Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/c2f182-bb67-43d8-8ea5-95c5001bfc70/1/FZWMDDQMo_y8JJ57vskoxtwrzBc.roa
File: FZWMDDQMo_y8JJ57vskoxtwrzBc.roa (raw, json)
Hash identifier: htvNKiRY5N1vCsM0n5CFd0XNCYmHCVpMo5jU+IUCul4=
Subject key identifier: 15:95:8C:0C:34:0C:A3:FC:BC:24:9E:7B:BE:C9:28:C6:DC:2B:CC:17
Certificate issuer: /CN=562e8e050d384502eb797f5e944931a66fdd555a
Certificate serial: 0197633D67ACE37C5DA71F315FEA1D6ED8E2
Authority key identifier: 56:2E:8E:05:0D:38:45:02:EB:79:7F:5E:94:49:31:A6:6F:DD:55:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vi6OBQ04RQLreX9elEkxpm_dVVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/c2f182-bb67-43d8-8ea5-95c5001bfc70/1/FZWMDDQMo_y8JJ57vskoxtwrzBc.roa
Signing time: Thu 12 Jun 2025 08:24:17 +0000
ROA not before: Thu 12 Jun 2025 08:24:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15626
IP address blocks: 91.199.45.0/24 maxlen: 24
91.235.128.0/24 maxlen: 24
185.237.204.0/23 maxlen: 23
195.54.163.0/24 maxlen: 24
2a06:c6c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/c2f182-bb67-43d8-8ea5-95c5001bfc70/1/Vi6OBQ04RQLreX9elEkxpm_dVVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/c2f182-bb67-43d8-8ea5-95c5001bfc70/1/Vi6OBQ04RQLreX9elEkxpm_dVVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vi6OBQ04RQLreX9elEkxpm_dVVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 20:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:3d:67:ac:e3:7c:5d:a7:1f:31:5f:ea:1d:6e:d8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=562e8e050d384502eb797f5e944931a66fdd555a
Validity
Not Before: Jun 12 08:24:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15958c0c340ca3fcbc249e7bbec928c6dc2bcc17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:60:6c:12:87:ce:01:b4:0e:44:8a:51:3c:a6:
72:e6:b5:e4:f6:8a:4d:8b:31:66:4b:82:76:60:d0:
4e:c0:36:af:bb:46:cd:e3:53:2a:8b:38:3a:f8:21:
9a:9e:b7:f0:f3:16:b7:e5:b7:21:ea:2c:42:bc:20:
4d:7d:22:b3:0f:98:48:0e:be:c3:1b:74:8d:8a:a8:
23:0c:d5:60:91:c1:93:44:4b:16:8b:fa:d0:c9:7f:
d6:e0:92:f3:02:d3:1c:5f:e3:bf:3b:50:1e:5d:d8:
a7:19:cf:36:16:6a:60:7d:03:f0:df:3a:fc:2b:cb:
f0:a8:ad:ac:77:3e:14:96:39:fc:7f:e9:a6:be:62:
d9:fc:7c:c5:de:ea:7d:ac:6a:c0:ce:ac:a5:2c:81:
8d:95:0e:c6:59:6d:fc:ba:40:be:8e:82:3f:c1:32:
f8:67:fd:4d:6c:4b:fc:a5:58:87:39:50:fb:8d:c5:
79:cf:66:b1:b1:94:dd:8b:4a:48:d8:fc:89:62:f3:
f9:52:ad:6e:55:da:f6:20:7f:d2:57:c5:94:21:42:
68:46:6d:69:c3:4d:a5:67:bb:31:f9:6e:3f:88:53:
f1:f3:24:d1:a8:7f:4b:df:22:b8:e8:97:2e:8f:87:
db:1a:b3:2a:71:9f:3c:8e:1d:b2:00:a4:d7:df:d3:
eb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:95:8C:0C:34:0C:A3:FC:BC:24:9E:7B:BE:C9:28:C6:DC:2B:CC:17
X509v3 Authority Key Identifier:
