Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/722a81-f737-47c3-8634-01993ae0f634/1/FfIKnmyhcS0MyS6jImyiKhfTG4M.roa
File: FfIKnmyhcS0MyS6jImyiKhfTG4M.roa (raw, json)
Hash identifier: Bq7KFCDra/eepPggazfSqcjfSDY8IxclStu1McG0psw=
Subject key identifier: 15:F2:0A:9E:6C:A1:71:2D:0C:C9:2E:A3:22:6C:A2:2A:17:D3:1B:83
Certificate issuer: /CN=02b916b3b2e957d185032cdb499976a00eba4975
Certificate serial: 0199B854AAD6305005E34FC62ABF1E279474
Authority key identifier: 02:B9:16:B3:B2:E9:57:D1:85:03:2C:DB:49:99:76:A0:0E:BA:49:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArkWs7LpV9GFAyzbSZl2oA66SXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/722a81-f737-47c3-8634-01993ae0f634/1/FfIKnmyhcS0MyS6jImyiKhfTG4M.roa
Signing time: Mon 06 Oct 2025 07:03:00 +0000
ROA not before: Mon 06 Oct 2025 07:03:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201952
IP address blocks: 5.101.24.0/21 maxlen: 21
178.57.0.0/19 maxlen: 19
185.57.236.0/22 maxlen: 22
185.67.52.0/22 maxlen: 22
188.68.16.0/20 maxlen: 20
2a04:de80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/722a81-f737-47c3-8634-01993ae0f634/1/ArkWs7LpV9GFAyzbSZl2oA66SXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/722a81-f737-47c3-8634-01993ae0f634/1/ArkWs7LpV9GFAyzbSZl2oA66SXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ArkWs7LpV9GFAyzbSZl2oA66SXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b8:54:aa:d6:30:50:05:e3:4f:c6:2a:bf:1e:27:94:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b916b3b2e957d185032cdb499976a00eba4975
Validity
Not Before: Oct 6 07:03:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15f20a9e6ca1712d0cc92ea3226ca22a17d31b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4c:95:70:14:76:29:ca:0d:3a:c9:f6:55:d8:
47:3d:e7:21:54:5a:47:f3:9e:fa:ce:b5:f8:d2:bc:
f3:ce:7f:ff:7c:6f:31:a7:43:6b:4b:85:30:07:9c:
82:98:04:71:88:75:28:dd:b8:fb:c5:96:7b:b5:e8:
d8:d7:50:4d:a4:95:b5:ad:3d:01:c1:8f:a5:47:30:
1f:19:70:10:ae:10:8e:50:55:db:0a:2a:a3:b4:82:
5e:0e:dd:0e:2d:1f:9c:24:ea:88:d7:3f:47:a2:16:
ab:43:6c:25:ee:30:87:91:ef:9b:1d:e7:3c:51:a5:
37:1b:b2:d9:eb:35:59:e1:32:a3:cc:a5:7e:19:8b:
eb:69:f3:ad:ec:ed:ad:9d:d8:f9:a1:d5:ee:00:f4:
03:97:3f:f3:68:a7:86:67:0c:f4:0f:37:5a:d8:bc:
65:c4:ec:00:8e:a3:97:25:7d:ed:6a:8f:24:10:d2:
24:58:0c:79:e1:d1:1e:84:82:d5:bc:b3:68:c8:8f:
62:ea:be:4d:00:fa:19:a1:72:40:15:be:34:17:1a:
c9:b7:6b:ad:db:55:a2:f4:85:87:32:9c:d0:ee:18:
67:de:e7:d2:30:e8:f6:f6:0f:d9:fc:5e:0f:d1:29:
ea:1c:6f:de:fb:36:6d:80:2d:c0:29:75:c2:a7:39:
ba:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F2:0A:9E:6C:A1:71:2D:0C:C9:2E:A3:22:6C:A2:2A:17:D3:1B:83
X509v3 Authority Key Identifier:
keyid:02:B9:16:B3:B2:E9:57:D1:85:03:2C:DB:49:99:76:A0:0E:BA:49:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArkWs7LpV9GFAyzbSZl2oA66SXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/722a81-f737-47c3-8634-01993ae0f634/1/FfIKnmyhcS0MyS6jImyiKhfTG4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/722a81-f737-47c3-8634-01993ae0f634/1/ArkWs7LpV9GFAyzbSZl2oA66SXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.24.0/21
