Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/fwGEa1qMKzWIxGZ5Rx3BvoG9LN4.roa
File: fwGEa1qMKzWIxGZ5Rx3BvoG9LN4.roa (raw, json)
Hash identifier: 9w2zj4YTOzCrlR2dMoFL7n6g98Fr8mnP5vI4EHJkpEQ=
Subject key identifier: 7F:01:84:6B:5A:8C:2B:35:88:C4:66:79:47:1D:C1:BE:81:BD:2C:DE
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 01995CE5BB4720469738E302B92736146713
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/fwGEa1qMKzWIxGZ5Rx3BvoG9LN4.roa
Signing time: Thu 18 Sep 2025 12:56:23 +0000
ROA not before: Thu 18 Sep 2025 12:56:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
82.206.4.0/22 maxlen: 24
82.206.8.0/23 maxlen: 24
82.206.16.0/22 maxlen: 22
82.206.16.0/23 maxlen: 23
82.206.72.0/21 maxlen: 21
82.206.84.0/22 maxlen: 24
82.206.88.0/21 maxlen: 21
82.206.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5c:e5:bb:47:20:46:97:38:e3:02:b9:27:36:14:67:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Sep 18 12:56:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f01846b5a8c2b3588c46679471dc1be81bd2cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:06:54:ad:f4:27:4d:b4:90:9e:7e:37:98:da:
39:4c:ea:3b:e3:82:70:ca:02:af:d1:a9:07:70:73:
a9:1d:d0:b4:0b:06:12:be:a3:e1:1f:ea:67:37:c8:
54:88:c2:62:e9:e0:c1:b5:a7:c8:05:6e:0d:da:87:
8b:39:f6:2a:b5:06:6c:4c:12:f6:b9:ab:85:76:36:
36:1a:0f:c1:63:fc:96:4f:e5:cd:b7:70:ed:37:ce:
e7:59:83:16:fd:52:81:7f:8e:64:95:60:32:4f:c4:
cc:9e:ac:3b:38:bd:8a:e6:8b:38:77:fc:77:35:eb:
53:4f:e9:d9:aa:b0:d6:9e:c3:b1:05:fe:e8:29:75:
c1:57:d4:eb:b8:50:35:c8:51:37:5b:62:e3:57:2e:
95:69:84:c5:bb:38:15:36:27:b1:77:8d:ac:25:83:
fa:bf:40:81:34:cb:1e:0c:0a:91:84:40:10:a2:6c:
51:5d:22:1e:5e:e0:7c:7f:0d:e1:ab:b9:03:11:51:
dd:6f:94:f1:ba:1e:29:9f:25:c3:d5:50:54:a9:6d:
4d:45:8e:0c:03:b9:02:04:5f:d5:bd:fb:b6:01:65:
cc:91:c0:32:2d:55:9b:47:5c:d7:97:49:8d:1c:53:
9b:40:f3:3e:82:61:03:73:de:06:df:0d:6e:77:fe:
74:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:01:84:6B:5A:8C:2B:35:88:C4:66:79:47:1D:C1:BE:81:BD:2C:DE
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/fwGEa1qMKzWIxGZ5Rx3BvoG9LN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0-82.206.9.255
82.206.16.0/22
82.206.72.0/21
82.206.84.0-82.206.111.255
Signature Algorithm: sha256WithRSAEncryption
94:4e:6d:39:16:cd:57:09:89:50:e8:6c:a0:b5:ee:1b:54:43:
33:39:f6:47:67:5d:af:36:6e:8a:70:d5:9f:be:6b:60:0a:ba:
5b:9e:af:39:f8:73:00:cd:c4:f4:09:f0:48:23:25:36:22:6b:
a0:09:2c:b1:3a:10:63:46:03:a7:ad:ca:0c:b8:a9:e9:9a:03:
b8:c0:c8:5b:a7:5c:3a:a6:d5:51:f8:d3:37:19:96:41:bc:12:
80:cc:ba:55:03:9c:5c:f4:69:3a:e2:a5:a7:93:e5:d7:20:11:
2e:6f:fa:23:0c:c8:90:9a:19:d6:f2:a1:c2:a9:bb:f9:6e:c7:
f5:c5:a1:eb:e7:0f:6c:bf:db:3a:e7:04:08:bb:ca:4f:75:35:
2b:7a:9d:31:fa:7d:a9:c3:9b:51:0b:4a:cd:a2:2f:6f:ba:d3:
18:55:62:12:5e:58:c4:80:43:05:26:f5:12:b7:a2:c0:90:7e:
44:28:89:60:7f:10:01:43:8e:fc:2b:ab:a1:db:db:78:4f:94:
f2:56:aa:fb:bb:4d:e5:9e:63:95:28:54:20:0e:a6:5b:5f:8f:
18:ee:0b:c6:7f:5c:74:55:64:cf:fc:f9:e1:32:f7:b5:a3:b2:
23:b8:10:d5:15:69:57:76:0a:6b:f4:d4:4c:06:66:f0:39:a1:
9e:0e:88:03
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZlc5btHIEaXOOMCuSc2FGcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwOTE4MTI1NjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjAxODQ2YjVhOGMyYjM1ODhjNDY2Nzk0NzFkYzFiZTgxYmQyY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgZUrfQnTbSQnn43mNo5TOo744Jw
ygKv0akHcHOpHdC0CwYSvqPhH+pnN8hUiMJi6eDBtafIBW4N2oeLOfYqtQZsTBL2
uauFdjY2Gg/BY/yWT+XNt3DtN87nWYMW/VKBf45klWAyT8TMnqw7OL2K5os4d/x3
NetTT+nZqrDWnsOxBf7oKXXBV9TruFA1yFE3W2LjVy6VaYTFuzgVNiexd42sJYP6
v0CBNMseDAqRhEAQomxRXSIeXuB8fw3hq7kDEVHdb5Txuh4pnyXD1VBUqW1NRY4M
A7kCBF/Vvfu2AWXMkcAyLVWbR1zXl0mNHFObQPM+gmEDc94G3w1ud/500QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFH8BhGtajCs1iMRmeUcdwb6BvSzeMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvZndHRWExcU1LeldJeEdaNVJ4M0J2b0c5TE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAFSzgID
BAFSzggDBAJSzhADBANSzkgwDAMEAlLOVAMEBFLOYDANBgkqhkiG9w0BAQsFAAOC
AQEAlE5tORbNVwmJUOhsoLXuG1RDMzn2R2ddrzZuinDVn75rYAq6W56vOfhzAM3E
9AnwSCMlNiJroAkssToQY0YDp63KDLip6ZoDuMDIW6dcOqbVUfjTNxmWQbwSgMy6
VQOcXPRpOuKlp5Pl1yARLm/6IwzIkJoZ1vKhwqm7+W7H9cWh6+cPbL/bOucECLvK
T3U1K3qdMfp9qcObUQtKzaIvb7rTGFViEl5YxIBDBSb1EreiwJB+RCiJYH8QAUOO
/CurodvbeE+U8laq+7tN5Z5jlShUIA6mW1+PGO4Lxn9cdFVkz/z54TL3taOyI7gQ
1RVpV3YKa/TUTAZm8Dmhng6IAw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:19 2025 by rpki-client