Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Fy5hqGyWYPIPnyKhbGXbpM7pNcw.roa
File: Fy5hqGyWYPIPnyKhbGXbpM7pNcw.roa (raw, json)
Hash identifier: 9qBkvOxd83dAFYsaedu+9JNIqoutZ4MvRFnmYbti7zo=
Subject key identifier: 17:2E:61:A8:6C:96:60:F2:0F:9F:22:A1:6C:65:DB:A4:CE:E9:35:CC
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 019856F8986062A3E49469E9594A864B4054
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Fy5hqGyWYPIPnyKhbGXbpM7pNcw.roa
Signing time: Tue 29 Jul 2025 16:16:29 +0000
ROA not before: Tue 29 Jul 2025 16:16:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34577
IP address blocks: 85.187.19.0/24 maxlen: 24
85.187.19.5/32 maxlen: 32
85.187.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 07:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:f8:98:60:62:a3:e4:94:69:e9:59:4a:86:4b:40:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jul 29 16:16:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=172e61a86c9660f20f9f22a16c65dba4cee935cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2b:e2:b1:e3:6a:e0:e3:aa:5a:c2:f6:ec:48:
23:8d:03:b3:37:3a:8c:2b:c4:d6:5e:b9:43:c3:0e:
91:58:f4:64:98:9b:85:74:76:e5:d7:2d:e4:23:8a:
78:b9:7c:18:0f:8b:64:a1:ea:b7:ba:ab:50:42:d6:
c5:d7:c4:bb:d5:3e:86:0b:4a:8e:a8:15:ae:5f:40:
b0:06:8d:af:51:ef:96:c2:37:22:cb:5e:91:5b:96:
86:5f:ed:b1:0b:35:ed:45:a8:7c:9c:4a:0b:64:00:
f8:1f:33:0a:aa:36:30:b5:f4:eb:65:d1:9d:54:4f:
4f:5d:60:04:7d:c7:6b:e6:5e:01:a7:72:a4:69:44:
38:c2:6d:54:4a:cd:04:e4:c5:8b:c5:ea:c2:ad:6e:
a7:5c:c3:67:96:63:22:69:1c:40:db:9a:bb:bb:82:
4a:4c:e8:00:bc:d5:15:9e:91:dd:fa:b4:55:9b:57:
50:39:98:0d:c9:39:96:b3:eb:fa:75:2c:99:95:df:
e3:f6:90:7d:0e:fa:86:5b:95:6e:36:22:0e:ff:3f:
f9:eb:5d:8a:1b:4a:fc:ef:e2:3c:50:4e:a6:5d:45:
a5:ca:b4:5a:e4:d1:a8:99:6d:bc:13:32:0c:80:f3:
7d:56:13:4e:6c:83:16:e3:bb:6c:2b:06:74:24:73:
79:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:2E:61:A8:6C:96:60:F2:0F:9F:22:A1:6C:65:DB:A4:CE:E9:35:CC
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Fy5hqGyWYPIPnyKhbGXbpM7pNcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.19.0/24
85.187.41.0/24
Signature Algorithm: sha256WithRSAEncryption
28:a4:b4:48:99:d2:99:4c:3d:5e:2b:f0:27:06:87:b2:6f:76:
78:28:25:4f:82:71:d4:8c:6a:aa:69:8e:09:0d:11:16:54:9b:
78:0d:6b:46:3c:2a:00:67:91:a1:32:45:47:88:b2:82:48:e2:
ac:a9:9d:d9:21:f9:cc:cc:95:f2:79:9a:7a:9e:ad:7a:fa:96:
54:5c:4d:09:9d:15:15:dd:b6:58:fc:b7:e3:56:09:8f:1d:66:
20:6e:f5:d3:c4:c2:d9:92:7a:82:b2:9f:a6:4b:33:0f:d4:56:
cc:6c:23:92:43:dc:7e:c5:e5:fc:4e:fb:e1:8a:29:2a:ee:3b:
3d:a9:00:c6:49:c4:ee:e9:40:ed:d8:74:4b:67:1f:c7:a2:f8:
6f:78:fc:2a:a3:dc:69:d5:aa:a5:33:92:f5:f9:29:c2:17:8b:
3e:f8:e4:04:67:52:4b:10:90:72:48:1d:96:7b:1c:05:e5:9a:
cb:b8:12:d7:6b:f1:bb:de:9a:9d:0a:5e:fb:08:be:aa:d2:c7:
88:69:84:6b:7e:37:da:08:ce:2e:79:a6:6d:13:e3:d9:c2:c4:
0c:1e:4b:a3:c6:59:59:23:ad:52:73:36:60:cb:0b:4a:ab:2c:
77:9e:46:2c:0f:34:7d:82:e0:4a:9d:bf:9f:c1:33:ee:63:ef:
fa:02:9b:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhW+JhgYqPklGnpWUqGS0BUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjUwNzI5MTYxNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzJlNjFhODZjOTY2MGYyMGY5ZjIyYTE2YzY1ZGJhNGNlZTkzNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yviseNq4OOqWsL27EgjjQOzNzqM
K8TWXrlDww6RWPRkmJuFdHbl1y3kI4p4uXwYD4tkoeq3uqtQQtbF18S71T6GC0qO
qBWuX0CwBo2vUe+Wwjciy16RW5aGX+2xCzXtRah8nEoLZAD4HzMKqjYwtfTrZdGd
VE9PXWAEfcdr5l4Bp3KkaUQ4wm1USs0E5MWLxerCrW6nXMNnlmMiaRxA25q7u4JK
TOgAvNUVnpHd+rRVm1dQOZgNyTmWs+v6dSyZld/j9pB9DvqGW5VuNiIO/z/5612K
G0r87+I8UE6mXUWlyrRa5NGomW28EzIMgPN9VhNObIMW47tsKwZ0JHN5TwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBcuYahslmDyD58ioWxl26TO6TXMMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvRnk1aHFHeVdZUElQbnlLaGJHWGJwTTdwTmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVbsTAwQA
VbspMA0GCSqGSIb3DQEBCwUAA4IBAQAopLRImdKZTD1eK/AnBoeyb3Z4KCVPgnHU
jGqqaY4JDREWVJt4DWtGPCoAZ5GhMkVHiLKCSOKsqZ3ZIfnMzJXyeZp6nq16+pZU
XE0JnRUV3bZY/LfjVgmPHWYgbvXTxMLZknqCsp+mSzMP1FbMbCOSQ9x+xeX8Tvvh
iikq7js9qQDGScTu6UDt2HRLZx/HovhvePwqo9xp1aqlM5L1+SnCF4s++OQEZ1JL
EJBySB2WexwF5ZrLuBLXa/G73pqdCl77CL6q0seIaYRrfjfaCM4ueaZtE+PZwsQM
HkujxllZI61SczZgywtKqyx3nkYsDzR9guBKnb+fwTPuY+/6Apu6
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:11:03 2025 by rpki-client