Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/49b462-75ae-4acc-b52e-71186e2b516a/1/aFgiJNKCIanfvnqNDMdjznHMd1g.roa
File: aFgiJNKCIanfvnqNDMdjznHMd1g.roa (raw, json)
Hash identifier: LkdaN274HWy1PdIg0LvK8JE9h9510OV9pL6YxntLzSo=
Subject key identifier: 68:58:22:24:D2:82:21:A9:DF:BE:7A:8D:0C:C7:63:CE:71:CC:77:58
Certificate issuer: /CN=fdf54b1879a145397fac0d358efabd2f5fd0aca1
Certificate serial: 019788666D1672F8D2C5D091FA614877E8CC
Authority key identifier: FD:F5:4B:18:79:A1:45:39:7F:AC:0D:35:8E:FA:BD:2F:5F:D0:AC:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_fVLGHmhRTl_rA01jvq9L1_QrKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/49b462-75ae-4acc-b52e-71186e2b516a/1/aFgiJNKCIanfvnqNDMdjznHMd1g.roa
Signing time: Thu 19 Jun 2025 13:35:03 +0000
ROA not before: Thu 19 Jun 2025 13:35:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211827
IP address blocks: 77.94.225.0/24 maxlen: 24
77.94.230.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/49b462-75ae-4acc-b52e-71186e2b516a/1/_fVLGHmhRTl_rA01jvq9L1_QrKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/49b462-75ae-4acc-b52e-71186e2b516a/1/_fVLGHmhRTl_rA01jvq9L1_QrKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_fVLGHmhRTl_rA01jvq9L1_QrKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 17:39:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:88:66:6d:16:72:f8:d2:c5:d0:91:fa:61:48:77:e8:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdf54b1879a145397fac0d358efabd2f5fd0aca1
Validity
Not Before: Jun 19 13:35:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68582224d28221a9dfbe7a8d0cc763ce71cc7758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:23:85:78:6a:71:90:22:0f:43:88:3b:35:fa:
3b:34:aa:d6:04:9c:22:57:ab:98:0d:da:a9:75:bd:
38:84:c8:46:35:11:32:ff:12:5b:81:af:9c:a7:06:
b3:30:5c:a2:6a:81:0e:4d:89:1a:f9:e8:2b:19:99:
19:06:cf:4f:41:e0:a9:7a:3f:ba:d4:e3:7c:82:ff:
67:56:6a:00:14:f1:56:8e:15:c2:23:d6:67:46:f8:
5c:25:7b:6c:93:04:cd:25:e9:52:36:3c:4b:54:e5:
c6:ea:e9:20:21:29:f5:ca:da:77:8e:f6:d8:38:33:
e7:0d:f2:e6:5e:56:13:2e:ee:b7:40:a9:21:b6:e3:
ed:42:89:d7:61:b7:7d:06:c7:7d:9d:f0:ef:3f:95:
54:ef:be:b9:90:ca:98:7f:73:5e:f4:9a:71:99:ad:
ec:3e:ed:fb:59:f4:40:f5:76:46:91:d7:3c:48:44:
23:28:63:75:e7:7a:31:17:1c:6a:f7:2e:13:4b:aa:
eb:ed:30:0d:d9:d0:b6:03:11:0d:aa:43:ba:03:b0:
7f:11:a1:96:a0:e5:e8:b9:34:b2:8a:38:98:92:2e:
d9:86:06:15:1f:16:8c:8a:0f:50:4a:dc:9c:0a:ef:
fd:0b:91:40:f5:fa:f1:22:37:11:0c:70:fa:1a:7b:
f5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:58:22:24:D2:82:21:A9:DF:BE:7A:8D:0C:C7:63:CE:71:CC:77:58
X509v3 Authority Key Identifier:
