Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/FUpeWXxqIfCxNO-RWnSDXxCgpZs.roa
File: FUpeWXxqIfCxNO-RWnSDXxCgpZs.roa (raw, json)
Hash identifier: UO+np20IJHxMb4n3/H4mp/Ku17r4EDdBI7uWg/d9s8A=
Subject key identifier: 15:4A:5E:59:7C:6A:21:F0:B1:34:EF:91:5A:74:83:5F:10:A0:A5:9B
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 01998BAE57C49F829476ADD00207E9A72302
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/FUpeWXxqIfCxNO-RWnSDXxCgpZs.roa
Signing time: Sat 27 Sep 2025 14:58:02 +0000
ROA not before: Sat 27 Sep 2025 14:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212895
IP address blocks: 2a01:fb01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:8b:ae:57:c4:9f:82:94:76:ad:d0:02:07:e9:a7:23:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Sep 27 14:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=154a5e597c6a21f0b134ef915a74835f10a0a59b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e3:ab:98:9a:32:3a:90:9e:30:2f:ae:ca:d2:
5e:a0:bd:c9:ca:ca:3b:7b:21:c3:64:6c:b1:aa:f3:
5c:ad:ca:e7:85:cc:2e:e8:2a:d8:6d:dd:74:c0:5e:
d7:7b:f7:96:4b:de:8c:4c:f9:99:75:b1:97:d5:76:
18:65:b1:9f:b0:7f:e0:60:c4:64:59:e1:43:bb:46:
19:9d:51:68:17:07:79:a3:52:25:4a:33:f2:ea:0c:
7e:eb:af:9d:5e:9b:98:19:cb:6e:be:58:f8:4c:4b:
d8:0b:67:b2:3b:78:6f:01:9a:38:c7:d1:2d:90:37:
f5:e2:94:b7:59:07:c9:ac:2c:b5:9b:7f:f6:75:a1:
00:6d:d8:d1:23:86:2d:40:38:88:fc:66:d5:b9:a1:
6a:62:c2:c6:44:f8:aa:89:74:16:fe:6b:f9:30:91:
89:0b:22:fb:43:96:32:58:28:e8:7c:67:8a:e8:f2:
e9:24:df:4d:eb:c6:5e:8f:b5:42:75:36:18:ba:10:
6d:5d:39:39:3e:2f:4d:d0:04:3c:1b:da:77:c9:57:
34:1a:83:63:ee:36:24:e6:ca:a2:b2:be:66:ec:50:
0c:38:ae:e4:e4:5b:65:d8:e2:f4:75:c4:75:59:b4:
03:ba:92:44:73:9d:13:16:eb:eb:6e:ca:8f:36:20:
9a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:4A:5E:59:7C:6A:21:F0:B1:34:EF:91:5A:74:83:5F:10:A0:A5:9B
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/FUpeWXxqIfCxNO-RWnSDXxCgpZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:fb01::/32
Signature Algorithm: sha256WithRSAEncryption
57:7c:de:03:5b:01:99:1c:2a:31:aa:ac:83:4a:2a:50:92:61:
da:0c:07:39:10:1d:6f:b2:ee:13:51:9c:f9:0a:40:3c:6e:28:
4f:fa:68:0e:cc:d9:85:82:11:9e:ec:28:ed:b1:28:17:45:12:
09:bb:23:e2:69:87:ad:9a:06:c5:ec:25:ea:3a:18:38:ed:2d:
96:f8:4b:94:ce:7f:fe:5c:ae:cd:70:4f:1a:88:3f:45:66:e3:
34:af:7e:26:fd:6d:a2:4b:40:6b:81:66:b4:8c:f9:c6:03:f5:
bb:6b:ad:3d:de:1d:01:4b:1b:a3:ec:ac:1d:5c:40:dd:d6:9e:
fc:8a:7a:d5:de:ab:26:ba:b5:ad:7e:06:b9:94:20:c4:f4:29:
71:52:3a:04:42:6e:13:93:9a:e5:08:dc:9e:9a:de:f6:fc:54:
65:9a:75:2c:1a:b8:ca:39:52:44:ff:53:e4:16:09:dd:ea:a8:
f2:39:b7:f7:d6:06:61:de:7f:08:75:9c:4c:54:c5:21:be:ba:
24:45:70:bd:d7:fd:6d:73:19:e9:73:b4:8e:ea:5b:38:33:c3:
5a:a5:dc:f7:87:7a:bc:05:ca:ca:aa:7d:fb:2f:6a:53:0d:3b:
60:b8:3d:66:74:3f:63:ba:19:bd:94:60:da:e5:db:c2:bf:f0:
fb:8e:6f:c1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZmLrlfEn4KUdq3QAgfppyMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUwOTI3MTQ1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTRhNWU1OTdjNmEyMWYwYjEzNGVmOTE1YTc0ODM1ZjEwYTBhNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueOrmJoyOpCeMC+uytJeoL3Jyso7
eyHDZGyxqvNcrcrnhcwu6CrYbd10wF7Xe/eWS96MTPmZdbGX1XYYZbGfsH/gYMRk
WeFDu0YZnVFoFwd5o1IlSjPy6gx+66+dXpuYGctuvlj4TEvYC2eyO3hvAZo4x9Et
kDf14pS3WQfJrCy1m3/2daEAbdjRI4YtQDiI/GbVuaFqYsLGRPiqiXQW/mv5MJGJ
CyL7Q5YyWCjofGeK6PLpJN9N68Zej7VCdTYYuhBtXTk5Pi9N0AQ8G9p3yVc0GoNj
7jYk5sqisr5m7FAMOK7k5Ftl2OL0dcR1WbQDupJEc50TFuvrbsqPNiCa5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBVKXll8aiHwsTTvkVp0g18QoKWbMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvRlVwZVdYeHFJZkN4Tk8tUlduU0RYeENncFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgH7ATAN
BgkqhkiG9w0BAQsFAAOCAQEAV3zeA1sBmRwqMaqsg0oqUJJh2gwHORAdb7LuE1Gc
+QpAPG4oT/poDszZhYIRnuwo7bEoF0USCbsj4mmHrZoGxewl6joYOO0tlvhLlM5/
/lyuzXBPGog/RWbjNK9+Jv1toktAa4FmtIz5xgP1u2utPd4dAUsbo+ysHVxA3dae
/Ip61d6rJrq1rX4GuZQgxPQpcVI6BEJuE5Oa5Qjcnpre9vxUZZp1LBq4yjlSRP9T
5BYJ3eqo8jm399YGYd5/CHWcTFTFIb66JEVwvdf9bXMZ6XO0jupbODPDWqXc94d6
vAXKyqp9+y9qUw07YLg9ZnQ/Y7oZvZRg2uXbwr/w+45vwQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:36 2025 by rpki-client