Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/fa2xL7e2aYTTbMhl_eMXhRGEZpA.roa
File: fa2xL7e2aYTTbMhl_eMXhRGEZpA.roa (raw, json)
Hash identifier: 4D/qV6WfDp4qjlu1okYKw3p24HY8ZFTwy17zgAk2RbY=
Subject key identifier: 7D:AD:B1:2F:B7:B6:69:84:D3:6C:C8:65:FD:E3:17:85:11:84:66:90
Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3
Certificate serial: 0199724058BD924DD5BB27CB42BB79468A07
Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/fa2xL7e2aYTTbMhl_eMXhRGEZpA.roa
Signing time: Mon 22 Sep 2025 16:27:23 +0000
ROA not before: Mon 22 Sep 2025 16:27:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 2.24.0.0/13 maxlen: 13
31.64.0.0/12 maxlen: 12
31.90.0.0/15 maxlen: 15
31.92.0.0/15 maxlen: 15
31.94.0.0/16 maxlen: 16
31.96.0.0/16 maxlen: 16
31.100.0.0/14 maxlen: 14
31.104.0.0/16 maxlen: 16
31.105.0.0/16 maxlen: 16
31.106.0.0/15 maxlen: 15
31.112.0.0/14 maxlen: 14
31.116.0.0/14 maxlen: 14
31.116.0.0/16 maxlen: 16
31.117.0.0/16 maxlen: 16
31.118.0.0/16 maxlen: 16
31.119.0.0/16 maxlen: 16
31.120.0.0/16 maxlen: 16
31.121.0.0/16 maxlen: 16
31.122.0.0/15 maxlen: 15
31.124.0.0/16 maxlen: 16
31.126.0.0/15 maxlen: 15
46.68.66.0/24 maxlen: 24
95.144.0.0/13 maxlen: 13
109.180.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:72:40:58:bd:92:4d:d5:bb:27:cb:42:bb:79:46:8a:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b98127943e7175734964010c89ef821416a31b3
Validity
Not Before: Sep 22 16:27:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dadb12fb7b66984d36cc865fde3178511846690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4a:2d:63:3e:7d:ad:de:15:52:ec:71:bd:9f:
07:73:4b:c7:66:21:12:02:cf:ec:5a:cc:dc:b4:53:
98:cc:b8:24:09:36:fc:d4:10:0b:6f:91:e5:de:35:
a9:8c:8e:bc:ce:ff:69:7d:5c:55:49:9d:4a:22:4a:
9e:5c:47:ce:39:d9:9b:00:6e:d2:e3:db:cc:de:bd:
f7:31:0b:ca:2f:b9:4a:9b:a2:76:91:da:a8:16:e1:
fa:20:fc:94:bf:52:4e:24:56:23:93:bc:e7:af:e6:
74:ba:ef:60:78:d8:ac:f7:0a:3b:35:0a:97:71:78:
64:88:99:07:b9:74:e5:a1:fe:08:86:53:18:14:9f:
a2:b5:b7:e5:3b:dc:8b:21:64:89:16:81:55:8d:2c:
82:df:99:03:56:32:39:4f:d4:87:a3:52:68:34:56:
fc:bb:54:c2:20:d1:6a:b1:a5:c9:22:83:43:82:56:
8b:6e:97:b1:06:9e:50:07:45:cf:1e:1b:fb:5f:ba:
b9:54:77:3e:c9:dc:25:34:fa:16:db:9b:20:c5:0c:
f3:c6:ab:ba:7c:36:b3:83:be:50:66:f1:f6:9c:8d:
69:ae:bd:44:c4:f1:2b:f4:40:5b:d9:a9:b8:4d:97:
5e:67:e8:80:e5:1f:e7:9e:26:15:95:3d:ab:27:19:
bf:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:AD:B1:2F:B7:B6:69:84:D3:6C:C8:65:FD:E3:17:85:11:84:66:90
X509v3 Authority Key Identifier:
keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/fa2xL7e2aYTTbMhl_eMXhRGEZpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.24.0.0/13
