Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/586375-bc8d-4065-83dc-0aeb9d37787e/1/X-F4EV-F2ag_5pD7ZZ_5QP_Tg_k.roa
File: X-F4EV-F2ag_5pD7ZZ_5QP_Tg_k.roa (raw, json)
Hash identifier: 1FxaidkVHdKLmVU/qFLpds7lpUrV/YLVa1N6wBCOD8g=
Subject key identifier: 5F:E1:78:11:5F:85:D9:A8:3F:E6:90:FB:65:9F:F9:40:FF:D3:83:F9
Certificate issuer: /CN=16d409032818a628cd2b28383802d77e7494a252
Certificate serial: 0199A42DB416D9E86901FDC18BE340B899D8
Authority key identifier: 16:D4:09:03:28:18:A6:28:CD:2B:28:38:38:02:D7:7E:74:94:A2:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FtQJAygYpijNKyg4OALXfnSUolI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/586375-bc8d-4065-83dc-0aeb9d37787e/1/X-F4EV-F2ag_5pD7ZZ_5QP_Tg_k.roa
Signing time: Thu 02 Oct 2025 09:08:02 +0000
ROA not before: Thu 02 Oct 2025 09:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12886
IP address blocks: 185.255.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/586375-bc8d-4065-83dc-0aeb9d37787e/1/FtQJAygYpijNKyg4OALXfnSUolI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/586375-bc8d-4065-83dc-0aeb9d37787e/1/FtQJAygYpijNKyg4OALXfnSUolI.mft
rsync://rpki.ripe.net/repository/DEFAULT/FtQJAygYpijNKyg4OALXfnSUolI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a4:2d:b4:16:d9:e8:69:01:fd:c1:8b:e3:40:b8:99:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16d409032818a628cd2b28383802d77e7494a252
Validity
Not Before: Oct 2 09:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fe178115f85d9a83fe690fb659ff940ffd383f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:56:f6:d0:3f:90:8f:af:b1:93:e3:b1:44:58:
0a:85:e7:ef:e5:2f:09:e8:2a:27:0c:cf:44:f1:a6:
9c:b1:73:f8:20:ea:b4:82:ac:88:02:28:28:a5:bc:
43:90:32:28:ea:a6:15:af:79:43:5f:bb:df:a7:1f:
b6:77:d6:15:c2:32:1d:e8:9f:eb:ca:74:cc:85:c6:
a4:70:cc:09:f0:52:72:f9:80:b1:c8:57:dd:a4:4f:
9a:e9:e5:a9:5a:16:dd:9f:8d:97:5d:57:65:a6:3b:
fd:2f:a7:06:c9:22:8f:dd:0e:c2:50:7b:e6:cb:b0:
75:5d:f5:61:5c:12:80:36:0f:3a:67:e6:6c:15:2f:
a5:8f:07:10:25:c2:90:a4:91:5b:c1:6e:b2:65:b0:
c1:d0:25:3a:66:03:83:c1:79:07:88:3b:bf:32:d2:
91:8d:8e:06:a8:ec:97:b7:7d:58:4e:75:6e:56:8f:
a3:75:fe:e9:b4:d0:f3:0f:eb:5f:9c:90:bb:da:2a:
7b:70:67:a8:ae:8c:5a:c3:bb:9e:cc:77:16:0f:ed:
90:73:d5:7b:ba:80:c9:19:8a:a2:69:41:a7:be:97:
bc:f2:e8:a0:0a:3d:42:3e:26:33:3a:fd:6d:33:21:
b0:33:dc:1f:42:71:f8:47:df:44:d7:4b:04:54:64:
15:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E1:78:11:5F:85:D9:A8:3F:E6:90:FB:65:9F:F9:40:FF:D3:83:F9
X509v3 Authority Key Identifier:
keyid:16:D4:09:03:28:18:A6:28:CD:2B:28:38:38:02:D7:7E:74:94:A2:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FtQJAygYpijNKyg4OALXfnSUolI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/586375-bc8d-4065-83dc-0aeb9d37787e/1/X-F4EV-F2ag_5pD7ZZ_5QP_Tg_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/586375-bc8d-4065-83dc-0aeb9d37787e/1/FtQJAygYpijNKyg4OALXfnSUolI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.248.0/22
