Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FSm-vYRfoGeQHdI9D1MA5ZFSTec.roa
File: FSm-vYRfoGeQHdI9D1MA5ZFSTec.roa (raw, json)
Hash identifier: uQko+SNMx47d5IVW3Fx8mwIZdp2hI678dN6+oVWeXgk=
Subject key identifier: 15:29:BE:BD:84:5F:A0:67:90:1D:D2:3D:0F:53:00:E5:91:52:4D:E7
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0198F0772A9B44CC3A0EAEBEB5BDB4C322BB
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FSm-vYRfoGeQHdI9D1MA5ZFSTec.roa
Signing time: Thu 28 Aug 2025 11:36:38 +0000
ROA not before: Thu 28 Aug 2025 11:36:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57630
IP address blocks: 192.71.0.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
192.165.152.0/22 maxlen: 24
192.165.157.0/24 maxlen: 24
193.180.92.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
193.183.20.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
193.234.94.0/24 maxlen: 24
193.234.116.0/22 maxlen: 22
193.234.144.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
194.68.22.0/23 maxlen: 23
194.68.24.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
194.71.0.0/23 maxlen: 23
194.71.106.0/24 maxlen: 24
194.71.219.0/24 maxlen: 24
194.103.3.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
194.103.95.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.132.120.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.172.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 07:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f0:77:2a:9b:44:cc:3a:0e:ae:be:b5:bd:b4:c3:22:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Aug 28 11:36:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1529bebd845fa067901dd23d0f5300e591524de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0f:97:20:e0:6a:1e:b0:f1:06:f6:c8:aa:68:
c7:85:20:c3:cb:05:83:98:42:42:ae:5b:7f:5f:24:
e5:0d:19:20:01:59:cc:86:c1:92:64:75:7b:3d:2c:
f1:11:65:53:9a:d1:7a:79:28:7f:3d:6b:93:59:17:
c1:00:96:e7:1c:5a:a5:d1:5c:fc:08:30:19:d3:13:
12:73:52:07:a9:ae:37:0f:7c:64:30:41:f7:52:0d:
09:25:78:f6:2f:66:4f:d5:71:ed:89:41:70:9f:49:
cc:b7:74:a8:a8:6e:39:7e:17:e6:11:93:f3:83:da:
0e:b2:8e:84:19:35:c3:aa:45:cc:02:b5:21:f1:d8:
d3:cb:1b:4d:e5:5e:56:3d:f0:ee:b9:98:66:c6:25:
0a:79:0d:35:73:81:1b:ce:3f:e4:1e:eb:f0:c6:11:
aa:78:6d:bb:05:c0:7d:8b:58:3e:5c:6e:c6:e8:3a:
97:67:e5:55:4b:cb:ca:10:94:55:c6:b0:49:1d:01:
ca:7b:66:97:03:8a:15:4c:1c:09:94:53:34:3b:0e:
17:68:1e:b0:45:af:fc:14:d9:bb:78:a0:26:7b:b7:
e5:29:23:1b:ef:87:d0:d3:b6:3f:31:17:f9:be:b9:
4e:51:55:95:e6:97:a1:6a:7f:36:02:e5:b8:2c:8c:
06:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:29:BE:BD:84:5F:A0:67:90:1D:D2:3D:0F:53:00:E5:91:52:4D:E7
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FSm-vYRfoGeQHdI9D1MA5ZFSTec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