31.64.0.0/12
31.90.0.0-31.94.255.255
31.96.0.0/16
31.100.0.0-31.107.255.255
31.112.0.0-31.124.255.255
31.126.0.0/15
46.68.66.0/24
95.144.0.0/13
109.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1a:4a:79:93:1e:04:d6:0d:0e:58:73:29:ed:c2:86:98:c6:34:
69:ad:21:d5:84:63:d5:2d:cd:de:ba:4d:49:ef:95:2a:0e:db:
8f:74:d3:c0:a8:c0:0a:44:65:b7:41:24:0d:47:79:01:74:5f:
d5:53:5d:9b:13:2e:d8:b7:62:d0:01:1d:c9:92:69:e5:09:f7:
23:1c:c8:b6:7b:61:20:dd:39:8d:1d:d9:06:53:77:24:3a:4c:
84:6b:9a:11:7b:03:df:8f:a5:fe:35:e9:72:9a:34:46:e0:98:
90:97:76:e2:50:d5:ac:02:a8:ef:e4:18:21:e5:07:3a:2a:4b:
c5:dc:d4:00:90:dd:d9:72:d3:fb:2f:f2:09:5b:e1:be:43:59:
37:88:9c:d2:03:c1:15:45:54:13:1b:4b:df:dd:d1:50:48:d8:
6a:3f:cd:11:4a:22:7a:13:f7:d3:9b:24:57:36:e3:1b:b2:75:
64:44:57:24:4f:98:f2:77:28:f8:dd:c3:d7:26:6d:ba:24:54:
7a:8d:4e:d2:76:3e:67:17:82:c7:5d:65:0e:e7:96:ce:d3:da:
f3:50:f4:3f:56:f8:9c:c8:a1:02:2e:73:b2:e1:17:1e:13:54:
eb:ae:79:5c:5e:e8:f3:93:38:68:0a:f3:f5:82:cf:7e:a8:a0:
ee:b3:b0:a5
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZlyQFi9kk3VuyfLQrt5RooHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2
YTMxYjMwHhcNMjUwOTIyMTYyNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGFkYjEyZmI3YjY2OTg0ZDM2Y2M4NjVmZGUzMTc4NTExODQ2NjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EotYz59rd4VUuxxvZ8Hc0vHZiES
As/sWszctFOYzLgkCTb81BALb5Hl3jWpjI68zv9pfVxVSZ1KIkqeXEfOOdmbAG7S
49vM3r33MQvKL7lKm6J2kdqoFuH6IPyUv1JOJFYjk7znr+Z0uu9geNis9wo7NQqX
cXhkiJkHuXTlof4IhlMYFJ+itbflO9yLIWSJFoFVjSyC35kDVjI5T9SHo1JoNFb8
u1TCINFqsaXJIoNDglaLbpexBp5QB0XPHhv7X7q5VHc+ydwlNPoW25sgxQzzxqu6
fDazg75QZvH2nI1prr1ExPEr9EBb2am4TZdeZ+iA5R/nniYVlT2rJxm/QQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFH2tsS+3tmmE02zIZf3jF4URhGaQMB8GA1UdIwQY
MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt
NjIxNzkyZjdlNTZhLzEvZmEyeEw3ZTJhWVRUYk1obF9lTVhoUkdFWnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh
LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwMDAhgDAwQf
QDAKAwMBH1oDAwAfXgMDAB9gMAoDAwIfZAMDAh9oMAoDAwQfcAMDAB98AwMBH34D
BAAuREIDAwNfkAMDAW20MA0GCSqGSIb3DQEBCwUAA4IBAQAaSnmTHgTWDQ5Ycynt
woaYxjRprSHVhGPVLc3euk1J75UqDtuPdNPAqMAKRGW3QSQNR3kBdF/VU12bEy7Y
t2LQAR3JkmnlCfcjHMi2e2Eg3TmNHdkGU3ckOkyEa5oRewPfj6X+NelymjRG4JiQ
l3biUNWsAqjv5Bgh5Qc6KkvF3NQAkN3ZctP7L/IJW+G+Q1k3iJzSA8EVRVQTG0vf
3dFQSNhqP80RSiJ6E/fTmyRXNuMbsnVkRFckT5jydyj43cPXJm26JFR6jU7Sdj5n
F4LHXWUO55bO09rzUPQ/VvicyKECLnOy4RceE1TrrnlcXujzkzhoCvP1gs9+qKDu
s7Cl
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:29 2025 by rpki-client