Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/FQTJ9yKUb3OlGwBGdpbY2TJfddk.roa
File: FQTJ9yKUb3OlGwBGdpbY2TJfddk.roa (raw, json)
Hash identifier: RAKd4ZC6G7i097Dp9nERxQmGxVATzUp0gj9qZtr+If0=
Subject key identifier: 15:04:C9:F7:22:94:6F:73:A5:1B:00:46:76:96:D8:D9:32:5F:75:D9
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0199DDDFA3D0E5398005644CF75CF1925C26
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/FQTJ9yKUb3OlGwBGdpbY2TJfddk.roa
Signing time: Mon 13 Oct 2025 14:00:45 +0000
ROA not before: Mon 13 Oct 2025 14:00:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210473
IP address blocks: 212.134.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dd:df:a3:d0:e5:39:80:05:64:4c:f7:5c:f1:92:5c:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 13 14:00:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1504c9f722946f73a51b00467696d8d9325f75d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:03:4d:cb:32:ad:79:72:1f:01:d5:d5:48:dd:
90:2d:54:6f:2b:71:ab:bd:06:f4:23:85:73:81:1f:
b3:85:6b:9e:de:77:a2:5c:61:37:fe:a3:41:fa:3b:
80:a3:ff:97:5a:cf:11:28:cd:6c:f3:76:bd:6a:76:
a7:13:75:ee:5b:03:9d:2c:c5:d1:6c:6d:d6:4e:19:
b9:b5:f9:a6:28:78:b7:dc:45:da:f9:31:5b:d7:c6:
86:0d:ea:b6:5a:a1:36:9b:2b:f8:3c:34:58:71:df:
c8:7c:7f:59:fc:4a:b4:8a:a5:20:5d:5a:c1:d2:51:
c6:35:cd:61:84:82:a3:c0:7e:05:0d:f0:c3:63:50:
45:93:69:b0:b5:06:d6:bb:e8:a7:eb:a8:db:0d:ac:
e8:e5:05:d2:6f:c2:62:92:85:6d:65:3c:0b:5e:9f:
8c:05:21:4e:c8:8e:48:b1:13:d5:6b:1a:be:45:1e:
c9:88:25:53:1a:54:57:b9:f4:35:c6:ae:e3:32:49:
ef:f2:dc:3e:e8:32:40:9c:27:bf:33:31:ba:65:61:
97:f3:97:ab:18:9d:67:44:8e:ba:57:c1:83:a0:ad:
0f:1a:2b:bb:df:91:f0:9c:7c:e8:44:25:7e:b4:f9:
4d:9a:06:1e:9b:56:6f:56:24:41:38:e2:fd:3c:2f:
69:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:04:C9:F7:22:94:6F:73:A5:1B:00:46:76:96:D8:D9:32:5F:75:D9
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/FQTJ9yKUb3OlGwBGdpbY2TJfddk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.44.0/24
Signature Algorithm: sha256WithRSAEncryption
29:52:50:db:24:c5:5d:bb:61:32:65:e1:8d:cc:d6:37:3f:fe:
74:a1:fc:26:49:5b:10:69:39:38:a6:91:af:2b:3a:74:71:56:
b2:66:4e:1f:40:e4:71:ad:12:c3:65:3f:62:68:77:82:da:59:
17:6a:d1:f3:68:88:8e:c6:4f:fa:e9:01:f7:83:b2:2e:3d:3e:
57:f0:b3:77:3d:1a:80:68:7e:0a:5c:c2:89:52:73:7e:f9:64:
42:fe:1f:e9:1f:fc:70:93:2d:40:7e:99:b8:e5:67:f4:ee:f9:
53:b2:1b:0f:71:7d:62:ed:fe:d7:e7:24:5c:0e:f4:28:1e:2f:
32:cc:5c:15:97:38:ae:ec:e2:92:8e:48:b3:ca:53:30:16:43:
4b:4a:3a:30:f1:23:d7:b4:2d:29:84:84:a5:cf:f0:08:d9:6c:
6b:a0:ea:80:8c:bf:97:71:07:a7:92:e7:ac:a1:02:27:f2:b6:
34:7c:bf:89:90:fb:93:ee:f6:f9:08:d6:0c:af:56:4c:c1:af:
24:38:32:57:e0:87:17:df:35:1a:ae:b1:48:ee:c3:7b:2e:b9:
72:c9:af:bd:15:54:d6:47:4f:14:a4:ef:f5:9e:4c:c7:ba:06:
83:ad:ac:ed:4e:f0:69:8c:1c:9c:12:a8:ee:63:2d:33:81:c8:
0c:97:7c:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnd36PQ5TmABWRM91zxklwmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDEzMTQwMDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA0YzlmNzIyOTQ2ZjczYTUxYjAwNDY3Njk2ZDhkOTMyNWY3NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQNNyzKteXIfAdXVSN2QLVRvK3Gr
vQb0I4VzgR+zhWue3neiXGE3/qNB+juAo/+XWs8RKM1s83a9ananE3XuWwOdLMXR
bG3WThm5tfmmKHi33EXa+TFb18aGDeq2WqE2myv4PDRYcd/IfH9Z/Eq0iqUgXVrB
0lHGNc1hhIKjwH4FDfDDY1BFk2mwtQbWu+in66jbDazo5QXSb8JikoVtZTwLXp+M
BSFOyI5IsRPVaxq+RR7JiCVTGlRXufQ1xq7jMknv8tw+6DJAnCe/MzG6ZWGX85er
GJ1nRI66V8GDoK0PGiu735HwnHzoRCV+tPlNmgYem1ZvViRBOOL9PC9pWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBUEyfcilG9zpRsARnaW2NkyX3XZMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvRlFUSjl5S1ViM09sR3dCR2RwYlkyVEpmZGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1IYsMA0G
CSqGSIb3DQEBCwUAA4IBAQApUlDbJMVdu2EyZeGNzNY3P/50ofwmSVsQaTk4ppGv
Kzp0cVayZk4fQORxrRLDZT9iaHeC2lkXatHzaIiOxk/66QH3g7IuPT5X8LN3PRqA
aH4KXMKJUnN++WRC/h/pH/xwky1Afpm45Wf07vlTshsPcX1i7f7X5yRcDvQoHi8y
zFwVlziu7OKSjkizylMwFkNLSjow8SPXtC0phISlz/AI2WxroOqAjL+XcQenkues
oQIn8rY0fL+JkPuT7vb5CNYMr1ZMwa8kODJX4IcX3zUarrFI7sN7Lrlyya+9FVTW
R08UpO/1nkzHugaDraztTvBpjBycEqjuYy0zgcgMl3w9
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:52 2025 by rpki-client