Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/F4w-QZJ9tuZ3bwCkS70XoiSwZrE.roa
File: F4w-QZJ9tuZ3bwCkS70XoiSwZrE.roa (raw, json)
Hash identifier: hgJd+IQxksq4UP4gzNVwizzj2yRg9XUuIEuXvfpX7aI=
Subject key identifier: 17:8C:3E:41:92:7D:B6:E6:77:6F:00:A4:4B:BD:17:A2:24:B0:66:B1
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0198A36F6BD2E77EE171397ECB53A12196CF
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/F4w-QZJ9tuZ3bwCkS70XoiSwZrE.roa
Signing time: Wed 13 Aug 2025 12:37:24 +0000
ROA not before: Wed 13 Aug 2025 12:37:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398704
IP address blocks: 89.34.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:6f:6b:d2:e7:7e:e1:71:39:7e:cb:53:a1:21:96:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Aug 13 12:37:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=178c3e41927db6e6776f00a44bbd17a224b066b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cf:2f:5d:6d:59:27:d7:e3:da:92:a2:45:0e:
1a:a9:95:fe:c1:80:d2:86:72:6e:b6:89:be:e7:1d:
46:b1:2e:b2:71:24:5d:fe:71:58:29:d9:35:4c:f0:
7b:00:9a:0c:e8:31:c2:5a:7e:50:3d:7f:9a:5b:ac:
43:12:82:f0:59:90:01:8e:a2:7f:3a:79:f8:24:80:
a7:0e:8c:1a:a5:23:ca:36:f5:f4:14:33:02:71:9d:
3f:20:5b:24:c8:86:0d:73:e8:a9:4f:07:03:c3:c6:
7f:5f:eb:ac:15:1e:67:5a:f2:ca:2f:42:24:e9:4a:
29:67:04:29:5b:59:c5:22:72:8f:79:a5:65:09:9e:
58:88:9a:37:78:05:8c:21:c4:13:90:e7:67:df:a4:
f9:d1:02:5f:e8:35:7a:9e:f0:c1:94:0f:fe:13:6e:
b4:ab:1f:62:f9:eb:0b:c8:11:aa:3c:9c:1d:47:11:
61:d6:1f:19:c1:97:87:9c:e6:ca:65:a0:96:95:47:
0f:4f:58:e2:68:24:4f:81:a1:5b:ba:a9:98:e2:3b:
5d:b6:9a:b1:8b:6e:0a:1c:40:c6:bc:3e:81:4d:d2:
ae:78:d7:ee:0b:f8:e7:18:4b:c3:1e:5c:f6:0a:12:
25:e2:ca:d1:6a:27:66:7e:db:a0:c0:1a:00:37:60:
91:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8C:3E:41:92:7D:B6:E6:77:6F:00:A4:4B:BD:17:A2:24:B0:66:B1
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/F4w-QZJ9tuZ3bwCkS70XoiSwZrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.64.0/22
Signature Algorithm: sha256WithRSAEncryption
64:2d:28:e6:cb:61:d3:1b:25:24:60:ed:e2:21:66:e7:70:a7:
ba:e9:6e:66:44:5e:4b:5c:e1:73:24:db:a8:dd:bd:1c:77:df:
35:d5:c4:23:7a:6a:6c:e8:74:8a:af:bf:b1:24:34:4b:75:0a:
7a:a6:14:c6:55:96:95:18:67:08:2a:90:05:97:62:88:9b:13:
d2:fc:a0:3d:3f:99:b1:cc:03:f5:7f:54:e0:7c:fe:97:12:e9:
42:a8:74:c2:3c:61:49:87:61:62:33:f9:a3:6b:5b:55:78:1d:
5f:04:80:b1:ac:2a:1b:8e:1c:6f:49:15:f4:df:a2:4d:a2:0d:
ad:3e:71:f9:1c:18:5a:27:4c:de:05:8d:53:e7:64:1f:98:f3:
85:7a:bd:f3:e2:42:91:c4:84:8b:1f:48:81:b8:61:bf:30:b1:
76:97:57:f7:1d:39:69:03:01:e4:da:1c:04:d2:03:ef:54:94:
3d:7c:42:90:aa:7c:cf:2d:be:ca:83:e1:bc:59:77:3d:40:53:
95:32:8a:f5:0b:5a:b6:0d:e9:00:b0:fc:e5:77:28:5a:70:57:
00:25:47:ac:cc:e6:c8:97:05:94:71:d1:58:3c:8f:dd:31:bc:
03:8e:d3:53:56:99:85:ed:88:af:c0:0a:92:f3:7d:be:c0:0e:
05:aa:fd:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZijb2vS537hcTl+y1OhIZbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwODEzMTIzNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzhjM2U0MTkyN2RiNmU2Nzc2ZjAwYTQ0YmJkMTdhMjI0YjA2NmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM8vXW1ZJ9fj2pKiRQ4aqZX+wYDS
hnJutom+5x1GsS6ycSRd/nFYKdk1TPB7AJoM6DHCWn5QPX+aW6xDEoLwWZABjqJ/
Onn4JICnDowapSPKNvX0FDMCcZ0/IFskyIYNc+ipTwcDw8Z/X+usFR5nWvLKL0Ik
6UopZwQpW1nFInKPeaVlCZ5YiJo3eAWMIcQTkOdn36T50QJf6DV6nvDBlA/+E260
qx9i+esLyBGqPJwdRxFh1h8ZwZeHnObKZaCWlUcPT1jiaCRPgaFbuqmY4jtdtpqx
i24KHEDGvD6BTdKueNfuC/jnGEvDHlz2ChIl4srRaidmftugwBoAN2CRNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBeMPkGSfbbmd28ApEu9F6IksGaxMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvRjR3LVFaSjl0dVozYndDa1M3MFhvaVN3WnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSJAMA0G
CSqGSIb3DQEBCwUAA4IBAQBkLSjmy2HTGyUkYO3iIWbncKe66W5mRF5LXOFzJNuo
3b0cd9811cQjemps6HSKr7+xJDRLdQp6phTGVZaVGGcIKpAFl2KImxPS/KA9P5mx
zAP1f1TgfP6XEulCqHTCPGFJh2FiM/mja1tVeB1fBICxrCobjhxvSRX036JNog2t
PnH5HBhaJ0zeBY1T52QfmPOFer3z4kKRxISLH0iBuGG/MLF2l1f3HTlpAwHk2hwE
0gPvVJQ9fEKQqnzPLb7Kg+G8WXc9QFOVMor1C1q2DekAsPzldyhacFcAJUeszObI
lwWUcdFYPI/dMbwDjtNTVpmF7YivwAqS832+wA4Fqv0z
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:10:38 2025 by rpki-client