Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/1-L52zX8g4rPLbUzhJCdVOFPLumk.roa
File: 1-L52zX8g4rPLbUzhJCdVOFPLumk.roa (raw, json)
Hash identifier: Ntd+ezNB504dHV12EX+s7XI9UTfcNDrOqmMOMqgQS/Q=
Subject key identifier: F8:BE:76:CD:7F:20:E2:B3:CB:6D:4C:E1:24:27:55:38:53:CB:BA:69
Certificate issuer: /CN=f57c1aaadb8320dd843235458cf2c5cbf4704ad6
Certificate serial: 01999E93FD0C670B57BD9628851E291F7807
Authority key identifier: F5:7C:1A:AA:DB:83:20:DD:84:32:35:45:8C:F2:C5:CB:F4:70:4A:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/1-L52zX8g4rPLbUzhJCdVOFPLumk.roa
Signing time: Wed 01 Oct 2025 07:02:02 +0000
ROA not before: Wed 01 Oct 2025 07:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35242
IP address blocks: 193.29.130.0/23 maxlen: 23
193.29.132.0/22 maxlen: 22
193.29.132.0/24 maxlen: 24
194.45.208.0/21 maxlen: 21
194.113.148.0/23 maxlen: 23
195.80.239.0/24 maxlen: 24
2a00:7cc0::/32 maxlen: 32
2a00:7cc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/9XwaqtuDIN2EMjVFjPLFy_RwStY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/9XwaqtuDIN2EMjVFjPLFy_RwStY.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9e:93:fd:0c:67:0b:57:bd:96:28:85:1e:29:1f:78:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57c1aaadb8320dd843235458cf2c5cbf4704ad6
Validity
Not Before: Oct 1 07:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8be76cd7f20e2b3cb6d4ce12427553853cbba69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:26:67:4b:bf:93:fe:51:12:26:45:3b:0c:80:
cc:d4:f8:42:b2:14:e4:50:e5:17:30:16:74:c5:72:
a4:db:df:55:75:b0:7e:b1:2f:6c:7d:3e:b8:ae:39:
d0:a1:b7:a0:6d:73:09:dd:93:32:0c:51:23:da:6d:
4e:26:18:e1:10:2b:d9:5c:5d:ea:bf:4e:0e:b3:38:
a7:8c:0b:e8:cb:08:19:cf:25:a2:f7:95:36:18:af:
01:ed:32:01:08:1f:6c:de:f1:fa:2a:2d:2e:5a:33:
17:d8:ef:bc:8b:d4:c6:7f:5e:fa:fe:bb:1e:6b:08:
db:ac:fa:d5:2a:82:06:f0:7d:5c:cd:f6:f6:55:b3:
49:19:ed:f6:cf:fd:f8:4d:ef:a7:04:ea:e4:80:14:
20:d0:2d:c8:cb:60:7c:aa:03:cf:74:f9:02:f0:f9:
1b:c0:c0:05:31:21:0b:51:c8:d6:5b:6a:dc:90:38:
f1:f5:d3:dc:36:08:2d:66:1a:23:ca:37:df:45:f9:
a1:77:39:48:75:3b:fd:a1:14:20:e4:66:d9:80:2b:
6f:bc:93:d9:67:0d:70:8c:df:a3:a9:9b:4e:5a:ce:
c5:6a:98:e9:71:85:a9:58:0f:ce:f1:2f:01:cc:a3:
65:c1:ca:3a:ad:e0:a9:82:76:10:41:9a:61:f3:f9:
4e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BE:76:CD:7F:20:E2:B3:CB:6D:4C:E1:24:27:55:38:53:CB:BA:69
X509v3 Authority Key Identifier:
keyid:F5:7C:1A:AA:DB:83:20:DD:84:32:35:45:8C:F2:C5:CB:F4:70:4A:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/1-L52zX8g4rPLbUzhJCdVOFPLumk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/9XwaqtuDIN2EMjVFjPLFy_RwStY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.130.0-193.29.135.255
