Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FyWTpKLRWrjiTeWALs_rutqmIVc.roa
File: FyWTpKLRWrjiTeWALs_rutqmIVc.roa (raw, json)
Hash identifier: DNAGywwG6IEjVlcR2LqQYa8hMwV4JGAWZT41UHh4YIc=
Subject key identifier: 17:25:93:A4:A2:D1:5A:B8:E2:4D:E5:80:2E:CF:EB:BA:DA:A6:21:57
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01979D9D564DEDE0D51435E56DB08CBB5FAA
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FyWTpKLRWrjiTeWALs_rutqmIVc.roa
Signing time: Mon 23 Jun 2025 16:27:03 +0000
ROA not before: Mon 23 Jun 2025 16:27:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
202.71.13.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9d:9d:56:4d:ed:e0:d5:14:35:e5:6d:b0:8c:bb:5f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 23 16:27:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=172593a4a2d15ab8e24de5802ecfebbadaa62157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:97:bb:67:1b:10:c2:ef:2c:12:21:da:f0:37:
44:c1:99:d0:26:39:c6:e6:11:05:8e:1b:a6:86:25:
da:4e:d2:09:64:7e:a7:38:41:22:ea:44:8a:a2:ef:
48:ac:fe:90:88:cb:77:7e:bf:68:8d:22:80:d3:c6:
58:29:7c:f7:05:e2:bb:25:9d:ca:97:bb:03:2e:69:
bf:da:79:28:8b:0a:6c:65:1a:62:df:e5:ed:14:a7:
83:c9:07:50:6c:80:87:73:b7:83:55:8f:c0:77:c1:
36:57:26:05:6b:f6:34:ec:7d:5e:d6:f7:a5:06:96:
9e:84:60:2f:25:56:2f:f6:7e:32:3e:05:ac:70:9f:
68:dc:39:b5:52:b1:8b:2a:de:b5:17:84:15:d0:0a:
5c:0c:93:53:54:67:46:c8:22:85:d9:0d:c7:58:16:
59:b6:a0:a4:80:d4:90:65:aa:01:d0:34:10:cf:fd:
c1:c8:41:c3:96:d0:5b:22:6a:d1:c5:eb:a6:b3:55:
07:ca:4d:11:ef:10:56:e5:28:99:85:d7:25:1e:82:
84:21:4e:9b:07:81:e3:f5:9d:f6:33:f4:0a:8f:e3:
fd:7a:61:8b:26:3f:74:fb:9a:59:94:c0:18:9d:91:
0c:3a:85:12:b1:eb:1a:99:f2:36:c3:37:46:73:f4:
6f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:25:93:A4:A2:D1:5A:B8:E2:4D:E5:80:2E:CF:EB:BA:DA:A6:21:57
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FyWTpKLRWrjiTeWALs_rutqmIVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
93.115.106.0/24
93.115.203.0/24
94.177.106.0/24
202.71.13.0/24
202.71.15.0/24
Signature Algorithm: sha256WithRSAEncryption
47:9e:db:9b:8b:2d:95:55:4c:55:97:72:92:92:e9:7a:60:62:
85:92:5b:4f:78:1e:cb:2f:54:2a:6f:0e:3c:c9:c7:57:ce:5c:
0c:e4:78:1d:56:af:33:06:e3:e5:31:cf:f4:eb:6f:fc:d0:3a:
28:68:3f:61:1e:c6:93:9f:9c:4b:56:44:06:d4:de:e9:1b:4d:
5d:8e:68:98:f3:1b:24:71:fd:db:26:74:be:62:99:33:3a:13:
11:4d:32:f4:e0:be:ae:3f:25:fe:63:cf:f2:8c:d5:8c:c9:ba:
12:59:7f:52:af:7c:11:94:29:3b:58:db:64:94:83:6f:ff:14:
6c:e0:5b:0f:6e:2a:2f:84:be:5c:40:4a:37:62:99:7e:8f:cf:
91:37:9a:87:b7:58:cc:f6:52:ad:28:90:c8:66:be:9c:b9:20:
16:28:99:4d:2e:ac:88:1b:79:be:ae:8c:fc:85:16:05:5f:ab:
e9:6a:b1:47:a8:63:4f:94:72:9b:99:dc:8b:30:eb:70:5a:6a:
e3:af:a5:7b:31:70:93:5a:e4:20:3e:b8:e3:7b:17:86:43:e6:
85:d3:06:8d:46:31:46:5a:36:b7:77:ba:e3:d1:60:45:87:1d:
7b:5d:7f:79:98:64:77:b9:3f:0f:25:1d:c8:2a:1b:c8:81:2c:
8e:0b:df:68
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZednVZN7eDVFDXlbbCMu1+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwNjIzMTYyNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzI1OTNhNGEyZDE1YWI4ZTI0ZGU1ODAyZWNmZWJiYWRhYTYyMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpe7ZxsQwu8sEiHa8DdEwZnQJjnG
5hEFjhumhiXaTtIJZH6nOEEi6kSKou9IrP6QiMt3fr9ojSKA08ZYKXz3BeK7JZ3K
l7sDLmm/2nkoiwpsZRpi3+XtFKeDyQdQbICHc7eDVY/Ad8E2VyYFa/Y07H1e1vel
BpaehGAvJVYv9n4yPgWscJ9o3Dm1UrGLKt61F4QV0ApcDJNTVGdGyCKF2Q3HWBZZ
tqCkgNSQZaoB0DQQz/3ByEHDltBbImrRxeums1UHyk0R7xBW5SiZhdclHoKEIU6b
B4Hj9Z32M/QKj+P9emGLJj90+5pZlMAYnZEMOoUSsesamfI2wzdGc/RveQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBclk6Si0Vq44k3lgC7P67rapiFXMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvRnlXVHBLTFJXcmppVGVXQUxzX3J1dHFtSVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
WSJqAwQAXXK3AwQAXXNqAwQAXXPLAwQAXrFqAwQAykcNAwQAykcPMA0GCSqGSIb3
DQEBCwUAA4IBAQBHntubiy2VVUxVl3KSkul6YGKFkltPeB7LL1Qqbw48ycdXzlwM
5HgdVq8zBuPlMc/062/80DooaD9hHsaTn5xLVkQG1N7pG01djmiY8xskcf3bJnS+
YpkzOhMRTTL04L6uPyX+Y8/yjNWMyboSWX9Sr3wRlCk7WNtklINv/xRs4FsPbiov
hL5cQEo3Ypl+j8+RN5qHt1jM9lKtKJDIZr6cuSAWKJlNLqyIG3m+roz8hRYFX6vp
arFHqGNPlHKbmdyLMOtwWmrjr6V7MXCTWuQgPrjjexeGQ+aF0waNRjFGWja3d7rj
0WBFhx17XX95mGR3uT8PJR3IKhvIgSyOC99o
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:22:53 2025 by rpki-client