Signature Algorithm: sha256WithRSAEncryption
03:30:68:ab:7c:b2:45:30:2c:39:42:66:ca:49:b8:d8:90:e8:
f4:cb:6f:77:f2:e5:0a:29:14:5a:cf:5f:14:bf:2c:63:31:3f:
5d:ff:56:d6:c9:08:27:94:27:57:99:fa:e6:20:64:fd:91:c2:
3a:c9:14:c9:32:23:84:5d:f3:ea:ca:22:1c:25:42:25:63:61:
38:54:6a:e0:96:c1:f0:fe:39:a0:fc:1e:66:52:ee:65:d7:a1:
59:0c:a4:5f:f1:39:29:9d:65:f5:00:30:55:49:ea:90:f4:1f:
aa:aa:a3:e5:62:80:9c:3d:06:a6:81:0d:58:90:2d:c7:c7:0c:
f7:6c:06:e2:8d:f1:03:42:69:14:c9:aa:05:2c:09:c7:4b:7a:
58:04:14:f0:30:00:cb:84:9d:a8:ba:65:cd:e9:23:ad:5d:19:
68:77:43:d4:55:96:e5:ee:71:4f:39:6b:e4:4c:23:7f:d2:21:
7e:3a:bc:9b:a7:02:57:d6:63:82:ad:2f:8c:f1:29:b1:c0:ce:
9c:1e:38:6d:1c:b2:84:3f:85:46:e1:df:88:90:d8:41:d9:05:
35:ee:0b:62:9d:f3:11:2e:99:e9:18:04:03:51:8b:44:33:7f:
ed:49:87:5f:94:67:e6:d8:4a:a6:4c:0e:07:aa:de:cb:06:58:
cb:de:f2:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmkLbQW2ehpAf3Bi+NAuJnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZDQwOTAzMjgxOGE2MjhjZDJiMjgzODM4MDJkNzdlNzQ5
NGEyNTIwHhcNMjUxMDAyMDkwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmUxNzgxMTVmODVkOWE4M2ZlNjkwZmI2NTlmZjk0MGZmZDM4M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilb20D+Qj6+xk+OxRFgKhefv5S8J
6ConDM9E8aacsXP4IOq0gqyIAigopbxDkDIo6qYVr3lDX7vfpx+2d9YVwjId6J/r
ynTMhcakcMwJ8FJy+YCxyFfdpE+a6eWpWhbdn42XXVdlpjv9L6cGySKP3Q7CUHvm
y7B1XfVhXBKANg86Z+ZsFS+ljwcQJcKQpJFbwW6yZbDB0CU6ZgODwXkHiDu/MtKR
jY4GqOyXt31YTnVuVo+jdf7ptNDzD+tfnJC72ip7cGeoroxaw7uezHcWD+2Qc9V7
uoDJGYqiaUGnvpe88uigCj1CPiYzOv1tMyGwM9wfQnH4R99E10sEVGQV5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/heBFfhdmoP+aQ+2Wf+UD/04P5MB8GA1UdIwQY
MBaAFBbUCQMoGKYozSsoODgC1350lKJSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnRRSkF5Z1lwaWpOS3lnNE9BTFhmblNVb2xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ODYzNzUtYmM4ZC00MDY1LTgzZGMt
MGFlYjlkMzc3ODdlLzEvWC1GNEVWLUYyYWdfNXBEN1paXzVRUF9UZ19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ODYzNzUtYmM4ZC00MDY1LTgzZGMtMGFlYjlkMzc3ODdl
LzEvRnRRSkF5Z1lwaWpOS3lnNE9BTFhmblNVb2xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf/4MA0G
CSqGSIb3DQEBCwUAA4IBAQADMGirfLJFMCw5QmbKSbjYkOj0y2938uUKKRRaz18U
vyxjMT9d/1bWyQgnlCdXmfrmIGT9kcI6yRTJMiOEXfPqyiIcJUIlY2E4VGrglsHw
/jmg/B5mUu5l16FZDKRf8TkpnWX1ADBVSeqQ9B+qqqPlYoCcPQamgQ1YkC3Hxwz3
bAbijfEDQmkUyaoFLAnHS3pYBBTwMADLhJ2oumXN6SOtXRlod0PUVZbl7nFPOWvk
TCN/0iF+OrybpwJX1mOCrS+M8SmxwM6cHjhtHLKEP4VG4d+IkNhB2QU17gtinfMR
LpnpGAQDUYtEM3/tSYdflGfm2EqmTA4Hqt7LBljL3vKL
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:04:36 2025 by rpki-client