Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/fBlvBTMJM3ddqp2rUiQB8ldjkd0.roa
File: fBlvBTMJM3ddqp2rUiQB8ldjkd0.roa (raw, json)
Hash identifier: ETihZGojVJlaCJwQ0UQbamp7h1DxH8Yq4UnyjKrHjTY=
Subject key identifier: 7C:19:6F:05:33:09:33:77:5D:AA:9D:AB:52:24:01:F2:57:63:91:DD
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0198A26F11187191519AEA01AF6CD2774091
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/fBlvBTMJM3ddqp2rUiQB8ldjkd0.roa
Signing time: Wed 13 Aug 2025 07:57:24 +0000
ROA not before: Wed 13 Aug 2025 07:57:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401838
IP address blocks: 45.139.68.0/23 maxlen: 24
45.150.80.0/23 maxlen: 24
95.214.38.0/24 maxlen: 24
95.214.39.0/24 maxlen: 24
193.36.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:6f:11:18:71:91:51:9a:ea:01:af:6c:d2:77:40:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Aug 13 07:57:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c196f05330933775daa9dab522401f2576391dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:64:cb:db:e1:c5:0d:75:2d:49:2b:69:97:
34:63:c4:2a:a4:be:d5:0e:6f:06:62:4a:45:37:2c:
43:00:8d:16:01:47:7a:2c:73:d2:ef:0e:1e:1d:3f:
0a:27:36:fd:91:16:32:5b:44:0b:a9:74:53:8e:e5:
85:c6:ba:67:a1:cc:e7:8a:e3:45:6c:e8:23:d6:2c:
e2:67:3b:41:44:19:5d:96:2b:d4:4b:40:21:23:81:
7b:66:80:d5:ba:be:88:8c:51:c9:d7:2a:be:b5:e4:
8e:95:25:c2:ab:a2:86:3d:5e:ec:00:29:00:41:e8:
83:17:d3:00:4e:54:64:fb:82:ca:ac:69:dd:d4:60:
35:68:93:57:5f:b5:10:4e:27:a4:e0:df:37:fa:d5:
84:82:bc:14:19:e5:ac:f9:00:6e:01:e1:04:3d:48:
a9:f3:2c:87:89:2c:6f:fb:02:a8:1a:fc:78:c2:0c:
e0:ce:b8:9e:29:01:1e:66:4b:e6:2a:55:9a:92:c3:
7b:58:8c:fe:dc:0c:48:af:70:36:71:5f:29:5e:be:
76:c8:a6:03:5a:8e:cf:5b:6a:b4:b6:cc:63:93:a2:
dc:b4:2a:46:b7:ea:1c:3e:27:b3:3a:92:1a:98:42:
01:bd:5b:46:64:9d:43:3d:aa:fb:13:e6:95:52:9a:
ac:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:19:6F:05:33:09:33:77:5D:AA:9D:AB:52:24:01:F2:57:63:91:DD
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/fBlvBTMJM3ddqp2rUiQB8ldjkd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.68.0/23
45.150.80.0/23
95.214.38.0/23
193.36.163.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a7:ab:b9:0b:5b:02:dc:ea:c5:68:54:a4:29:0b:18:d2:a4:
da:e7:ab:6d:42:8b:c6:51:3c:62:8c:ba:58:2f:42:1c:8e:8f:
79:aa:58:89:f9:0f:73:4e:04:a8:69:99:a3:1e:41:cb:bc:d1:
d7:18:f0:40:c0:fe:79:32:d2:62:e9:72:b5:0d:6c:c1:d0:8c:
82:7a:25:28:80:6f:cd:6b:e6:c6:d5:76:a3:ef:57:4c:81:32:
7b:68:bc:b2:e0:01:54:d0:a1:38:60:cd:74:f5:2c:a0:ad:ce:
49:cf:15:90:5d:17:5f:09:95:ee:b5:2a:94:f8:08:e2:02:e3:
ec:39:69:f0:23:65:dd:d1:d1:cf:00:e5:06:4c:9a:a2:21:02:
a4:51:51:34:f5:67:5d:8f:ff:8c:93:18:c7:d0:c7:56:38:8f:
ce:be:5f:de:b5:ec:5d:10:c8:53:f2:29:20:f9:3a:88:4f:db:
b0:ba:a1:b9:16:a8:78:15:e1:11:9d:58:4c:0d:44:83:29:8d:
b3:bf:37:51:b3:f9:57:cc:a2:21:52:d2:c5:31:59:2e:19:4a:
17:f8:0d:c8:87:f7:32:61:eb:22:17:fc:7d:c3:66:8f:3c:b3:
41:89:4f:0e:06:b6:f4:f3:18:7c:62:73:dd:44:0f:f7:a3:2d:
b2:aa:04:8b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZiibxEYcZFRmuoBr2zSd0CRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwODEzMDc1NzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzE5NmYwNTMzMDkzMzc3NWRhYTlkYWI1MjI0MDFmMjU3NjM5MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWBky9vhxQ11LUkraZc0Y8QqpL7V
Dm8GYkpFNyxDAI0WAUd6LHPS7w4eHT8KJzb9kRYyW0QLqXRTjuWFxrpnoczniuNF
bOgj1iziZztBRBldlivUS0AhI4F7ZoDVur6IjFHJ1yq+teSOlSXCq6KGPV7sACkA
QeiDF9MATlRk+4LKrGnd1GA1aJNXX7UQTiek4N83+tWEgrwUGeWs+QBuAeEEPUip
8yyHiSxv+wKoGvx4wgzgzrieKQEeZkvmKlWaksN7WIz+3AxIr3A2cV8pXr52yKYD
Wo7PW2q0tsxjk6LctCpGt+ocPiezOpIamEIBvVtGZJ1DPar7E+aVUpqsjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHwZbwUzCTN3Xaqdq1IkAfJXY5HdMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvZkJsdkJUTUpNM2RkcXAyclVpUUI4bGRqa2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYtEAwQB
LZZQAwQBX9YmAwQAwSSjMA0GCSqGSIb3DQEBCwUAA4IBAQBYp6u5C1sC3OrFaFSk
KQsY0qTa56ttQovGUTxijLpYL0Icjo95qliJ+Q9zTgSoaZmjHkHLvNHXGPBAwP55
MtJi6XK1DWzB0IyCeiUogG/Na+bG1Xaj71dMgTJ7aLyy4AFU0KE4YM109Sygrc5J
zxWQXRdfCZXutSqU+AjiAuPsOWnwI2Xd0dHPAOUGTJqiIQKkUVE09Wddj/+MkxjH
0MdWOI/Ovl/etexdEMhT8ikg+TqIT9uwuqG5Fqh4FeERnVhMDUSDKY2zvzdRs/lX
zKIhUtLFMVkuGUoX+A3Ih/cyYesiF/x9w2aPPLNBiU8OBrb08xh8YnPdRA/3oy2y
qgSL
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:41:19 2025 by rpki-client