keyid:56:2E:8E:05:0D:38:45:02:EB:79:7F:5E:94:49:31:A6:6F:DD:55:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vi6OBQ04RQLreX9elEkxpm_dVVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c2f182-bb67-43d8-8ea5-95c5001bfc70/1/FZWMDDQMo_y8JJ57vskoxtwrzBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c2f182-bb67-43d8-8ea5-95c5001bfc70/1/Vi6OBQ04RQLreX9elEkxpm_dVVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.45.0/24
91.235.128.0/24
185.237.204.0/23
195.54.163.0/24
IPv6:
2a06:c6c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
2a:e4:e2:33:ef:42:e5:af:ae:16:73:74:ea:5e:b4:86:55:20:
c2:ce:40:04:41:a3:bd:ca:3d:71:9f:2d:ce:05:a9:94:3c:2e:
41:b5:2e:c1:02:02:f7:78:89:05:c4:8f:1e:27:b9:71:8c:5c:
f8:dc:1e:eb:26:86:5b:0d:32:31:8b:12:c8:cf:cc:6c:a5:81:
c2:5a:a9:a2:83:d4:6b:07:04:55:15:dd:50:e7:be:3c:ee:96:
60:d0:a4:e8:6c:5e:c9:5e:1c:9c:3b:d1:94:62:87:8d:ae:2c:
cd:45:65:71:c2:20:5b:14:9b:8a:59:eb:d9:29:1f:2c:09:3e:
1b:db:b1:9a:02:74:2d:34:3b:09:8e:df:11:ea:e2:41:50:54:
7d:88:15:bd:21:86:7e:c9:df:b1:dd:68:e3:e2:b3:d4:42:59:
a9:a0:45:9b:76:fb:49:c0:0a:79:01:66:9f:f5:f0:bd:53:53:
f4:5f:31:6c:74:18:26:97:47:36:36:ba:d3:af:17:45:dc:8f:
49:a9:f6:96:71:ef:33:b7:bc:2d:10:0c:15:d5:a2:8b:53:41:
cc:89:58:04:0a:7c:4a:ee:b5:dd:c8:fb:c6:48:dc:bb:cc:36:
a2:86:ac:c2:21:4f:8c:40:27:28:cb:04:d7:a7:f9:69:8e:0e:
bb:7c:fb:a3
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZdjPWes43xdpx8xX+odbtjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MmU4ZTA1MGQzODQ1MDJlYjc5N2Y1ZTk0NDkzMWE2NmZk
ZDU1NWEwHhcNMjUwNjEyMDgyNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTk1OGMwYzM0MGNhM2ZjYmMyNDllN2JiZWM5MjhjNmRjMmJjYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mBsEofOAbQORIpRPKZy5rXk9opN
izFmS4J2YNBOwDavu0bN41Mqizg6+CGanrfw8xa35bch6ixCvCBNfSKzD5hIDr7D
G3SNiqgjDNVgkcGTREsWi/rQyX/W4JLzAtMcX+O/O1AeXdinGc82FmpgfQPw3zr8
K8vwqK2sdz4Uljn8f+mmvmLZ/HzF3up9rGrAzqylLIGNlQ7GWW38ukC+joI/wTL4
Z/1NbEv8pViHOVD7jcV5z2axsZTdi0pI2PyJYvP5Uq1uVdr2IH/SV8WUIUJoRm1p
w02lZ7sx+W4/iFPx8yTRqH9L3yK46Jcuj4fbGrMqcZ88jh2yAKTX39PrEwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBWVjAw0DKP8vCSee77JKMbcK8wXMB8GA1UdIwQY
MBaAFFYujgUNOEUC63l/XpRJMaZv3VVaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmk2T0JRMDRSUUxyZVg5ZWxFa3hwbV9kVlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jMmYxODItYmI2Ny00M2Q4LThlYTUt
OTVjNTAwMWJmYzcwLzEvRlpXTUREUU1vX3k4Sko1N3Zza294dHdyekJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jMmYxODItYmI2Ny00M2Q4LThlYTUtOTVjNTAwMWJmYzcw
LzEvVmk2T0JRMDRSUUxyZVg5ZWxFa3hwbV9kVlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAW8ctAwQA
W+uAAwQBue3MAwQAwzajMA8EAgACMAkDBwAqBsbAAAEwDQYJKoZIhvcNAQELBQAD
ggEBACrk4jPvQuWvrhZzdOpetIZVIMLOQARBo73KPXGfLc4FqZQ8LkG1LsECAvd4
iQXEjx4nuXGMXPjcHusmhlsNMjGLEsjPzGylgcJaqaKD1GsHBFUV3VDnvjzulmDQ
pOhsXsleHJw70ZRih42uLM1FZXHCIFsUm4pZ69kpHywJPhvbsZoCdC00OwmO3xHq
4kFQVH2IFb0hhn7J37HdaOPis9RCWamgRZt2+0nACnkBZp/18L1TU/RfMWx0GCaX
RzY2utOvF0Xcj0mp9pZx7zO3vC0QDBXVootTQcyJWAQKfErutd3I+8ZI3LvMNqKG
rMIhT4xAJyjLBNen+WmODrt8+6M=
-----END CERTIFICATE-----
Generated at Tue Jun 17 03:56:42 2025 by rpki-client