Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/FxcmiLw90HwD6v-zIS8fyho2YJk.roa
File: FxcmiLw90HwD6v-zIS8fyho2YJk.roa (raw, json)
Hash identifier: dVrudewN+D6RoriyTNX+xlGTNvGmJTbMWvHDD/OWxyw=
Subject key identifier: 17:17:26:88:BC:3D:D0:7C:03:EA:FF:B3:21:2F:1F:CA:1A:36:60:99
Certificate issuer: /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Certificate serial: 0194258EA46F31FF1A1E2CC8169AD446A3AB
Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/FxcmiLw90HwD6v-zIS8fyho2YJk.roa
Signing time: Thu 02 Jan 2025 05:48:12 +0000
ROA not before: Thu 02 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32787
IP address blocks: 185.69.116.0/24 maxlen: 24
185.69.118.0/24 maxlen: 24
194.35.1.0/24 maxlen: 24
194.35.5.0/24 maxlen: 24
194.35.8.0/24 maxlen: 24
194.35.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:a4:6f:31:ff:1a:1e:2c:c8:16:9a:d4:46:a3:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Validity
Not Before: Jan 2 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17172688bc3dd07c03eaffb3212f1fca1a366099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:98:30:c2:d5:ac:a5:37:70:72:7c:69:ff:e3:
19:a5:6c:13:89:02:d0:2b:d6:34:45:2b:0a:db:21:
85:b2:52:21:38:e2:b8:9b:4f:e2:1f:ab:87:d5:f8:
42:7e:64:d8:26:8e:8e:25:00:79:81:61:fd:20:ee:
02:a3:84:de:f1:01:b9:9a:48:4d:c1:5f:ac:fb:71:
1d:aa:43:5e:8b:06:98:1f:42:07:3f:5e:4d:6e:97:
a2:21:85:24:82:32:2e:35:98:36:cc:77:5f:0b:1c:
5f:95:77:ac:bc:79:55:25:89:53:69:19:e1:36:71:
16:93:c7:1e:d7:21:ef:4b:b7:b8:3a:e2:4d:d6:f1:
19:eb:8d:b2:73:3f:77:7d:0a:1d:18:3d:eb:53:1f:
a6:53:ef:b5:5e:41:6a:ce:7e:6a:b2:67:63:89:c1:
fa:35:42:5a:a7:38:eb:90:ef:b6:5f:9d:ed:15:a3:
68:a2:7e:e5:14:17:6c:96:59:04:19:ce:2e:d9:09:
33:fe:ba:16:bd:ac:9c:23:9b:91:18:a8:e9:40:73:
db:3c:2d:e0:b7:33:7d:76:28:00:6b:73:87:92:92:
50:4e:b9:e9:69:58:c3:04:c6:e5:0d:24:1e:ca:f8:
62:cc:30:cf:d2:5d:79:35:18:72:34:fc:83:44:5f:
01:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:17:26:88:BC:3D:D0:7C:03:EA:FF:B3:21:2F:1F:CA:1A:36:60:99
X509v3 Authority Key Identifier:
keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/FxcmiLw90HwD6v-zIS8fyho2YJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.116.0/24
185.69.118.0/24
194.35.1.0/24
194.35.5.0/24
194.35.8.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:c4:c6:c9:45:58:47:2a:d5:09:38:25:33:27:d4:27:ce:25:
d9:21:67:85:60:0e:4f:2d:28:72:5a:86:2e:2b:b9:cf:66:20:
ca:45:b3:f2:51:e0:ec:f2:f3:03:ce:b7:8a:f1:8c:20:f9:2f:
5c:15:e6:d6:a5:27:04:c4:85:1a:dc:bf:b1:5b:a5:2e:d2:20:
21:ee:46:38:59:d0:14:75:05:87:d8:8a:f2:13:b1:df:63:c9:
3e:68:e9:3c:68:0b:1c:5e:4f:03:00:cb:1e:30:aa:42:6f:00:
74:fe:d7:b5:30:f8:5d:3d:0a:2e:ae:93:00:37:1c:60:1f:cf:
f3:92:2c:44:3f:3a:17:24:79:c9:8a:91:4c:31:55:76:f2:6b:
da:38:69:ad:e3:e9:7a:48:c1:a0:a7:f6:f2:aa:e4:40:14:af:
26:ee:5d:9e:dc:8d:bf:21:9a:dd:83:c7:33:63:f0:1b:5e:fe:
cf:fe:94:d9:12:b6:32:7e:3a:76:b7:ec:f1:58:db:a6:94:f8:
f4:3f:65:59:26:99:f9:65:a4:67:23:e9:23:27:46:ed:70:3e:
ad:38:b3:10:06:37:88:96:1f:26:23:ba:1d:ea:94:35:41:d3:
91:92:10:4e:db:4f:44:9f:d8:a9:61:77:5f:fc:a4:e7:a1:4d:
4f:71:b9:06
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQljqRvMf8aHizIFprURqOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5
NWIyNjgwHhcNMjUwMTAyMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzE3MjY4OGJjM2RkMDdjMDNlYWZmYjMyMTJmMWZjYTFhMzY2MDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5gwwtWspTdwcnxp/+MZpWwTiQLQ
K9Y0RSsK2yGFslIhOOK4m0/iH6uH1fhCfmTYJo6OJQB5gWH9IO4Co4Te8QG5mkhN
wV+s+3EdqkNeiwaYH0IHP15NbpeiIYUkgjIuNZg2zHdfCxxflXesvHlVJYlTaRnh
NnEWk8ce1yHvS7e4OuJN1vEZ642ycz93fQodGD3rUx+mU++1XkFqzn5qsmdjicH6
NUJapzjrkO+2X53tFaNoon7lFBdsllkEGc4u2Qkz/roWvaycI5uRGKjpQHPbPC3g
tzN9digAa3OHkpJQTrnpaVjDBMblDSQeyvhizDDP0l15NRhyNPyDRF8B1wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBcXJoi8PdB8A+r/syEvH8oaNmCZMB8GA1UdIwQY
MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt
YmNjZDMyYWY5N2ZlLzEvRnhjbWlMdzkwSHdENnYteklTOGZ5aG8yWUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl
LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUV0AwQA
uUV2AwQAwiMBAwQAwiMFAwQBwiMIMA0GCSqGSIb3DQEBCwUAA4IBAQBuxMbJRVhH
KtUJOCUzJ9QnziXZIWeFYA5PLShyWoYuK7nPZiDKRbPyUeDs8vMDzreK8Ywg+S9c
FebWpScExIUa3L+xW6Uu0iAh7kY4WdAUdQWH2IryE7HfY8k+aOk8aAscXk8DAMse
MKpCbwB0/te1MPhdPQourpMANxxgH8/zkixEPzoXJHnJipFMMVV28mvaOGmt4+l6
SMGgp/byquRAFK8m7l2e3I2/IZrdg8czY/AbXv7P/pTZErYyfjp2t+zxWNumlPj0
P2VZJpn5ZaRnI+kjJ0btcD6tOLMQBjeIlh8mI7od6pQ1QdORkhBO209En9ipYXdf
/KTnoU1PcbkG
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:12:12 2025 by rpki-client