Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/FrlTllROP5CYV3ZPHDYhScMfBCM.roa
File: FrlTllROP5CYV3ZPHDYhScMfBCM.roa (raw, json)
Hash identifier: 0HCi+/gBnVJSVuOkNqnklPMOAVsKCJ50ZrzmmZst3aw=
Subject key identifier: 16:B9:53:96:54:4E:3F:90:98:57:76:4F:1C:36:21:49:C3:1F:04:23
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0199E6D7ACF1643DB6E2596D71A67B95E4F1
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/FrlTllROP5CYV3ZPHDYhScMfBCM.roa
Signing time: Wed 15 Oct 2025 07:48:38 +0000
ROA not before: Wed 15 Oct 2025 07:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 77.76.4.0/22 maxlen: 22
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.128.52.0/22 maxlen: 22
78.128.56.0/22 maxlen: 22
78.128.82.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.88.0/22 maxlen: 22
78.128.96.0/23 maxlen: 23
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.116.0/23 maxlen: 23
78.142.10.0/23 maxlen: 23
78.142.12.0/22 maxlen: 22
78.142.30.0/23 maxlen: 23
83.222.190.0/23 maxlen: 23
84.201.224.0/20 maxlen: 20
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
91.148.169.0/24 maxlen: 24
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
91.148.186.0/24 maxlen: 24
130.185.227.0/24 maxlen: 24
185.81.120.0/23 maxlen: 23
193.24.240.0/22 maxlen: 22
193.200.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e6:d7:ac:f1:64:3d:b6:e2:59:6d:71:a6:7b:95:e4:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Oct 15 07:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16b95396544e3f909857764f1c362149c31f0423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:05:33:13:f9:58:96:38:52:5b:58:57:04:ea:
47:db:0f:90:eb:60:96:5e:64:80:db:02:11:d0:77:
14:2e:78:9a:08:cd:78:f6:5c:70:43:cd:88:d2:c3:
57:b0:81:46:cb:ea:a2:ca:46:5d:94:4e:f2:9b:4d:
38:d9:cd:b0:e5:02:f1:08:da:3b:f3:40:de:47:a3:
2f:21:3f:ca:3a:9e:47:38:51:d4:2d:3c:95:7e:29:
df:a2:1a:29:da:79:76:9a:b6:9a:dd:8c:9b:ec:bb:
85:74:53:d6:c8:ca:b2:13:05:31:ae:a2:7f:47:b1:
48:ab:d8:e8:59:44:f0:d3:c0:38:89:e2:a9:9c:30:
72:94:09:5d:9f:5d:02:af:eb:a5:e2:8c:7f:6f:f6:
c4:a0:ce:a7:d5:6a:2c:6b:7a:c5:51:08:03:e5:f2:
1e:e7:d1:4a:d8:40:a1:4b:36:6c:a4:98:96:95:6f:
2d:c2:80:9b:67:dc:c0:ae:f5:c3:cf:c7:0f:25:c0:
86:f7:73:20:6c:5d:d6:47:0d:40:5d:aa:c5:26:dc:
37:bf:65:45:fe:6d:0a:57:da:09:87:af:67:01:b1:
26:5e:c2:92:e0:46:e8:86:ce:48:b9:0c:47:33:c1:
43:09:3f:c2:79:46:c2:f2:85:c4:08:f5:9b:c8:6f:
d5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B9:53:96:54:4E:3F:90:98:57:76:4F:1C:36:21:49:C3:1F:04:23
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/FrlTllROP5CYV3ZPHDYhScMfBCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.4.0/22
