Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/F6ObM6UnximfbwiH1YL38MiUlBY.roa
File: F6ObM6UnximfbwiH1YL38MiUlBY.roa (raw, json)
Hash identifier: FMTxgNBaoS8PjWTC2HJz86nipqDf/pRuOEnb+E3AC9c=
Subject key identifier: 17:A3:9B:33:A5:27:C6:29:9F:6F:08:87:D5:82:F7:F0:C8:94:94:16
Certificate issuer: /CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Certificate serial: 0195655CDECC99BC0473A256F5CE802876B2
Authority key identifier: 42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/F6ObM6UnximfbwiH1YL38MiUlBY.roa
Signing time: Wed 05 Mar 2025 08:12:19 +0000
ROA not before: Wed 05 Mar 2025 08:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58010
IP address blocks: 109.109.192.0/21 maxlen: 24
185.114.212.0/22 maxlen: 24
185.114.212.0/24 maxlen: 24
185.114.213.0/24 maxlen: 24
185.114.214.0/24 maxlen: 24
185.114.215.0/24 maxlen: 24
2a06:71c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:5c:de:cc:99:bc:04:73:a2:56:f5:ce:80:28:76:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Validity
Not Before: Mar 5 08:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17a39b33a527c6299f6f0887d582f7f0c8949416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a8:b2:d3:ee:a4:43:db:7b:4c:5e:7d:bc:db:
57:8e:a4:fc:e3:ea:cb:a5:0e:9e:7c:3d:ec:1c:d6:
4c:c5:77:28:27:c0:e6:5b:fa:b6:60:ef:c5:1d:5d:
39:e4:05:da:c5:cf:35:da:a1:f5:35:42:ca:ac:57:
22:47:a5:42:42:1b:db:8d:e3:8f:48:08:79:9a:87:
e9:65:ab:a3:69:80:ff:a9:57:5e:1f:6e:10:7e:dd:
f3:a0:57:a7:91:d6:52:d9:d6:e7:42:6e:84:7c:ee:
5c:af:c7:61:70:d3:8f:35:93:0f:37:a3:c6:74:0e:
39:03:a5:43:64:21:23:a6:68:d7:b0:36:3a:71:f5:
d9:7b:24:88:4b:f4:c5:64:79:2e:5d:9e:3e:b0:86:
1f:e2:22:fc:da:a1:00:a1:89:ce:09:de:f4:d3:6b:
a1:6c:d0:b8:8a:6c:d5:29:19:27:43:33:a1:89:47:
e2:ba:c2:01:62:49:ea:4f:4a:2e:46:6b:8f:a6:98:
08:e3:99:d9:2f:c2:5e:cf:8b:8b:02:28:f3:ff:c9:
40:2d:34:62:f6:0e:eb:94:a1:ac:82:38:65:a4:33:
e8:d3:bc:00:7a:fc:9c:16:d5:fa:67:94:c6:a9:05:
d2:59:50:94:66:b1:48:e4:1d:05:40:79:a7:b7:cb:
cc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A3:9B:33:A5:27:C6:29:9F:6F:08:87:D5:82:F7:F0:C8:94:94:16
X509v3 Authority Key Identifier:
keyid:42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/F6ObM6UnximfbwiH1YL38MiUlBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.109.192.0/21
185.114.212.0/22
IPv6:
2a06:71c0::/29
Signature Algorithm: sha256WithRSAEncryption
12:5e:df:40:22:b9:02:62:92:46:80:f7:30:7f:b5:2d:38:aa:
72:ba:6b:31:44:d2:2c:35:2d:c6:e9:67:04:00:db:33:9d:2a:
9f:69:e9:61:58:07:42:61:c9:60:0f:1b:13:c7:9e:41:8b:c4:
64:78:f0:f2:b6:60:af:9f:92:b0:8f:c5:95:f9:f4:60:14:8b:
f0:7c:72:46:cc:8b:0b:4e:35:5e:00:88:79:cc:b5:21:b8:f6:
fd:03:e2:32:0c:2c:f3:28:76:29:25:51:ed:7c:1f:4a:13:74:
98:64:0d:d3:15:26:68:a3:ab:2b:a7:bf:98:0b:35:78:d1:2a:
9c:bb:6d:a9:a0:5e:69:82:72:12:c5:24:4b:3f:af:df:f0:d5:
5a:b5:47:3a:10:fc:3d:cf:5f:09:bf:41:a5:2e:c4:5e:88:8c:
bb:fd:04:db:6b:a7:ff:8e:be:bd:e6:27:b4:57:c3:95:2a:fa:
ca:76:96:0c:75:12:60:20:f6:b4:0a:c0:ed:3b:11:c9:d6:da:
3b:c5:a7:9d:2f:e3:c9:c8:d7:dc:64:bd:6e:4b:7d:f8:59:9b:
31:d9:a4:d5:99:50:8a:02:8f:35:1c:f5:16:0c:7f:a3:9d:ae:
d9:de:c6:19:46:af:90:1c:31:d0:b3:b7:15:5d:0b:28:9f:82:
44:f0:ad:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZVlXN7MmbwEc6JW9c6AKHayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNTEyNTYxZmM0ZWU1NGI3OTljNWFmNDI4ZmZmYmNiYWZk
NDU0ZWYwHhcNMjUwMzA1MDgxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2EzOWIzM2E1MjdjNjI5OWY2ZjA4ODdkNTgyZjdmMGM4OTQ5NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaiy0+6kQ9t7TF59vNtXjqT84+rL
pQ6efD3sHNZMxXcoJ8DmW/q2YO/FHV055AXaxc812qH1NULKrFciR6VCQhvbjeOP
SAh5mofpZaujaYD/qVdeH24Qft3zoFenkdZS2dbnQm6EfO5cr8dhcNOPNZMPN6PG
dA45A6VDZCEjpmjXsDY6cfXZeySIS/TFZHkuXZ4+sIYf4iL82qEAoYnOCd7002uh
bNC4imzVKRknQzOhiUfiusIBYknqT0ouRmuPppgI45nZL8Jez4uLAijz/8lALTRi
9g7rlKGsgjhlpDPo07wAevycFtX6Z5TGqQXSWVCUZrFI5B0FQHmnt8vMmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBejmzOlJ8Ypn28Ih9WC9/DIlJQWMB8GA1UdIwQY
MBaAFEJRJWH8TuVLeZxa9Cj/+8uv1FTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUt
N2E3MmUyNmM4OTE4LzEvRjZPYk02VW54aW1mYndpSDFZTDM4TWlVbEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUtN2E3MmUyNmM4OTE4
LzEvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbW3AAwQC
uXLUMA0EAgACMAcDBQMqBnHAMA0GCSqGSIb3DQEBCwUAA4IBAQASXt9AIrkCYpJG
gPcwf7UtOKpyumsxRNIsNS3G6WcEANsznSqfaelhWAdCYclgDxsTx55Bi8RkePDy
tmCvn5Kwj8WV+fRgFIvwfHJGzIsLTjVeAIh5zLUhuPb9A+IyDCzzKHYpJVHtfB9K
E3SYZA3TFSZoo6srp7+YCzV40Sqcu22poF5pgnISxSRLP6/f8NVatUc6EPw9z18J
v0GlLsReiIy7/QTba6f/jr695ie0V8OVKvrKdpYMdRJgIPa0CsDtOxHJ1to7xaed
L+PJyNfcZL1uS334WZsx2aTVmVCKAo81HPUWDH+jna7Z3sYZRq+QHDHQs7cVXQso
n4JE8K2A
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:07:17 2025 by rpki-client