194.45.208.0/21
194.113.148.0/23
195.80.239.0/24
IPv6:
2a00:7cc0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:76:39:e1:3a:5d:18:ca:1f:ae:8a:e2:3d:3e:cb:0f:01:9d:
17:ff:64:89:d8:dd:4c:26:0b:d4:be:7c:21:b2:f9:a5:34:c9:
da:2f:96:62:87:9e:49:0a:d0:57:9f:0e:91:d9:05:f8:d5:37:
8a:b1:ac:1e:06:89:19:08:ce:96:90:73:6b:a5:c8:2f:79:d6:
20:e1:03:6d:dd:f7:32:26:1a:bc:cb:68:07:83:13:66:46:0f:
c2:07:c0:89:7b:f1:76:18:d7:ec:21:c8:e9:0d:49:08:8f:b0:
70:1e:72:7d:18:d0:1c:b1:7e:5b:6f:79:b9:39:fd:dd:ba:af:
0f:77:81:a9:18:8a:46:ae:c5:0b:fc:d0:b6:51:b3:a5:3f:20:
ae:63:33:87:eb:44:6f:7d:e8:a2:35:0e:7e:78:e4:83:84:ad:
3b:92:5b:25:e2:4b:0e:a8:86:ea:b4:09:0c:07:b9:64:8d:9c:
97:2c:83:17:fe:3a:55:a5:f2:97:ca:14:0b:5b:5d:70:24:39:
aa:db:c3:98:a9:71:e5:2d:48:39:80:2d:d0:fe:5a:f9:92:e4:
08:0c:0a:be:fb:e7:19:a9:89:5c:c4:f7:8c:5f:ed:20:66:42:
08:5b:7f:ba:0e:07:0c:12:28:67:de:86:66:51:73:c9:05:2b:
5f:b8:39:14
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZmek/0MZwtXvZYohR4pH3gHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2MxYWFhZGI4MzIwZGQ4NDMyMzU0NThjZjJjNWNiZjQ3
MDRhZDYwHhcNMjUxMDAxMDcwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGJlNzZjZDdmMjBlMmIzY2I2ZDRjZTEyNDI3NTUzODUzY2JiYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiZnS7+T/lESJkU7DIDM1PhCshTk
UOUXMBZ0xXKk299VdbB+sS9sfT64rjnQobegbXMJ3ZMyDFEj2m1OJhjhECvZXF3q
v04OszinjAvoywgZzyWi95U2GK8B7TIBCB9s3vH6Ki0uWjMX2O+8i9TGf176/rse
awjbrPrVKoIG8H1czfb2VbNJGe32z/34Te+nBOrkgBQg0C3Iy2B8qgPPdPkC8Pkb
wMAFMSELUcjWW2rckDjx9dPcNggtZhojyjffRfmhdzlIdTv9oRQg5GbZgCtvvJPZ
Zw1wjN+jqZtOWs7FapjpcYWpWA/O8S8BzKNlwco6reCpgnYQQZph8/lOnwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPi+ds1/IOKzy21M4SQnVThTy7ppMB8GA1UdIwQY
MBaAFPV8GqrbgyDdhDI1RYzyxcv0cErWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVh3YXF0dURJTjJFTWpWRmpQTEZ5X1J3U3RZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jM2U4NzEtMjBjYy00NGY0LWJmYTAt
YTE4NTZkZDdiNWQ4LzEvMS1MNTJ6WDhnNHJQTGJVemhKQ2RWT0ZQTHVtay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvYzNlODcxLTIwY2MtNDRmNC1iZmEwLWExODU2ZGQ3YjVk
OC8xLzlYd2FxdHVESU4yRU1qVkZqUExGeV9Sd1N0WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIDAMAwQBwR2C
AwQDwR2AAwQDwi3QAwQBwnGUAwQAw1DvMA0EAgACMAcDBQAqAHzAMA0GCSqGSIb3
DQEBCwUAA4IBAQBbdjnhOl0Yyh+uiuI9PssPAZ0X/2SJ2N1MJgvUvnwhsvmlNMna
L5Zih55JCtBXnw6R2QX41TeKsaweBokZCM6WkHNrpcgvedYg4QNt3fcyJhq8y2gH
gxNmRg/CB8CJe/F2GNfsIcjpDUkIj7BwHnJ9GNAcsX5bb3m5Of3duq8Pd4GpGIpG
rsUL/NC2UbOlPyCuYzOH60RvfeiiNQ5+eOSDhK07klsl4ksOqIbqtAkMB7lkjZyX
LIMX/jpVpfKXyhQLW11wJDmq28OYqXHlLUg5gC3Q/lr5kuQIDAq+++cZqYlcxPeM
X+0gZkIIW3+6DgcMEihn3oZmUXPJBStfuDkU
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:41:55 2025 by rpki-client