Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/FzlbF55iXTRmTdbUqTxfXI0Zask.roa
File: FzlbF55iXTRmTdbUqTxfXI0Zask.roa (raw, json)
Hash identifier: 1HXzUwlCGbnQFUFl3hhCNjhPpgO5yZtuxbH9itEHFWs=
Subject key identifier: 17:39:5B:17:9E:62:5D:34:66:4D:D6:D4:A9:3C:5F:5C:8D:19:6A:C9
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0199C06C29D637AEFB9EA5BD3191FDD2676F
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/FzlbF55iXTRmTdbUqTxfXI0Zask.roa
Signing time: Tue 07 Oct 2025 20:45:38 +0000
ROA not before: Tue 07 Oct 2025 20:45:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204957
IP address blocks: 130.49.15.0/24 maxlen: 24
130.49.25.0/24 maxlen: 24
130.49.35.0/24 maxlen: 24
130.49.44.0/24 maxlen: 24
130.49.52.0/24 maxlen: 24
130.49.61.0/24 maxlen: 24
130.49.72.0/24 maxlen: 24
130.49.85.0/24 maxlen: 24
130.49.94.0/24 maxlen: 24
130.49.102.0/24 maxlen: 24
130.49.117.0/24 maxlen: 24
130.49.126.0/24 maxlen: 24
155.212.41.0/24 maxlen: 24
155.212.50.0/24 maxlen: 24
155.212.59.0/24 maxlen: 24
155.212.66.0/24 maxlen: 24
155.212.77.0/24 maxlen: 24
155.212.85.0/24 maxlen: 24
155.212.94.0/24 maxlen: 24
155.212.102.0/24 maxlen: 24
155.212.114.0/24 maxlen: 24
155.212.125.0/24 maxlen: 24
170.168.215.0/24 maxlen: 24
170.168.230.0/24 maxlen: 24
170.168.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c0:6c:29:d6:37:ae:fb:9e:a5:bd:31:91:fd:d2:67:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Oct 7 20:45:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17395b179e625d34664dd6d4a93c5f5c8d196ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7e:fc:fe:80:2b:a3:60:d4:b6:e9:c8:b3:17:
0a:9d:92:de:6e:5f:95:91:9a:50:39:23:5b:39:33:
83:36:b6:02:6f:34:9d:02:b9:be:bf:ce:25:8a:38:
2e:f3:49:98:ba:8d:df:8f:ee:88:7f:c1:d0:c0:29:
a2:ca:44:57:aa:43:8c:de:7e:dc:fe:73:0c:86:fe:
f5:6a:e4:b7:6d:6c:53:01:45:28:27:0e:f0:f6:76:
cb:ba:48:0d:42:1e:2c:22:b9:96:d6:20:76:6b:ae:
d6:15:23:29:68:c4:ec:f5:cd:8e:2b:30:74:1b:23:
95:a4:8a:b7:5c:9b:0a:90:d9:1b:93:a3:ac:55:37:
8b:19:f5:b5:4f:c8:43:f4:3e:d9:bd:9c:d9:68:85:
19:ed:b3:c1:6d:29:c1:6a:da:f6:f5:7c:b6:5d:d8:
0d:5d:60:38:69:de:59:95:88:e3:2c:fb:fc:1a:a5:
d0:b0:be:65:31:c9:23:23:f7:ee:b9:f6:09:80:e7:
f1:6a:ae:e0:f0:a2:76:02:ea:32:64:fa:87:1c:e9:
00:47:46:de:c7:3b:85:d5:48:99:67:95:55:fb:74:
6c:ce:26:34:93:7c:31:d4:3d:91:ae:80:ec:2f:96:
fa:69:c2:43:aa:36:89:e3:91:95:f4:b7:73:61:d1:
35:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:39:5B:17:9E:62:5D:34:66:4D:D6:D4:A9:3C:5F:5C:8D:19:6A:C9
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/FzlbF55iXTRmTdbUqTxfXI0Zask.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.49.15.0/24
130.49.25.0/24
130.49.35.0/24
130.49.44.0/24
130.49.52.0/24
