Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/v04lWdIpyYXHLnBfrCg7_afsLRk.roa
File: v04lWdIpyYXHLnBfrCg7_afsLRk.roa (raw, json)
Hash identifier: nO7csIBD1Nwa1cLLWZq7odaTwWnXMa6p2bhYkoycsTc=
Subject key identifier: BF:4E:25:59:D2:29:C9:85:C7:2E:70:5F:AC:28:3B:FD:A7:EC:2D:19
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01992E532806AE8A0DAF203CDBD8DB4F660E
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/v04lWdIpyYXHLnBfrCg7_afsLRk.roa
Signing time: Tue 09 Sep 2025 11:53:45 +0000
ROA not before: Tue 09 Sep 2025 11:53:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202984
IP address blocks: 185.39.205.0/24 maxlen: 24
2a09:e2c0::/30 maxlen: 30
2a09:e2c4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2e:53:28:06:ae:8a:0d:af:20:3c:db:d8:db:4f:66:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 9 11:53:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf4e2559d229c985c72e705fac283bfda7ec2d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6f:49:76:89:88:fa:4c:4f:63:f9:cb:a6:b9:
b2:82:84:61:30:82:14:d2:63:b4:f4:70:f5:07:7b:
b5:cf:c8:87:59:72:c1:dd:6f:31:c9:32:42:15:ce:
93:84:c3:6a:a2:d4:93:63:87:63:2e:3d:1c:05:fc:
8c:4f:93:16:6d:e0:a4:c1:7a:bc:a8:d3:a8:b4:ae:
e3:5b:09:3d:a9:b2:5f:18:bf:4e:87:4f:01:59:6f:
01:be:ba:04:51:27:8f:86:3b:f7:4d:60:bc:5f:9c:
01:e3:38:d2:ec:2b:f6:90:63:ae:36:95:53:ae:3d:
23:22:db:e0:bf:e3:c1:fb:56:cb:5e:32:4c:08:24:
7d:c5:2c:ef:ea:38:f7:a7:0d:2e:32:6a:ac:7b:33:
4a:c3:c4:1b:12:3d:ab:fa:4e:1d:65:2e:57:44:64:
e8:cb:5c:c2:4d:0a:93:fa:c9:51:d9:8d:3f:a7:43:
8d:16:72:f7:e3:68:24:58:e5:da:63:0a:8c:63:f1:
05:d6:0a:c7:f7:ad:8c:93:c8:04:a0:bb:9e:f4:1a:
db:b2:1b:00:8c:f8:3f:4f:b2:d5:fe:36:1e:d8:cb:
1a:43:da:fc:81:21:9e:3f:e8:6b:ef:2e:94:af:14:
a0:b1:05:10:41:d6:81:2b:bf:6e:1a:11:b5:3d:2a:
d3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4E:25:59:D2:29:C9:85:C7:2E:70:5F:AC:28:3B:FD:A7:EC:2D:19
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/v04lWdIpyYXHLnBfrCg7_afsLRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.205.0/24
IPv6:
2a09:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
68:08:e3:11:4d:d6:5b:cf:de:5a:e2:09:c1:72:62:35:ad:ef:
1d:e1:30:9a:fc:04:13:9e:17:2c:d1:ac:9a:0e:bf:a4:94:1d:
7f:be:be:63:7e:1a:3f:db:fd:0b:7c:f2:6a:5d:02:93:ee:27:
c6:a0:da:96:63:99:04:94:77:48:51:6b:e4:a2:a7:94:fe:0d:
8c:d4:cc:7f:1f:33:32:80:ce:44:51:67:ba:f9:64:04:69:82:
06:e3:0d:dd:67:10:5c:23:b4:12:e5:49:55:71:6f:1f:3e:44:
20:08:fc:6e:eb:ed:80:f0:fe:9b:f6:31:91:16:8b:60:cf:6b:
44:60:75:f7:81:69:3c:c5:e8:19:6f:59:59:75:0a:b7:7f:a8:
73:f1:d0:17:01:95:93:0b:32:f3:dd:0c:2c:e6:dd:dc:62:9d:
6f:83:a4:1c:26:81:8a:cc:0e:9c:e7:36:38:7e:42:d0:47:8f:
39:42:15:f9:19:0a:15:12:af:d7:97:95:8b:e1:24:94:2e:7d:
69:81:d4:a9:08:c7:99:81:a2:30:b7:a5:6e:56:34:13:2b:54:
aa:9e:c1:5c:35:6b:54:50:f3:9a:9e:fd:fb:43:e1:8e:b0:a6:
19:99:d9:e8:25:f3:ce:59:eb:8d:30:df:41:fd:60:c2:66:ac:
dc:29:31:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZkuUygGrooNryA829jbT2YOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwOTA5MTE1MzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjRlMjU1OWQyMjljOTg1YzcyZTcwNWZhYzI4M2JmZGE3ZWMyZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm9JdomI+kxPY/nLprmygoRhMIIU
0mO09HD1B3u1z8iHWXLB3W8xyTJCFc6ThMNqotSTY4djLj0cBfyMT5MWbeCkwXq8
qNOotK7jWwk9qbJfGL9Oh08BWW8BvroEUSePhjv3TWC8X5wB4zjS7Cv2kGOuNpVT
rj0jItvgv+PB+1bLXjJMCCR9xSzv6jj3pw0uMmqsezNKw8QbEj2r+k4dZS5XRGTo
y1zCTQqT+slR2Y0/p0ONFnL342gkWOXaYwqMY/EF1grH962Mk8gEoLue9BrbshsA
jPg/T7LV/jYe2MsaQ9r8gSGeP+hr7y6UrxSgsQUQQdaBK79uGhG1PSrTqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL9OJVnSKcmFxy5wX6woO/2n7C0ZMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvdjA0bFdkSXB5WVhITG5CZnJDZzdfYWZzTFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSfNMA0E
AgACMAcDBQMqCeLAMA0GCSqGSIb3DQEBCwUAA4IBAQBoCOMRTdZbz95a4gnBcmI1
re8d4TCa/AQTnhcs0ayaDr+klB1/vr5jfho/2/0LfPJqXQKT7ifGoNqWY5kElHdI
UWvkoqeU/g2M1Mx/HzMygM5EUWe6+WQEaYIG4w3dZxBcI7QS5UlVcW8fPkQgCPxu
6+2A8P6b9jGRFotgz2tEYHX3gWk8xegZb1lZdQq3f6hz8dAXAZWTCzLz3Qws5t3c
Yp1vg6QcJoGKzA6c5zY4fkLQR485QhX5GQoVEq/Xl5WL4SSULn1pgdSpCMeZgaIw
t6VuVjQTK1SqnsFcNWtUUPOanv37Q+GOsKYZmdnoJfPOWeuNMN9B/WDCZqzcKTG0
-----END CERTIFICATE-----
Generated at Tue Sep 9 23:49:33 2025 by rpki-client