Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/fnRO3YPFe8F_GuJVP6BFmCLExds.roa
File: fnRO3YPFe8F_GuJVP6BFmCLExds.roa (raw, json)
Hash identifier: S/FNrD8uODF/R2lWPGP6dnynofHgMlQ5RLJ6/4lt0U4=
Subject key identifier: 7E:74:4E:DD:83:C5:7B:C1:7F:1A:E2:55:3F:A0:45:98:22:C4:C5:DB
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 0199F37E36AACCE8AB94A08C2CC82DAB2C0E
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/fnRO3YPFe8F_GuJVP6BFmCLExds.roa
Signing time: Fri 17 Oct 2025 18:45:59 +0000
ROA not before: Fri 17 Oct 2025 18:45:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199242
IP address blocks: 31.222.234.0/24 maxlen: 24
37.72.142.0/24 maxlen: 24
62.3.11.0/24 maxlen: 24
62.106.90.0/24 maxlen: 24
62.233.61.0/24 maxlen: 24
80.71.144.0/24 maxlen: 24
91.246.50.0/24 maxlen: 24
146.19.4.0/24 maxlen: 24
146.19.199.0/24 maxlen: 24
146.19.203.0/24 maxlen: 24
176.97.217.0/24 maxlen: 24
176.126.101.0/24 maxlen: 24
185.234.12.0/24 maxlen: 24
188.244.119.0/24 maxlen: 24
193.9.48.0/24 maxlen: 24
193.162.132.0/24 maxlen: 24
193.162.133.0/24 maxlen: 24
194.26.230.0/24 maxlen: 24
194.26.231.0/24 maxlen: 24
194.99.158.0/24 maxlen: 24
195.96.130.0/24 maxlen: 24
195.96.131.0/24 maxlen: 24
212.52.14.0/24 maxlen: 24
212.52.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f3:7e:36:aa:cc:e8:ab:94:a0:8c:2c:c8:2d:ab:2c:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Oct 17 18:45:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e744edd83c57bc17f1ae2553fa0459822c4c5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:06:41:44:b1:8b:28:6a:e3:5c:20:44:53:58:
ed:93:ee:8d:49:d9:3c:a6:ce:21:f3:ee:30:98:cc:
93:c6:15:d4:3b:ef:6b:9a:23:dd:c6:18:4a:cf:57:
af:ea:0c:29:4d:c7:92:4d:5d:cb:f3:30:95:f9:cb:
ed:99:b3:a8:a9:76:ec:20:f6:1f:47:35:36:07:f8:
73:01:14:ac:19:28:39:02:11:f5:85:c1:1d:5f:df:
40:22:fa:92:2d:e3:df:0e:4c:51:97:a0:30:c2:80:
59:7f:fd:11:ab:10:e9:67:6f:6d:b6:8e:f4:32:dc:
17:20:1b:c6:d3:84:83:55:e6:b3:a1:a6:79:40:b8:
52:b1:a7:1d:21:8f:6e:52:3a:9f:46:27:8b:9e:f5:
49:0b:3f:55:35:35:ab:a3:a5:e3:c5:ea:d2:b0:2c:
e7:a4:24:2b:c4:a0:77:e3:0d:b4:15:5a:af:a8:c8:
07:36:2c:e8:54:0b:b2:13:2e:20:1a:8e:b6:b0:26:
d5:9d:2b:0f:36:bf:28:1b:d3:8a:95:84:d1:13:21:
ed:3f:56:b2:a2:fd:6a:68:29:8a:68:ff:dd:ed:38:
a2:e9:cd:24:9d:d8:02:bc:32:b3:03:18:0f:d9:d6:
43:cd:39:60:f8:72:3b:c4:67:01:7f:fb:3a:2d:21:
ba:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:74:4E:DD:83:C5:7B:C1:7F:1A:E2:55:3F:A0:45:98:22:C4:C5:DB
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/fnRO3YPFe8F_GuJVP6BFmCLExds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.234.0/24
37.72.142.0/24
