Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/fZN-mJc8fZOK-6XrfXacVqv1tuE.roa
File: fZN-mJc8fZOK-6XrfXacVqv1tuE.roa (raw, json)
Hash identifier: dKX6X2ROArIQd/pMehz+1TmwgekylLZCGEI0q4Su81U=
Subject key identifier: 7D:93:7E:98:97:3C:7D:93:8A:FB:A5:EB:7D:76:9C:56:AB:F5:B6:E1
Certificate issuer: /CN=68383ffa9f20bf021c090262994212d71667ed02
Certificate serial: 019421B20B373D44CFBA1C004AA89A0759A7
Authority key identifier: 68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/fZN-mJc8fZOK-6XrfXacVqv1tuE.roa
Signing time: Wed 01 Jan 2025 11:48:23 +0000
ROA not before: Wed 01 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 81.90.143.0/24 maxlen: 24
2a00:e20:143::/48 maxlen: 48
2a00:e20:150::/44 maxlen: 48
2a00:e27:143::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0b:37:3d:44:cf:ba:1c:00:4a:a8:9a:07:59:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68383ffa9f20bf021c090262994212d71667ed02
Validity
Not Before: Jan 1 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d937e98973c7d938afba5eb7d769c56abf5b6e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3d:bc:b2:ef:16:41:32:19:07:a3:04:b2:03:
c0:1e:ef:20:ff:ee:9a:7c:44:aa:d7:2f:ce:e7:27:
0b:0d:37:cf:4f:a0:4e:37:1f:45:8a:ca:d1:4b:49:
d9:84:5d:26:a3:6f:ee:7f:c7:c6:1b:b1:fd:2a:84:
47:11:d2:94:27:02:13:a4:24:73:5b:e9:12:d1:f4:
68:2d:ea:a1:69:1e:8b:0a:e1:f2:8a:e9:6f:3b:86:
8d:33:a2:dc:59:58:c1:94:da:c7:d7:c1:e6:dd:93:
ec:ef:a1:3b:9e:ba:64:d8:af:66:51:e8:fe:28:a5:
d9:44:9d:1c:8e:e2:a2:27:65:b7:0a:c7:5d:e5:b4:
e3:b7:35:63:b7:54:6d:da:03:43:fd:83:94:82:63:
7d:82:d6:90:b8:c2:8c:25:3f:61:85:0e:c0:4f:a2:
6a:d1:ac:87:80:fb:95:d3:84:20:48:d0:ec:73:e8:
63:a4:c3:76:2c:c5:da:76:33:79:79:e4:72:fc:a1:
26:59:87:d3:1a:3f:82:84:92:ca:99:7f:f3:7c:75:
f9:c4:f5:f5:a0:68:03:5d:b4:91:39:97:dd:97:d9:
dc:e0:9f:e2:9a:aa:9a:ac:ff:86:39:31:ee:06:08:
47:c8:d8:66:b7:20:29:e5:c0:f9:c9:1e:ec:8e:11:
a8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:93:7E:98:97:3C:7D:93:8A:FB:A5:EB:7D:76:9C:56:AB:F5:B6:E1
X509v3 Authority Key Identifier:
keyid:68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/fZN-mJc8fZOK-6XrfXacVqv1tuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.143.0/24
IPv6:
2a00:e20:143::/48
2a00:e20:150::/44
2a00:e27:143::/48
Signature Algorithm: sha256WithRSAEncryption
07:83:59:3b:7e:8f:e7:f9:99:c9:94:3d:56:ef:df:f4:73:1c:
