Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/r0nJOCJ10S04X7H7zv2CKw_zDn4.roa
File: r0nJOCJ10S04X7H7zv2CKw_zDn4.roa (raw, json)
Hash identifier: xwzQb3JWF4aT5fFeGlsSIZbdFmn1yjypXLkzltmVenA=
Subject key identifier: AF:49:C9:38:22:75:D1:2D:38:5F:B1:FB:CE:FD:82:2B:0F:F3:0E:7E
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019A8B43F3C98F3F5727C706588CA5BA3978
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/r0nJOCJ10S04X7H7zv2CKw_zDn4.roa
Signing time: Sun 16 Nov 2025 06:04:37 +0000
ROA not before: Sun 16 Nov 2025 06:04:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207350
IP address blocks: 45.159.148.0/24 maxlen: 24
91.217.166.0/24 maxlen: 24
2a05:9080:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 09:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:8b:43:f3:c9:8f:3f:57:27:c7:06:58:8c:a5:ba:39:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Nov 16 06:04:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af49c9382275d12d385fb1fbcefd822b0ff30e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:04:e6:28:76:8c:a0:ce:24:37:89:d7:4d:04:
77:07:18:49:3a:1c:f4:10:79:39:a8:18:57:29:6a:
5f:3d:9f:9e:be:31:1f:8a:16:20:4c:69:62:c2:8a:
14:98:55:6c:23:e4:b3:0b:a4:c1:3d:02:1f:2f:40:
a3:06:c9:23:5a:58:98:a9:39:78:a2:68:95:66:f9:
5e:aa:f9:9e:27:1b:fc:d3:51:9a:d8:59:0d:3d:f1:
07:3a:7f:4f:45:ca:72:aa:46:49:19:89:2c:17:d8:
5d:2e:02:26:a1:10:c5:4b:96:e9:c5:38:3b:be:7b:
27:27:76:8b:37:63:bb:f0:08:3c:d2:69:66:8b:27:
c1:ba:44:7b:af:0b:cb:a9:f0:fd:00:5f:0c:07:79:
78:8c:85:b5:58:96:2f:2f:03:0d:ff:48:fb:2f:0a:
52:d1:07:85:f7:6e:d4:bc:cc:56:f9:e4:f0:d8:bb:
42:74:5f:3b:b9:24:fa:f4:77:8a:dc:1e:15:55:52:
8d:48:70:c4:e2:ae:45:06:29:b4:84:16:2c:a4:6e:
d9:79:79:88:1c:4b:71:22:66:ac:8f:45:22:87:e6:
ee:65:34:76:60:f4:dc:7a:82:66:90:79:38:6d:0a:
2c:86:f1:d6:11:2c:a4:6f:0b:b7:cc:fe:de:fd:00:
59:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:49:C9:38:22:75:D1:2D:38:5F:B1:FB:CE:FD:82:2B:0F:F3:0E:7E
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/r0nJOCJ10S04X7H7zv2CKw_zDn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.148.0/24
91.217.166.0/24
IPv6:
2a05:9080:1::/48
Signature Algorithm: sha256WithRSAEncryption
ad:36:fe:24:2e:d7:e2:5c:82:91:cc:2d:bb:ea:d8:3c:d4:78:
86:6a:ce:f1:0a:21:c6:77:93:88:61:f1:96:33:85:4e:fc:cd:
c4:01:a6:99:93:28:2b:61:79:e8:4b:55:81:eb:9e:86:20:cb:
da:ed:34:a2:c9:2f:ec:6c:4e:9e:77:d7:16:2a:0e:a0:50:4d:
46:2d:fe:ab:d4:37:e7:8a:d6:dc:50:fb:68:b2:87:0b:6c:23:
d0:5b:0e:5e:cf:f9:0d:5f:6f:3b:7e:27:5b:0f:e0:74:4f:17:
43:3f:b2:f7:56:7b:c8:68:db:1e:29:49:3b:e0:8d:2c:0d:ae:
29:aa:9d:84:7a:46:e2:f9:4c:4c:54:7a:73:eb:1a:14:ee:d8:
98:fd:c5:44:2a:3d:cb:c0:5d:64:47:98:ea:d0:2c:2b:b0:81:
a8:2c:74:cf:49:1a:a2:2a:f4:80:a9:51:f1:33:52:87:d1:ca:
6a:21:66:d4:f9:11:71:1b:dc:1f:52:ca:ac:fc:eb:05:df:e4:
a2:45:66:e5:4d:24:57:62:20:96:67:ce:f9:1a:dd:d2:ff:f3:
96:b3:37:1c:e3:6b:78:89:d0:7b:fb:6e:3f:70:aa:d1:56:8d:
77:8c:cd:4e:38:e2:e9:5b:8a:98:f9:a2:00:5b:93:2c:c0:f0:
8c:c9:db:51
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZqLQ/PJjz9XJ8cGWIylujl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUxMTE2MDYwNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQ5YzkzODIyNzVkMTJkMzg1ZmIxZmJjZWZkODIyYjBmZjMwZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwATmKHaMoM4kN4nXTQR3BxhJOhz0
EHk5qBhXKWpfPZ+evjEfihYgTGliwooUmFVsI+SzC6TBPQIfL0CjBskjWliYqTl4
omiVZvleqvmeJxv801Ga2FkNPfEHOn9PRcpyqkZJGYksF9hdLgImoRDFS5bpxTg7
vnsnJ3aLN2O78Ag80mlmiyfBukR7rwvLqfD9AF8MB3l4jIW1WJYvLwMN/0j7LwpS
0QeF927UvMxW+eTw2LtCdF87uST69HeK3B4VVVKNSHDE4q5FBim0hBYspG7ZeXmI
HEtxImasj0Uih+buZTR2YPTceoJmkHk4bQoshvHWESykbwu3zP7e/QBZmwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK9JyTgiddEtOF+x+879gisP8w5+MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvcjBuSk9DSjEwUzA0WDdIN3p2MkNLd196RG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALZ+UAwQA
W9mmMA8EAgACMAkDBwAqBZCAAAEwDQYJKoZIhvcNAQELBQADggEBAK02/iQu1+Jc
gpHMLbvq2DzUeIZqzvEKIcZ3k4hh8ZYzhU78zcQBppmTKCtheehLVYHrnoYgy9rt
NKLJL+xsTp531xYqDqBQTUYt/qvUN+eK1txQ+2iyhwtsI9BbDl7P+Q1fbzt+J1sP
4HRPF0M/svdWe8ho2x4pSTvgjSwNrimqnYR6RuL5TExUenPrGhTu2Jj9xUQqPcvA
XWRHmOrQLCuwgagsdM9JGqIq9ICpUfEzUofRymohZtT5EXEb3B9Syqz86wXf5KJF
ZuVNJFdiIJZnzvka3dL/85azNxzja3iJ0Hv7bj9wqtFWjXeMzU444ulbipj5ogBb
kyzA8IzJ21E=
-----END CERTIFICATE-----
Generated at Mon Nov 17 16:30:34 2025 by rpki-client