Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/iUuRoiZ7OKWdn5tiTJPNMo7hj3g.roa
File: iUuRoiZ7OKWdn5tiTJPNMo7hj3g.roa (raw, json)
Hash identifier: /5FZIGj6qOj6g4bM0v7qYUvi2YfwwHhDz9PnhjNz8RM=
Subject key identifier: 89:4B:91:A2:26:7B:38:A5:9D:9F:9B:62:4C:93:CD:32:8E:E1:8F:78
Certificate issuer: /CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Certificate serial: 01990A94509F2DC232411FB993B08DAE147E
Authority key identifier: FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/iUuRoiZ7OKWdn5tiTJPNMo7hj3g.roa
Signing time: Tue 02 Sep 2025 13:18:36 +0000
ROA not before: Tue 02 Sep 2025 13:18:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207203
IP address blocks: 45.153.140.0/22 maxlen: 22
45.156.240.0/22 maxlen: 22
45.156.240.0/24 maxlen: 24
109.104.108.0/23 maxlen: 23
185.39.172.0/22 maxlen: 22
185.82.120.0/22 maxlen: 22
185.238.32.0/22 maxlen: 22
193.228.80.0/24 maxlen: 24
193.228.81.0/24 maxlen: 24
193.228.82.0/23 maxlen: 23
2a04:7700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0a:94:50:9f:2d:c2:32:41:1f:b9:93:b0:8d:ae:14:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcd0233808570e31ffb2fcde1b877071cbc6603
Validity
Not Before: Sep 2 13:18:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=894b91a2267b38a59d9f9b624c93cd328ee18f78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:74:9f:29:24:8b:8f:47:03:69:69:36:00:22:
03:3d:fb:1d:5c:da:2d:c6:93:3e:a8:44:e8:d9:ba:
d2:35:d6:e4:cd:2a:64:57:45:b6:f9:63:6c:f5:a7:
c4:eb:ad:36:39:78:88:be:93:11:ef:e5:14:79:c1:
97:e8:22:db:8f:92:43:08:6f:b2:f9:c1:18:2f:9c:
dd:fa:e6:6c:4f:fb:87:a7:6e:d5:24:2d:ca:65:3f:
c7:29:bb:be:82:5c:e5:f0:a4:1f:55:b2:fc:77:39:
ad:d7:2a:89:91:f1:9d:27:b2:0c:2a:75:ec:09:2b:
6b:36:aa:f0:94:37:95:4c:38:49:20:35:fb:e0:76:
1a:da:df:b2:7c:28:4f:44:52:46:b4:df:b4:4a:43:
86:c2:b5:55:9d:91:f7:b3:f1:04:4a:fe:4b:ce:6e:
c7:c1:01:37:5f:78:cf:5f:57:a3:09:3a:f0:39:01:
4d:fc:e7:3a:94:b6:89:a2:41:4a:c2:a4:cf:5b:74:
64:60:2f:b8:bc:e0:c7:70:5e:83:32:f5:bc:df:58:
75:8a:b0:0b:f9:7d:0c:7e:9b:e1:cb:d3:0c:44:b7:
f5:36:fb:35:6f:89:45:6d:0a:e7:a9:e2:2b:85:4a:
e7:ee:ef:df:0d:67:d6:c6:95:9f:09:cc:f3:88:40:
81:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4B:91:A2:26:7B:38:A5:9D:9F:9B:62:4C:93:CD:32:8E:E1:8F:78
X509v3 Authority Key Identifier:
keyid:FB:CD:02:33:80:85:70:E3:1F:FB:2F:CD:E1:B8:77:07:1C:BC:66:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/iUuRoiZ7OKWdn5tiTJPNMo7hj3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b5110-5167-48e0-8597-61d7333f8570/1/1-80CM4CFcOMf-y_N4bh3Bxy8ZgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.140.0/22
45.156.240.0/22
109.104.108.0/23
185.39.172.0/22
185.82.120.0/22
