Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/F7mREJo49yqaKx4zxXBCYESlNos.roa
File: F7mREJo49yqaKx4zxXBCYESlNos.roa (raw, json)
Hash identifier: 56dqndcexLz8vvjaPdedW02jbU8L03kO2wjQRwiBDN0=
Subject key identifier: 17:B9:91:10:9A:38:F7:2A:9A:2B:1E:33:C5:70:42:60:44:A5:36:8B
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 019A3648A9C719F51AE41085E14F36163ED2
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/F7mREJo49yqaKx4zxXBCYESlNos.roa
Signing time: Thu 30 Oct 2025 18:02:03 +0000
ROA not before: Thu 30 Oct 2025 18:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 37.143.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.mft
rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:36:48:a9:c7:19:f5:1a:e4:10:85:e1:4f:36:16:3e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Oct 30 18:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17b991109a38f72a9a2b1e33c570426044a5368b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5a:f2:9b:48:ea:f5:72:bd:8b:5b:aa:e4:c8:
c1:2f:2a:e1:13:1e:c0:c2:46:22:e0:99:a3:75:2d:
fb:ae:f7:7c:fb:11:6d:d1:70:1f:aa:6a:58:06:fe:
44:87:c5:9b:75:5e:79:40:23:e9:e3:8c:c4:92:31:
58:01:80:5e:14:89:70:8c:02:85:9d:bb:47:a2:54:
4f:1b:af:6a:83:3d:57:93:3e:be:92:fe:77:3a:61:
98:40:07:3c:5d:d4:45:1d:72:ef:32:36:a6:ea:e7:
9c:69:9d:fe:f6:9e:d4:5d:ca:fc:35:91:73:bb:f9:
a0:08:1e:39:e3:c4:0c:04:33:f4:73:b9:7f:e1:d5:
88:0b:38:40:93:44:40:bc:b5:3d:c1:ee:1a:4d:38:
61:73:2d:70:e1:90:1d:11:aa:a0:d4:81:f2:db:68:
8b:4a:b2:52:fc:0e:8d:67:0f:38:82:78:a9:4e:28:
a0:b9:f5:4d:5f:1e:cd:a4:5d:9e:f4:5f:d9:08:45:
b6:17:9a:c1:ae:4c:dd:fa:47:bb:15:2f:97:43:79:
62:4e:c9:28:23:98:89:8e:56:5b:f0:cf:1e:f4:ab:
88:1d:f9:17:75:ae:29:30:b3:3b:3e:8a:31:7c:10:
f8:ef:5a:02:e1:61:2b:72:d7:46:94:55:f7:59:ca:
97:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B9:91:10:9A:38:F7:2A:9A:2B:1E:33:C5:70:42:60:44:A5:36:8B
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/F7mREJo49yqaKx4zxXBCYESlNos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:87:71:f5:01:7e:44:ef:06:23:08:d3:83:54:18:f8:02:d2:
f1:ff:44:1f:0a:8a:87:5c:f2:b0:ca:ec:7b:1b:75:35:3d:03:
10:57:72:cf:66:52:d8:ad:53:a6:7d:12:2c:cd:52:39:69:b9:
d4:bf:d6:ec:4a:1f:8b:b6:02:bb:6f:78:a0:d0:21:9a:17:a9:
9d:93:27:d8:3f:e7:02:19:14:f9:e9:0e:8b:51:3f:34:4c:70:
3c:63:71:b9:db:9d:96:04:dc:bd:49:40:99:76:38:43:0c:6f:
bb:7d:a4:83:c7:d6:30:a3:31:b3:14:ff:5c:47:42:5d:e1:6a:
f0:44:f2:ca:46:9a:ad:63:86:45:69:b1:26:eb:90:6a:92:20:
e6:47:d3:ed:f8:21:92:3b:7e:fd:1a:80:06:e6:48:7c:03:a5:
58:b5:f3:36:6b:d5:02:c3:02:c9:97:97:c1:a9:79:21:3a:13:
2b:b6:21:79:ea:1f:fd:40:ed:15:a8:f2:4f:d3:97:86:b5:b9:
bb:d8:62:6d:17:e4:87:04:74:fd:99:1a:31:81:a0:58:ed:22:
89:69:18:8f:17:83:61:ec:b7:e5:80:46:98:2c:ef:08:43:e1:
e4:0b:af:84:ea:15:94:96:4d:a6:3a:c0:6e:69:dd:76:90:3d:
94:33:2b:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZo2SKnHGfUa5BCF4U82Fj7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjUxMDMwMTgwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2I5OTExMDlhMzhmNzJhOWEyYjFlMzNjNTcwNDI2MDQ0YTUzNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFrym0jq9XK9i1uq5MjBLyrhEx7A
wkYi4JmjdS37rvd8+xFt0XAfqmpYBv5Eh8WbdV55QCPp44zEkjFYAYBeFIlwjAKF
nbtHolRPG69qgz1Xkz6+kv53OmGYQAc8XdRFHXLvMjam6uecaZ3+9p7UXcr8NZFz
u/mgCB4548QMBDP0c7l/4dWICzhAk0RAvLU9we4aTThhcy1w4ZAdEaqg1IHy22iL
SrJS/A6NZw84gnipTiigufVNXx7NpF2e9F/ZCEW2F5rBrkzd+ke7FS+XQ3liTsko
I5iJjlZb8M8e9KuIHfkXda4pMLM7PooxfBD471oC4WErctdGlFX3WcqX6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBe5kRCaOPcqmiseM8VwQmBEpTaLMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvRjdtUkVKbzQ5eXFhS3g0enhYQkNZRVNsTm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJY8AMA0G
CSqGSIb3DQEBCwUAA4IBAQBbh3H1AX5E7wYjCNODVBj4AtLx/0QfCoqHXPKwyux7
G3U1PQMQV3LPZlLYrVOmfRIszVI5abnUv9bsSh+LtgK7b3ig0CGaF6mdkyfYP+cC
GRT56Q6LUT80THA8Y3G5252WBNy9SUCZdjhDDG+7faSDx9YwozGzFP9cR0Jd4Wrw
RPLKRpqtY4ZFabEm65BqkiDmR9Pt+CGSO379GoAG5kh8A6VYtfM2a9UCwwLJl5fB
qXkhOhMrtiF56h/9QO0VqPJP05eGtbm72GJtF+SHBHT9mRoxgaBY7SKJaRiPF4Nh
7LflgEaYLO8IQ+HkC6+E6hWUlk2mOsBuad12kD2UMyul
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:40:13 2025 by rpki-client