Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/FnJQovhlbIvUdo0j6O0hr0vUYNM.roa
File: FnJQovhlbIvUdo0j6O0hr0vUYNM.roa (raw, json)
Hash identifier: wBBuOwEzLi1HNHDVjYRKKazRYQG/hq5eug3JUFJ4Ec0=
Subject key identifier: 16:72:50:A2:F8:65:6C:8B:D4:76:8D:23:E8:ED:21:AF:4B:D4:60:D3
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 0199E1ACBCC44989F35DC7C0A6F3D2E6E996
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/FnJQovhlbIvUdo0j6O0hr0vUYNM.roa
Signing time: Tue 14 Oct 2025 07:43:38 +0000
ROA not before: Tue 14 Oct 2025 07:43:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
85.117.124.0/24 maxlen: 24
85.117.125.0/24 maxlen: 24
85.117.126.0/24 maxlen: 24
85.117.127.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.64.0/24 maxlen: 24
217.76.65.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:27::/48 maxlen: 48
2a03:32c0:28::/48 maxlen: 48
2a03:32c0:29::/48 maxlen: 48
2a03:32c0:2a::/48 maxlen: 48
2a03:32c0:2b::/48 maxlen: 48
2a03:32c0:2c::/48 maxlen: 48
2a03:32c0:2d::/48 maxlen: 48
2a03:32c0:2e::/48 maxlen: 48
2a03:32c0:2f::/48 maxlen: 48
2a03:32c0:30::/48 maxlen: 48
2a03:32c0:31::/48 maxlen: 48
2a03:32c0:32::/48 maxlen: 48
2a03:32c0:33::/48 maxlen: 48
2a03:32c0:34::/48 maxlen: 48
2a03:32c0:35::/48 maxlen: 48
2a03:32c0:300a::/48 maxlen: 48
2a03:32c0:300b::/48 maxlen: 48
2a03:32c0:300c::/48 maxlen: 48
2a03:32c0:300d::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
2a03:32c0:3010::/48 maxlen: 48
2a03:32c0:3011::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e1:ac:bc:c4:49:89:f3:5d:c7:c0:a6:f3:d2:e6:e9:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Oct 14 07:43:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=167250a2f8656c8bd4768d23e8ed21af4bd460d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:b0:3d:2a:74:7e:7e:61:0b:9b:e2:35:a9:
2f:4f:63:de:45:2c:af:77:b5:1e:bd:f4:55:1b:a3:
58:7e:79:3e:08:7d:70:fc:91:83:50:28:fb:38:a2:
dc:cd:3c:b7:34:8b:95:00:bc:c4:f6:fd:2a:d5:e9:
d0:c6:ca:0b:52:db:6e:bd:67:29:9c:a0:63:d4:fd:
01:a0:b6:8e:a2:a0:18:2e:44:38:82:4d:dd:7d:7d:
c6:f0:46:86:3d:4e:b2:c4:51:1c:03:ff:6d:21:03:
ad:cb:bc:91:39:f5:c1:b1:35:f8:5d:57:9a:76:eb:
d7:16:14:40:7a:1c:c1:81:60:22:ca:c7:a3:c9:b9:
0e:fb:0e:e3:3d:35:3d:f9:b1:bc:e0:43:9e:60:9f:
3e:7e:ef:f3:e8:f3:83:35:2f:a0:b4:22:1f:a7:24:
0e:05:93:57:3c:48:04:63:a6:01:48:4f:89:e5:5e:
4d:5e:3e:3f:bc:da:7b:c5:eb:4c:2b:7c:a3:3e:b2:
22:03:76:da:91:e8:1b:52:8d:3b:b1:3f:56:c4:f9:
46:80:10:36:3a:a3:0d:df:36:ff:3f:c3:34:4b:22:
3d:0e:b2:4f:08:60:d7:78:c2:cd:2f:28:cc:09:a7:
df:68:32:b2:a9:fb:96:91:1e:73:f2:42:a2:c8:f1:
68:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:72:50:A2:F8:65:6C:8B:D4:76:8D:23:E8:ED:21:AF:4B:D4:60:D3
