Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/F7P9MVqCmVnN029jOcITxOnHQtI.roa
File: F7P9MVqCmVnN029jOcITxOnHQtI.roa (raw, json)
Hash identifier: M3DyNe/KdJ9IkbjLEfc9QCMZbk8a0FD5jHwgRbiLoOY=
Subject key identifier: 17:B3:FD:31:5A:82:99:59:CD:D3:6F:63:39:C2:13:C4:E9:C7:42:D2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0198408AF5D837C0487FFD0669DD6A9EB0B6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/F7P9MVqCmVnN029jOcITxOnHQtI.roa
Signing time: Fri 25 Jul 2025 07:45:05 +0000
ROA not before: Fri 25 Jul 2025 07:45:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215292
IP address blocks: 81.161.239.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:8a:f5:d8:37:c0:48:7f:fd:06:69:dd:6a:9e:b0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 25 07:45:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17b3fd315a829959cdd36f6339c213c4e9c742d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:20:a4:9d:ac:6f:8e:16:78:18:17:82:0e:cc:
2a:6c:fb:f9:c7:d9:c4:dc:f2:e6:81:34:84:cb:b2:
fa:36:69:37:83:1d:4d:ca:b7:b3:b3:18:95:42:89:
24:9c:aa:82:dc:f4:3a:78:4a:fb:fa:59:fa:f3:1e:
76:59:51:f5:4b:79:2c:87:df:e0:41:c3:bf:e5:02:
57:30:1a:81:9a:f9:f6:db:dc:fd:7c:53:09:3c:b7:
d5:eb:09:64:37:cf:17:47:96:26:f2:fe:12:6c:5e:
b3:fd:e8:9c:7f:ef:61:77:6f:4e:c3:05:8d:79:ae:
b3:16:0d:9d:5e:6e:36:4e:19:33:26:42:d5:23:38:
e8:59:fa:80:19:e8:00:c6:87:9f:c4:d5:74:95:80:
69:e1:e5:84:2e:97:b3:16:9a:a8:a5:31:c6:0e:01:
19:5b:b7:e8:f6:b3:f5:11:70:29:d5:d0:57:1d:a5:
e6:4d:90:4e:bd:d4:10:eb:ac:d3:06:d9:68:b5:2c:
bb:03:88:9f:97:5c:fe:5e:ba:90:f3:bd:71:36:86:
be:e8:b9:63:87:31:a6:aa:42:3d:78:d6:62:14:7a:
8b:ec:22:03:ee:63:53:92:93:ff:04:fe:4a:2d:fc:
bd:40:22:32:4c:1d:5d:ba:54:3a:64:e2:0a:a8:f5:
0d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B3:FD:31:5A:82:99:59:CD:D3:6F:63:39:C2:13:C4:E9:C7:42:D2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/F7P9MVqCmVnN029jOcITxOnHQtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.239.0/24
193.25.217.0/24
Signature Algorithm: sha256WithRSAEncryption
05:a3:ce:97:d9:15:b5:03:13:fc:96:d8:2f:71:01:37:e4:e5:
20:2d:d9:4b:74:91:9e:50:f9:e3:bf:de:73:ce:31:b9:7d:d6:
48:f8:62:b6:1b:41:74:02:18:00:02:dc:bf:b4:2d:60:54:25:
d0:19:a9:18:17:08:c2:ca:3c:bf:14:e5:48:59:27:f7:fb:9f:
12:1c:b5:e2:90:30:2e:18:77:7a:a5:dc:ac:7e:ca:cc:05:6e:
bb:48:23:cd:8f:35:b1:5d:03:49:8b:a1:9b:ad:19:e6:5f:ff:
87:9e:99:ad:6e:c9:ca:25:79:ce:3e:33:cb:95:53:e9:e8:da:
5c:d9:83:e2:64:61:bb:84:d3:e3:29:da:ab:a8:28:4b:fd:90:
76:21:92:49:9e:7c:84:84:26:5e:6c:6c:dc:61:2a:2b:c4:33:
81:5e:3a:f7:02:a3:23:ea:e4:a5:71:b0:4d:33:39:0b:3a:85:
90:40:bc:b7:cd:3d:8a:1d:76:f8:94:bc:2b:c3:3a:34:a6:ba:
45:25:3d:25:33:e4:6a:01:6d:43:b6:83:58:c0:91:e3:ba:7f:
00:4f:12:77:18:3a:cd:77:8b:41:b1:3e:51:d4:19:b7:94:9b:
16:24:59:bd:3b:fb:b2:30:6e:28:15:ce:b1:26:05:87:7a:34:
b5:6f:2f:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhAivXYN8BIf/0Gad1qnrC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzI1MDc0NTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2IzZmQzMTVhODI5OTU5Y2RkMzZmNjMzOWMyMTNjNGU5Yzc0MmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSCknaxvjhZ4GBeCDswqbPv5x9nE
3PLmgTSEy7L6Nmk3gx1NyrezsxiVQokknKqC3PQ6eEr7+ln68x52WVH1S3ksh9/g
QcO/5QJXMBqBmvn229z9fFMJPLfV6wlkN88XR5Ym8v4SbF6z/eicf+9hd29OwwWN
ea6zFg2dXm42ThkzJkLVIzjoWfqAGegAxoefxNV0lYBp4eWELpezFpqopTHGDgEZ
W7fo9rP1EXAp1dBXHaXmTZBOvdQQ66zTBtlotSy7A4ifl1z+XrqQ871xNoa+6Llj
hzGmqkI9eNZiFHqL7CID7mNTkpP/BP5KLfy9QCIyTB1dulQ6ZOIKqPUNqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBez/TFagplZzdNvYznCE8Tpx0LSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRjdQOU1WcUNtVm5OMDI5ak9jSVR4T25IUXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUaHvAwQA
wRnZMA0GCSqGSIb3DQEBCwUAA4IBAQAFo86X2RW1AxP8ltgvcQE35OUgLdlLdJGe
UPnjv95zzjG5fdZI+GK2G0F0AhgAAty/tC1gVCXQGakYFwjCyjy/FOVIWSf3+58S
HLXikDAuGHd6pdysfsrMBW67SCPNjzWxXQNJi6GbrRnmX/+HnpmtbsnKJXnOPjPL
lVPp6Npc2YPiZGG7hNPjKdqrqChL/ZB2IZJJnnyEhCZebGzcYSorxDOBXjr3AqMj
6uSlcbBNMzkLOoWQQLy3zT2KHXb4lLwrwzo0prpFJT0lM+RqAW1DtoNYwJHjun8A
TxJ3GDrNd4tBsT5R1Bm3lJsWJFm9O/uyMG4oFc6xJgWHejS1by8r
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:45:23 2025 by rpki-client