Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/fjtFOz4IlAaEAQnySY7OoN_tT9k.roa
File: fjtFOz4IlAaEAQnySY7OoN_tT9k.roa (raw, json)
Hash identifier: +Sr0IAWH0Sl8SJhZIIslWSKF0Gz1QtZzH2BHIKdnR6Y=
Subject key identifier: 7E:3B:45:3B:3E:08:94:06:84:01:09:F2:49:8E:CE:A0:DF:ED:4F:D9
Certificate issuer: /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial: 0198BC091575D388B306C6CAA7FF3B00F2EC
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/fjtFOz4IlAaEAQnySY7OoN_tT9k.roa
Signing time: Mon 18 Aug 2025 07:16:08 +0000
ROA not before: Mon 18 Aug 2025 07:16:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199636
IP address blocks: 45.80.8.0/22 maxlen: 24
45.80.20.0/22 maxlen: 24
45.80.24.0/22 maxlen: 24
45.80.32.0/22 maxlen: 24
82.96.128.0/18 maxlen: 24
88.202.236.0/22 maxlen: 24
88.212.152.0/22 maxlen: 24
89.200.240.0/23 maxlen: 24
91.203.92.0/22 maxlen: 24
95.178.88.0/22 maxlen: 24
130.180.208.0/20 maxlen: 24
141.255.128.0/21 maxlen: 24
185.44.88.0/22 maxlen: 24
185.91.220.0/22 maxlen: 24
185.146.220.0/22 maxlen: 24
212.114.16.0/20 maxlen: 24
2a05:6e00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bc:09:15:75:d3:88:b3:06:c6:ca:a7:ff:3b:00:f2:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
Validity
Not Before: Aug 18 07:16:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e3b453b3e089406840109f2498ecea0dfed4fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e4:a0:3f:3b:3b:22:2e:23:92:6e:42:7c:6a:
a8:44:a3:bb:2c:14:72:1f:19:b2:c5:74:d0:77:51:
d4:f8:26:93:2b:bd:01:aa:9d:da:0b:ae:0b:dc:d3:
17:ab:32:9b:80:3f:31:b9:3c:0f:bd:19:6f:0d:30:
ee:c6:2b:cf:2d:4a:7e:0a:a4:19:91:27:1a:43:8d:
7d:b7:1b:fc:7f:61:71:91:d6:10:d1:7b:f4:d2:05:
3c:58:2e:56:e1:ba:0b:34:3b:83:24:e1:8c:a9:c9:
5e:d9:cd:55:3d:6e:a7:a8:8f:de:66:2c:2a:94:43:
3d:3e:9b:ae:6e:94:0b:16:31:10:82:4a:f1:1b:66:
35:dd:87:e6:9b:2b:15:ed:e7:b9:8d:8c:a7:3c:aa:
f1:09:b7:6c:78:32:1c:cf:e8:f8:6c:2a:07:97:be:
cf:66:70:eb:42:78:9d:6f:d8:fb:38:ad:60:5d:95:
50:f7:9a:04:0a:82:59:08:36:12:47:e8:ea:cd:d3:
9f:e2:a6:88:98:a0:92:fa:e2:92:c9:d2:54:3f:6a:
3c:6c:73:ec:6a:06:6e:32:5a:30:f5:9e:18:c8:b6:
a0:86:b9:a0:15:d9:e1:6e:cf:3f:a9:a2:d2:7e:04:
da:d7:dc:1f:4c:4a:d8:8a:b3:65:f5:e8:af:b1:0c:
65:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:3B:45:3B:3E:08:94:06:84:01:09:F2:49:8E:CE:A0:DF:ED:4F:D9
X509v3 Authority Key Identifier:
keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/fjtFOz4IlAaEAQnySY7OoN_tT9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.8.0/22
45.80.20.0-45.80.27.255
45.80.32.0/22