178.57.0.0/19
185.57.236.0/22
185.67.52.0/22
188.68.16.0/20
IPv6:
2a04:de80::/29
Signature Algorithm: sha256WithRSAEncryption
61:70:43:d4:92:f0:29:bd:0d:38:d4:e3:19:b4:96:21:f8:8b:
b0:d3:f6:c5:e6:ab:b2:ce:04:70:64:7c:2c:c6:38:f9:39:ee:
44:6a:8d:73:65:b8:1f:b7:39:f0:3c:29:51:0b:15:a8:25:da:
89:22:56:66:22:ee:7a:b2:b2:23:cf:8a:4c:fa:3a:3e:9b:ea:
47:bd:4b:49:bc:5e:a7:b9:91:7a:0d:3c:33:86:df:6b:ab:de:
38:67:e7:35:2e:e6:60:60:97:0d:ca:5d:0e:31:9b:fe:33:c3:
ad:a3:29:f6:2c:cd:7d:0b:17:96:5e:da:74:85:56:28:3a:5a:
eb:34:3f:e7:28:ea:9e:71:ef:7f:2a:0f:66:18:35:ec:df:64:
7b:c2:1e:04:16:81:1e:14:36:fc:b4:4b:d4:ea:32:64:73:42:
bf:fc:56:09:8e:b3:fb:7c:5f:8e:66:58:ed:02:55:da:e9:3f:
cc:43:7b:f2:dc:b6:a9:e3:86:5d:b8:3d:21:6e:a1:0b:1d:df:
75:40:a4:3c:6a:37:e0:c7:df:28:32:dc:20:42:73:78:f8:fc:
5f:1e:c9:59:35:7e:80:50:59:99:65:13:e5:97:20:19:55:70:
c5:34:0d:0c:56:16:cd:24:ab:0e:d4:97:ef:a8:6a:eb:08:23:
29:d3:90:a2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZm4VKrWMFAF40/GKr8eJ5R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjkxNmIzYjJlOTU3ZDE4NTAzMmNkYjQ5OTk3NmEwMGVi
YTQ5NzUwHhcNMjUxMDA2MDcwMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWYyMGE5ZTZjYTE3MTJkMGNjOTJlYTMyMjZjYTIyYTE3ZDMxYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEyVcBR2KcoNOsn2VdhHPechVFpH
8576zrX40rzzzn//fG8xp0NrS4UwB5yCmARxiHUo3bj7xZZ7tejY11BNpJW1rT0B
wY+lRzAfGXAQrhCOUFXbCiqjtIJeDt0OLR+cJOqI1z9HoharQ2wl7jCHke+bHec8
UaU3G7LZ6zVZ4TKjzKV+GYvrafOt7O2tndj5odXuAPQDlz/zaKeGZwz0Dzda2Lxl
xOwAjqOXJX3tao8kENIkWAx54dEehILVvLNoyI9i6r5NAPoZoXJAFb40FxrJt2ut
21Wi9IWHMpzQ7hhn3ufSMOj29g/Z/F4P0SnqHG/e+zZtgC3AKXXCpzm6RwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBXyCp5soXEtDMkuoyJsoioX0xuDMB8GA1UdIwQY
MBaAFAK5FrOy6VfRhQMs20mZdqAOukl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJrV3M3THBWOUdGQXl6YlNabDJvQTY2U1hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MjJhODEtZjczNy00N2MzLTg2MzQt
MDE5OTNhZTBmNjM0LzEvRmZJS25teWhjUzBNeVM2aklteWlLaGZURzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MjJhODEtZjczNy00N2MzLTg2MzQtMDE5OTNhZTBmNjM0
LzEvQXJrV3M3THBWOUdGQXl6YlNabDJvQTY2U1hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBWUYAwQF
sjkAAwQCuTnsAwQCuUM0AwQEvEQQMA0EAgACMAcDBQMqBN6AMA0GCSqGSIb3DQEB
CwUAA4IBAQBhcEPUkvApvQ041OMZtJYh+Iuw0/bF5quyzgRwZHwsxjj5Oe5Eao1z
ZbgftznwPClRCxWoJdqJIlZmIu56srIjz4pM+jo+m+pHvUtJvF6nuZF6DTwzht9r
q944Z+c1LuZgYJcNyl0OMZv+M8Otoyn2LM19CxeWXtp0hVYoOlrrND/nKOqece9/
Kg9mGDXs32R7wh4EFoEeFDb8tEvU6jJkc0K//FYJjrP7fF+OZljtAlXa6T/MQ3vy
3Lap44ZduD0hbqELHd91QKQ8ajfgx98oMtwgQnN4+PxfHslZNX6AUFmZZRPllyAZ
VXDFNA0MVhbNJKsO1JfvqGrrCCMp05Ci
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:36:18 2025 by rpki-client