Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/FecfrsDP_2-uiKaIVksHE8k2_jM.roa
File: FecfrsDP_2-uiKaIVksHE8k2_jM.roa (raw, json)
Hash identifier: gP7tOSWSL8RwGrusGGWswKc+9OyWqTDZ6swO42sijY4=
Subject key identifier: 15:E7:1F:AE:C0:CF:FF:6F:AE:88:A6:88:56:4B:07:13:C9:36:FE:33
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0199CD82FE9D7ADB3419032C4AD00E63F24C
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/FecfrsDP_2-uiKaIVksHE8k2_jM.roa
Signing time: Fri 10 Oct 2025 09:45:38 +0000
ROA not before: Fri 10 Oct 2025 09:45:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58325
IP address blocks: 212.134.220.0/22 maxlen: 22
212.134.236.0/22 maxlen: 22
212.134.244.0/22 maxlen: 22
212.134.252.0/22 maxlen: 22
212.135.130.0/23 maxlen: 24
212.135.132.0/23 maxlen: 24
212.135.136.0/23 maxlen: 24
212.135.138.0/23 maxlen: 24
212.135.140.0/23 maxlen: 24
212.135.142.0/23 maxlen: 24
212.135.144.0/23 maxlen: 24
212.135.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cd:82:fe:9d:7a:db:34:19:03:2c:4a:d0:0e:63:f2:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 10 09:45:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15e71faec0cfff6fae88a688564b0713c936fe33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:24:b7:da:3d:6b:45:49:bd:88:87:5a:13:0f:
ae:e5:b7:cb:79:66:ea:9d:32:85:07:64:31:82:a8:
b5:7d:ed:60:04:ef:33:ee:90:f9:5d:97:6d:ab:97:
5a:99:b9:d4:af:ca:b4:fa:23:ad:f6:30:85:8f:6b:
41:86:66:46:6d:f0:29:e0:22:d6:c1:ae:64:1b:f3:
54:4c:5e:24:3a:4f:db:e9:6b:02:c4:17:44:7e:77:
77:e8:17:fb:ef:13:a9:43:b4:54:f8:f0:4f:f9:f7:
ff:27:42:4d:da:fd:ac:5c:52:94:f9:73:1a:f2:ea:
cd:a7:be:94:89:f2:0f:b5:4a:bd:f3:0d:25:37:21:
10:fd:b2:f1:28:d2:2d:00:63:3f:3f:11:14:08:22:
55:76:ab:77:40:53:83:79:b6:aa:af:a8:43:12:3a:
0a:11:8a:f0:8f:69:d8:68:ad:ab:23:a1:f6:b3:6e:
9d:50:be:00:8b:75:13:fa:e1:9e:fc:3b:5b:20:fc:
f6:2d:ad:15:18:6b:c8:ff:80:4c:cc:b5:4c:56:ed:
3b:71:23:4b:04:68:5d:1d:96:c6:5c:40:1c:5c:29:
f5:38:80:3a:93:22:2f:29:1d:a7:ab:78:83:64:86:
63:50:42:f1:25:f6:c7:94:aa:88:46:5b:3f:30:8c:
9b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:E7:1F:AE:C0:CF:FF:6F:AE:88:A6:88:56:4B:07:13:C9:36:FE:33
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/FecfrsDP_2-uiKaIVksHE8k2_jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.220.0/22
212.134.236.0/22
212.134.244.0/22
212.134.252.0/22
212.135.130.0-212.135.133.255
212.135.136.0-212.135.147.255
Signature Algorithm: sha256WithRSAEncryption
da:94:62:df:16:23:32:81:db:b4:1f:d5:4d:e0:0c:60:24:db:
14:75:4e:e2:d3:c4:14:e3:76:19:1b:19:05:96:0e:7f:dd:ff:
b9:62:46:de:3c:3f:91:5c:9c:a1:4d:8b:85:ea:49:f6:05:03:
ff:57:1c:93:09:70:3c:8c:43:c7:2b:c0:0c:69:26:c3:f0:5b:
61:03:74:69:c9:6c:1d:7d:b5:86:dd:ae:ce:dc:7f:d5:e5:12:
37:fc:1f:89:c7:42:92:3f:bc:f1:de:30:95:0a:b3:fc:6a:36:
6a:51:40:bb:f3:c0:f9:c0:06:e5:0a:37:6d:f6:da:60:e4:55:
a2:36:06:a2:9d:3b:57:b1:a8:18:f7:12:0a:c6:1d:f9:78:1c:
66:ef:0a:a4:a5:47:15:93:ca:a5:33:0d:0f:b1:4d:27:46:95:
87:16:76:22:70:59:54:2b:d7:93:fd:e1:30:ff:10:d3:e6:12:
bb:ec:af:45:db:b2:24:01:e9:f1:35:2f:6c:3a:ca:fe:f3:4a:
32:7a:87:37:fb:17:5e:09:fb:f9:b4:76:ca:ba:48:1b:fd:47:
1a:c0:f3:b0:ac:49:5a:2c:ff:e6:bf:b4:45:40:e8:db:9f:bd:
40:31:39:57:61:32:b9:bd:11:2f:ca:79:41:b2:a4:b9:0e:3b:
f2:29:79:8c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZnNgv6dets0GQMsStAOY/JMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDEwMDk0NTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWU3MWZhZWMwY2ZmZjZmYWU4OGE2ODg1NjRiMDcxM2M5MzZmZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyS32j1rRUm9iIdaEw+u5bfLeWbq
nTKFB2Qxgqi1fe1gBO8z7pD5XZdtq5dambnUr8q0+iOt9jCFj2tBhmZGbfAp4CLW
wa5kG/NUTF4kOk/b6WsCxBdEfnd36Bf77xOpQ7RU+PBP+ff/J0JN2v2sXFKU+XMa
8urNp76UifIPtUq98w0lNyEQ/bLxKNItAGM/PxEUCCJVdqt3QFODebaqr6hDEjoK
EYrwj2nYaK2rI6H2s26dUL4Ai3UT+uGe/DtbIPz2La0VGGvI/4BMzLVMVu07cSNL
BGhdHZbGXEAcXCn1OIA6kyIvKR2nq3iDZIZjUELxJfbHlKqIRls/MIybNQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBXnH67Az/9vroimiFZLBxPJNv4zMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvRmVjZnJzRFBfMi11aUthSVZrc0hFOGsyX2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQC1IbcAwQC
1IbsAwQC1Ib0AwQC1Ib8MAwDBAHUh4IDBAHUh4QwDAMEA9SHiAMEAtSHkDANBgkq
hkiG9w0BAQsFAAOCAQEA2pRi3xYjMoHbtB/VTeAMYCTbFHVO4tPEFON2GRsZBZYO
f93/uWJG3jw/kVycoU2LhepJ9gUD/1cckwlwPIxDxyvADGkmw/BbYQN0aclsHX21
ht2uztx/1eUSN/wficdCkj+88d4wlQqz/Go2alFAu/PA+cAG5Qo3bfbaYORVojYG
op07V7GoGPcSCsYd+XgcZu8KpKVHFZPKpTMND7FNJ0aVhxZ2InBZVCvXk/3hMP8Q
0+YSu+yvRduyJAHp8TUvbDrK/vNKMnqHN/sXXgn7+bR2yrpIG/1HGsDzsKxJWiz/
5r+0RUDo25+9QDE5V2Eyub0RL8p5QbKkuQ478il5jA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:36 2025 by rpki-client