Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/1-iOVIXz47qr-JLuInaHzpTgpem8.roa
File: 1-iOVIXz47qr-JLuInaHzpTgpem8.roa (raw, json)
Hash identifier: aQd2tRqEfKRVYoKZ8bIlvH9byaMVj2lET2FwBKaobPk=
Subject key identifier: FA:23:95:21:7C:F8:EE:AA:FE:24:BB:88:9D:A1:F3:A5:38:29:7A:6F
Certificate issuer: /CN=3f3f554b80281dea2a300318aaad6d2d97f1ce44
Certificate serial: 019A21E9D1C45DAE7AD82FF6B8315AD19EA8
Authority key identifier: 3F:3F:55:4B:80:28:1D:EA:2A:30:03:18:AA:AD:6D:2D:97:F1:CE:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/1-iOVIXz47qr-JLuInaHzpTgpem8.roa
Signing time: Sun 26 Oct 2025 19:06:03 +0000
ROA not before: Sun 26 Oct 2025 19:06:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30456
IP address blocks: 185.224.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:e9:d1:c4:5d:ae:7a:d8:2f:f6:b8:31:5a:d1:9e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f3f554b80281dea2a300318aaad6d2d97f1ce44
Validity
Not Before: Oct 26 19:06:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa2395217cf8eeaafe24bb889da1f3a538297a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f2:e7:00:6e:f1:a0:64:5e:11:af:e8:b0:8e:
81:7b:e8:e0:ff:ce:92:d0:6e:ae:b9:2e:86:d0:0d:
f6:2b:a6:03:1c:bb:2a:bf:a3:4e:8a:2e:9c:59:0c:
cb:0b:f2:eb:1f:f8:15:0d:b2:30:23:a0:34:c7:7f:
a6:bf:f2:59:ed:90:1d:c2:a9:c0:53:b5:06:dd:9a:
08:16:84:c5:38:48:6f:24:0e:55:ca:79:62:f4:3d:
eb:f2:68:2a:dc:44:79:f1:83:af:ee:db:85:dc:a4:
65:d2:8f:ac:0c:42:30:32:19:4d:9b:36:fe:d7:ca:
68:00:dd:bf:a6:4f:72:23:2f:f8:51:59:24:99:5c:
76:0d:8b:2c:f6:08:b3:8c:2f:36:91:5c:58:31:7a:
96:49:34:6b:d1:e7:eb:d5:84:ad:b4:0a:aa:7a:14:
f3:67:d4:e8:67:b5:3b:aa:44:3c:86:2c:f9:b0:64:
4f:7d:13:82:55:fa:ea:99:6a:06:3e:13:d0:ae:9e:
1a:ef:d8:46:4d:47:3d:2c:9f:47:bd:2f:6d:74:ac:
b1:fc:01:34:3e:2c:d0:c6:d8:5f:e6:46:b1:fd:e7:
8d:49:64:b0:52:c5:97:89:1f:7e:e8:e3:da:a3:19:
56:07:2a:12:36:09:e0:e7:c5:54:37:e1:50:45:c5:
f0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:23:95:21:7C:F8:EE:AA:FE:24:BB:88:9D:A1:F3:A5:38:29:7A:6F
X509v3 Authority Key Identifier:
keyid:3F:3F:55:4B:80:28:1D:EA:2A:30:03:18:AA:AD:6D:2D:97:F1:CE:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/1-iOVIXz47qr-JLuInaHzpTgpem8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.0.0/24
Signature Algorithm: sha256WithRSAEncryption
01:fa:6d:53:0e:97:96:80:f9:3a:fa:8d:98:df:cb:71:94:58:
f4:d3:61:b6:3d:f4:22:a2:66:42:2a:d1:84:1e:dc:ef:3e:38:
