZm90cbJ4uAgm92kxMVLAyWZo6AUxld5az2KMEnc7dJX0fZ
ZVNp
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:36:12 2025 by rpki-client