Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/fcVvjwRag1hWvR-DlxtRjfvHfxQ.roa
File: fcVvjwRag1hWvR-DlxtRjfvHfxQ.roa (raw, json)
Hash identifier: BUMcpqrIqy6kZ9QN60TGmYHXUDk5mCKXlvZBSwSv8eU=
Subject key identifier: 7D:C5:6F:8F:04:5A:83:58:56:BD:1F:83:97:1B:51:8D:FB:C7:7F:14
Certificate issuer: /CN=78f29e87382159ca5e81387d7ee77e512fad1636
Certificate serial: 019787DFD76C62FF31B20BBAAD19C5FA311D
Authority key identifier: 78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/fcVvjwRag1hWvR-DlxtRjfvHfxQ.roa
Signing time: Thu 19 Jun 2025 11:08:03 +0000
ROA not before: Thu 19 Jun 2025 11:08:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51505
IP address blocks: 193.28.156.0/24 maxlen: 24
194.46.62.0/23 maxlen: 24
194.154.32.0/19 maxlen: 19
2a14:6700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:df:d7:6c:62:ff:31:b2:0b:ba:ad:19:c5:fa:31:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78f29e87382159ca5e81387d7ee77e512fad1636
Validity
Not Before: Jun 19 11:08:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dc56f8f045a835856bd1f83971b518dfbc77f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ce:ce:27:c3:53:ac:8e:5e:97:a6:c7:55:5e:
92:f0:e7:12:76:8d:de:72:cb:43:ac:7f:a6:3f:bc:
73:ea:26:13:dc:ba:7f:e0:c8:05:4a:c7:b1:bc:a2:
ac:44:d2:2b:e9:3a:bb:c3:6c:74:1a:d7:4b:55:0f:
10:2a:c3:39:44:85:f3:32:50:bc:ec:06:f4:9c:d6:
c7:de:d1:0d:e6:ed:70:d4:5c:97:d6:01:e7:eb:35:
43:16:66:fc:43:b0:79:07:4b:01:03:09:57:de:42:
76:f0:09:fe:57:72:87:1b:b6:31:e4:e9:7a:35:47:
a5:34:ba:2a:36:cf:ac:10:59:71:a5:d4:58:aa:27:
6d:d4:69:a0:fa:ce:63:7e:0d:a4:19:2c:54:49:7f:
26:c0:41:44:48:12:ca:8a:99:77:3b:61:4d:fd:6c:
7c:6a:d0:4e:2a:65:2d:95:02:fc:5d:b1:4c:95:02:
58:51:5d:46:ae:61:e0:24:1c:ab:d5:71:c8:69:bf:
f0:b2:19:c4:7a:50:50:a9:13:2f:aa:e5:d7:4d:4c:
2d:71:f0:a5:b8:a3:93:de:98:cd:a1:c5:ec:3d:5f:
26:22:ba:34:78:82:eb:77:d6:53:46:23:09:86:8d:
da:77:d8:4e:c9:b4:d6:53:d4:22:df:1c:bc:13:77:
97:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C5:6F:8F:04:5A:83:58:56:BD:1F:83:97:1B:51:8D:FB:C7:7F:14
X509v3 Authority Key Identifier:
keyid:78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/fcVvjwRag1hWvR-DlxtRjfvHfxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.156.0/24
194.46.62.0/23
194.154.32.0/19
IPv6:
2a14:6700::/29
Signature Algorithm: sha256WithRSAEncryption
