Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FRz4V0ts1zbyJLgR4XPv5Kb-vUs.roa
File: FRz4V0ts1zbyJLgR4XPv5Kb-vUs.roa (raw, json)
Hash identifier: 9aGvnzotymWY+y88PWChe7t8nLKl7kejHeVaIZuuqeY=
Subject key identifier: 15:1C:F8:57:4B:6C:D7:36:F2:24:B8:11:E1:73:EF:E4:A6:FE:BD:4B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01998B1E9C57AC1FE026980D543C62253621
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FRz4V0ts1zbyJLgR4XPv5Kb-vUs.roa
Signing time: Sat 27 Sep 2025 12:21:02 +0000
ROA not before: Sat 27 Sep 2025 12:21:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 62.76.230.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:8b:1e:9c:57:ac:1f:e0:26:98:0d:54:3c:62:25:36:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 27 12:21:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=151cf8574b6cd736f224b811e173efe4a6febd4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:89:cd:76:eb:f5:ce:c0:74:5d:dd:24:3f:97:
ae:6b:8d:fd:19:78:47:4e:25:69:7d:d2:a1:98:00:
24:e1:22:15:4f:2f:ea:ee:ca:40:2c:4f:b2:0d:7a:
a9:cf:e8:6c:7d:92:bd:67:0f:63:97:41:44:88:79:
98:0a:aa:06:c5:3c:c6:6e:44:c9:b2:1b:09:7a:d2:
be:18:fb:23:a5:f9:54:c2:50:51:0a:99:53:8a:d1:
2d:57:74:58:52:4e:82:b5:7b:99:56:0c:4f:9d:f4:
cc:55:8a:91:f6:c1:e6:17:b8:66:39:4f:30:fa:a7:
68:98:ae:7b:a1:a4:16:cb:f9:52:70:7e:2f:de:cb:
ba:09:e9:73:d0:66:b3:ab:28:29:33:10:c5:ba:3d:
e8:37:72:35:18:9e:9e:23:c9:45:f4:24:dd:53:70:
25:d5:61:de:7c:b6:36:ef:9e:49:43:80:42:77:ba:
bc:86:15:a4:3d:2a:62:99:fe:ff:d7:09:87:8e:a3:
3f:69:c8:3f:e6:54:ca:a6:86:0a:1b:97:0c:a1:54:
21:10:85:6f:35:45:cd:51:c7:97:cc:51:75:8a:f1:
1e:71:c2:9e:44:85:00:d0:56:7a:c3:19:34:52:bc:
5f:69:83:af:8d:bf:90:0d:9d:36:e0:27:18:c1:4a:
53:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:1C:F8:57:4B:6C:D7:36:F2:24:B8:11:E1:73:EF:E4:A6:FE:BD:4B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FRz4V0ts1zbyJLgR4XPv5Kb-vUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
194.87.64.0/24
194.87.91.0/24
195.58.63.0/24
Signature Algorithm: sha256WithRSAEncryption
22:2d:c0:8c:15:ff:fa:6a:1a:fb:16:f9:dc:6b:7c:46:61:4c:
1d:65:02:af:0b:1a:96:f2:64:1f:50:94:1b:15:28:ce:aa:d2:
2d:6b:c4:9b:69:ce:e6:88:6c:b4:eb:b2:11:2b:49:39:74:e1:
b6:4c:fc:39:80:36:ae:be:8c:66:ac:cd:ab:1f:4c:87:93:a8:
7f:37:d2:f6:de:9f:9e:f0:b3:a6:68:7e:62:07:fe:5c:bc:5b:
dc:38:5e:57:aa:79:a7:69:98:43:c3:cb:6f:52:25:29:0c:0b:
5c:4f:fc:6a:ea:74:d0:f0:56:80:56:8e:43:1e:24:b7:12:12:
e1:e0:3a:5c:8b:90:b1:38:bd:0a:fb:0e:a6:13:9f:24:bf:2d:
43:1d:8d:14:1c:9f:5b:07:cf:77:23:b3:dc:d4:4f:1d:84:40:
1a:f8:c1:a4:05:20:bc:1d:30:54:8c:ce:82:76:e6:46:d6:89:
42:2c:1f:fe:56:7c:5e:77:e6:61:23:01:75:8e:a2:e0:02:c8:
54:f0:e1:95:49:0a:02:4b:32:88:55:f3:53:22:b1:34:d5:a2:
7e:09:54:e3:43:4c:f2:cf:65:4e:24:37:36:6c:ce:b6:b2:94:
40:ae:ef:62:38:ac:f4:c9:be:4a:3e:64:18:39:ee:84:64:23:
aa:31:bd:e2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZmLHpxXrB/gJpgNVDxiJTYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwOTI3MTIyMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTFjZjg1NzRiNmNkNzM2ZjIyNGI4MTFlMTczZWZlNGE2ZmViZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8YnNduv1zsB0Xd0kP5eua439GXhH
TiVpfdKhmAAk4SIVTy/q7spALE+yDXqpz+hsfZK9Zw9jl0FEiHmYCqoGxTzGbkTJ
shsJetK+GPsjpflUwlBRCplTitEtV3RYUk6CtXuZVgxPnfTMVYqR9sHmF7hmOU8w
+qdomK57oaQWy/lScH4v3su6Celz0GazqygpMxDFuj3oN3I1GJ6eI8lF9CTdU3Al
1WHefLY2755JQ4BCd7q8hhWkPSpimf7/1wmHjqM/acg/5lTKpoYKG5cMoVQhEIVv
NUXNUceXzFF1ivEeccKeRIUA0FZ6wxk0UrxfaYOvjb+QDZ024CcYwUpT5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBUc+FdLbNc28iS4EeFz7+Sm/r1LMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRlJ6NFYwdHMxemJ5SkxnUjRYUHY1S2ItdlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkzmAwQA
wldAAwQAwldbAwQAwzo/MA0GCSqGSIb3DQEBCwUAA4IBAQAiLcCMFf/6ahr7Fvnc
a3xGYUwdZQKvCxqW8mQfUJQbFSjOqtIta8Sbac7miGy067IRK0k5dOG2TPw5gDau
voxmrM2rH0yHk6h/N9L23p+e8LOmaH5iB/5cvFvcOF5XqnmnaZhDw8tvUiUpDAtc
T/xq6nTQ8FaAVo5DHiS3EhLh4Dpci5CxOL0K+w6mE58kvy1DHY0UHJ9bB893I7Pc
1E8dhEAa+MGkBSC8HTBUjM6CduZG1olCLB/+Vnxed+ZhIwF1jqLgAshU8OGVSQoC
SzKIVfNTIrE01aJ+CVTjQ0zyz2VOJDc2bM62spRAru9iOKz0yb5KPmQYOe6EZCOq
Mb3i
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:02:16 2025 by rpki-client