8e:80:be:53:4c:dc:6f:a0:0e:f7:fe:85:1f:86:cc:4c:20:a9:
3c:09:8d:35:0c:e3:6a:10:1b:6f:1f:a7:27:46:a4:fa:58:dc:
3b:0e:73:a4:0b:e4:14:6e:4e:6b:b2:40:11:3e:8c:e7:b3:62:
73:69:a2:46:75:ba:e8:28:fc:10:b5:ed:23:31:a5:1d:b9:a2:
12:cf:1d:ad:9c:87:80:5d:b0:4d:16:d8:d5:e4:ea:a2:07:53:
5c:f2:c9:37:00:a0:63:ab:de:50:15:5c:b9:64:97:45:15:d4:
b0:bd:09:bb:a5:0e:8e:8f:14:c2:cf:94:3e:5d:09:c1:0d:a6:
49:6b:c8:d7:0b:93:01:7a:c8:c5:08:a7:93:93:5a:25:98:74:
66:d3:a1:cb:18:7d:a8:ba:8a:d3:5b:2f:55:75:60:4e:19:60:
d3:35:29:19:4d:2e:f9:21:2d:12:65:d4:aa:f9:25:fa:38:33:
28:e9:fa:8d:28:71:ea:aa:d1:ff:78:64:ac:0f:a7:11:bf:bc:
12:fe:e2:c8:6f:bb:c7:d4:be:a9:9a:db:64:3a:3e:c8:66:12:
55:1c:13:6f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZoh6dHEXa562C/2uDFa0Z6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmM2Y1NTRiODAyODFkZWEyYTMwMDMxOGFhYWQ2ZDJkOTdm
MWNlNDQwHhcNMjUxMDI2MTkwNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTIzOTUyMTdjZjhlZWFhZmUyNGJiODg5ZGExZjNhNTM4Mjk3YTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfLnAG7xoGReEa/osI6Be+jg/86S
0G6uuS6G0A32K6YDHLsqv6NOii6cWQzLC/LrH/gVDbIwI6A0x3+mv/JZ7ZAdwqnA
U7UG3ZoIFoTFOEhvJA5Vynli9D3r8mgq3ER58YOv7tuF3KRl0o+sDEIwMhlNmzb+
18poAN2/pk9yIy/4UVkkmVx2DYss9gizjC82kVxYMXqWSTRr0efr1YSttAqqehTz
Z9ToZ7U7qkQ8hiz5sGRPfROCVfrqmWoGPhPQrp4a79hGTUc9LJ9HvS9tdKyx/AE0
PizQxthf5kax/eeNSWSwUsWXiR9+6OPaoxlWByoSNgng58VUN+FQRcXwAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPojlSF8+O6q/iS7iJ2h86U4KXpvMB8GA1UdIwQY
MBaAFD8/VUuAKB3qKjADGKqtbS2X8c5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHo5VlM0QW9IZW9xTUFNWXFxMXRMWmZ4emtRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy83OGQ1MjgtN2NkZi00NGMwLWFjZGQt
ZjUzM2I4ZGY4MGE5LzEvMS1pT1ZJWHo0N3FyLUpMdUluYUh6cFRncGVtOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmMvNzhkNTI4LTdjZGYtNDRjMC1hY2RkLWY1MzNiOGRmODBh
OS8xL1B6OVZTNEFvSGVvcU1BTVlxcTF0TFpmeHprUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALngADAN
BgkqhkiG9w0BAQsFAAOCAQEAAfptUw6XloD5OvqNmN/LcZRY9NNhtj30IqJmQirR
hB7c7z44joC+U0zcb6AO9/6FH4bMTCCpPAmNNQzjahAbbx+nJ0ak+ljcOw5zpAvk
FG5Oa7JAET6M57Nic2miRnW66Cj8ELXtIzGlHbmiEs8drZyHgF2wTRbY1eTqogdT
XPLJNwCgY6veUBVcuWSXRRXUsL0Ju6UOjo8Uws+UPl0JwQ2mSWvI1wuTAXrIxQin
k5NaJZh0ZtOhyxh9qLqK01svVXVgThlg0zUpGU0u+SEtEmXUqvkl+jgzKOn6jShx
6qrR/3hkrA+nEb+8Ev7iyG+7x9S+qZrbZDo+yGYSVRwTbw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:05:11 2025 by rpki-client