192.165.152.0/22
192.165.157.0/24
193.180.92.0/24
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.22.0-194.68.24.255
194.68.181.0/24
194.71.0.0/23
194.71.106.0/24
194.71.219.0/24
194.103.3.0/24
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.120.0/24
194.132.164.0/24
194.132.166.0/24
194.132.172.0/23
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:39:dc:43:e0:29:7e:01:36:2c:4b:0b:6f:bc:3b:d5:71:65:
d2:8c:e3:02:c6:90:39:34:e3:26:bc:3b:91:9d:94:ed:78:9f:
35:a8:c7:a9:2d:a7:68:36:b6:9d:ec:a5:68:7f:38:b2:2e:77:
1d:d2:2f:ef:52:de:c8:62:0f:82:ee:27:f2:0e:fc:1b:0e:3b:
39:4a:3f:34:fb:b5:0f:e4:91:77:5e:91:a3:fb:1a:b2:25:c9:
83:b7:fe:f9:0c:25:96:f5:96:26:cc:c3:b6:e5:46:7c:a6:08:
4e:7e:6f:a0:68:5c:08:e2:0e:eb:c5:bc:fa:4e:ba:39:af:6a:
1e:81:a0:a4:a3:e4:a9:7d:2b:d6:22:a9:a4:61:60:3c:58:86:
dd:6b:6f:1c:c4:08:fe:0c:50:bc:44:6c:b7:38:18:57:34:38:
bf:52:81:f1:ba:da:e1:19:48:10:85:aa:df:e3:84:35:46:68:
c0:75:1c:61:b5:cc:84:72:16:a3:2b:d3:9c:69:fb:e5:97:1b:
f8:a7:45:65:3c:4c:b0:7e:46:d0:f4:8a:1d:32:da:d9:fe:83:
1a:09:15:5b:48:bd:54:a3:72:d2:2f:90:06:55:eb:88:d8:14:
f1:72:1f:ce:bf:93:be:a3:76:81:15:5e:5a:e0:5f:98:a7:a4:
7b:a4:ab:53
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZjwdyqbRMw6Dq6+tb20wyK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwODI4MTEzNjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTI5YmViZDg0NWZhMDY3OTAxZGQyM2QwZjUzMDBlNTkxNTI0ZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg+XIOBqHrDxBvbIqmjHhSDDywWD
mEJCrlt/XyTlDRkgAVnMhsGSZHV7PSzxEWVTmtF6eSh/PWuTWRfBAJbnHFql0Vz8
CDAZ0xMSc1IHqa43D3xkMEH3Ug0JJXj2L2ZP1XHtiUFwn0nMt3SoqG45fhfmEZPz
g9oOso6EGTXDqkXMArUh8djTyxtN5V5WPfDuuZhmxiUKeQ01c4Ebzj/kHuvwxhGq
eG27BcB9i1g+XG7G6DqXZ+VVS8vKEJRVxrBJHQHKe2aXA4oVTBwJlFM0Ow4XaB6w
Ra/8FNm7eKAme7flKSMb74fQ07Y/MRf5vrlOUVWV5pehan82AuW4LIwG/QIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFBUpvr2EX6BnkB3SPQ9TAOWRUk3nMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRlNtLXZZUmZvR2VRSGRJOUQxTUE1WkZTVGVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBADA
RwADBADApQMDBAHApYYDBALApZgDBADApZ0DBADBtFwDBADBtSIDBADBtxQDBADB
tzEDBADBtzsDBADB6gMDBADB6l4DBALB6nQDBADB6pADBADB6s0DBADCDjkwDAME
AcJEFgMEAMJEGAMEAMJEtQMEAcJHAAMEAMJHagMEAMJH2wMEAMJnAwMEAcJnEAME
AMJnXwMEAMJnkQMEAMJnxQMEAMKEeAMEAMKEpAMEAMKEpgMEAcKErAMEAMKEujAN
BgkqhkiG9w0BAQsFAAOCAQEAXzncQ+ApfgE2LEsLb7w71XFl0ozjAsaQOTTjJrw7
kZ2U7XifNajHqS2naDa2neylaH84si53HdIv71LeyGIPgu4n8g78Gw47OUo/NPu1
D+SRd16Ro/sasiXJg7f++QwllvWWJszDtuVGfKYITn5voGhcCOIO68W8+k66Oa9q
HoGgpKPkqX0r1iKppGFgPFiG3WtvHMQI/gxQvERstzgYVzQ4v1KB8bra4RlIEIWq
3+OENUZowHUcYbXMhHIWoyvTnGn75Zcb+KdFZTxMsH5G0PSKHTLa2f6DGgkVW0i9
VKNy0i+QBlXriNgU8XIfzr+TvqN2gRVeWuBfmKeke6SrUw==
-----END CERTIFICATE-----
Generated at Tue Sep 9 13:03:12 2025 by rpki-client