keyid:FD:F5:4B:18:79:A1:45:39:7F:AC:0D:35:8E:FA:BD:2F:5F:D0:AC:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_fVLGHmhRTl_rA01jvq9L1_QrKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/49b462-75ae-4acc-b52e-71186e2b516a/1/aFgiJNKCIanfvnqNDMdjznHMd1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/49b462-75ae-4acc-b52e-71186e2b516a/1/_fVLGHmhRTl_rA01jvq9L1_QrKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.225.0/24
77.94.230.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:10:62:1b:dc:63:ac:f3:a6:97:17:00:d0:11:3a:c2:ec:44:
ae:3e:a6:4c:5a:a9:b2:73:b3:89:2e:2d:8f:e0:29:18:6f:b6:
35:b4:3e:e3:30:7d:52:55:9f:31:9c:1b:34:af:db:dd:f6:ae:
9e:43:ea:5d:72:70:12:7a:c1:49:a0:7d:36:44:88:e1:40:a6:
c9:1c:c5:82:8a:9f:9f:1e:f3:d2:f4:c9:86:a7:56:06:62:d6:
a2:ec:6b:50:ca:b7:71:69:a7:d1:f3:c5:a8:c0:45:18:1f:06:
70:02:a2:dc:ea:fc:1b:cd:1f:17:4b:d1:a7:6e:f8:4c:a6:31:
ea:25:6f:c7:11:44:ed:2d:e1:16:a3:60:e1:a3:af:48:81:d7:
0f:e2:c2:d4:51:6f:36:50:10:a8:62:98:7f:71:d4:9b:1b:73:
53:b1:16:83:13:dd:d1:78:8b:b8:f9:7f:8a:5e:08:01:58:5f:
3d:80:b3:60:bd:44:92:d6:b7:39:11:44:ce:ca:7f:3a:1b:f3:
af:a0:55:cb:76:63:c5:d7:2c:72:a5:2f:c6:f3:f6:85:6a:de:
bf:eb:4d:c3:92:65:fa:78:aa:d1:89:2d:f2:a2:1c:83:79:88:
30:e7:6b:ea:10:54:3a:3b:22:de:ed:38:31:b7:30:a9:02:2d:
05:de:95:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZeIZm0WcvjSxdCR+mFId+jMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZjU0YjE4NzlhMTQ1Mzk3ZmFjMGQzNThlZmFiZDJmNWZk
MGFjYTEwHhcNMjUwNjE5MTMzNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODU4MjIyNGQyODIyMWE5ZGZiZTdhOGQwY2M3NjNjZTcxY2M3NzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCOFeGpxkCIPQ4g7Nfo7NKrWBJwi
V6uYDdqpdb04hMhGNREy/xJbga+cpwazMFyiaoEOTYka+egrGZkZBs9PQeCpej+6
1ON8gv9nVmoAFPFWjhXCI9ZnRvhcJXtskwTNJelSNjxLVOXG6ukgISn1ytp3jvbY
ODPnDfLmXlYTLu63QKkhtuPtQonXYbd9Bsd9nfDvP5VU7765kMqYf3Ne9Jpxma3s
Pu37WfRA9XZGkdc8SEQjKGN153oxFxxq9y4TS6rr7TAN2dC2AxENqkO6A7B/EaGW
oOXouTSyijiYki7ZhgYVHxaMig9QStycCu/9C5FA9frxIjcRDHD6Gnv1owIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGhYIiTSgiGp3756jQzHY85xzHdYMB8GA1UdIwQY
MBaAFP31Sxh5oUU5f6wNNY76vS9f0KyhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2ZWTEdIbWhSVGxfckEwMWp2cTlMMV9RcktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80OWI0NjItNzVhZS00YWNjLWI1MmUt
NzExODZlMmI1MTZhLzEvYUZnaUpOS0NJYW5mdm5xTkRNZGp6bkhNZDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80OWI0NjItNzVhZS00YWNjLWI1MmUtNzExODZlMmI1MTZh
LzEvX2ZWTEdIbWhSVGxfckEwMWp2cTlMMV9RcktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATV7hAwQB
TV7mMA0GCSqGSIb3DQEBCwUAA4IBAQAuEGIb3GOs86aXFwDQETrC7ESuPqZMWqmy
c7OJLi2P4CkYb7Y1tD7jMH1SVZ8xnBs0r9vd9q6eQ+pdcnASesFJoH02RIjhQKbJ
HMWCip+fHvPS9MmGp1YGYtai7GtQyrdxaafR88WowEUYHwZwAqLc6vwbzR8XS9Gn
bvhMpjHqJW/HEUTtLeEWo2Dho69IgdcP4sLUUW82UBCoYph/cdSbG3NTsRaDE93R
eIu4+X+KXggBWF89gLNgvUSS1rc5EUTOyn86G/OvoFXLdmPF1yxypS/G8/aFat6/
603DkmX6eKrRiS3yohyDeYgw52vqEFQ6OyLe7TgxtzCpAi0F3pWX
-----END CERTIFICATE-----
Generated at Fri Jul 4 02:17:22 2025 by rpki-client