Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/FL-63HYyWSOHaS0zatb3tBhA794.roa
File: FL-63HYyWSOHaS0zatb3tBhA794.roa (raw, json)
Hash identifier: mLXwUnn3m8eIlstUhvReKOdJ0V5ZYWYpyzYXC0ze4xI=
Subject key identifier: 14:BF:BA:DC:76:32:59:23:87:69:2D:33:6A:D6:F7:B4:18:40:EF:DE
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 0199E3776A0EB4D54180C94C4ACBE611CA80
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/FL-63HYyWSOHaS0zatb3tBhA794.roa
Signing time: Tue 14 Oct 2025 16:04:38 +0000
ROA not before: Tue 14 Oct 2025 16:04:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60268
IP address blocks: 185.33.168.0/22 maxlen: 22
185.33.168.0/24 maxlen: 24
185.33.169.0/24 maxlen: 24
185.33.170.0/24 maxlen: 24
185.33.171.0/24 maxlen: 24
185.97.132.0/22 maxlen: 22
185.97.132.0/24 maxlen: 24
185.97.133.0/24 maxlen: 24
185.97.134.0/24 maxlen: 24
185.97.135.0/24 maxlen: 24
193.19.72.0/23 maxlen: 23
193.19.72.0/24 maxlen: 24
193.19.73.0/24 maxlen: 24
193.19.96.0/23 maxlen: 23
193.19.96.0/24 maxlen: 24
193.19.97.0/24 maxlen: 24
2a00:6ba0::/32 maxlen: 32
2a00:cee0::/29 maxlen: 29
2a00:cee0::/32 maxlen: 32
2a00:cee1::/32 maxlen: 32
2a00:cee2::/32 maxlen: 32
2a00:cee3::/32 maxlen: 32
2a00:cee4::/32 maxlen: 32
2a00:cee5::/32 maxlen: 32
2a00:cee6::/32 maxlen: 32
2a00:cee7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e3:77:6a:0e:b4:d5:41:80:c9:4c:4a:cb:e6:11:ca:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Oct 14 16:04:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14bfbadc7632592387692d336ad6f7b41840efde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e0:86:3c:41:52:65:47:3a:56:7e:88:7f:4b:
85:28:8c:96:06:ae:8c:26:f4:ca:29:05:9d:9b:7c:
a8:0f:2f:1d:59:87:9a:cf:50:5e:87:15:8c:e5:ad:
f0:27:c1:9d:e7:74:be:82:d6:75:9b:f8:a5:11:99:
32:0a:8c:c4:e7:62:0a:d5:62:1b:68:42:fc:79:21:
62:de:51:10:a8:66:86:7a:7c:93:49:bc:00:a4:a2:
a3:91:57:e6:fc:cb:a4:fd:93:21:7b:b6:a0:b3:4d:
5a:63:7d:f8:78:c6:8a:a2:81:91:c2:1b:85:c3:37:
af:6e:72:d9:bd:5c:0c:bf:94:c5:4c:76:54:c0:55:
22:90:7c:06:97:71:b4:97:66:8b:7d:0d:52:a5:95:
53:ba:b1:dd:ab:cc:13:63:73:59:2d:ca:18:b4:21:
9d:cf:3f:c8:f6:10:fa:d1:db:d5:eb:2e:e4:b8:38:
d8:b7:db:94:9f:6c:2b:02:3c:1e:d7:3d:75:4f:4a:
34:78:47:0e:b8:7a:e4:0c:13:57:ea:30:bc:6c:e2:
21:97:c3:b9:8a:28:36:17:4f:8a:b8:b8:de:db:7e:
93:3b:eb:3a:8e:d6:53:c3:35:d0:a7:14:45:04:53:
46:5e:78:b9:70:0e:2c:40:4b:a2:41:c5:09:86:64:
55:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:BF:BA:DC:76:32:59:23:87:69:2D:33:6A:D6:F7:B4:18:40:EF:DE