63:76:7d:a1:84:5b:b5:25:e6:c2:98:37:22:4f:2b:6a:d0:94:
eb:57:c6:ca:ef:75:b6:85:c9:23:e7:27:cb:ce:28:02:0c:ec:
d7:20:41:fd:88:2e:71:88:42:7b:a3:36:b4:52:21:db:2f:c3:
14:79:81:b3:22:35:b6:d3:75:e0:44:8c:2b:c7:94:25:c6:7e:
50:90:82:57:0e:f2:36:46:27:92:ae:bc:a4:1f:b0:68:a7:93:
8a:59:09:dd:ff:2f:60:e4:86:61:12:d6:09:ec:cf:c6:ad:ba:
5a:a4:05:e1:64:45:05:1e:91:43:8f:7b:16:2a:c9:8f:a3:92:
16:a2:41:80:8a:6a:20:d3:82:f6:3c:ee:76:ea:64:8b:0c:ca:
dc:7d:08:b3:c3:85:1b:e5:0f:97:3b:b6:cd:04:58:4f:bf:47:
10:3f:5b:bb:33:b3:2c:ba:c3:7b:3e:14:e6:73:87:e5:2f:8b:
c2:3d:ae:a2:2f:9d:95:67:4d:38:01:63:29:b3:20:47:a4:4f:
78:6d:46:57:f7:9b:6b:f4:30:b1:21:99:96:4a:9a:46:9b:56:
95:cb:0c:28:c4:06:46:67:18:b7:99:43:d8:4c:a2:4c:73:78:
32:e8:c2:50:0d:eb:bf:bc:c5:8c:d5:e9:3b:68:ad:33:4b:3c:
2e:6f:75:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZeH39dsYv8xsgu6rRnF+jEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZjI5ZTg3MzgyMTU5Y2E1ZTgxMzg3ZDdlZTc3ZTUxMmZh
ZDE2MzYwHhcNMjUwNjE5MTEwODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM1NmY4ZjA0NWE4MzU4NTZiZDFmODM5NzFiNTE4ZGZiYzc3ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts7OJ8NTrI5el6bHVV6S8OcSdo3e
cstDrH+mP7xz6iYT3Lp/4MgFSsexvKKsRNIr6Tq7w2x0GtdLVQ8QKsM5RIXzMlC8
7Ab0nNbH3tEN5u1w1FyX1gHn6zVDFmb8Q7B5B0sBAwlX3kJ28An+V3KHG7Yx5Ol6
NUelNLoqNs+sEFlxpdRYqidt1Gmg+s5jfg2kGSxUSX8mwEFESBLKipl3O2FN/Wx8
atBOKmUtlQL8XbFMlQJYUV1GrmHgJByr1XHIab/wshnEelBQqRMvquXXTUwtcfCl
uKOT3pjNocXsPV8mIro0eILrd9ZTRiMJho3ad9hOybTWU9Qi3xy8E3eXcQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFH3Fb48EWoNYVr0fg5cbUY37x38UMB8GA1UdIwQY
MBaAFHjynoc4IVnKXoE4fX7nflEvrRY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQt
ODJmODljYmEyNmQ4LzEvZmNWdmp3UmFnMWhXdlItRGx4dFJqZnZIZnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQtODJmODljYmEyNmQ4
LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwRycAwQB
wi4+AwQFwpogMA0EAgACMAcDBQMqFGcAMA0GCSqGSIb3DQEBCwUAA4IBAQBjdn2h
hFu1JebCmDciTytq0JTrV8bK73W2hckj5yfLzigCDOzXIEH9iC5xiEJ7oza0UiHb
L8MUeYGzIjW203XgRIwrx5Qlxn5QkIJXDvI2RieSrrykH7Bop5OKWQnd/y9g5IZh
EtYJ7M/GrbpapAXhZEUFHpFDj3sWKsmPo5IWokGAimog04L2PO526mSLDMrcfQiz
w4Ub5Q+XO7bNBFhPv0cQP1u7M7MsusN7PhTmc4flL4vCPa6iL52VZ004AWMpsyBH
pE94bUZX95tr9DCxIZmWSppGm1aVywwoxAZGZxi3mUPYTKJMc3gy6MJQDeu/vMWM
1ek7aK0zSzwub3XO
-----END CERTIFICATE-----
Generated at Tue Jul 1 04:07:32 2025 by rpki-client