Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/fyx1ny3-_FInDq0dmTByBfBn0j8.roa
File: fyx1ny3-_FInDq0dmTByBfBn0j8.roa (raw, json)
Hash identifier: oB7Zx3DOWzJhigoLM671xc6bT3MSHf/pGnlfM7WSuvs=
Subject key identifier: 7F:2C:75:9F:2D:FE:FC:52:27:0E:AD:1D:99:30:72:05:F0:67:D2:3F
Certificate issuer: /CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Certificate serial: 0198D25E7C082EB7182B9AFBAE92E48178A3
Authority key identifier: BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/fyx1ny3-_FInDq0dmTByBfBn0j8.roa
Signing time: Fri 22 Aug 2025 15:21:04 +0000
ROA not before: Fri 22 Aug 2025 15:21:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1756
IP address blocks: 178.173.128.0/24 maxlen: 24
178.173.129.0/24 maxlen: 24
178.173.130.0/24 maxlen: 24
178.173.131.0/24 maxlen: 24
178.173.132.0/24 maxlen: 24
178.173.133.0/24 maxlen: 24
178.173.134.0/24 maxlen: 24
178.173.135.0/24 maxlen: 24
178.173.136.0/24 maxlen: 24
178.173.137.0/24 maxlen: 24
178.173.138.0/24 maxlen: 24
178.173.139.0/24 maxlen: 24
178.173.140.0/24 maxlen: 24
178.173.141.0/24 maxlen: 24
178.173.142.0/24 maxlen: 24
178.173.143.0/24 maxlen: 24
178.173.144.0/24 maxlen: 24
178.173.145.0/24 maxlen: 24
178.173.146.0/24 maxlen: 24
178.173.147.0/24 maxlen: 24
178.173.149.0/24 maxlen: 24
178.173.150.0/24 maxlen: 24
178.173.151.0/24 maxlen: 24
178.173.160.0/24 maxlen: 24
178.173.161.0/24 maxlen: 24
178.173.162.0/24 maxlen: 24
178.173.163.0/24 maxlen: 24
178.173.164.0/24 maxlen: 24
178.173.165.0/24 maxlen: 24
178.173.166.0/24 maxlen: 24
178.173.167.0/24 maxlen: 24
178.173.168.0/24 maxlen: 24
178.173.169.0/24 maxlen: 24
178.173.170.0/24 maxlen: 24
178.173.171.0/24 maxlen: 24
178.173.172.0/24 maxlen: 24
178.173.173.0/24 maxlen: 24
178.173.174.0/24 maxlen: 24
178.173.175.0/24 maxlen: 24
178.173.176.0/24 maxlen: 24
178.173.177.0/24 maxlen: 24
178.173.178.0/24 maxlen: 24
178.173.179.0/24 maxlen: 24
178.173.180.0/24 maxlen: 24
178.173.181.0/24 maxlen: 24
178.173.182.0/24 maxlen: 24
178.173.183.0/24 maxlen: 24
178.173.184.0/24 maxlen: 24
178.173.185.0/24 maxlen: 24
178.173.186.0/24 maxlen: 24
178.173.187.0/24 maxlen: 24
178.173.188.0/24 maxlen: 24
178.173.189.0/24 maxlen: 24
178.173.190.0/24 maxlen: 24
178.173.191.0/24 maxlen: 24
178.173.192.0/24 maxlen: 24
178.173.193.0/24 maxlen: 24
178.173.194.0/24 maxlen: 24
178.173.195.0/24 maxlen: 24
178.173.196.0/24 maxlen: 24
178.173.197.0/24 maxlen: 24
178.173.198.0/24 maxlen: 24
178.173.199.0/24 maxlen: 24
