Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/F0I2of0atpvetTn6otcAa1FRJF0.roa
File: F0I2of0atpvetTn6otcAa1FRJF0.roa (raw, json)
Hash identifier: JY9VjmC9P6KQBtlxAcmoRA4HCsgOVKGxeDdf5vhfcm4=
Subject key identifier: 17:42:36:A1:FD:1A:B6:9B:DE:B5:39:FA:A2:D7:00:6B:51:51:24:5D
Certificate issuer: /CN=043d2c8da83f5c3c94ae940a0efd2a7714ff90e2
Certificate serial: 019951B6C1299F0EDF7B05649BA0C9FFEECE
Authority key identifier: 04:3D:2C:8D:A8:3F:5C:3C:94:AE:94:0A:0E:FD:2A:77:14:FF:90:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/F0I2of0atpvetTn6otcAa1FRJF0.roa
Signing time: Tue 16 Sep 2025 08:49:15 +0000
ROA not before: Tue 16 Sep 2025 08:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48988
IP address blocks: 108.174.78.0/24 maxlen: 24
111.88.140.0/22 maxlen: 24
198.13.184.0/21 maxlen: 24
213.148.0.0/20 maxlen: 24
213.148.24.0/22 maxlen: 24
2a13:8280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:51:b6:c1:29:9f:0e:df:7b:05:64:9b:a0:c9:ff:ee:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=043d2c8da83f5c3c94ae940a0efd2a7714ff90e2
Validity
Not Before: Sep 16 08:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=174236a1fd1ab69bdeb539faa2d7006b5151245d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4c:a8:b3:fb:ce:d0:8b:93:79:02:50:af:f9:
e7:d6:96:b3:2b:3a:d9:f8:a4:a3:c9:70:fe:d8:dd:
f1:a7:2e:aa:f6:8f:d5:39:39:89:3b:98:35:96:56:
5f:85:11:35:df:ed:78:9c:c3:2a:68:b5:81:8e:15:
20:bb:51:d5:77:de:69:59:ff:fa:c6:fc:04:ae:0d:
fa:a9:01:db:b0:de:41:e5:46:0b:70:3d:43:5b:d3:
49:57:ad:84:f2:a0:44:f1:e1:09:9b:47:ce:89:ab:
eb:b5:74:fb:35:f0:d6:cd:08:87:7c:4d:7b:f1:8a:
2a:55:ba:34:be:b0:46:8e:24:f6:92:7d:3a:04:8f:
1d:9f:67:df:47:5b:dd:53:9b:49:7f:39:a1:b1:a6:
45:a5:b5:ea:59:91:26:4f:37:32:ee:01:d8:e9:d2:
65:f7:9e:bf:36:ed:ee:df:86:28:2b:77:6c:9b:72:
b9:bf:35:b5:ae:ee:dd:8f:62:9d:2b:44:50:75:c9:
41:26:d5:80:2d:3b:3f:d7:e2:15:04:52:e8:ae:f0:
76:4a:f3:81:37:3e:75:3a:68:61:c4:0c:4c:88:03:
45:6e:b2:de:fc:1e:4e:7f:7b:7a:0f:e7:fb:60:dc:
f3:de:3e:80:25:c8:ff:85:c3:0b:bb:38:1e:a6:37:
25:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:42:36:A1:FD:1A:B6:9B:DE:B5:39:FA:A2:D7:00:6B:51:51:24:5D
X509v3 Authority Key Identifier:
keyid:04:3D:2C:8D:A8:3F:5C:3C:94:AE:94:0A:0E:FD:2A:77:14:FF:90:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/F0I2of0atpvetTn6otcAa1FRJF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.174.78.0/24
111.88.140.0/22
198.13.184.0/21
213.148.0.0/20
213.148.24.0/22
IPv6:
2a13:8280::/32