82.96.128.0/18
88.202.236.0/22
88.212.152.0/22
89.200.240.0/23
91.203.92.0/22
95.178.88.0/22
130.180.208.0/20
141.255.128.0/21
185.44.88.0/22
185.91.220.0/22
185.146.220.0/22
212.114.16.0/20
IPv6:
2a05:6e00::/29
Signature Algorithm: sha256WithRSAEncryption
46:8d:39:57:2f:c9:2f:fd:c0:b4:58:42:3d:d5:0f:1c:58:4c:
e8:79:04:c1:ed:92:09:f3:5d:1f:5e:05:ab:65:3d:54:2c:21:
84:6a:63:86:13:20:8a:a4:61:69:c9:98:22:70:24:c2:18:40:
32:f7:08:f4:75:08:13:bb:fa:e3:70:88:cd:33:db:3d:86:5b:
e7:2e:bf:bb:2e:b7:c4:1f:8a:1a:65:6a:7f:a8:ee:e1:4f:a7:
a1:ec:d5:cb:e0:e3:28:56:31:f8:8b:01:26:96:8c:8c:74:29:
c5:a8:c5:52:d3:f8:77:0c:9c:72:51:9f:37:9b:27:38:0c:32:
6a:7a:c5:7e:9b:a9:b6:ce:fd:1d:05:fa:e6:3d:bd:0e:5d:8b:
c2:df:d7:df:fa:6d:db:57:e7:a5:06:ca:6c:3b:96:8d:15:21:
5b:90:e6:42:17:c5:e6:dc:40:78:aa:c3:39:5b:8f:65:2f:83:
40:bf:17:d1:31:e6:39:f4:74:e1:57:91:b0:a1:62:87:4e:2c:
be:a4:b7:59:ac:b1:4e:2a:3d:7a:be:7b:f3:f7:15:73:52:cf:
fb:8b:91:06:c9:d6:3b:d0:c2:38:92:b7:d8:fe:33:2a:bc:7b:
f9:b9:62:a0:38:57:19:89:8d:6b:ae:dc:cb:7a:b5:5b:50:15:
a5:79:7e:5f
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZi8CRV104izBsbKp/87APLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjUwODE4MDcxNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTNiNDUzYjNlMDg5NDA2ODQwMTA5ZjI0OThlY2VhMGRmZWQ0ZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+SgPzs7Ii4jkm5CfGqoRKO7LBRy
HxmyxXTQd1HU+CaTK70Bqp3aC64L3NMXqzKbgD8xuTwPvRlvDTDuxivPLUp+CqQZ
kScaQ419txv8f2FxkdYQ0Xv00gU8WC5W4boLNDuDJOGMqcle2c1VPW6nqI/eZiwq
lEM9PpuubpQLFjEQgkrxG2Y13YfmmysV7ee5jYynPKrxCbdseDIcz+j4bCoHl77P
ZnDrQnidb9j7OK1gXZVQ95oECoJZCDYSR+jqzdOf4qaImKCS+uKSydJUP2o8bHPs
agZuMlow9Z4YyLaghrmgFdnhbs8/qaLSfgTa19wfTErYirNl9eivsQxlhwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFH47RTs+CJQGhAEJ8kmOzqDf7U/ZMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvZmp0Rk96NElsQWFFQVFueVNZN09vTl90VDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAi1QCDAM
AwQCLVAUAwQCLVAYAwQCLVAgAwQGUmCAAwQCWMrsAwQCWNSYAwQBWcjwAwQCW8tc
AwQCX7JYAwQEgrTQAwQDjf+AAwQCuSxYAwQCuVvcAwQCuZLcAwQE1HIQMA0EAgAC
MAcDBQMqBW4AMA0GCSqGSIb3DQEBCwUAA4IBAQBGjTlXL8kv/cC0WEI91Q8cWEzo
eQTB7ZIJ810fXgWrZT1ULCGEamOGEyCKpGFpyZgicCTCGEAy9wj0dQgTu/rjcIjN
M9s9hlvnLr+7LrfEH4oaZWp/qO7hT6eh7NXL4OMoVjH4iwEmloyMdCnFqMVS0/h3
DJxyUZ83myc4DDJqesV+m6m2zv0dBfrmPb0OXYvC39ff+m3bV+elBspsO5aNFSFb
kOZCF8Xm3EB4qsM5W49lL4NAvxfRMeY59HThV5GwoWKHTiy+pLdZrLFOKj16vnvz
9xVzUs/7i5EGydY70MI4krfY/jMqvHv5uWKgOFcZiY1rrtzLerVbUBWleX5f
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:37:53 2025 by rpki-client