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/FnJQovhlbIvUdo0j6O0hr0vUYNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/19
185.57.72.0/22
217.76.64.0/23
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:27::-2a03:32c0:35:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300a::-2a03:32c0:3011:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c7:10:b0:6c:55:d7:fc:11:e5:2b:d1:df:d0:d8:b8:b8:43:9e:
97:81:c0:21:1c:7e:b3:16:cc:97:72:87:52:d9:0e:ef:6f:90:
79:8e:99:74:b5:1c:c0:af:98:f0:a8:5f:31:39:19:00:b9:50:
a2:7c:fe:4b:3d:1d:a6:08:41:95:83:40:ce:b2:d4:2c:c3:9d:
93:bc:ab:01:78:26:4c:b9:10:8e:76:1f:06:cc:c4:17:12:92:
c1:fa:b7:45:01:5c:c8:aa:fa:9b:ae:0e:51:23:d8:f2:1f:a5:
78:b6:1f:f6:5f:fc:b6:8f:bc:56:c0:cd:7d:25:81:da:10:68:
6b:d7:8d:bf:19:1c:7d:f3:de:a5:3c:7f:50:f6:e3:b7:9d:56:
4f:4a:ec:37:26:a2:04:ec:86:df:5b:d8:44:1e:f8:46:72:41:
6e:9d:7b:96:e0:ed:bc:31:ae:1c:42:cc:80:9e:e4:3a:d3:96:
42:74:fe:74:7f:bd:f4:69:b7:8a:ac:4e:59:e7:5f:ee:0a:16:
0d:c7:2b:e4:63:40:03:db:8f:96:c5:f0:7e:35:54:28:f6:d4:
7c:c2:26:e2:d3:5f:49:87:7d:24:73:f7:24:ec:6f:e9:ea:77:
29:f0:7b:6e:ad:5a:53:cd:c4:52:4d:d4:c9:66:a9:e3:ed:30:
a9:b3:7c:7b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZnhrLzESYnzXcfApvPS5umWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjUxMDE0MDc0MzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjcyNTBhMmY4NjU2YzhiZDQ3NjhkMjNlOGVkMjFhZjRiZDQ2MGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2WwPSp0fn5hC5viNakvT2PeRSyv
d7UevfRVG6NYfnk+CH1w/JGDUCj7OKLczTy3NIuVALzE9v0q1enQxsoLUttuvWcp
nKBj1P0BoLaOoqAYLkQ4gk3dfX3G8EaGPU6yxFEcA/9tIQOty7yROfXBsTX4XVea
duvXFhRAehzBgWAiysejybkO+w7jPTU9+bG84EOeYJ8+fu/z6PODNS+gtCIfpyQO
BZNXPEgEY6YBSE+J5V5NXj4/vNp7xetMK3yjPrIiA3bakegbUo07sT9WxPlGgBA2
OqMN3zb/P8M0SyI9DrJPCGDXeMLNLyjMCaffaDKyqfuWkR5z8kKiyPFoQQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFBZyUKL4ZWyL1HaNI+jtIa9L1GDTMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvRm5KUW92aGxiSXZVZG8wajZPMGhyMHZVWU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDA6BAIAATA0AwQFVXVg
AwQCuTlIAwQB2UxAAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDBW
BAIAAjBQMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGDAS
AwcAKgMywAAnAwcBKgMywAA0MBIDBwEqAzLAMAoDBwEqAzLAMBAwDQYJKoZIhvcN
AQELBQADggEBAMcQsGxV1/wR5SvR39DYuLhDnpeBwCEcfrMWzJdyh1LZDu9vkHmO
mXS1HMCvmPCoXzE5GQC5UKJ8/ks9HaYIQZWDQM6y1CzDnZO8qwF4Jky5EI52HwbM
xBcSksH6t0UBXMiq+puuDlEj2PIfpXi2H/Zf/LaPvFbAzX0lgdoQaGvXjb8ZHH3z
3qU8f1D247edVk9K7DcmogTsht9b2EQe+EZyQW6de5bg7bwxrhxCzICe5DrTlkJ0
/nR/vfRpt4qsTlnnX+4KFg3HK+RjQAPbj5bF8H41VCj21HzCJuLTX0mHfSRz9yTs
b+nqdynwe26tWlPNxFJN1MlmqePtMKmzfHs=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:46:04 2025 by rpki-client