Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/fCtKYDGU3KGmO0WDN-4_CpFy6To.roa
File: fCtKYDGU3KGmO0WDN-4_CpFy6To.roa (raw, json)
Hash identifier: HoHLDUt1iIGu5bbC3j+53KMgqqS6LpyJESlvj0xT9Dc=
Subject key identifier: 7C:2B:4A:60:31:94:DC:A1:A6:3B:45:83:37:EE:3F:0A:91:72:E9:3A
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019A1723573E174E6AAD689D8C1249998343
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/fCtKYDGU3KGmO0WDN-4_CpFy6To.roa
Signing time: Fri 24 Oct 2025 16:53:03 +0000
ROA not before: Fri 24 Oct 2025 16:53:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 94.229.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:17:23:57:3e:17:4e:6a:ad:68:9d:8c:12:49:99:83:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Oct 24 16:53:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c2b4a603194dca1a63b458337ee3f0a9172e93a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7c:b9:04:bf:72:d8:63:5f:23:3d:6b:02:6a:
1a:f6:b1:17:aa:4f:56:e8:96:69:12:4a:d6:2f:80:
8b:c5:9e:b2:e7:ac:d2:25:94:eb:44:eb:24:0e:22:
f3:69:e1:70:f9:8c:35:1e:ac:5f:a0:e0:0f:43:4e:
ab:1a:d7:90:bb:b0:0f:ec:cc:1a:e4:73:cc:15:ca:
b9:d4:59:18:7b:51:c2:6a:f7:f4:83:c5:46:82:d4:
4b:93:08:84:16:ed:63:5b:b9:b2:08:19:61:d5:12:
3e:60:03:ab:b7:91:ca:81:29:24:87:9c:e6:e4:54:
b4:ea:f2:6b:7b:87:97:8e:cf:92:b0:82:22:66:99:
48:b6:37:eb:11:70:74:15:c7:b3:a6:e4:b6:2e:08:
c7:47:6e:79:a1:3f:2c:79:eb:5d:ba:4f:f3:8e:bd:
9d:b8:09:64:ee:87:d6:68:60:a9:42:43:1f:55:9a:
53:a0:91:90:b0:ff:9b:c8:9c:c2:29:87:e5:19:66:
50:3a:a5:37:71:4a:3c:97:47:c5:1f:a4:f7:56:23:
a6:0f:95:c7:57:00:cc:39:75:8d:84:f2:5f:d5:e6:
71:e9:92:19:cd:ed:70:22:13:40:c5:f7:1a:5d:02:
25:df:70:d3:24:b7:7c:2c:fb:83:2f:b4:90:ab:a6:
c7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:2B:4A:60:31:94:DC:A1:A6:3B:45:83:37:EE:3F:0A:91:72:E9:3A
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/fCtKYDGU3KGmO0WDN-4_CpFy6To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.229.216.0/23
Signature Algorithm: sha256WithRSAEncryption
57:6f:0d:9d:8c:df:d5:0a:57:b9:db:45:22:96:b8:1e:93:1b:
92:35:78:f2:8b:3a:16:00:4e:e4:ee:4b:90:b8:d3:6d:1d:fe:
4b:b8:d2:a0:c6:36:6b:62:33:dc:a0:b1:eb:0c:97:c7:63:6a:
35:73:7c:e3:6b:04:db:b4:9b:a7:89:2b:2a:84:2e:f3:6b:e2:
9a:16:7c:98:28:6c:c4:38:27:23:8f:50:01:14:93:0a:45:92:
ff:21:b7:6c:6a:e1:6c:a7:8e:c6:d8:88:4c:83:bc:5a:7c:03:
60:c7:4b:47:e3:03:33:e5:a6:55:bd:47:65:81:6e:94:c9:88:
7b:d3:08:83:83:4f:7b:18:d5:16:8e:66:94:ff:70:ed:39:0f:
3e:b1:fe:bf:2a:1d:67:92:17:55:0c:35:75:bd:62:2d:53:15:
c5:f7:49:18:10:30:b5:c8:25:57:8d:9a:64:26:00:b4:5a:bf:
30:27:1a:02:a0:ee:d7:87:ab:1b:bb:03:c2:a5:7d:3f:26:05:
3d:88:3f:5c:40:27:8e:38:24:51:c3:eb:6c:64:98:a9:c5:5b:
cb:1a:e4:88:36:7f:78:74:21:b0:a4:c8:c9:f1:69:00:5d:d3:
35:98:0a:50:c3:bd:b1:b4:87:0b:df:8f:d2:e1:cf:de:81:cb:
bd:df:85:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoXI1c+F05qrWidjBJJmYNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUxMDI0MTY1MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzJiNGE2MDMxOTRkY2ExYTYzYjQ1ODMzN2VlM2YwYTkxNzJlOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ny5BL9y2GNfIz1rAmoa9rEXqk9W
6JZpEkrWL4CLxZ6y56zSJZTrROskDiLzaeFw+Yw1HqxfoOAPQ06rGteQu7AP7Mwa
5HPMFcq51FkYe1HCavf0g8VGgtRLkwiEFu1jW7myCBlh1RI+YAOrt5HKgSkkh5zm
5FS06vJre4eXjs+SsIIiZplItjfrEXB0FcezpuS2LgjHR255oT8seetduk/zjr2d
uAlk7ofWaGCpQkMfVZpToJGQsP+byJzCKYflGWZQOqU3cUo8l0fFH6T3ViOmD5XH
VwDMOXWNhPJf1eZx6ZIZze1wIhNAxfcaXQIl33DTJLd8LPuDL7SQq6bHGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHwrSmAxlNyhpjtFgzfuPwqRcuk6MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvZkN0S1lER1UzS0dtTzBXRE4tNF9DcEZ5NlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXuXYMA0G
CSqGSIb3DQEBCwUAA4IBAQBXbw2djN/VCle520UilrgekxuSNXjyizoWAE7k7kuQ
uNNtHf5LuNKgxjZrYjPcoLHrDJfHY2o1c3zjawTbtJuniSsqhC7za+KaFnyYKGzE
OCcjj1ABFJMKRZL/IbdsauFsp47G2IhMg7xafANgx0tH4wMz5aZVvUdlgW6UyYh7
0wiDg097GNUWjmaU/3DtOQ8+sf6/Kh1nkhdVDDV1vWItUxXF90kYEDC1yCVXjZpk
JgC0Wr8wJxoCoO7Xh6sbuwPCpX0/JgU9iD9cQCeOOCRRw+tsZJipxVvLGuSINn94
dCGwpMjJ8WkAXdM1mApQw72xtIcL34/S4c/egcu934WA
-----END CERTIFICATE-----
Generated at Fri Oct 31 18:41:20 2025 by rpki-client