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/FL-63HYyWSOHaS0zatb3tBhA794.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.168.0/22
185.97.132.0/22
193.19.72.0/23
193.19.96.0/23
IPv6:
2a00:6ba0::/32
2a00:cee0::/29
Signature Algorithm: sha256WithRSAEncryption
46:e7:a3:8a:d2:86:8e:5a:39:08:6f:f1:35:66:06:6c:be:d6:
b3:16:27:88:df:25:30:42:9c:1f:03:4d:46:21:5b:76:fc:34:
5f:21:5a:a2:24:63:05:15:34:ae:89:dd:94:34:50:52:ae:91:
e7:bd:3e:5e:49:b0:4b:13:2f:88:28:f0:90:89:f5:3d:89:1f:
9d:f5:e3:10:14:f5:e1:0e:6d:1a:34:e0:a7:1a:82:65:7a:74:
38:5e:4b:fb:a5:33:33:6e:66:66:e0:e5:31:a5:94:df:9f:7a:
57:dd:20:0c:a7:a1:37:75:7a:ad:e7:84:b5:0b:3e:90:6d:f9:
8a:8a:05:c4:b4:80:40:98:7d:c6:b2:7d:58:43:c3:00:03:66:
78:a3:ac:6d:06:33:a2:a3:86:79:80:da:11:16:1f:3c:94:7a:
97:34:6c:50:d3:ce:b0:e2:2d:70:25:f6:77:8b:5e:9e:7e:11:
d5:54:02:ae:06:a0:b2:ee:d6:ae:0c:56:ec:86:a7:a1:4d:1d:
a7:7a:18:b0:17:66:53:b1:94:93:e1:c4:78:43:22:68:ac:d0:
86:b1:88:e0:69:40:c3:a8:2b:51:b2:c9:47:72:9b:9d:1a:e4:
5c:6f:46:f8:3e:e1:30:ca:1a:46:b2:af:e7:20:47:34:69:61:
c0:56:e2:1b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZnjd2oOtNVBgMlMSsvmEcqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjUxMDE0MTYwNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGJmYmFkYzc2MzI1OTIzODc2OTJkMzM2YWQ2ZjdiNDE4NDBlZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeCGPEFSZUc6Vn6If0uFKIyWBq6M
JvTKKQWdm3yoDy8dWYeaz1BehxWM5a3wJ8Gd53S+gtZ1m/ilEZkyCozE52IK1WIb
aEL8eSFi3lEQqGaGenyTSbwApKKjkVfm/Muk/ZMhe7ags01aY334eMaKooGRwhuF
wzevbnLZvVwMv5TFTHZUwFUikHwGl3G0l2aLfQ1SpZVTurHdq8wTY3NZLcoYtCGd
zz/I9hD60dvV6y7kuDjYt9uUn2wrAjwe1z11T0o0eEcOuHrkDBNX6jC8bOIhl8O5
iig2F0+KuLje236TO+s6jtZTwzXQpxRFBFNGXni5cA4sQEuiQcUJhmRVMwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBS/utx2Mlkjh2ktM2rW97QYQO/eMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvRkwtNjNIWXlXU09IYVMwemF0YjN0QmhBNzk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCuSGoAwQC
uWGEAwQBwRNIAwQBwRNgMBQEAgACMA4DBQAqAGugAwUDKgDO4DANBgkqhkiG9w0B
AQsFAAOCAQEARuejitKGjlo5CG/xNWYGbL7WsxYniN8lMEKcHwNNRiFbdvw0XyFa
oiRjBRU0rondlDRQUq6R570+XkmwSxMviCjwkIn1PYkfnfXjEBT14Q5tGjTgpxqC
ZXp0OF5L+6UzM25mZuDlMaWU3596V90gDKehN3V6reeEtQs+kG35iooFxLSAQJh9
xrJ9WEPDAANmeKOsbQYzoqOGeYDaERYfPJR6lzRsUNPOsOItcCX2d4tenn4R1VQC
rgagsu7WrgxW7IanoU0dp3oYsBdmU7GUk+HEeEMiaKzQhrGI4GlAw6grUbLJR3Kb
nRrkXG9G+D7hMMoaRrKv5yBHNGlhwFbiGw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:08:55 2025 by rpki-client