Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/631e6a-7d06-4fa1-bfd9-ca74a067febf/1/wFxMftMrQqOgNqLanUvVrEPuk0E.roa
File: wFxMftMrQqOgNqLanUvVrEPuk0E.roa (raw, json)
Hash identifier: Kt7E8p9gxrWDn7h3MqNJ+mao+upazAnAmbSkQF2stto=
Subject key identifier: C0:5C:4C:7E:D3:2B:42:A3:A0:36:A2:DA:9D:4B:D5:AC:43:EE:93:41
Certificate issuer: /CN=1492a20754c9a7650b8279b9390689c469d73595
Certificate serial: 019909427DD242EE63021E7902258F1F0E0C
Authority key identifier: 14:92:A2:07:54:C9:A7:65:0B:82:79:B9:39:06:89:C4:69:D7:35:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJKiB1TJp2ULgnm5OQaJxGnXNZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/631e6a-7d06-4fa1-bfd9-ca74a067febf/1/wFxMftMrQqOgNqLanUvVrEPuk0E.roa
Signing time: Tue 02 Sep 2025 07:09:36 +0000
ROA not before: Tue 02 Sep 2025 07:09:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15600
IP address blocks: 5.153.240.0/21 maxlen: 21
83.219.112.0/20 maxlen: 24
185.74.140.0/22 maxlen: 22
185.74.152.0/22 maxlen: 22
2a00:d2e0::/29 maxlen: 29
2a00:d560::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/631e6a-7d06-4fa1-bfd9-ca74a067febf/1/FJKiB1TJp2ULgnm5OQaJxGnXNZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/631e6a-7d06-4fa1-bfd9-ca74a067febf/1/FJKiB1TJp2ULgnm5OQaJxGnXNZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/FJKiB1TJp2ULgnm5OQaJxGnXNZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 22:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:09:42:7d:d2:42:ee:63:02:1e:79:02:25:8f:1f:0e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1492a20754c9a7650b8279b9390689c469d73595
Validity
Not Before: Sep 2 07:09:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c05c4c7ed32b42a3a036a2da9d4bd5ac43ee9341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ff:44:fd:0b:72:b9:28:d6:e9:7b:1a:26:52:
c3:29:0b:dc:cf:a9:2b:7d:1e:bf:4d:a8:a1:59:df:
dc:4b:69:9f:cb:c7:f2:53:9c:61:c2:83:7c:00:3c:
53:d6:3d:80:87:df:76:68:39:b2:95:c6:23:5c:25:
75:c7:31:ed:f7:c6:77:7b:21:01:05:33:96:29:4e:
8e:86:2f:d4:96:e9:dc:6a:d9:9c:c3:ad:41:de:e3:
48:d4:6d:59:71:81:d4:88:c8:db:bf:42:aa:af:e3:
77:e7:53:07:aa:db:69:be:ab:bb:42:76:fa:c2:a9:
6b:c1:03:b4:59:57:91:8b:ac:14:c2:db:49:75:fe:
3a:13:33:ce:bb:07:69:9d:6a:f3:71:99:41:8e:b6:
95:98:6e:c7:8a:b5:a3:4b:66:49:ae:7f:ae:0a:0c:
bc:09:ec:25:d1:cc:a3:7a:0c:c9:52:96:75:a1:43:
44:45:46:8e:9d:ac:e5:bc:0f:c2:c7:df:98:32:15:
ea:3b:90:49:e5:3f:49:05:16:9a:eb:fc:62:03:56:
c2:15:79:5f:4c:99:88:93:34:14:c5:ef:45:61:d8:
06:da:9b:78:32:89:6b:52:b4:5a:10:a1:99:f6:14:
98:cd:6b:a8:a9:36:68:26:a6:08:b3:5d:41:0c:e2:
dd:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:5C:4C:7E:D3:2B:42:A3:A0:36:A2:DA:9D:4B:D5:AC:43:EE:93:41
X509v3 Authority Key Identifier:
