Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/FFl5KMRT8B6N6uL-306UjuCK2YM.roa
File: FFl5KMRT8B6N6uL-306UjuCK2YM.roa (raw, json)
Hash identifier: EbOaGkvqxbG56/oOr0evt5VmqCAqCpV5ZmpFaCqI7tQ=
Subject key identifier: 14:59:79:28:C4:53:F0:1E:8D:EA:E2:FE:DF:4E:94:8E:E0:8A:D9:83
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 019A4DA04F937F3AB9BC1B482FB28CC1A8E0
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/FFl5KMRT8B6N6uL-306UjuCK2YM.roa
Signing time: Tue 04 Nov 2025 06:49:03 +0000
ROA not before: Tue 04 Nov 2025 06:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212904
IP address blocks: 185.100.229.0/24 maxlen: 24
185.243.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:a0:4f:93:7f:3a:b9:bc:1b:48:2f:b2:8c:c1:a8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Nov 4 06:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14597928c453f01e8deae2fedf4e948ee08ad983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:64:36:45:5e:9a:4e:04:a5:a0:8f:ef:e4:f8:
68:19:6d:cf:11:a1:12:db:09:66:f6:57:b3:3d:6c:
60:38:53:a5:2b:25:86:0d:4c:8f:49:a0:eb:b0:9b:
7d:95:66:45:a0:04:05:e8:94:97:e8:0d:40:3a:aa:
c7:4e:98:61:1b:c9:56:50:6c:c0:b7:69:15:71:cb:
16:a9:20:c5:92:e4:2d:f5:3e:74:cf:90:b6:e3:b5:
36:f2:a0:ce:15:ff:58:21:4b:2a:c2:ea:89:22:8a:
90:d8:3b:26:bf:96:cf:24:ef:fe:4c:d7:2e:94:0e:
62:23:1f:06:ab:96:f7:12:81:36:1d:37:de:78:2c:
66:2f:18:eb:c7:53:ac:91:81:4e:8e:e4:4d:06:35:
a5:5c:c6:b7:42:14:1e:2e:10:9a:63:8e:d1:94:22:
55:44:9c:c0:e4:85:a7:f2:92:9e:3d:29:1b:f6:5e:
6c:ac:90:32:0a:a0:b0:77:55:d4:45:96:9c:f6:36:
62:97:8b:b3:c1:fa:41:4c:e1:87:72:05:c0:7a:66:
c3:a3:62:5a:9a:36:fd:ea:8a:be:c0:5a:8d:26:76:
a7:4d:31:30:5f:e3:9f:a7:54:d6:80:65:da:c4:2d:
c9:14:cf:fe:05:0a:dc:89:cd:d8:2c:17:e4:92:de:
55:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:59:79:28:C4:53:F0:1E:8D:EA:E2:FE:DF:4E:94:8E:E0:8A:D9:83
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/FFl5KMRT8B6N6uL-306UjuCK2YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.229.0/24
185.243.28.0/24
Signature Algorithm: sha256WithRSAEncryption
32:cd:4c:e9:2a:c7:e2:f1:39:3e:51:45:f3:c3:36:11:fe:44:
ff:1b:d4:6f:8d:5b:90:32:98:58:60:3a:a1:62:0b:cd:2b:ff:
0d:b8:d6:08:fa:22:f8:5e:bc:3d:c1:65:92:9f:a4:29:51:a9:
d6:9a:a6:2d:76:c9:a7:a5:dd:f6:42:50:0c:61:1b:5e:7d:01:
59:7e:92:97:0b:e5:73:02:67:e0:36:d1:2c:b7:58:c9:4d:7e:
1f:e1:f1:f1:48:f9:8b:41:07:bb:eb:22:1e:75:22:b1:4d:10:
46:1e:32:23:0d:74:ec:7a:b3:fe:d8:52:50:92:df:c4:82:8e:
64:c8:f9:7e:a6:f6:72:fd:e5:51:2d:fd:17:67:01:8c:19:a9:
9b:60:f1:fb:b8:6f:3a:e0:b7:26:2e:66:45:c2:ce:c5:56:41:
db:b8:36:c4:9e:ff:7a:30:2c:b1:23:f8:31:47:a8:32:d9:0a:
9f:8d:12:f6:0a:0a:83:92:99:82:ea:4a:7d:d5:13:77:1d:15:
ba:51:cb:3b:4e:8b:ef:bc:d5:c2:39:da:bf:ab:1d:29:ff:9a:
0c:2d:8f:6a:9b:98:e2:4e:72:03:d0:de:ae:e0:e4:81:f4:70:
43:b5:09:59:83:6e:af:52:21:06:fa:33:b6:c5:2f:6a:42:ad:
3f:56:74:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpNoE+Tfzq5vBtIL7KMwajgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjUxMTA0MDY0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDU5NzkyOGM0NTNmMDFlOGRlYWUyZmVkZjRlOTQ4ZWUwOGFkOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmQ2RV6aTgSloI/v5PhoGW3PEaES
2wlm9lezPWxgOFOlKyWGDUyPSaDrsJt9lWZFoAQF6JSX6A1AOqrHTphhG8lWUGzA
t2kVccsWqSDFkuQt9T50z5C247U28qDOFf9YIUsqwuqJIoqQ2Dsmv5bPJO/+TNcu
lA5iIx8Gq5b3EoE2HTfeeCxmLxjrx1OskYFOjuRNBjWlXMa3QhQeLhCaY47RlCJV
RJzA5IWn8pKePSkb9l5srJAyCqCwd1XURZac9jZil4uzwfpBTOGHcgXAembDo2Ja
mjb96oq+wFqNJnanTTEwX+Ofp1TWgGXaxC3JFM/+BQrcic3YLBfkkt5VkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBRZeSjEU/Aejeri/t9OlI7gitmDMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvRkZsNUtNUlQ4QjZONnVMLTMwNlVqdUNLMllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWTlAwQA
ufMcMA0GCSqGSIb3DQEBCwUAA4IBAQAyzUzpKsfi8Tk+UUXzwzYR/kT/G9RvjVuQ
MphYYDqhYgvNK/8NuNYI+iL4Xrw9wWWSn6QpUanWmqYtdsmnpd32QlAMYRtefQFZ
fpKXC+VzAmfgNtEst1jJTX4f4fHxSPmLQQe76yIedSKxTRBGHjIjDXTserP+2FJQ
kt/Ego5kyPl+pvZy/eVRLf0XZwGMGambYPH7uG864LcmLmZFws7FVkHbuDbEnv96
MCyxI/gxR6gy2QqfjRL2CgqDkpmC6kp91RN3HRW6Ucs7TovvvNXCOdq/qx0p/5oM
LY9qm5jiTnID0N6u4OSB9HBDtQlZg26vUiEG+jO2xS9qQq0/VnSC
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:03:58 2025 by rpki-client