Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/fNWf8gF7iXGvViphR_N8dfoAxbs.roa
File: fNWf8gF7iXGvViphR_N8dfoAxbs.roa (raw, json)
Hash identifier: aazZL/oDilKF6hXZ5Ap5LBwXM/kHZtXfME42Y75LwwQ=
Subject key identifier: 7C:D5:9F:F2:01:7B:89:71:AF:56:2A:61:47:F3:7C:75:FA:00:C5:BB
Certificate issuer: /CN=5f6b90019d4d2b52ab4caf671c37e9c4d03ada73
Certificate serial: 01996AB68D8738A5A5587B2EA3B7EC428ABF
Authority key identifier: 5F:6B:90:01:9D:4D:2B:52:AB:4C:AF:67:1C:37:E9:C4:D0:3A:DA:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X2uQAZ1NK1KrTK9nHDfpxNA62nM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/fNWf8gF7iXGvViphR_N8dfoAxbs.roa
Signing time: Sun 21 Sep 2025 05:19:32 +0000
ROA not before: Sun 21 Sep 2025 05:19:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61308
IP address blocks: 185.213.136.0/22 maxlen: 22
185.213.136.0/24 maxlen: 24
185.213.137.0/24 maxlen: 24
185.213.138.0/24 maxlen: 24
185.213.139.0/24 maxlen: 24
2001:67c:1188::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/X2uQAZ1NK1KrTK9nHDfpxNA62nM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/X2uQAZ1NK1KrTK9nHDfpxNA62nM.mft
rsync://rpki.ripe.net/repository/DEFAULT/X2uQAZ1NK1KrTK9nHDfpxNA62nM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:6a:b6:8d:87:38:a5:a5:58:7b:2e:a3:b7:ec:42:8a:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f6b90019d4d2b52ab4caf671c37e9c4d03ada73
Validity
Not Before: Sep 21 05:19:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cd59ff2017b8971af562a6147f37c75fa00c5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ed:b0:26:5f:87:77:a3:72:10:57:a5:32:2b:
3a:d5:88:4f:1d:8a:52:94:e0:c0:ba:65:80:a4:f6:
fd:13:2d:3b:d6:c3:d9:52:5f:03:6e:0d:23:76:4f:
29:22:5b:0a:8c:b4:7d:e3:8b:a9:a6:86:d0:05:34:
0b:cf:60:75:84:d5:70:6b:29:d8:dc:b6:23:f7:43:
83:db:2c:4a:fe:0d:97:16:63:98:e0:f4:5b:f9:2c:
8e:a4:bd:e7:55:21:d4:b0:1d:59:92:62:f9:40:64:
e5:f4:ba:8e:f1:e2:b1:8f:e4:e1:38:8c:9a:6f:68:
96:1c:59:5c:4d:a1:b6:60:da:26:f8:1e:60:f1:10:
e7:61:74:a0:ea:f0:ac:c4:d4:bd:16:61:7b:00:51:
61:48:d5:20:da:ac:45:99:4e:ae:43:b7:9a:6b:36:
90:b3:4c:1a:ab:2d:d8:68:53:56:0e:80:b1:44:01:
ed:19:7c:24:84:cf:67:c4:18:42:c0:00:45:c3:00:
17:72:f7:37:c6:63:06:90:14:f8:13:bf:09:9b:d7:
f9:85:33:12:9d:89:31:ea:f0:9c:11:a5:63:8d:1f:
9a:eb:d9:96:a0:95:5f:d9:3b:c3:54:03:1d:ff:75:
8d:cd:3c:16:a2:78:0b:b7:f3:1c:78:3b:82:1c:2a:
bb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D5:9F:F2:01:7B:89:71:AF:56:2A:61:47:F3:7C:75:FA:00:C5:BB
X509v3 Authority Key Identifier:
keyid:5F:6B:90:01:9D:4D:2B:52:AB:4C:AF:67:1C:37:E9:C4:D0:3A:DA:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X2uQAZ1NK1KrTK9nHDfpxNA62nM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/fNWf8gF7iXGvViphR_N8dfoAxbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/X2uQAZ1NK1KrTK9nHDfpxNA62nM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.136.0/22