keyid:14:92:A2:07:54:C9:A7:65:0B:82:79:B9:39:06:89:C4:69:D7:35:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJKiB1TJp2ULgnm5OQaJxGnXNZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/631e6a-7d06-4fa1-bfd9-ca74a067febf/1/wFxMftMrQqOgNqLanUvVrEPuk0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/631e6a-7d06-4fa1-bfd9-ca74a067febf/1/FJKiB1TJp2ULgnm5OQaJxGnXNZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.240.0/21
83.219.112.0/20
185.74.140.0/22
185.74.152.0/22
IPv6:
2a00:d2e0::/29
2a00:d560::/29
Signature Algorithm: sha256WithRSAEncryption
0e:82:26:79:e5:b7:73:e4:b0:0d:c9:d3:8e:d3:63:99:2d:02:
f1:79:a4:74:0a:eb:e6:e6:41:c0:d1:f6:2d:24:d3:83:41:99:
be:65:5e:23:c7:5c:b4:51:63:16:7c:a4:46:ed:f9:a9:33:f2:
94:3f:28:5e:13:69:b0:9e:bf:44:4b:3f:47:9f:ad:24:81:32:
31:6a:97:ff:bd:96:ef:e2:e1:a0:96:86:3a:92:36:46:e3:8d:
79:90:2f:1e:d5:99:5f:92:2e:bb:41:b1:cb:5a:75:b4:57:c1:
29:b6:76:b7:bd:e1:4e:e0:b9:0f:29:d5:42:8f:cd:60:ec:50:
05:bd:90:d7:50:9c:f8:a5:f4:b7:2d:c2:4e:00:2d:c9:e5:f8:
26:05:ec:5c:f2:9f:70:50:57:61:76:45:e2:f3:ba:32:ec:92:
91:00:6e:bf:ea:e9:c8:e8:63:15:64:6d:47:b7:0b:eb:57:ec:
88:b7:8c:38:a9:57:b2:21:86:55:9e:0f:56:c2:ee:b4:73:43:
f9:2e:57:41:4b:46:d2:2b:c9:16:e5:61:6f:df:93:1c:17:1e:
13:bf:c9:d1:94:7c:07:e8:c8:0c:b1:41:60:35:03:c0:42:78:
eb:f4:48:3a:53:29:7c:45:e2:12:b9:f5:47:75:76:88:d9:e5:
43:2e:92:1b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZkJQn3SQu5jAh55AiWPHw4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OTJhMjA3NTRjOWE3NjUwYjgyNzliOTM5MDY4OWM0Njlk
NzM1OTUwHhcNMjUwOTAyMDcwOTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDVjNGM3ZWQzMmI0MmEzYTAzNmEyZGE5ZDRiZDVhYzQzZWU5MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1P9E/QtyuSjW6XsaJlLDKQvcz6kr
fR6/TaihWd/cS2mfy8fyU5xhwoN8ADxT1j2Ah992aDmylcYjXCV1xzHt98Z3eyEB
BTOWKU6Ohi/Uluncatmcw61B3uNI1G1ZcYHUiMjbv0Kqr+N351MHqttpvqu7Qnb6
wqlrwQO0WVeRi6wUwttJdf46EzPOuwdpnWrzcZlBjraVmG7HirWjS2ZJrn+uCgy8
Cewl0cyjegzJUpZ1oUNERUaOnazlvA/Cx9+YMhXqO5BJ5T9JBRaa6/xiA1bCFXlf
TJmIkzQUxe9FYdgG2pt4MolrUrRaEKGZ9hSYzWuoqTZoJqYIs11BDOLdvwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMBcTH7TK0KjoDai2p1L1axD7pNBMB8GA1UdIwQY
MBaAFBSSogdUyadlC4J5uTkGicRp1zWVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkpLaUIxVEpwMlVMZ25tNU9RYUp4R25YTlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82MzFlNmEtN2QwNi00ZmExLWJmZDkt
Y2E3NGEwNjdmZWJmLzEvd0Z4TWZ0TXJRcU9nTnFMYW5VdlZyRVB1azBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82MzFlNmEtN2QwNi00ZmExLWJmZDktY2E3NGEwNjdmZWJm
LzEvRkpLaUIxVEpwMlVMZ25tNU9RYUp4R25YTlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDBZnwAwQE
U9twAwQCuUqMAwQCuUqYMBQEAgACMA4DBQMqANLgAwUDKgDVYDANBgkqhkiG9w0B
AQsFAAOCAQEADoImeeW3c+SwDcnTjtNjmS0C8XmkdArr5uZBwNH2LSTTg0GZvmVe
I8dctFFjFnykRu35qTPylD8oXhNpsJ6/REs/R5+tJIEyMWqX/72W7+LhoJaGOpI2
RuONeZAvHtWZX5Iuu0Gxy1p1tFfBKbZ2t73hTuC5DynVQo/NYOxQBb2Q11Cc+KX0
ty3CTgAtyeX4JgXsXPKfcFBXYXZF4vO6MuySkQBuv+rpyOhjFWRtR7cL61fsiLeM
OKlXsiGGVZ4PVsLutHND+S5XQUtG0ivJFuVhb9+THBceE7/J0ZR8B+jIDLFBYDUD
wEJ46/RIOlMpfEXiErn1R3V2iNnlQy6SGw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:47:56 2025 by rpki-client