58:22:97:e5:43:3e:b4:c0:ab:f7:34:f9:8b:05:78:f0:15:7d:
1c:63:14:24:41:fe:ee:c4:4a:95:6f:1c:2c:f2:2a:67:4f:b7:
77:bb:2d:ea:26:f3:4e:d3:55:e3:ea:24:61:df:1b:3f:74:26:
57:8d:65:8d:e5:56:5b:d7:7e:ca:6e:f7:5e:28:1e:32:03:83:
ca:56:e3:5d:00:38:4d:2f:5d:75:e6:c3:24:69:6e:31:75:98:
03:29:e4:0f:c4:c0:f9:6b:1f:c2:17:95:03:83:c1:10:1a:a1:
7e:1d:56:84:58:1a:db:f7:8a:7e:c3:bf:77:56:12:36:94:3f:
86:20:d6:bf:b7:08:58:97:a5:ef:22:46:45:3c:65:21:82:93:
17:e2:7e:67:48:00:ed:b9:11:2b:77:a8:9d:d4:c9:29:4a:f0:
d4:d5:30:05:0e:6a:44:d4:d0:06:ea:a8:bf:29:a8:3c:59:ec:
55:f8:ce:2a:66:33:de:36:0e:91:1c:b3:ef:1d:a3:11:d1:2a:
40:87:c6:b8:9e:b0:71:59:e3:bc:21:d7:c9:d8:2a:41:fd:00:
65:3e:c2:e9:ca:4b:7e:ee:cc:09:74:58:d8:a8:73:7d:af:6f:
52:e9:33:44
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQhsgs3PUTPuhwASqiaB1mnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzgzZmZhOWYyMGJmMDIxYzA5MDI2Mjk5NDIxMmQ3MTY2
N2VkMDIwHhcNMjUwMTAxMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDkzN2U5ODk3M2M3ZDkzOGFmYmE1ZWI3ZDc2OWM1NmFiZjViNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT28su8WQTIZB6MEsgPAHu8g/+6a
fESq1y/O5ycLDTfPT6BONx9FisrRS0nZhF0mo2/uf8fGG7H9KoRHEdKUJwITpCRz
W+kS0fRoLeqhaR6LCuHyiulvO4aNM6LcWVjBlNrH18Hm3ZPs76E7nrpk2K9mUej+
KKXZRJ0cjuKiJ2W3Csdd5bTjtzVjt1Rt2gND/YOUgmN9gtaQuMKMJT9hhQ7AT6Jq
0ayHgPuV04QgSNDsc+hjpMN2LMXadjN5eeRy/KEmWYfTGj+ChJLKmX/zfHX5xPX1
oGgDXbSROZfdl9nc4J/imqqarP+GOTHuBghHyNhmtyAp5cD5yR7sjhGo3QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFH2TfpiXPH2Tivul6312nFar9bbhMB8GA1UdIwQY
MBaAFGg4P/qfIL8CHAkCYplCEtcWZ+0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYt
NDA2MGU5ZWVlYjllLzEvZlpOLW1KYzhmWk9LLTZYcmZYYWNWcXYxdHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYtNDA2MGU5ZWVlYjll
LzEvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAUVqPMCEE
AgACMBsDBwAqAA4gAUMDBwQqAA4gAVADBwAqAA4nAUMwDQYJKoZIhvcNAQELBQAD
ggEBAAeDWTt+j+f5mcmUPVbv3/RzHFgil+VDPrTAq/c0+YsFePAVfRxjFCRB/u7E
SpVvHCzyKmdPt3e7Leom807TVePqJGHfGz90JleNZY3lVlvXfspu914oHjIDg8pW
410AOE0vXXXmwyRpbjF1mAMp5A/EwPlrH8IXlQODwRAaoX4dVoRYGtv3in7Dv3dW
EjaUP4Yg1r+3CFiXpe8iRkU8ZSGCkxfifmdIAO25ESt3qJ3UySlK8NTVMAUOakTU
0AbqqL8pqDxZ7FX4zipmM942DpEcs+8doxHRKkCHxriesHFZ47wh18nYKkH9AGU+
wunKS37uzAl0WNioc32vb1LpM0Q=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:29:02 2025 by rpki-client