
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/fQnNiPgnrExlgGixhIK5k0FYGr8.roa
File: fQnNiPgnrExlgGixhIK5k0FYGr8.roa (raw, json)
Hash identifier: g9xiA7oNRTWzFjyPXSwcVbHrjtoJGtsiu0z+mGGqspE=
Subject key identifier: 7D:09:CD:88:F8:27:AC:4C:65:80:68:B1:84:82:B9:93:41:58:1A:BF
Certificate issuer: /CN=cb3bda3877b03bb7af4acf960fdc2f96de891ff1
Certificate serial: 019864CEF073B2DADB28781EA70122F37AB1
Authority key identifier: CB:3B:DA:38:77:B0:3B:B7:AF:4A:CF:96:0F:DC:2F:96:DE:89:1F:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzvaOHewO7evSs-WD9wvlt6JH_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/fQnNiPgnrExlgGixhIK5k0FYGr8.roa
Signing time: Fri 01 Aug 2025 08:45:40 +0000
ROA not before: Fri 01 Aug 2025 08:45:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2488
IP address blocks: 147.125.0.0/17 maxlen: 17
2001:67c:1b70::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/yzvaOHewO7evSs-WD9wvlt6JH_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/yzvaOHewO7evSs-WD9wvlt6JH_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/yzvaOHewO7evSs-WD9wvlt6JH_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:64:ce:f0:73:b2:da:db:28:78:1e:a7:01:22:f3:7a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb3bda3877b03bb7af4acf960fdc2f96de891ff1
Validity
Not Before: Aug 1 08:45:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d09cd88f827ac4c658068b18482b99341581abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:96:8c:f0:6f:88:88:d1:df:b8:3f:68:a8:9a:
72:d7:06:2e:ad:bc:de:0f:d3:b5:93:cc:c4:f3:3d:
b8:99:34:6d:8f:6b:57:14:fe:a5:23:2f:95:e7:34:
2e:b1:d7:65:e3:f7:f2:89:d4:6d:76:b0:00:c3:1d:
d2:94:c7:b8:81:72:db:32:cc:25:65:ba:23:e9:b5:
93:af:81:ab:33:60:b0:24:85:ca:69:12:b7:c9:41:
83:b4:4b:13:ed:58:fd:2f:62:d6:05:ec:04:ef:ca:
10:0e:c1:31:d7:1a:e6:25:20:22:c0:5e:2e:7b:8e:
e9:71:15:ff:da:47:9f:d0:21:1e:18:7f:75:71:a9:
d5:41:ee:19:3c:f7:cf:b3:72:2e:ad:43:e9:2f:d2:
f7:54:f0:c4:08:61:ef:82:54:ee:1b:c2:f2:f0:de:
a3:af:c2:8b:25:d6:22:cc:56:86:70:44:1d:1c:36:
18:1a:db:5c:2d:b6:17:0c:8d:3d:57:a1:48:8d:5f:
b7:c4:e3:45:0a:ef:d8:e6:1b:ff:bf:a2:21:4d:5d:
1c:be:7d:2d:79:39:1a:2f:a6:0f:a6:64:31:31:ef:
36:33:50:00:fa:31:36:e1:4e:19:ce:63:c1:d2:4c:
c4:3c:40:38:3e:6e:f9:1d:24:a7:08:0b:cb:a2:cc:
3c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:09:CD:88:F8:27:AC:4C:65:80:68:B1:84:82:B9:93:41:58:1A:BF
X509v3 Authority Key Identifier:
keyid:CB:3B:DA:38:77:B0:3B:B7:AF:4A:CF:96:0F:DC:2F:96:DE:89:1F:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzvaOHewO7evSs-WD9wvlt6JH_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/fQnNiPgnrExlgGixhIK5k0FYGr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/eba0b9-6275-426c-8b10-95db9bf63763/1/yzvaOHewO7evSs-WD9wvlt6JH_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.0.0/17