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.82.0-78.128.91.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.116.0/23
78.142.10.0-78.142.15.255
78.142.30.0/23
83.222.190.0/23
84.201.224.0/20
91.148.162.0-91.148.165.255
91.148.169.0-91.148.183.255
91.148.186.0/24
130.185.227.0/24
185.81.120.0/23
193.24.240.0/22
193.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:91:cf:ef:d2:6f:35:75:eb:ae:5c:d8:f9:78:ec:e4:4d:da:
29:33:33:62:99:06:8e:3e:a1:36:2f:54:6d:7c:1a:85:fc:77:
75:65:ea:82:e4:97:75:4c:fe:68:2b:64:6c:63:ff:aa:07:b7:
7f:5c:88:c7:fc:80:8c:20:9e:fc:f0:54:72:7d:c7:c5:74:20:
c0:f2:10:fb:6c:80:71:0b:09:9e:00:01:39:e9:e9:0c:ae:df:
77:ae:8a:22:bd:c3:67:5e:50:35:9b:83:30:7f:cc:0b:52:56:
0a:36:eb:b9:bf:61:81:b2:4f:73:7d:09:c6:92:20:33:24:71:
4e:a2:08:2c:fb:6a:78:7d:cb:9c:94:f8:a8:fa:9e:bf:7b:59:
07:9f:51:7a:3e:ca:b7:85:c8:6d:e0:70:20:d3:82:be:54:63:
23:9f:6e:a8:db:d9:da:5a:a0:a3:4a:7d:cc:7b:dd:5d:1b:0b:
16:fe:aa:5a:74:c3:8f:c8:f1:45:d2:c0:11:0e:f0:39:95:05:
fa:64:03:84:3a:b0:69:02:09:d7:53:33:eb:70:c1:9f:90:01:
2c:a0:77:2e:8a:ea:95:f4:28:ac:8a:07:9c:08:e7:d1:74:57:
7a:ed:64:b1:bb:3f:a9:91:b0:9b:71:3b:d1:0b:ec:ce:26:d0:
54:d0:9c:a9
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZnm16zxZD224lltcaZ7leTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUxMDE1MDc0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmI5NTM5NjU0NGUzZjkwOTg1Nzc2NGYxYzM2MjE0OWMzMWYwNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQUzE/lYljhSW1hXBOpH2w+Q62CW
XmSA2wIR0HcULniaCM149lxwQ82I0sNXsIFGy+qiykZdlE7ym0042c2w5QLxCNo7
80DeR6MvIT/KOp5HOFHULTyVfinfohop2nl2mraa3Yyb7LuFdFPWyMqyEwUxrqJ/
R7FIq9joWUTw08A4ieKpnDBylAldn10Cr+ul4ox/b/bEoM6n1Wosa3rFUQgD5fIe
59FK2EChSzZspJiWlW8twoCbZ9zArvXDz8cPJcCG93MgbF3WRw1AXarFJtw3v2VF
/m0KV9oJh69nAbEmXsKS4Ebohs5IuQxHM8FDCT/CeUbC8oXECPWbyG/VMwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFBa5U5ZUTj+QmFd2Txw2IUnDHwQjMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvRnJsVGxsUk9QNUNZVjNaUEhEWWhTY01mQkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAJN
TAQwDAMEAU6ACgMEBU6AADAMAwQCToAkAwQBToAoMAwDBAJOgDQDBAJOgDgwDAME
AU6AUgMEAk6AWAMEAU6AYDAMAwQCToBkAwQCToBoAwQBToB0MAwDBAFOjgoDBARO
jgADBAFOjh4DBAFT3r4DBARUyeAwDAMEAVuUogMEAVuUpDAMAwQAW5SpAwQDW5Sw
AwQAW5S6AwQAgrnjAwQBuVF4AwQCwRjwAwQBwcgOMA0GCSqGSIb3DQEBCwUAA4IB
AQANkc/v0m81deuuXNj5eOzkTdopMzNimQaOPqE2L1RtfBqF/Hd1ZeqC5Jd1TP5o
K2RsY/+qB7d/XIjH/ICMIJ788FRyfcfFdCDA8hD7bIBxCwmeAAE56ekMrt93rooi
vcNnXlA1m4Mwf8wLUlYKNuu5v2GBsk9zfQnGkiAzJHFOoggs+2p4fcuclPio+p6/
e1kHn1F6Psq3hcht4HAg04K+VGMjn26o29naWqCjSn3Me91dGwsW/qpadMOPyPFF
0sARDvA5lQX6ZAOEOrBpAgnXUzPrcMGfkAEsoHcuiuqV9CisigecCOfRdFd67WSx
uz+pkbCbcTvRC+zOJtBU0Jyp
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:30 2025 by rpki-client