Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/FNu9pX90EwFCHNEBm8bJCHJ4hng.roa
File: FNu9pX90EwFCHNEBm8bJCHJ4hng.roa (raw, json)
Hash identifier: cq1nrQoKocgxf26/RvYkPBRHcoxUI4hdGU//58RQppM=
Subject key identifier: 14:DB:BD:A5:7F:74:13:01:42:1C:D1:01:9B:C6:C9:08:72:78:86:78
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0198806D8E1489D41CDCE2E2B1C5DD903919
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/FNu9pX90EwFCHNEBm8bJCHJ4hng.roa
Signing time: Wed 06 Aug 2025 17:28:40 +0000
ROA not before: Wed 06 Aug 2025 17:28:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211009
IP address blocks: 2a05:1e47::/32 maxlen: 32
2a09:c707::/32 maxlen: 32
2a09:e701::/32 maxlen: 32
2a0e:5885::/32 maxlen: 32
2a0e:b200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 16:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:6d:8e:14:89:d4:1c:dc:e2:e2:b1:c5:dd:90:39:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Aug 6 17:28:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14dbbda57f741301421cd1019bc6c90872788678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:18:ef:6d:e9:40:c6:ee:e0:be:1b:cf:1c:c6:
92:af:52:4c:87:c7:ed:17:a3:4c:8a:a3:24:0c:f1:
63:ba:90:2a:6f:1e:17:7a:e0:19:10:1f:cf:e9:f0:
84:f0:39:42:01:20:14:f7:ff:4a:f7:d9:c7:69:ab:
47:23:9e:b3:2d:76:a5:71:f1:05:f3:a5:e0:bd:59:
20:a8:00:54:3d:fd:da:ee:de:31:4f:5e:3f:00:44:
2c:ff:e2:dd:e8:4e:2a:52:f9:4f:93:31:f0:a4:21:
8c:fd:c9:13:32:04:3e:e3:61:94:77:2b:a9:dd:6e:
65:40:17:0e:50:2c:c5:5c:36:3e:e9:35:9c:03:d7:
f2:04:95:b4:62:0f:6d:4a:9c:ed:64:2f:a9:1e:2d:
06:18:5e:64:e7:e0:45:05:05:a4:58:b8:8f:4f:ca:
f5:fc:87:7c:bc:55:26:73:f6:c1:7c:df:db:da:e7:
86:d1:b1:56:8c:f7:16:0a:e9:4e:f5:60:88:a7:21:
82:8a:1a:d6:c3:be:4a:19:9f:b2:1c:89:5b:47:a3:
09:05:3c:7e:43:6a:d4:d2:0c:d3:f1:f3:46:f6:b3:
2a:ba:3c:78:53:b5:04:33:fa:3b:31:9e:cd:89:c2:
b3:fb:e7:81:ba:cf:c2:82:0c:2a:ab:5b:dd:d0:ed:
10:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DB:BD:A5:7F:74:13:01:42:1C:D1:01:9B:C6:C9:08:72:78:86:78
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/FNu9pX90EwFCHNEBm8bJCHJ4hng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1e47::/32
2a09:c707::/32
2a09:e701::/32
2a0e:5885::/32
2a0e:b200::/29
Signature Algorithm: sha256WithRSAEncryption
ae:89:22:cf:52:17:7d:f0:11:37:6d:64:61:d0:83:58:b5:d8:
89:3f:b3:b6:2b:a2:a3:10:7c:3b:41:ee:21:39:46:74:25:ef:
17:14:a6:51:f4:52:75:5a:10:ce:bb:ba:10:63:11:c6:25:c6:
a9:a5:68:85:cb:dc:a0:59:66:a0:79:3f:4d:31:43:6c:dd:57:
59:b4:fb:ee:26:ba:15:76:b1:62:0b:6b:42:65:77:95:4e:de:
3d:bf:e5:85:bb:51:35:36:84:bb:d4:7f:75:05:ae:5c:72:bd:
c7:2c:fb:56:30:67:61:47:5c:18:d6:d8:61:bb:44:16:22:63:
b2:bb:bc:4d:57:f4:4a:c6:13:0d:48:38:da:f5:62:7b:41:7b:
a8:41:cc:57:24:98:d2:fa:38:14:3d:74:ee:b8:60:6f:8c:5f:
54:50:cd:b4:5f:c0:87:22:c9:f5:61:d4:d2:58:55:3c:f0:24:
a2:6b:7b:a6:f5:57:42:4d:05:a7:f8:76:27:3a:9e:2e:59:1e:
4c:81:64:d1:ce:93:60:43:72:f4:3d:b2:b7:42:24:96:20:72:
dd:51:d7:a1:f6:ac:b5:37:95:b1:d1:80:35:75:51:5c:41:e1:
29:ba:74:16:2b:25:ae:12:b8:eb:d5:b6:c8:f3:f7:9a:a7:04:
34:e7:8b:0f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZiAbY4UidQc3OLiscXdkDkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwODA2MTcyODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGRiYmRhNTdmNzQxMzAxNDIxY2QxMDE5YmM2YzkwODcyNzg4Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8hjvbelAxu7gvhvPHMaSr1JMh8ft
F6NMiqMkDPFjupAqbx4XeuAZEB/P6fCE8DlCASAU9/9K99nHaatHI56zLXalcfEF
86XgvVkgqABUPf3a7t4xT14/AEQs/+Ld6E4qUvlPkzHwpCGM/ckTMgQ+42GUdyup
3W5lQBcOUCzFXDY+6TWcA9fyBJW0Yg9tSpztZC+pHi0GGF5k5+BFBQWkWLiPT8r1
/Id8vFUmc/bBfN/b2ueG0bFWjPcWCulO9WCIpyGCihrWw75KGZ+yHIlbR6MJBTx+
Q2rU0gzT8fNG9rMqujx4U7UEM/o7MZ7NicKz++eBus/Cggwqq1vd0O0QKQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBTbvaV/dBMBQhzRAZvGyQhyeIZ4MB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvRk51OXBYOTBFd0ZDSE5FQm04YkpDSEo0aG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKgUeRwMF
ACoJxwcDBQAqCecBAwUAKg5YhQMFAyoOsgAwDQYJKoZIhvcNAQELBQADggEBAK6J
Is9SF33wETdtZGHQg1i12Ik/s7YroqMQfDtB7iE5RnQl7xcUplH0UnVaEM67uhBj
EcYlxqmlaIXL3KBZZqB5P00xQ2zdV1m0++4muhV2sWILa0Jld5VO3j2/5YW7UTU2
hLvUf3UFrlxyvccs+1YwZ2FHXBjW2GG7RBYiY7K7vE1X9ErGEw1IONr1YntBe6hB
zFckmNL6OBQ9dO64YG+MX1RQzbRfwIciyfVh1NJYVTzwJKJre6b1V0JNBaf4dic6
ni5ZHkyBZNHOk2BDcvQ9srdCJJYgct1R16H2rLU3lbHRgDV1UVxB4Sm6dBYrJa4S
uOvVtsjz95qnBDTniw8=
-----END CERTIFICATE-----
Generated at Sun Aug 10 19:47:49 2025 by rpki-client