Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/FRU7JmHiQ9qcCxvbv5Mja56TjGI.roa
File: FRU7JmHiQ9qcCxvbv5Mja56TjGI.roa (raw, json)
Hash identifier: yEAPn24tC508vlRp3YgMW7BQE27LytJYSB6RuOAknPE=
Subject key identifier: 15:15:3B:26:61:E2:43:DA:9C:0B:1B:DB:BF:93:23:6B:9E:93:8C:62
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 019883D520F3A51C9BA660CA7C1E7C8BD45B
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/FRU7JmHiQ9qcCxvbv5Mja56TjGI.roa
Signing time: Thu 07 Aug 2025 09:20:39 +0000
ROA not before: Thu 07 Aug 2025 09:20:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.152.114.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:83:d5:20:f3:a5:1c:9b:a6:60:ca:7c:1e:7c:8b:d4:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Aug 7 09:20:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15153b2661e243da9c0b1bdbbf93236b9e938c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:10:31:a6:5a:bd:9f:43:66:05:c1:f7:bb:ee:
3b:56:5f:57:5f:73:f2:4b:df:89:e7:46:04:01:f2:
27:af:cc:d6:8f:f5:a9:a1:cc:e7:5b:63:24:7c:31:
35:5c:be:ec:9a:48:4c:e6:fd:60:16:61:cb:9c:96:
41:11:0d:ab:2a:a1:f8:54:f8:d2:0a:18:c9:4c:9a:
61:cd:12:4d:d1:08:8b:23:03:a3:4d:4f:6a:76:92:
85:62:d2:f7:c1:56:aa:4e:6d:c0:45:3f:da:1f:5f:
f6:d2:41:80:a9:62:cd:e6:a1:54:8c:40:85:6d:d2:
bb:30:aa:45:17:68:a8:3e:73:20:9e:78:21:da:4d:
0a:b7:48:84:20:27:6e:5e:ee:77:a1:fb:57:17:8f:
03:0c:7e:2f:0a:50:f3:88:46:9a:5b:6a:b6:1c:ab:
c0:c6:44:5c:7b:95:40:0f:96:35:03:8d:a6:15:6b:
aa:46:c2:c1:3c:48:90:7f:36:fa:38:e8:17:c6:79:
16:01:cd:b5:ef:37:58:77:55:cf:c8:6a:87:7b:d1:
2c:f2:33:69:10:aa:2b:95:67:24:7c:58:62:41:58:
9b:ee:2b:30:a1:bc:55:ef:5d:a1:ba:f8:3c:c5:d4:
dd:1f:5a:49:0b:86:65:0a:da:07:f6:4f:77:8d:d1:
b7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:15:3B:26:61:E2:43:DA:9C:0B:1B:DB:BF:93:23:6B:9E:93:8C:62
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/FRU7JmHiQ9qcCxvbv5Mja56TjGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.114.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:42:13:05:b8:40:11:ba:1d:4c:0b:1d:d3:df:44:f0:b8:6e:
b2:80:f6:2c:2c:f2:e2:f2:5d:8c:c3:86:fe:bf:69:c6:bc:5c:
d6:06:ea:4c:4b:41:31:a7:9f:54:3d:a2:0c:7d:e5:97:f8:33:
f4:c5:28:43:96:4e:49:5b:69:9b:45:8d:dc:7b:16:12:43:7e:
50:67:09:b2:46:13:7b:48:cd:26:d9:02:f1:66:3a:8f:ad:72:
3d:0d:5b:a6:e6:e4:ee:5c:40:1c:88:a5:bc:d3:2b:98:64:6c:
5b:93:41:7a:4b:cc:53:7a:cb:00:74:7e:78:05:d7:ee:ae:2f:
6b:40:c1:24:e1:4f:b6:d4:5b:f9:c9:97:fd:38:62:a8:f1:63:
fc:d4:50:60:0e:db:5e:fc:ec:6f:67:04:f1:fc:81:7b:8a:a3:
16:b7:03:a5:6c:5a:f8:3c:d2:a2:8e:93:ed:ac:c3:f0:e0:60:
6e:fb:e7:c0:95:09:e3:3a:77:9a:79:f7:4e:b3:40:20:16:13:
43:85:1c:55:06:1a:29:34:69:af:70:c6:ca:63:af:d1:e4:3c:
4a:67:16:f9:2a:0f:4e:d2:ad:08:d5:b1:b4:02:4f:b7:44:f3:
ae:6c:b0:24:8b:7c:c2:bf:81:a9:a8:cd:cc:b3:1f:c2:23:b7:
f3:b7:a4:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiD1SDzpRybpmDKfB58i9RbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjUwODA3MDkyMDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTE1M2IyNjYxZTI0M2RhOWMwYjFiZGJiZjkzMjM2YjllOTM4YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RAxplq9n0NmBcH3u+47Vl9XX3Py
S9+J50YEAfInr8zWj/WpocznW2MkfDE1XL7smkhM5v1gFmHLnJZBEQ2rKqH4VPjS
ChjJTJphzRJN0QiLIwOjTU9qdpKFYtL3wVaqTm3ART/aH1/20kGAqWLN5qFUjECF
bdK7MKpFF2ioPnMgnngh2k0Kt0iEICduXu53oftXF48DDH4vClDziEaaW2q2HKvA
xkRce5VAD5Y1A42mFWuqRsLBPEiQfzb6OOgXxnkWAc217zdYd1XPyGqHe9Es8jNp
EKorlWckfFhiQVib7iswobxV712huvg8xdTdH1pJC4ZlCtoH9k93jdG3TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBUVOyZh4kPanAsb27+TI2uek4xiMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEvRlJVN0ptSGlROXFjQ3h2YnY1TWphNTZUakdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZhyMA0G
CSqGSIb3DQEBCwUAA4IBAQCkQhMFuEARuh1MCx3T30TwuG6ygPYsLPLi8l2Mw4b+
v2nGvFzWBupMS0Exp59UPaIMfeWX+DP0xShDlk5JW2mbRY3cexYSQ35QZwmyRhN7
SM0m2QLxZjqPrXI9DVum5uTuXEAciKW80yuYZGxbk0F6S8xTessAdH54Bdfuri9r
QMEk4U+21Fv5yZf9OGKo8WP81FBgDtte/OxvZwTx/IF7iqMWtwOlbFr4PNKijpPt
rMPw4GBu++fAlQnjOneaefdOs0AgFhNDhRxVBhopNGmvcMbKY6/R5DxKZxb5Kg9O
0q0I1bG0Ak+3RPOubLAki3zCv4GpqM3Msx/CI7fzt6Sz
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:50:35 2025 by rpki-client