IPv6:
2001:67c:1b70::/48
Signature Algorithm: sha256WithRSAEncryption
64:e9:33:1c:37:cd:b3:c5:d4:a6:00:ab:ec:10:fd:3d:0e:aa:
ca:b4:09:6f:a1:ce:cd:d9:43:e0:8e:f1:d3:e1:2d:23:4a:6e:
c7:64:33:59:73:fb:6b:3d:02:d8:86:86:67:22:7b:93:92:26:
3f:69:a0:de:29:84:47:2c:d7:c6:8e:a3:36:6e:b1:a2:a7:da:
90:bd:34:74:d0:ea:69:e3:30:7f:ee:bb:82:32:bf:4a:bb:5a:
27:e1:f2:35:2c:30:15:e3:27:8d:c9:73:81:36:62:75:ca:fa:
65:a9:11:81:4d:f6:b9:2e:4a:3a:2e:b0:50:6e:58:8e:de:c9:
e4:84:bc:20:58:0a:cd:a9:91:b9:99:2a:dc:35:e3:57:c9:5e:
ce:ec:46:6e:c7:cc:43:9c:f0:29:6d:f7:20:f8:11:5a:a1:71:
b1:a4:e9:97:72:17:fa:b6:e7:8e:7a:fc:a4:63:2a:4e:1c:c2:
62:36:3b:16:24:d4:cf:d4:24:ca:a8:b5:0d:d1:f1:64:e3:9b:
4b:01:67:74:c7:88:aa:f1:4f:5d:fb:ef:db:a8:01:ff:c4:7d:
b6:8d:ba:39:42:5d:a6:be:36:f3:77:3e:6d:bc:cf:93:c9:f3:
83:27:b5:62:ba:f4:bf:6f:55:02:50:29:54:cd:2e:0b:03:a0:
41:fa:a6:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZhkzvBzstrbKHgepwEi83qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiM2JkYTM4NzdiMDNiYjdhZjRhY2Y5NjBmZGMyZjk2ZGU4
OTFmZjEwHhcNMjUwODAxMDg0NTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDA5Y2Q4OGY4MjdhYzRjNjU4MDY4YjE4NDgyYjk5MzQxNTgxYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5aM8G+IiNHfuD9oqJpy1wYurbze
D9O1k8zE8z24mTRtj2tXFP6lIy+V5zQusddl4/fyidRtdrAAwx3SlMe4gXLbMswl
Zboj6bWTr4GrM2CwJIXKaRK3yUGDtEsT7Vj9L2LWBewE78oQDsEx1xrmJSAiwF4u
e47pcRX/2kef0CEeGH91canVQe4ZPPfPs3IurUPpL9L3VPDECGHvglTuG8Ly8N6j
r8KLJdYizFaGcEQdHDYYGttcLbYXDI09V6FIjV+3xONFCu/Y5hv/v6IhTV0cvn0t
eTkaL6YPpmQxMe82M1AA+jE24U4ZzmPB0kzEPEA4Pm75HSSnCAvLosw84QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH0JzYj4J6xMZYBosYSCuZNBWBq/MB8GA1UdIwQY
MBaAFMs72jh3sDu3r0rPlg/cL5beiR/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXp2YU9IZXdPN2V2U3MtV0Q5d3ZsdDZKSF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lYmEwYjktNjI3NS00MjZjLThiMTAt
OTVkYjliZjYzNzYzLzEvZlFuTmlQZ25yRXhsZ0dpeGhJSzVrMEZZR3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lYmEwYjktNjI3NS00MjZjLThiMTAtOTVkYjliZjYzNzYz
LzEveXp2YU9IZXdPN2V2U3MtV0Q5d3ZsdDZKSF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQHk30AMA8E
AgACMAkDBwAgAQZ8G3AwDQYJKoZIhvcNAQELBQADggEBAGTpMxw3zbPF1KYAq+wQ
/T0Oqsq0CW+hzs3ZQ+CO8dPhLSNKbsdkM1lz+2s9AtiGhmcie5OSJj9poN4phEcs
18aOozZusaKn2pC9NHTQ6mnjMH/uu4Iyv0q7Wifh8jUsMBXjJ43Jc4E2YnXK+mWp
EYFN9rkuSjousFBuWI7eyeSEvCBYCs2pkbmZKtw141fJXs7sRm7HzEOc8Clt9yD4
EVqhcbGk6ZdyF/q25456/KRjKk4cwmI2OxYk1M/UJMqotQ3R8WTjm0sBZ3THiKrx
T13779uoAf/EfbaNujlCXaa+NvN3Pm28z5PJ84MntWK69L9vVQJQKVTNLgsDoEH6
psc=
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:05:30 2025 by rpki-client