IPv6:
2001:67c:1188::/48
Signature Algorithm: sha256WithRSAEncryption
be:7d:b6:be:3d:7c:56:19:a7:66:a4:4b:59:08:96:ec:0d:2b:
8e:e0:05:74:c8:9d:61:48:83:9e:6d:e8:b8:28:c4:a7:7f:30:
c0:e7:85:4e:09:02:0a:47:43:aa:ce:c2:e5:6d:4f:fe:54:78:
a2:4f:df:46:ff:3c:c9:b4:20:e0:21:fd:c4:0d:80:c9:47:67:
ad:25:d8:31:6d:98:27:7d:b2:90:c6:2b:55:56:89:9f:7d:0b:
f4:2c:86:27:3c:de:5d:0d:14:28:95:97:20:cf:dc:cb:4a:3b:
62:cc:c0:44:7a:24:1f:a1:47:d9:24:43:6e:de:46:cc:3b:07:
86:3f:c8:99:54:85:4e:fd:f9:61:70:f1:9b:9e:25:43:af:bf:
ce:c8:a3:c9:6c:f7:a9:ae:ae:20:5a:f1:b9:c8:21:d6:ae:33:
a3:ad:0a:04:66:92:43:4a:e6:5c:ca:be:3e:fe:25:b0:43:ff:
19:20:f4:67:94:6e:41:b0:e5:6b:f8:f7:6b:5b:4b:93:74:aa:
24:43:b2:66:a3:f1:7a:40:21:96:56:d4:12:90:f8:4c:00:a8:
48:f5:4e:a3:68:3e:84:6e:71:4c:01:0f:1c:a0:ee:4d:8f:33:
72:04:dc:3e:74:b6:d6:b6:e5:22:19:a5:5f:4d:45:87:ce:8d:
62:6d:08:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZlqto2HOKWlWHsuo7fsQoq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNmI5MDAxOWQ0ZDJiNTJhYjRjYWY2NzFjMzdlOWM0ZDAz
YWRhNzMwHhcNMjUwOTIxMDUxOTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Q1OWZmMjAxN2I4OTcxYWY1NjJhNjE0N2YzN2M3NWZhMDBjNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxO2wJl+Hd6NyEFelMis61YhPHYpS
lODAumWApPb9Ey071sPZUl8Dbg0jdk8pIlsKjLR944uppobQBTQLz2B1hNVwaynY
3LYj90OD2yxK/g2XFmOY4PRb+SyOpL3nVSHUsB1ZkmL5QGTl9LqO8eKxj+ThOIya
b2iWHFlcTaG2YNom+B5g8RDnYXSg6vCsxNS9FmF7AFFhSNUg2qxFmU6uQ7eaazaQ
s0waqy3YaFNWDoCxRAHtGXwkhM9nxBhCwABFwwAXcvc3xmMGkBT4E78Jm9f5hTMS
nYkx6vCcEaVjjR+a69mWoJVf2TvDVAMd/3WNzTwWongLt/MceDuCHCq79wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHzVn/IBe4lxr1YqYUfzfHX6AMW7MB8GA1UdIwQY
MBaAFF9rkAGdTStSq0yvZxw36cTQOtpzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDJ1UUFaMU5LMUtyVEs5bkhEZnB4TkE2Mm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84MDk2MTYtYTAwOC00YTExLWJjMGEt
N2NmMDMxZmE3NWNlLzEvZk5XZjhnRjdpWEd2VmlwaFJfTjhkZm9BeGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi84MDk2MTYtYTAwOC00YTExLWJjMGEtN2NmMDMxZmE3NWNl
LzEvWDJ1UUFaMU5LMUtyVEs5bkhEZnB4TkE2Mm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCudWIMA8E
AgACMAkDBwAgAQZ8EYgwDQYJKoZIhvcNAQELBQADggEBAL59tr49fFYZp2akS1kI
luwNK47gBXTInWFIg55t6LgoxKd/MMDnhU4JAgpHQ6rOwuVtT/5UeKJP30b/PMm0
IOAh/cQNgMlHZ60l2DFtmCd9spDGK1VWiZ99C/Qshic83l0NFCiVlyDP3MtKO2LM
wER6JB+hR9kkQ27eRsw7B4Y/yJlUhU79+WFw8ZueJUOvv87Io8ls96muriBa8bnI
IdauM6OtCgRmkkNK5lzKvj7+JbBD/xkg9GeUbkGw5Wv492tbS5N0qiRDsmaj8XpA
IZZW1BKQ+EwAqEj1TqNoPoRucUwBDxyg7k2PM3IE3D50tta25SIZpV9NRYfOjWJt
CJI=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:48 2025 by rpki-client