Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/fCj0XSBtsIdMmdrpR-SG2Jh_SDI.roa
File: fCj0XSBtsIdMmdrpR-SG2Jh_SDI.roa (raw, json)
Hash identifier: 5XxUNgc3IIKpx0MnGdv0XOOztD0raRXWx9OFDmvoJGo=
Subject key identifier: 7C:28:F4:5D:20:6D:B0:87:4C:99:DA:E9:47:E4:86:D8:98:7F:48:32
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 0197D09E4449DF606FDFCE14AF859837CE91
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/fCj0XSBtsIdMmdrpR-SG2Jh_SDI.roa
Signing time: Thu 03 Jul 2025 14:08:42 +0000
ROA not before: Thu 03 Jul 2025 14:08:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197927
IP address blocks: 130.255.174.0/24 maxlen: 24
146.19.85.0/24 maxlen: 24
193.42.214.0/24 maxlen: 24
2a09:a740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d0:9e:44:49:df:60:6f:df:ce:14:af:85:98:37:ce:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jul 3 14:08:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c28f45d206db0874c99dae947e486d8987f4832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:50:15:c8:63:cb:ec:7f:be:03:01:9b:8e:68:
21:6f:05:1d:5e:ad:7a:f4:39:aa:24:dc:17:20:e3:
d8:3a:bd:fb:5d:3b:31:62:87:6e:09:f1:4e:03:5f:
70:98:48:8a:f0:4b:33:9f:c5:a2:56:31:17:b2:f9:
98:03:55:78:7e:2f:5f:11:7e:ac:c1:da:02:90:d8:
86:4b:dd:e8:8f:3d:59:9d:db:9e:ec:aa:02:ca:d8:
34:6e:f2:c2:76:91:53:e1:b7:8a:8e:b1:d4:39:d8:
94:85:3b:09:a4:14:84:e5:36:c0:5e:ca:b8:61:18:
cd:86:02:88:dd:88:8e:c0:05:4d:c2:ea:33:47:67:
89:ae:7a:c9:d0:2b:26:a7:03:03:af:04:a0:f1:02:
b1:4c:49:83:9c:a5:89:72:ef:d6:3b:3b:01:57:a0:
41:8c:75:9f:4d:a3:09:13:10:90:71:86:70:96:e4:
a2:e1:33:45:4c:51:21:66:74:42:2e:07:9a:f1:68:
1d:d1:dc:1e:7b:c7:07:2f:29:7c:5b:6a:e0:0d:bd:
7e:58:38:a2:db:90:e8:fe:df:ca:c3:9c:24:73:13:
ad:9b:f6:f8:c6:99:0b:4f:28:07:70:8d:7f:c7:4d:
6b:5b:b9:68:b5:d6:14:2a:91:47:5d:b2:b7:3c:d7:
f9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:28:F4:5D:20:6D:B0:87:4C:99:DA:E9:47:E4:86:D8:98:7F:48:32
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/fCj0XSBtsIdMmdrpR-SG2Jh_SDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.174.0/24
146.19.85.0/24
193.42.214.0/24
IPv6:
2a09:a740::/32
Signature Algorithm: sha256WithRSAEncryption
1e:7a:c6:5f:39:67:52:8e:99:c2:45:fc:b3:66:2d:83:11:e2:
6a:f0:4a:15:40:e1:26:d7:c5:0a:de:8c:cd:eb:5d:e9:b3:f1:
6b:40:e3:0e:43:d8:39:c6:29:10:e5:57:8e:d4:bc:26:6d:6f:
fd:57:f7:be:d8:cc:e4:19:19:a5:d2:c8:d9:f4:57:cb:59:d5:
34:59:45:a5:59:c1:eb:77:52:9a:f8:08:a6:0a:93:aa:c1:8b:
bf:28:05:22:7c:f4:07:e5:24:59:52:17:78:6c:18:68:2f:2f:
ad:2f:9c:68:66:d2:52:f5:e6:b2:dd:61:cd:05:05:9d:9a:2f:
42:40:45:ec:5a:5a:71:27:50:7c:18:74:8e:b2:89:78:2c:a8:
ab:60:a4:0e:b6:64:97:d6:91:15:a6:2e:d0:d4:09:dc:1c:52:
25:87:bb:97:06:e9:37:f3:17:ed:66:72:27:37:2d:87:15:0a:
3e:4b:73:f9:1c:d9:84:0c:2a:47:13:97:69:90:bd:8c:c4:51:
e2:58:45:dc:fe:7d:9b:6b:34:f5:84:75:8b:6c:25:6b:3b:42:
43:99:88:c8:c7:b7:52:80:d6:70:f0:b9:10:53:de:ff:a3:5a:
a8:43:a0:2f:ad:f1:21:36:a4:30:e2:1e:ef:4b:25:c2:04:6a:
ac:55:6e:ee
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZfQnkRJ32Bv384Ur4WYN86RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjUwNzAzMTQwODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzI4ZjQ1ZDIwNmRiMDg3NGM5OWRhZTk0N2U0ODZkODk4N2Y0ODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9VAVyGPL7H++AwGbjmghbwUdXq16
9DmqJNwXIOPYOr37XTsxYoduCfFOA19wmEiK8Eszn8WiVjEXsvmYA1V4fi9fEX6s
wdoCkNiGS93ojz1Zndue7KoCytg0bvLCdpFT4beKjrHUOdiUhTsJpBSE5TbAXsq4
YRjNhgKI3YiOwAVNwuozR2eJrnrJ0CsmpwMDrwSg8QKxTEmDnKWJcu/WOzsBV6BB
jHWfTaMJExCQcYZwluSi4TNFTFEhZnRCLgea8Wgd0dwee8cHLyl8W2rgDb1+WDii
25Do/t/Kw5wkcxOtm/b4xpkLTygHcI1/x01rW7lotdYUKpFHXbK3PNf5wQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHwo9F0gbbCHTJna6UfkhtiYf0gyMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvZkNqMFhTQnRzSWRNbWRycFItU0cySmhfU0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAgv+uAwQA
khNVAwQAwSrWMA0EAgACMAcDBQAqCadAMA0GCSqGSIb3DQEBCwUAA4IBAQAeesZf
OWdSjpnCRfyzZi2DEeJq8EoVQOEm18UK3ozN613ps/FrQOMOQ9g5xikQ5VeO1Lwm
bW/9V/e+2MzkGRml0sjZ9FfLWdU0WUWlWcHrd1Ka+AimCpOqwYu/KAUifPQH5SRZ
Uhd4bBhoLy+tL5xoZtJS9eay3WHNBQWdmi9CQEXsWlpxJ1B8GHSOsol4LKirYKQO
tmSX1pEVpi7Q1AncHFIlh7uXBuk38xftZnInNy2HFQo+S3P5HNmEDCpHE5dpkL2M
xFHiWEXc/n2bazT1hHWLbCVrO0JDmYjIx7dSgNZw8LkQU97/o1qoQ6AvrfEhNqQw
4h7vSyXCBGqsVW7u
-----END CERTIFICATE-----
Generated at Fri Jul 4 13:36:45 2025 by rpki-client