Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/s_FtOH_04RI6fQSwCEGQRaxenqE.roa
File: s_FtOH_04RI6fQSwCEGQRaxenqE.roa (raw, json)
Hash identifier: Up1ChTzvoa7S+h2ZhOA1fS6mN/rXtYcGjF6VjvPQ6yU=
Subject key identifier: B3:F1:6D:38:7F:F4:E1:12:3A:7D:04:B0:08:41:90:45:AC:5E:9E:A1
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 0198D0EF5CC19AAD4F8AAA62B4B811ACC7DB
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/s_FtOH_04RI6fQSwCEGQRaxenqE.roa
Signing time: Fri 22 Aug 2025 08:40:04 +0000
ROA not before: Fri 22 Aug 2025 08:40:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 37.44.229.0/24 maxlen: 24
37.44.230.0/24 maxlen: 24
37.44.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d0:ef:5c:c1:9a:ad:4f:8a:aa:62:b4:b8:11:ac:c7:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Aug 22 08:40:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3f16d387ff4e1123a7d04b008419045ac5e9ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b4:e2:67:68:89:27:53:2d:22:01:19:a4:76:
9e:65:b4:80:b1:b1:13:1f:ec:91:17:fe:84:31:cf:
3c:76:75:67:31:cd:1e:f3:4b:1a:bb:75:c1:a0:6d:
c4:65:90:50:6e:a5:c1:62:c8:3a:7e:d6:01:33:97:
ad:9c:c1:86:28:50:8d:3f:a9:a9:68:78:f3:ff:b5:
54:78:40:e4:df:42:67:41:53:9b:3f:1a:8f:0e:09:
3f:c6:8b:aa:f2:fd:a5:43:4d:52:3a:b7:a4:29:d1:
19:e9:9d:90:0c:1e:5c:76:b4:d8:69:4d:d5:d5:31:
f5:41:63:51:b1:1f:5e:0c:08:39:d1:ee:2d:56:31:
41:57:c0:dd:cf:d5:ae:dd:38:8a:16:3f:58:12:84:
8c:b7:92:6c:f4:2c:52:05:35:00:43:93:bd:5f:54:
2c:d2:5e:7a:c7:d5:3d:6e:e7:51:b0:e5:1d:ee:0d:
de:a7:e5:d5:a0:bf:e4:ff:4d:7c:c6:28:e3:36:60:
6e:dd:17:d3:43:e8:7a:01:dd:81:7b:19:f9:a4:21:
f3:0d:80:07:21:da:53:dc:71:a4:b5:16:78:7d:8a:
b8:67:e3:0f:59:e9:db:d7:21:4e:1d:74:15:a5:24:
89:cc:a1:a2:34:52:d0:23:99:c4:17:10:31:b2:f9:
ae:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F1:6D:38:7F:F4:E1:12:3A:7D:04:B0:08:41:90:45:AC:5E:9E:A1
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/s_FtOH_04RI6fQSwCEGQRaxenqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.229.0-37.44.231.255
Signature Algorithm: sha256WithRSAEncryption
33:1e:a9:28:16:25:0a:53:bc:21:ba:de:78:e8:73:46:a4:c9:
65:3e:9d:91:8f:bc:d1:b7:26:04:8a:a4:25:8e:7e:eb:d5:c6:
21:5e:b1:86:b5:5e:4b:cf:9e:f4:8a:a3:95:5e:4f:c4:43:7f:
88:98:bd:1e:3e:4d:1e:ef:cb:95:d3:0c:4c:01:6d:09:bc:fc:
da:2b:b7:1d:13:48:1a:15:4d:62:93:ea:dd:82:07:dc:6a:e2:
2c:4f:39:7d:41:77:3a:e9:88:d2:57:04:3e:57:14:b2:f2:8c:
7e:c6:0e:8e:39:ad:0c:0c:d9:ae:63:9b:d3:87:c3:2c:b9:da:
28:b5:cf:98:5c:a5:00:ae:6a:cc:f9:af:54:de:4e:19:85:59:
81:52:f4:e7:e4:df:28:28:34:9d:b3:71:12:33:50:d4:8a:aa:
5f:59:80:5e:d9:3e:8c:91:3a:cb:df:18:61:85:0b:69:43:a4:
b3:de:73:8a:d8:9d:b3:31:1e:50:3c:ae:8f:71:d9:a4:8f:f9:
ae:49:fa:e7:70:da:c5:ee:23:4f:f1:7b:e4:cd:99:4c:56:fd:
63:69:cb:70:1b:f3:97:13:ad:55:52:89:63:a9:ee:e6:81:81:
d5:0d:8f:ee:03:0a:2a:7c:32:c4:b6:39:7f:b3:29:bd:e8:5e:
d8:eb:5a:04
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZjQ71zBmq1PiqpitLgRrMfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUwODIyMDg0MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2YxNmQzODdmZjRlMTEyM2E3ZDA0YjAwODQxOTA0NWFjNWU5ZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7TiZ2iJJ1MtIgEZpHaeZbSAsbET
H+yRF/6EMc88dnVnMc0e80sau3XBoG3EZZBQbqXBYsg6ftYBM5etnMGGKFCNP6mp
aHjz/7VUeEDk30JnQVObPxqPDgk/xouq8v2lQ01SOrekKdEZ6Z2QDB5cdrTYaU3V
1TH1QWNRsR9eDAg50e4tVjFBV8Ddz9Wu3TiKFj9YEoSMt5Js9CxSBTUAQ5O9X1Qs
0l56x9U9budRsOUd7g3ep+XVoL/k/018xijjNmBu3RfTQ+h6Ad2Bexn5pCHzDYAH
IdpT3HGktRZ4fYq4Z+MPWenb1yFOHXQVpSSJzKGiNFLQI5nEFxAxsvmugQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLPxbTh/9OESOn0EsAhBkEWsXp6hMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvc19GdE9IXzA0Ukk2ZlFTd0NFR1FSYXhlbnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAlLOUD
BAMlLOAwDQYJKoZIhvcNAQELBQADggEBADMeqSgWJQpTvCG63njoc0akyWU+nZGP
vNG3JgSKpCWOfuvVxiFesYa1XkvPnvSKo5VeT8RDf4iYvR4+TR7vy5XTDEwBbQm8
/Nortx0TSBoVTWKT6t2CB9xq4ixPOX1BdzrpiNJXBD5XFLLyjH7GDo45rQwM2a5j
m9OHwyy52ii1z5hcpQCuasz5r1TeThmFWYFS9Ofk3ygoNJ2zcRIzUNSKql9ZgF7Z
PoyROsvfGGGFC2lDpLPec4rYnbMxHlA8ro9x2aSP+a5J+udw2sXuI0/xe+TNmUxW
/WNpy3Ab85cTrVVSiWOp7uaBgdUNj+4DCip8MsS2OX+zKb3oXtjrWgQ=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:34:03 2025 by rpki-client