Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/FIcC6s1BGf9zB3oixDWkRkIHTCM.roa
File: FIcC6s1BGf9zB3oixDWkRkIHTCM.roa (raw, json)
Hash identifier: hOMA3Ze5QKA55bUCq+0OqZIOMZ8xCu2v+PtZbTtIOws=
Subject key identifier: 14:87:02:EA:CD:41:19:FF:73:07:7A:22:C4:35:A4:46:42:07:4C:23
Certificate issuer: /CN=1b12120c351c14eec22109f603249fcdac1d3321
Certificate serial: 0198C4F62E9C0D9C3B764B21081C33B9934B
Authority key identifier: 1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/FIcC6s1BGf9zB3oixDWkRkIHTCM.roa
Signing time: Wed 20 Aug 2025 00:52:04 +0000
ROA not before: Wed 20 Aug 2025 00:52:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209800
IP address blocks: 178.16.52.0/22 maxlen: 22
178.16.52.0/24 maxlen: 24
178.16.53.0/24 maxlen: 24
178.16.54.0/24 maxlen: 24
178.16.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.mft
rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c4:f6:2e:9c:0d:9c:3b:76:4b:21:08:1c:33:b9:93:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b12120c351c14eec22109f603249fcdac1d3321
Validity
Not Before: Aug 20 00:52:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=148702eacd4119ff73077a22c435a44642074c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:27:cd:b8:f2:6d:f4:3c:97:3a:37:38:11:17:
56:20:8c:12:fe:8a:e5:ef:11:60:22:b4:1c:4d:80:
e5:f8:6c:88:3f:85:08:fa:99:a8:41:56:25:dc:23:
06:32:39:af:b2:05:e1:a3:6f:a8:3e:ae:7b:67:87:
51:79:72:0d:74:b5:19:09:97:5d:2c:93:eb:64:52:
74:6e:22:34:0f:7a:cb:16:be:cc:d3:72:fc:00:6f:
3e:6a:e1:7b:21:e4:96:2f:af:eb:a2:9c:1c:8f:67:
4a:2f:28:ec:43:53:f4:85:07:c9:7d:26:93:ba:b1:
8d:41:ed:1a:42:d3:84:29:ae:4e:7a:6c:02:75:1c:
df:3c:0c:71:75:af:fe:67:21:b7:56:21:f5:c1:06:
8d:32:8e:b3:df:9f:e5:9f:e9:4f:60:15:a0:a8:74:
2e:ec:d2:c0:b0:0e:fb:f0:25:53:15:5d:e8:86:2c:
84:86:6e:2c:91:5d:2f:32:1c:7b:31:a6:ae:af:8a:
12:d0:ee:65:c3:d2:79:21:54:88:bd:39:85:4d:1a:
7a:9b:f3:d3:54:cc:41:56:c9:dd:c7:80:09:87:db:
ab:c5:63:dc:a3:2c:f0:3c:61:bc:3a:af:a8:7b:ed:
44:0b:04:b2:06:b4:e2:7f:c8:f8:bf:80:0d:b4:cb:
e1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:87:02:EA:CD:41:19:FF:73:07:7A:22:C4:35:A4:46:42:07:4C:23
X509v3 Authority Key Identifier:
keyid:1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/FIcC6s1BGf9zB3oixDWkRkIHTCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.52.0/22
Signature Algorithm: sha256WithRSAEncryption
78:cb:73:49:d9:11:15:5a:3e:af:0a:e9:54:c4:f8:e7:aa:ba:
47:90:60:12:e8:91:04:09:0f:19:56:8d:9a:de:fc:c6:6d:cc:
d9:fd:4c:63:ba:c9:b7:13:fa:dc:87:18:0a:fb:c9:f2:66:a3:
6e:51:45:1c:71:5a:13:19:da:c0:9e:74:c3:85:88:88:33:db:
8c:0f:da:85:c0:8f:32:a0:9d:1a:b9:81:d9:08:51:18:2b:91:
26:99:f3:2d:35:2d:71:de:dc:d1:02:bb:a9:96:c2:5f:38:d4:
bb:05:e2:40:47:8c:c1:b4:6b:a9:8c:70:04:52:96:7f:4a:f4:
c0:b6:ee:af:b4:ea:85:4e:87:ec:ff:56:f6:25:e0:0e:51:5d:
49:ad:4b:e5:14:b7:d6:6d:5d:da:bf:e9:69:f1:7a:df:ed:8c:
a8:44:49:79:f5:f0:d2:a0:d6:b3:29:b8:8a:44:38:6d:88:f2:
ed:34:d6:06:a2:03:80:a6:05:76:fb:a8:16:98:8e:70:47:2c:
3f:a4:81:2d:2e:7b:24:13:8d:89:c9:4c:16:f6:c3:cd:b6:b2:
04:4f:f9:0c:48:74:62:ce:1e:80:76:35:cd:4a:aa:e5:ed:56:
30:86:91:3e:d8:13:ed:d4:4a:31:24:86:5b:b9:75:fd:12:4c:
64:a6:66:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjE9i6cDZw7dkshCBwzuZNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMTIxMjBjMzUxYzE0ZWVjMjIxMDlmNjAzMjQ5ZmNkYWMx
ZDMzMjEwHhcNMjUwODIwMDA1MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDg3MDJlYWNkNDExOWZmNzMwNzdhMjJjNDM1YTQ0NjQyMDc0YzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyfNuPJt9DyXOjc4ERdWIIwS/orl
7xFgIrQcTYDl+GyIP4UI+pmoQVYl3CMGMjmvsgXho2+oPq57Z4dReXINdLUZCZdd
LJPrZFJ0biI0D3rLFr7M03L8AG8+auF7IeSWL6/ropwcj2dKLyjsQ1P0hQfJfSaT
urGNQe0aQtOEKa5OemwCdRzfPAxxda/+ZyG3ViH1wQaNMo6z35/ln+lPYBWgqHQu
7NLAsA778CVTFV3ohiyEhm4skV0vMhx7Maaur4oS0O5lw9J5IVSIvTmFTRp6m/PT
VMxBVsndx4AJh9urxWPcoyzwPGG8Oq+oe+1ECwSyBrTif8j4v4ANtMvhXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSHAurNQRn/cwd6IsQ1pEZCB0wjMB8GA1UdIwQY
MBaAFBsSEgw1HBTuwiEJ9gMkn82sHTMhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUt
NDNkZjQ3ZDVhMWU3LzEvRkljQzZzMUJHZjl6QjNvaXhEV2tSa0lIVENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUtNDNkZjQ3ZDVhMWU3
LzEvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCshA0MA0G
CSqGSIb3DQEBCwUAA4IBAQB4y3NJ2REVWj6vCulUxPjnqrpHkGAS6JEECQ8ZVo2a
3vzGbczZ/Uxjusm3E/rchxgK+8nyZqNuUUUccVoTGdrAnnTDhYiIM9uMD9qFwI8y
oJ0auYHZCFEYK5EmmfMtNS1x3tzRAruplsJfONS7BeJAR4zBtGupjHAEUpZ/SvTA
tu6vtOqFTofs/1b2JeAOUV1JrUvlFLfWbV3av+lp8Xrf7YyoREl59fDSoNazKbiK
RDhtiPLtNNYGogOApgV2+6gWmI5wRyw/pIEtLnskE42JyUwW9sPNtrIET/kMSHRi
zh6AdjXNSqrl7VYwhpE+2BPt1EoxJIZbuXX9EkxkpmbO
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:34:13 2025 by rpki-client