185.238.32.0/22
193.228.80.0/22
IPv6:
2a04:7700::/29
Signature Algorithm: sha256WithRSAEncryption
bf:7b:f8:6b:85:8a:f8:8a:bf:78:42:33:e8:e3:70:1e:c7:ec:
d7:2f:32:ec:47:fc:8b:a3:52:cc:d7:ad:13:86:33:82:83:ba:
71:ef:63:5a:89:b8:73:10:61:d9:e8:7d:e0:cb:e8:d1:f4:e4:
6d:68:04:d4:d3:e7:c3:97:fd:62:ad:cc:d7:e7:d1:d4:a6:cd:
77:0f:0e:e4:cf:e2:62:ba:82:c6:cf:ad:cd:6e:28:69:a6:b7:
46:65:3b:af:57:22:6f:1c:90:65:93:ff:38:27:2e:c7:6c:b9:
ca:6d:32:fa:47:33:da:72:97:d4:97:b8:d5:47:cb:6e:60:2e:
e4:ed:35:f3:66:a6:2d:41:00:97:a4:0b:91:c1:90:9c:ca:68:
32:0b:8a:7d:e0:02:b6:e7:9c:1d:c4:63:58:dd:a7:90:da:fd:
2e:7c:ad:73:76:61:15:fe:53:e5:20:f5:77:d6:97:b9:24:c6:
1b:ec:bb:3c:9a:1f:8b:20:ff:bd:30:eb:e3:7b:a8:f0:2d:04:
30:27:e7:91:2a:11:dc:7c:ab:6e:d4:2c:ed:51:a2:0e:88:00:
84:92:46:a3:96:a4:7a:7b:8b:90:0d:41:3c:46:9e:3b:72:30:
19:77:06:30:f4:0b:e0:9d:3d:8d:47:5d:4d:2a:ad:4e:0d:f1:
f9:5a:47:8f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZkKlFCfLcIyQR+5k7CNrhR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2QwMjMzODA4NTcwZTMxZmZiMmZjZGUxYjg3NzA3MWNi
YzY2MDMwHhcNMjUwOTAyMTMxODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTRiOTFhMjI2N2IzOGE1OWQ5ZjliNjI0YzkzY2QzMjhlZTE4Zjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHSfKSSLj0cDaWk2ACIDPfsdXNot
xpM+qETo2brSNdbkzSpkV0W2+WNs9afE6602OXiIvpMR7+UUecGX6CLbj5JDCG+y
+cEYL5zd+uZsT/uHp27VJC3KZT/HKbu+glzl8KQfVbL8dzmt1yqJkfGdJ7IMKnXs
CStrNqrwlDeVTDhJIDX74HYa2t+yfChPRFJGtN+0SkOGwrVVnZH3s/EESv5Lzm7H
wQE3X3jPX1ejCTrwOQFN/Oc6lLaJokFKwqTPW3RkYC+4vODHcF6DMvW831h1irAL
+X0Mfpvhy9MMRLf1Nvs1b4lFbQrnqeIrhUrn7u/fDWfWxpWfCczziECB5wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFIlLkaImezilnZ+bYkyTzTKO4Y94MB8GA1UdIwQY
MBaAFPvNAjOAhXDjH/svzeG4dwccvGYDMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04MENNNENGY09NZi15X040YmgzQnh5OFpnTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3
LTYxZDczMzNmODU3MC8xL2lVdVJvaVo3T0tXZG41dGlUSlBOTW83aGozZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvM2I1MTEwLTUxNjctNDhlMC04NTk3LTYxZDczMzNmODU3
MC8xLzEtODBDTTRDRmNPTWYteV9ONGJoM0J4eThaZ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUgYIKwYBBQUHAQcBAf8EQzBBMDAEAgABMCoDBAItmYwD
BAItnPADBAFtaGwDBAK5J6wDBAK5UngDBAK57iADBALB5FAwDQQCAAIwBwMFAyoE
dwAwDQYJKoZIhvcNAQELBQADggEBAL97+GuFiviKv3hCM+jjcB7H7NcvMuxH/Iuj
UszXrROGM4KDunHvY1qJuHMQYdnofeDL6NH05G1oBNTT58OX/WKtzNfn0dSmzXcP
DuTP4mK6gsbPrc1uKGmmt0ZlO69XIm8ckGWT/zgnLsdsucptMvpHM9pyl9SXuNVH
y25gLuTtNfNmpi1BAJekC5HBkJzKaDILin3gArbnnB3EY1jdp5Da/S58rXN2YRX+
U+Ug9XfWl7kkxhvsuzyaH4sg/70w6+N7qPAtBDAn55EqEdx8q27ULO1Rog6IAISS
RqOWpHp7i5ANQTxGnjtyMBl3BjD0C+CdPY1HXU0qrU4N8flaR48=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:16:33 2025 by rpki-client