Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/4YpVbO9HFvvq74shOPQXNaG5KS0.roa
File: 4YpVbO9HFvvq74shOPQXNaG5KS0.roa (raw, json)
Hash identifier: bVpCtuoPNa1SZMwszxLRHo7H9I6mu3GeU6NgJiv+OkM=
Subject key identifier: E1:8A:55:6C:EF:47:16:FB:EA:EF:8B:21:38:F4:17:35:A1:B9:29:2D
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01995DE43FBF813F9FE801782CDCD17C9D5D
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/4YpVbO9HFvvq74shOPQXNaG5KS0.roa
Signing time: Thu 18 Sep 2025 17:34:23 +0000
ROA not before: Thu 18 Sep 2025 17:34:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203363
IP address blocks: 109.69.111.0/24 maxlen: 24
178.239.171.0/24 maxlen: 24
178.239.174.0/24 maxlen: 24
193.176.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 12:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5d:e4:3f:bf:81:3f:9f:e8:01:78:2c:dc:d1:7c:9d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Sep 18 17:34:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e18a556cef4716fbeaef8b2138f41735a1b9292d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1f:e2:da:30:08:d5:05:06:57:7a:a3:3d:1a:
66:e4:2e:85:a4:c3:dd:5f:f3:ae:cc:d6:80:e4:6d:
53:2f:22:93:83:a6:ab:88:0a:84:47:0b:76:84:a6:
dd:6b:fd:02:2f:df:59:73:96:ef:b8:a5:94:e3:0b:
db:ed:de:78:06:7d:cd:03:6d:3a:a9:46:a7:ca:b9:
4f:f8:f5:b6:0b:cb:38:9f:5f:c2:b7:f3:4d:d1:53:
17:ed:ad:15:e9:bf:b8:69:39:9b:63:c6:f2:66:f2:
5b:3c:40:f4:a9:e7:15:36:c9:2c:2f:b5:33:cd:ad:
b6:a0:20:97:37:13:3c:5a:3e:80:9d:30:bd:c0:78:
e3:10:50:ee:e4:d3:8d:33:d3:8c:04:f1:b8:bb:2e:
ad:0d:0c:c7:35:2a:dc:8a:d9:9b:a5:8b:c5:db:c4:
d6:5f:98:15:9f:ab:6e:6e:f1:97:1a:a3:ab:a2:f1:
4c:8d:d9:bd:a3:2d:2f:11:80:74:7e:db:79:b2:b1:
db:84:d8:d0:fe:20:18:7c:82:73:5f:d0:e0:c6:e1:
fd:fc:84:ca:67:ea:cf:bd:55:93:6a:5f:1a:71:67:
7a:f1:31:70:11:82:03:15:df:78:a4:2c:1b:f4:33:
e4:29:52:47:4b:d6:02:d0:10:13:fe:ca:45:6a:64:
75:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8A:55:6C:EF:47:16:FB:EA:EF:8B:21:38:F4:17:35:A1:B9:29:2D
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/4YpVbO9HFvvq74shOPQXNaG5KS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.111.0/24
178.239.171.0/24
178.239.174.0/24
193.176.28.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:12:b8:67:5f:a9:7f:dc:b4:7d:08:75:55:01:06:9a:90:db:
12:dd:d4:97:9b:fe:d2:cd:df:20:c1:a4:19:39:b5:50:a8:5e:
d2:09:48:97:0e:f2:c3:2f:2c:e5:5b:27:5c:0c:ab:6e:4a:dc:
2e:50:2c:9d:14:70:4e:5f:7e:e2:43:63:2e:5e:97:88:29:db:
2d:32:b6:04:13:7a:03:9e:bd:a0:3e:90:99:57:82:8c:25:5d:
42:c4:91:a4:c7:2a:fe:54:43:e1:70:2d:d3:b3:e8:86:e8:17:
ff:c7:fd:e8:15:78:5a:f2:82:5a:46:81:3f:b2:53:ff:86:e2:
fe:22:ba:e1:96:db:c6:71:e2:66:62:71:b4:35:5f:b8:3b:40:
60:51:62:01:13:68:a9:68:98:67:37:61:93:23:e7:bf:33:15:
31:a4:35:8f:3f:33:30:fa:81:8d:e1:af:e6:31:fe:38:c9:fd:
56:74:79:e9:50:65:fd:ff:04:55:c2:43:bd:f1:60:e2:99:ed:
ef:2d:b6:ff:9b:00:bb:d3:90:40:71:64:45:7f:4d:b9:7d:c5:
24:e9:cc:94:05:cf:37:7c:5a:88:f9:ef:56:3f:8b:cf:81:06:
78:cf:de:2d:1f:7c:98:4c:a2:79:e2:f9:44:00:d8:0e:bb:56:
fe:09:39:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZld5D+/gT+f6AF4LNzRfJ1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjUwOTE4MTczNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThhNTU2Y2VmNDcxNmZiZWFlZjhiMjEzOGY0MTczNWExYjkyOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR/i2jAI1QUGV3qjPRpm5C6FpMPd
X/OuzNaA5G1TLyKTg6ariAqERwt2hKbda/0CL99Zc5bvuKWU4wvb7d54Bn3NA206
qUanyrlP+PW2C8s4n1/Ct/NN0VMX7a0V6b+4aTmbY8byZvJbPED0qecVNsksL7Uz
za22oCCXNxM8Wj6AnTC9wHjjEFDu5NONM9OMBPG4uy6tDQzHNSrcitmbpYvF28TW
X5gVn6tubvGXGqOrovFMjdm9oy0vEYB0ftt5srHbhNjQ/iAYfIJzX9DgxuH9/ITK
Z+rPvVWTal8acWd68TFwEYIDFd94pCwb9DPkKVJHS9YC0BAT/spFamR1nwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOGKVWzvRxb76u+LITj0FzWhuSktMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvNFlwVmJPOUhGdnZxNzRzaE9QUVhOYUc1S1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbUVvAwQA
su+rAwQAsu+uAwQAwbAcMA0GCSqGSIb3DQEBCwUAA4IBAQAKErhnX6l/3LR9CHVV
AQaakNsS3dSXm/7Szd8gwaQZObVQqF7SCUiXDvLDLyzlWydcDKtuStwuUCydFHBO
X37iQ2MuXpeIKdstMrYEE3oDnr2gPpCZV4KMJV1CxJGkxyr+VEPhcC3Ts+iG6Bf/
x/3oFXha8oJaRoE/slP/huL+IrrhltvGceJmYnG0NV+4O0BgUWIBE2ipaJhnN2GT
I+e/MxUxpDWPPzMw+oGN4a/mMf44yf1WdHnpUGX9/wRVwkO98WDime3vLbb/mwC7
05BAcWRFf025fcUk6cyUBc83fFqI+e9WP4vPgQZ4z94tH3yYTKJ54vlEANgOu1b+
CTmJ
-----END CERTIFICATE-----
Generated at Sat Oct 18 21:05:54 2025 by rpki-client