178.173.200.0/24 maxlen: 24
178.173.201.0/24 maxlen: 24
178.173.202.0/24 maxlen: 24
178.173.203.0/24 maxlen: 24
178.173.204.0/24 maxlen: 24
178.173.205.0/24 maxlen: 24
178.173.206.0/24 maxlen: 24
178.173.207.0/24 maxlen: 24
178.173.208.0/24 maxlen: 24
178.173.209.0/24 maxlen: 24
178.173.210.0/24 maxlen: 24
178.173.211.0/24 maxlen: 24
178.173.212.0/24 maxlen: 24
178.173.213.0/24 maxlen: 24
178.173.214.0/24 maxlen: 24
178.173.215.0/24 maxlen: 24
178.173.216.0/24 maxlen: 24
178.173.217.0/24 maxlen: 24
178.173.218.0/24 maxlen: 24
178.173.219.0/24 maxlen: 24
178.173.220.0/24 maxlen: 24
178.173.221.0/24 maxlen: 24
178.173.222.0/24 maxlen: 24
178.173.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/vBWSH1umvRR_9AAReqlzhjPxWH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/vBWSH1umvRR_9AAReqlzhjPxWH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d2:5e:7c:08:2e:b7:18:2b:9a:fb:ae:92:e4:81:78:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Validity
Not Before: Aug 22 15:21:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f2c759f2dfefc52270ead1d99307205f067d23f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:83:d7:f3:51:29:33:2b:dc:ea:32:ed:9f:6c:
98:0d:3f:0c:c4:e4:bd:e1:c4:4e:7b:3a:a4:9b:4a:
e2:6c:74:fe:92:d5:0c:26:7e:8a:9d:96:da:d3:28:
0a:0d:97:ce:32:34:d8:19:36:ca:f1:7a:82:79:d9:
45:a5:5f:b5:36:05:85:2f:9c:74:34:83:d3:3d:47:
f4:dc:49:b8:38:e2:d5:59:62:c8:0f:df:a8:c6:cb:
f4:87:87:d4:0b:ed:1b:6e:10:e9:ee:1b:33:b4:4d:
22:04:c7:ff:1b:60:e1:17:8c:a0:a7:75:52:8d:e5:
e1:70:c4:c0:9e:c5:10:b5:88:e4:e8:2c:10:06:f2:
8a:85:6e:fa:3f:eb:da:e6:ad:fa:d0:06:77:95:68:
4c:d7:bf:da:7f:ea:f4:a4:30:0c:b4:c4:28:57:10:
4d:51:dd:c0:34:91:b7:5b:e9:11:c8:1f:55:19:e4:
3d:37:62:44:3e:6e:9c:7d:36:f1:f5:0d:92:fb:7c:
ba:45:db:51:89:15:6d:43:58:6d:a0:18:76:8d:46:
e7:77:7d:75:d2:db:fa:53:ac:ee:6c:dd:99:63:89:
cc:5f:6d:27:4c:98:0c:e8:22:0b:f5:3b:15:4b:10:
d8:d7:a1:84:1b:02:1d:82:ec:02:ee:6a:cc:df:0d:
21:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2C:75:9F:2D:FE:FC:52:27:0E:AD:1D:99:30:72:05:F0:67:D2:3F
X509v3 Authority Key Identifier:
keyid:BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/fyx1ny3-_FInDq0dmTByBfBn0j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/vBWSH1umvRR_9AAReqlzhjPxWH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.128.0-178.173.147.255
178.173.149.0-178.173.151.255
178.173.160.0-178.173.223.255
Signature Algorithm: sha256WithRSAEncryption
42:6f:5f:31:96:fd:70:20:a2:30:9d:6c:e5:b2:b1:4c:77:82:
ce:7b:16:ed:3c:a8:a8:c6:e6:45:54:b2:8c:0f:1a:b0:59:5e:
ba:19:26:0e:d4:32:ee:dc:16:25:aa:e1:b4:5c:96:0f:d7:7d:
44:03:d8:23:42:61:01:71:90:ff:e8:89:9b:25:b2:0e:13:29:
e2:4f:c5:f3:7d:dc:9b:37:79:7a:01:b7:15:81:d2:05:b2:4b:
90:86:03:a2:38:0e:2a:82:88:66:c2:6a:6e:93:3c:e4:1f:5b:
16:95:01:9d:6a:4e:30:6b:18:43:29:cf:41:28:96:cd:71:a0:
04:26:09:fd:c3:86:28:7b:ad:ba:64:79:63:e2:50:25:69:83:
7a:79:bd:e6:de:a0:9a:d5:ba:6f:6d:2c:8f:85:f4:b5:95:49:
59:e1:c7:33:80:3c:82:e3:39:a6:12:33:85:c3:a9:eb:b8:32:
d2:8b:57:71:cf:6a:09:ae:f8:75:a9:2f:65:9d:a4:cb:fb:68:
16:99:08:23:20:d3:dc:89:43:94:4c:02:99:99:e6:02:dc:49:
c8:9e:dc:35:ad:31:d2:21:63:76:f3:ff:94:0b:ee:37:2c:c1:
0e:35:87:39:be:3d:c4:c6:b2:8a:86:c2:32:8e:06:4c:82:b8:
a8:c6:28:af
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZjSXnwILrcYK5r7rpLkgXijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMTU5MjFmNWJhNmJkMTQ3ZmY0MDAxMTdhYTk3Mzg2MzNm
MTU4N2QwHhcNMjUwODIyMTUyMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjJjNzU5ZjJkZmVmYzUyMjcwZWFkMWQ5OTMwNzIwNWYwNjdkMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoPX81EpMyvc6jLtn2yYDT8MxOS9
4cROezqkm0ribHT+ktUMJn6KnZba0ygKDZfOMjTYGTbK8XqCedlFpV+1NgWFL5x0
NIPTPUf03Em4OOLVWWLID9+oxsv0h4fUC+0bbhDp7hsztE0iBMf/G2DhF4ygp3VS
jeXhcMTAnsUQtYjk6CwQBvKKhW76P+va5q360AZ3lWhM17/af+r0pDAMtMQoVxBN
Ud3ANJG3W+kRyB9VGeQ9N2JEPm6cfTbx9Q2S+3y6RdtRiRVtQ1htoBh2jUbnd311
0tv6U6zubN2ZY4nMX20nTJgM6CIL9TsVSxDY16GEGwIdguwC7mrM3w0hVwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFH8sdZ8t/vxSJw6tHZkwcgXwZ9I/MB8GA1UdIwQY
MBaAFLwVkh9bpr0Uf/QAEXqpc4Yz8Vh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkJXU0gxdW12UlJfOUFBUmVxbHpoalB4V0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84ZTc5YWItYmE4My00NGNiLWFlYzAt
MDk5MGNlNzQ4MWU3LzEvZnl4MW55My1fRkluRHEwZG1UQnlCZkJuMGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84ZTc5YWItYmE4My00NGNiLWFlYzAtMDk5MGNlNzQ4MWU3
LzEvdkJXU0gxdW12UlJfOUFBUmVxbHpoalB4V0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBAeyrYAD
BAKyrZAwDAMEALKtlQMEA7KtkDAMAwQFsq2gAwQFsq3AMA0GCSqGSIb3DQEBCwUA
A4IBAQBCb18xlv1wIKIwnWzlsrFMd4LOexbtPKioxuZFVLKMDxqwWV66GSYO1DLu
3BYlquG0XJYP131EA9gjQmEBcZD/6ImbJbIOEyniT8XzfdybN3l6AbcVgdIFskuQ
hgOiOA4qgohmwmpukzzkH1sWlQGdak4waxhDKc9BKJbNcaAEJgn9w4Yoe626ZHlj
4lAlaYN6eb3m3qCa1bpvbSyPhfS1lUlZ4cczgDyC4zmmEjOFw6nruDLSi1dxz2oJ
rvh1qS9lnaTL+2gWmQgjINPciUOUTAKZmeYC3EnIntw1rTHSIWN28/+UC+43LMEO
NYc5vj3ExrKKhsIyjgZMgrioxiiv
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:31:26 2025 by rpki-client