Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/1-pnnUKWpCO7g-oyYSyyU_EoGV_c.roa
File: 1-pnnUKWpCO7g-oyYSyyU_EoGV_c.roa (raw, json)
Hash identifier: nZP6B6GRqHHfjfeYVyMFTNBoRQupuuOfgOI2fjJzj7s=
Subject key identifier: FA:99:E7:50:A5:A9:08:EE:E0:FA:8C:98:4B:2C:94:FC:4A:06:57:F7
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 0199DDB1C12951323D052566EE96C71602D1
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/1-pnnUKWpCO7g-oyYSyyU_EoGV_c.roa
Signing time: Mon 13 Oct 2025 13:10:38 +0000
ROA not before: Mon 13 Oct 2025 13:10:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200436
IP address blocks: 5.42.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 20:35:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dd:b1:c1:29:51:32:3d:05:25:66:ee:96:c7:16:02:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Oct 13 13:10:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa99e750a5a908eee0fa8c984b2c94fc4a0657f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c8:a9:50:93:d0:1e:f1:02:15:80:eb:d6:42:
ed:2f:1e:13:70:db:7d:3e:33:96:a6:54:38:d9:57:
e0:17:eb:7f:b9:8a:0b:7e:6e:95:f4:a2:54:24:d2:
51:1e:70:fd:01:c8:c1:53:55:d4:65:d1:bc:d4:d2:
b4:ae:3f:7d:be:47:b3:6e:e9:69:ae:c6:a7:a3:fb:
62:4a:a7:d3:d9:71:88:ed:e6:64:39:38:c4:a3:65:
03:b6:55:22:36:ed:51:89:56:7a:f7:5c:d5:b0:55:
4a:63:21:cd:41:a3:7d:a8:d5:ba:ea:07:6f:09:3c:
0f:58:82:67:56:69:bd:8f:57:1a:bf:14:29:11:10:
7a:19:86:1d:8c:6c:bd:1f:2e:7c:02:9f:f8:7d:41:
03:67:eb:e6:0e:7b:5c:f0:78:0f:83:5a:d5:24:fa:
f8:a3:c4:5c:c6:7f:d8:1d:6f:46:c6:1c:0d:95:9f:
ab:21:ca:ed:67:b6:9b:f9:40:26:f9:94:ed:de:e4:
b5:48:6c:e1:08:96:f6:f6:fb:96:3c:9d:74:28:b8:
3c:dc:a0:31:9b:84:a2:dc:7a:0d:d9:4a:14:3b:fa:
00:c1:3a:1f:b9:bb:6a:8d:84:64:30:d8:85:1e:4c:
8e:be:ca:95:b0:d1:b1:ca:25:1e:37:eb:6c:f0:e3:
68:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:99:E7:50:A5:A9:08:EE:E0:FA:8C:98:4B:2C:94:FC:4A:06:57:F7
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/1-pnnUKWpCO7g-oyYSyyU_EoGV_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.217.0/24
Signature Algorithm: sha256WithRSAEncryption
96:ee:47:5d:1a:17:f9:fa:50:10:e7:cd:b6:06:06:b8:9a:7e:
d4:d9:6c:d4:57:80:e2:07:33:1d:9a:bf:b8:2a:f1:87:38:25:
e8:62:2c:9b:e7:b9:f6:86:df:65:f8:99:0a:d8:f7:ca:4d:0d:
0c:86:41:5c:3f:ec:09:52:2c:27:58:10:a2:f3:c0:34:a2:2a:
f9:1f:0f:d3:59:16:1d:91:0d:96:56:84:b1:a8:e0:df:79:dd:
d8:8e:c9:62:36:0f:07:f1:ef:da:70:d1:da:0a:f9:7b:4b:d7:
95:b6:a5:00:da:ea:46:48:c1:e6:8d:c4:5b:ba:b7:fc:e8:da:
ec:28:fa:09:a9:77:6d:88:ad:42:c6:6f:60:01:67:51:40:d7:
37:38:2a:0d:4b:4d:1e:ff:7c:f5:bd:3f:86:6b:e2:37:22:2f:
6b:e3:54:6e:03:f8:aa:76:bc:5a:52:e1:91:48:09:ad:0f:a4:
1c:6f:88:e1:a0:81:04:8f:6c:50:4d:28:75:13:98:c3:34:78:
6d:ef:d2:23:04:a1:b2:bc:ab:62:6e:d0:0c:36:42:fa:61:67:
2e:df:93:3c:85:1c:9c:d9:99:2e:66:b3:55:2d:f1:ba:d4:08:
5c:4d:54:c5:d9:0f:d6:26:f2:7e:9e:42:9e:e8:54:77:7d:be:
45:f5:2b:c6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZndscEpUTI9BSVm7pbHFgLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUxMDEzMTMxMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTk5ZTc1MGE1YTkwOGVlZTBmYThjOTg0YjJjOTRmYzRhMDY1N2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sipUJPQHvECFYDr1kLtLx4TcNt9
PjOWplQ42VfgF+t/uYoLfm6V9KJUJNJRHnD9AcjBU1XUZdG81NK0rj99vkezbulp
rsano/tiSqfT2XGI7eZkOTjEo2UDtlUiNu1RiVZ691zVsFVKYyHNQaN9qNW66gdv
CTwPWIJnVmm9j1cavxQpERB6GYYdjGy9Hy58Ap/4fUEDZ+vmDntc8HgPg1rVJPr4
o8Rcxn/YHW9GxhwNlZ+rIcrtZ7ab+UAm+ZTt3uS1SGzhCJb29vuWPJ10KLg83KAx
m4Si3HoN2UoUO/oAwTofubtqjYRkMNiFHkyOvsqVsNGxyiUeN+ts8ONoqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqZ51ClqQju4PqMmEsslPxKBlf3MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvMS1wbm5VS1dwQ083Zy1veVlTeXlVX0VvR1ZfYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2YvZmQzNjJmLWFmY2ItNGNmNS05OGM2LTA5NDg5ODllNmQ1
NS8xL2ZEMENLaVFNNXg0S2JoNmFyZ0VTMm9RTXcwcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAUq2TAN
BgkqhkiG9w0BAQsFAAOCAQEAlu5HXRoX+fpQEOfNtgYGuJp+1Nls1FeA4gczHZq/
uCrxhzgl6GIsm+e59obfZfiZCtj3yk0NDIZBXD/sCVIsJ1gQovPANKIq+R8P01kW
HZENllaEsajg33nd2I7JYjYPB/Hv2nDR2gr5e0vXlbalANrqRkjB5o3EW7q3/Oja
7Cj6Cal3bYitQsZvYAFnUUDXNzgqDUtNHv989b0/hmviNyIva+NUbgP4qna8WlLh
kUgJrQ+kHG+I4aCBBI9sUE0odROYwzR4be/SIwShsryrYm7QDDZC+mFnLt+TPIUc
nNmZLmazVS3xutQIXE1UxdkP1ibyfp5CnuhUd32+RfUrxg==
-----END CERTIFICATE-----
Generated at Sat Oct 18 05:24:02 2025 by rpki-client