62.3.11.0/24
62.106.90.0/24
62.233.61.0/24
80.71.144.0/24
91.246.50.0/24
146.19.4.0/24
146.19.199.0/24
146.19.203.0/24
176.97.217.0/24
176.126.101.0/24
185.234.12.0/24
188.244.119.0/24
193.9.48.0/24
193.162.132.0/23
194.26.230.0/23
194.99.158.0/24
195.96.130.0/23
212.52.14.0/24
212.52.28.0/24
Signature Algorithm: sha256WithRSAEncryption
34:b7:e2:4a:15:ba:8c:45:63:47:7a:8c:9f:81:81:54:e2:d5:
c7:95:1f:aa:85:f6:2f:6b:f4:0a:d4:fb:50:01:ab:c3:d0:58:
78:43:04:2c:86:73:3b:e5:5b:10:a4:08:67:15:ad:90:ce:4b:
d9:eb:a2:23:bd:cd:7c:20:7a:4b:6b:90:c7:f8:dd:f5:3e:d9:
4d:c0:37:af:25:6d:eb:84:00:1b:1a:4b:6c:95:09:6d:79:ad:
56:e4:a5:cb:2e:c2:a5:db:54:bc:66:24:c3:96:65:df:eb:0d:
61:c2:21:b6:14:34:cd:61:c9:5a:19:a3:26:48:e8:49:94:0b:
7e:52:d3:2e:5e:81:00:70:1c:66:6d:e0:aa:ff:17:f7:58:71:
14:53:08:99:21:3e:03:0f:be:de:f5:95:48:06:53:7a:cd:90:
11:b1:a5:07:d2:c6:0d:1d:e6:c4:eb:aa:91:aa:c8:70:53:58:
28:fe:8a:d9:d3:78:ea:8e:fc:ac:c0:70:8c:3a:84:4d:87:89:
c3:aa:cc:e0:ee:59:ff:82:23:91:af:1c:21:9f:21:07:73:1f:
65:91:f6:c0:35:e2:6f:ab:20:d0:f2:38:73:25:de:7c:b6:f2:
3e:b8:a8:ce:a2:a3:59:44:0c:79:02:4c:ef:04:38:ab:c6:08:
26:8c:9a:a8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZnzfjaqzOirlKCMLMgtqywOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjUxMDE3MTg0NTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTc0NGVkZDgzYzU3YmMxN2YxYWUyNTUzZmEwNDU5ODIyYzRjNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QZBRLGLKGrjXCBEU1jtk+6NSdk8
ps4h8+4wmMyTxhXUO+9rmiPdxhhKz1ev6gwpTceSTV3L8zCV+cvtmbOoqXbsIPYf
RzU2B/hzARSsGSg5AhH1hcEdX99AIvqSLePfDkxRl6AwwoBZf/0RqxDpZ29tto70
MtwXIBvG04SDVeazoaZ5QLhSsacdIY9uUjqfRieLnvVJCz9VNTWro6XjxerSsCzn
pCQrxKB34w20FVqvqMgHNizoVAuyEy4gGo62sCbVnSsPNr8oG9OKlYTREyHtP1ay
ov1qaCmKaP/d7Tii6c0kndgCvDKzAxgP2dZDzTlg+HI7xGcBf/s6LSG6+wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFH50Tt2DxXvBfxriVT+gRZgixMXbMB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvZm5STzNZUEZlOEZfR3VKVlA2QkZtQ0xFeGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAB/e
6gMEACVIjgMEAD4DCwMEAD5qWgMEAD7pPQMEAFBHkAMEAFv2MgMEAJITBAMEAJIT
xwMEAJITywMEALBh2QMEALB+ZQMEALnqDAMEALz0dwMEAMEJMAMEAcGihAMEAcIa
5gMEAMJjngMEAcNgggMEANQ0DgMEANQ0HDANBgkqhkiG9w0BAQsFAAOCAQEANLfi
ShW6jEVjR3qMn4GBVOLVx5UfqoX2L2v0CtT7UAGrw9BYeEMELIZzO+VbEKQIZxWt
kM5L2euiI73NfCB6S2uQx/jd9T7ZTcA3ryVt64QAGxpLbJUJbXmtVuSlyy7CpdtU
vGYkw5Zl3+sNYcIhthQ0zWHJWhmjJkjoSZQLflLTLl6BAHAcZm3gqv8X91hxFFMI
mSE+Aw++3vWVSAZTes2QEbGlB9LGDR3mxOuqkarIcFNYKP6K2dN46o78rMBwjDqE
TYeJw6rM4O5Z/4Ijka8cIZ8hB3MfZZH2wDXib6sg0PI4cyXefLbyPriozqKjWUQM
eQJM7wQ4q8YIJoyaqA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:32:21 2025 by rpki-client