130.49.61.0/24
130.49.72.0/24
130.49.85.0/24
130.49.94.0/24
130.49.102.0/24
130.49.117.0/24
130.49.126.0/24
155.212.41.0/24
155.212.50.0/24
155.212.59.0/24
155.212.66.0/24
155.212.77.0/24
155.212.85.0/24
155.212.94.0/24
155.212.102.0/24
155.212.114.0/24
155.212.125.0/24
170.168.215.0/24
170.168.230.0/24
170.168.250.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:73:3f:b8:eb:dd:b1:e0:f9:bf:f9:89:14:35:d9:72:a0:e6:
67:04:7b:f9:e2:ba:f8:f0:fb:c6:dd:6b:7b:23:be:c7:c4:57:
41:8f:f1:be:c3:80:c5:b5:45:52:ea:8a:e9:c5:02:01:84:d0:
19:b5:65:d5:61:dd:7b:18:07:a5:50:e4:bc:e2:8d:d7:ca:a6:
7c:72:45:62:4d:bb:af:82:14:1c:aa:b0:69:fb:67:4d:63:26:
1c:94:ab:02:04:62:9e:c2:88:8c:57:6e:6d:f9:16:2e:38:f8:
12:3d:fb:b3:d3:de:4c:af:4d:af:7d:fb:8a:95:32:75:22:c2:
05:18:8d:0e:00:2c:0f:f6:5f:73:23:59:e5:04:05:26:c7:8f:
c0:77:48:a1:a5:71:be:4f:c7:f8:75:9f:5b:88:53:5f:db:ab:
4d:cb:1f:17:a4:46:62:39:ee:1c:2f:8f:38:c4:a7:65:d0:64:
e9:17:82:a1:d9:46:1d:f5:a7:e3:e4:7b:58:eb:1b:4b:7e:47:
44:17:8f:ff:46:f1:15:2e:c0:7b:d4:82:35:35:d5:38:cc:fa:
5f:f6:23:68:ab:17:48:41:40:9d:bc:d1:d4:16:9c:03:59:93:
14:34:43:80:2b:ba:44:06:33:d0:db:c4:42:02:ca:3e:0c:4b:
90:a1:61:46
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZnAbCnWN677nqW9MZH90mdvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUxMDA3MjA0NTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzM5NWIxNzllNjI1ZDM0NjY0ZGQ2ZDRhOTNjNWY1YzhkMTk2YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwn78/oAro2DUtunIsxcKnZLebl+V
kZpQOSNbOTODNrYCbzSdArm+v84lijgu80mYuo3fj+6If8HQwCmiykRXqkOM3n7c
/nMMhv71auS3bWxTAUUoJw7w9nbLukgNQh4sIrmW1iB2a67WFSMpaMTs9c2OKzB0
GyOVpIq3XJsKkNkbk6OsVTeLGfW1T8hD9D7ZvZzZaIUZ7bPBbSnBatr29Xy2XdgN
XWA4ad5ZlYjjLPv8GqXQsL5lMckjI/fuufYJgOfxaq7g8KJ2AuoyZPqHHOkAR0be
xzuF1UiZZ5VV+3RsziY0k3wx1D2RroDsL5b6acJDqjaJ45GV9LdzYdE1owIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFBc5WxeeYl00Zk3W1Kk8X1yNGWrJMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvRnpsYkY1NWlYVFJtVGRiVXFUeGZYSTBaYXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBACC
MQ8DBACCMRkDBACCMSMDBACCMSwDBACCMTQDBACCMT0DBACCMUgDBACCMVUDBACC
MV4DBACCMWYDBACCMXUDBACCMX4DBACb1CkDBACb1DIDBACb1DsDBACb1EIDBACb
1E0DBACb1FUDBACb1F4DBACb1GYDBACb1HIDBACb1H0DBACqqNcDBACqqOYDBACq
qPowDQYJKoZIhvcNAQELBQADggEBAApzP7jr3bHg+b/5iRQ12XKg5mcEe/niuvjw
+8bda3sjvsfEV0GP8b7DgMW1RVLqiunFAgGE0Bm1ZdVh3XsYB6VQ5LzijdfKpnxy
RWJNu6+CFByqsGn7Z01jJhyUqwIEYp7CiIxXbm35Fi44+BI9+7PT3kyvTa99+4qV
MnUiwgUYjQ4ALA/2X3MjWeUEBSbHj8B3SKGlcb5Px/h1n1uIU1/bq03LHxekRmI5
7hwvjzjEp2XQZOkXgqHZRh31p+Pke1jrG0t+R0QXj/9G8RUuwHvUgjU11TjM+l/2
I2irF0hBQJ280dQWnANZkxQ0Q4ArukQGM9DbxEICyj4MS5ChYUY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:50:18 2025 by rpki-client