Signature Algorithm: sha256WithRSAEncryption
96:53:0a:55:71:e7:12:48:be:6a:03:08:1d:02:1a:e0:71:01:
72:f2:7d:f1:78:5b:a4:94:13:80:4d:49:68:fd:80:95:8b:49:
61:0e:dd:d5:e6:ab:41:f2:05:aa:a7:c8:9a:fc:b4:9f:d6:05:
53:3e:3d:37:4a:a2:42:e4:0b:18:86:aa:58:75:33:c7:1b:4c:
31:b7:2a:d4:b0:0c:34:95:2c:7d:85:7b:cc:b9:d7:42:d5:73:
b6:50:8a:8f:ee:89:f5:96:94:00:fc:96:ba:89:58:8e:07:83:
d2:ea:20:e8:09:ab:31:65:db:e9:a7:8a:90:c9:20:16:84:72:
bb:19:c6:a3:34:ad:91:5b:23:ad:a7:81:b9:ef:f6:5f:eb:98:
8a:be:c2:1a:0c:86:6c:a2:4f:9d:72:1b:81:c2:d9:8f:34:ff:
ed:6e:4e:f1:f4:a5:9f:ce:33:df:95:12:36:f0:f2:e4:f1:92:
1c:3f:94:f9:39:10:de:dd:7d:8b:50:e9:9f:b0:8a:11:4e:60:
eb:52:a8:e1:d9:08:f6:a2:f9:d3:5b:be:8c:12:c5:15:99:b4:
57:6e:2f:39:08:0e:b2:90:d8:13:02:4c:2d:4e:64:56:22:69:
bf:7b:e3:e3:e4:68:69:e9:9c:23:73:3c:5d:88:d7:78:a6:d9:
f0:46:6c:f2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZlRtsEpnw7fewVkm6DJ/+7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0M2QyYzhkYTgzZjVjM2M5NGFlOTQwYTBlZmQyYTc3MTRm
ZjkwZTIwHhcNMjUwOTE2MDg0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQyMzZhMWZkMWFiNjliZGViNTM5ZmFhMmQ3MDA2YjUxNTEyNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0yos/vO0IuTeQJQr/nn1pazKzrZ
+KSjyXD+2N3xpy6q9o/VOTmJO5g1llZfhRE13+14nMMqaLWBjhUgu1HVd95pWf/6
xvwErg36qQHbsN5B5UYLcD1DW9NJV62E8qBE8eEJm0fOiavrtXT7NfDWzQiHfE17
8YoqVbo0vrBGjiT2kn06BI8dn2ffR1vdU5tJfzmhsaZFpbXqWZEmTzcy7gHY6dJl
956/Nu3u34YoK3dsm3K5vzW1ru7dj2KdK0RQdclBJtWALTs/1+IVBFLorvB2SvOB
Nz51OmhhxAxMiANFbrLe/B5Of3t6D+f7YNzz3j6AJcj/hcMLuzgepjclzQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBdCNqH9Grab3rU5+qLXAGtRUSRdMB8GA1UdIwQY
MBaAFAQ9LI2oP1w8lK6UCg79KncU/5DiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lYzRjMjUtZTU1Mi00ZDBjLTk1ZWUt
M2JiYzY2MWI0Y2M1LzEvRjBJMm9mMGF0cHZldFRuNm90Y0FhMUZSSkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lYzRjMjUtZTU1Mi00ZDBjLTk1ZWUtM2JiYzY2MWI0Y2M1
LzEvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAbK5OAwQC
b1iMAwQDxg24AwQE1ZQAAwQC1ZQYMA0EAgACMAcDBQAqE4KAMA0GCSqGSIb3DQEB
CwUAA4IBAQCWUwpVcecSSL5qAwgdAhrgcQFy8n3xeFuklBOATUlo/YCVi0lhDt3V
5qtB8gWqp8ia/LSf1gVTPj03SqJC5AsYhqpYdTPHG0wxtyrUsAw0lSx9hXvMuddC
1XO2UIqP7on1lpQA/Ja6iViOB4PS6iDoCasxZdvpp4qQySAWhHK7GcajNK2RWyOt
p4G57/Zf65iKvsIaDIZsok+dchuBwtmPNP/tbk7x9KWfzjPflRI28PLk8ZIcP5T5
ORDe3X2LUOmfsIoRTmDrUqjh2Qj2ovnTW76MEsUVmbRXbi85CA6ykNgTAkwtTmRW
Imm/e+Pj5Ghp6ZwjczxdiNd4ptnwRmzy
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:09:16 2025 by rpki-client