Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/fFntZn2P2785L9qiAQESeeJM5_E.roa
File: fFntZn2P2785L9qiAQESeeJM5_E.roa (raw, json)
Hash identifier: lyHikZmc5Aa6k9s+kAsmGTXhJrFQJiiTDFK4TNr6lvQ=
Subject key identifier: 7C:59:ED:66:7D:8F:DB:BF:39:2F:DA:A2:01:01:12:79:E2:4C:E7:F1
Certificate issuer: /CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Certificate serial: 0199BE86EED63AB50AA5D02DF0727FCEE32A
Authority key identifier: E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/fFntZn2P2785L9qiAQESeeJM5_E.roa
Signing time: Tue 07 Oct 2025 11:55:38 +0000
ROA not before: Tue 07 Oct 2025 11:55:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214798
IP address blocks: 45.129.140.0/24 maxlen: 24
185.164.163.0/24 maxlen: 24
185.169.107.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
2a09:31c0:cafe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:86:ee:d6:3a:b5:0a:a5:d0:2d:f0:72:7f:ce:e3:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Validity
Not Before: Oct 7 11:55:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c59ed667d8fdbbf392fdaa201011279e24ce7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4c:ec:09:30:ed:9f:b6:74:98:2a:12:30:3c:
fe:e7:e5:ea:05:9e:6f:aa:ff:74:78:13:a5:00:1f:
7f:09:ab:dc:8f:af:63:b2:4f:2d:57:cc:3f:eb:5f:
1a:ef:79:fb:e0:81:eb:e7:e4:0f:98:a3:9a:b8:73:
c5:d9:2b:60:80:fb:cf:34:03:2c:13:46:17:18:24:
d5:cd:6d:78:07:ff:11:b2:37:86:2c:83:4b:7c:dd:
83:fc:d2:25:f0:e6:ca:39:45:a4:cf:d6:69:f1:d8:
c5:10:18:76:47:29:5c:4c:7a:fd:8f:62:97:4d:62:
a3:59:6f:1a:96:3c:ce:8e:5f:bb:99:c0:3d:3b:f9:
bd:ca:ae:1a:9b:e5:e0:83:42:9f:4f:78:de:39:d0:
10:5b:06:b1:e3:0a:82:df:34:54:0d:0d:55:91:ba:
58:6c:19:47:b0:d6:03:5e:8d:b0:f0:a2:51:4f:fd:
f1:da:b3:01:3e:92:12:61:c8:8d:4b:32:f5:5b:25:
31:47:be:ae:06:9b:42:b1:81:68:ee:58:54:eb:6c:
b6:f0:85:f0:50:7e:8f:7d:69:a8:52:51:76:31:30:
2f:cd:85:a3:cd:74:e9:e9:ff:aa:10:04:f3:6c:ba:
fc:91:ca:c0:08:38:ed:95:e0:e0:88:0b:1e:1c:76:
f1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:59:ED:66:7D:8F:DB:BF:39:2F:DA:A2:01:01:12:79:E2:4C:E7:F1
X509v3 Authority Key Identifier:
keyid:E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/fFntZn2P2785L9qiAQESeeJM5_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.140.0/24
185.164.163.0/24
185.169.107.0/24
185.216.84.0/22
IPv6:
2a09:31c0:cafe::/48
Signature Algorithm: sha256WithRSAEncryption
1f:b4:fa:53:32:0c:27:80:6c:68:af:ca:77:a0:08:6f:25:d9:
d0:73:b6:03:01:6e:1d:7f:2c:f0:dc:7b:70:84:ea:3c:9f:9e:
c0:ae:35:3f:4b:6b:68:ba:c5:72:97:05:24:15:90:1d:cc:38:
03:da:e5:26:6d:d6:4c:73:65:48:aa:03:f9:50:b1:0e:c5:77:
0b:a4:d2:3e:2d:4b:e4:94:5b:39:e2:e7:9b:66:5e:bb:92:2f:
3c:f9:3a:f4:59:82:9b:7e:e4:80:a3:79:26:b3:f0:62:e0:05:
b7:48:70:fe:d8:0f:44:f4:f8:a9:cb:e7:d1:2a:49:aa:43:3f:
0d:91:08:12:61:29:dc:9a:77:01:43:87:4d:44:a5:8a:41:98:
82:5c:e5:5d:08:16:c3:f9:50:50:3e:42:d5:7d:ab:6f:ea:57:
74:38:38:47:74:02:21:c0:e3:70:ae:2e:e5:fe:6d:b4:cc:49:
80:37:f9:a2:88:8d:c4:95:dd:41:e8:a4:67:6a:c7:c2:bc:e0:
7c:05:94:11:75:51:d2:c8:cf:04:ee:ad:cf:6b:04:6b:2e:2e:
3c:f0:56:7c:1a:a1:4d:f9:c1:95:54:b2:1f:9b:c8:7d:13:a3:
bc:4b:d7:2a:cb:a9:f6:ba:aa:3e:c2:b0:0b:d9:3d:40:2b:80:
76:37:f0:ea
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZm+hu7WOrUKpdAt8HJ/zuMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MWVmMjJhZGFhMTZkNTNkY2Y2MzdjNTY5ZjQxMzFmMjYy
MTViOTEwHhcNMjUxMDA3MTE1NTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzU5ZWQ2NjdkOGZkYmJmMzkyZmRhYTIwMTAxMTI3OWUyNGNlN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkzsCTDtn7Z0mCoSMDz+5+XqBZ5v
qv90eBOlAB9/Cavcj69jsk8tV8w/618a73n74IHr5+QPmKOauHPF2StggPvPNAMs
E0YXGCTVzW14B/8RsjeGLINLfN2D/NIl8ObKOUWkz9Zp8djFEBh2RylcTHr9j2KX
TWKjWW8aljzOjl+7mcA9O/m9yq4am+Xgg0KfT3jeOdAQWwax4wqC3zRUDQ1VkbpY
bBlHsNYDXo2w8KJRT/3x2rMBPpISYciNSzL1WyUxR76uBptCsYFo7lhU62y28IXw
UH6PfWmoUlF2MTAvzYWjzXTp6f+qEATzbLr8kcrACDjtleDgiAseHHbxGwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFHxZ7WZ9j9u/OS/aogEBEnniTOfxMB8GA1UdIwQY
MBaAFOke8iraoW1T3PY3xWn0Ex8mIVuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQt
MzRhZTg5MWE3MmNmLzEvZkZudFpuMlAyNzg1TDlxaUFRRVNlZUpNNV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQtMzRhZTg5MWE3MmNm
LzEvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQALYGMAwQA
uaSjAwQAualrAwQCudhUMA8EAgACMAkDBwAqCTHAyv4wDQYJKoZIhvcNAQELBQAD
ggEBAB+0+lMyDCeAbGivynegCG8l2dBztgMBbh1/LPDce3CE6jyfnsCuNT9La2i6
xXKXBSQVkB3MOAPa5SZt1kxzZUiqA/lQsQ7Fdwuk0j4tS+SUWzni55tmXruSLzz5
OvRZgpt+5ICjeSaz8GLgBbdIcP7YD0T0+KnL59EqSapDPw2RCBJhKdyadwFDh01E
pYpBmIJc5V0IFsP5UFA+QtV9q2/qV3Q4OEd0AiHA43CuLuX+bbTMSYA3+aKIjcSV
3UHopGdqx8K84HwFlBF1UdLIzwTurc9rBGsuLjzwVnwaoU35wZVUsh+byH0To7xL
1yrLqfa6qj7CsAvZPUArgHY38Oo=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:08 2025 by rpki-client