Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/FLK4BXajTTtzozg6zwS2W0dW8TU.roa
File: FLK4BXajTTtzozg6zwS2W0dW8TU.roa (raw, json)
Hash identifier: TZ26mwHHQp1z9Q90vDXRes8PV7AQXwe9m95HyPKhgHE=
Subject key identifier: 14:B2:B8:05:76:A3:4D:3B:73:A3:38:3A:CF:04:B6:5B:47:56:F1:35
Certificate issuer: /CN=fb3646fba69045ede5ef8e5c39a2fc17f9f0d2dc
Certificate serial: 01942143830256981245005ADAF49C17B3B4
Authority key identifier: FB:36:46:FB:A6:90:45:ED:E5:EF:8E:5C:39:A2:FC:17:F9:F0:D2:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zZG-6aQRe3l745cOaL8F_nw0tw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/FLK4BXajTTtzozg6zwS2W0dW8TU.roa
Signing time: Wed 01 Jan 2025 09:47:40 +0000
ROA not before: Wed 01 Jan 2025 09:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50921
IP address blocks: 195.170.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/1-zZG-6aQRe3l745cOaL8F_nw0tw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/1-zZG-6aQRe3l745cOaL8F_nw0tw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-zZG-6aQRe3l745cOaL8F_nw0tw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:83:02:56:98:12:45:00:5a:da:f4:9c:17:b3:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb3646fba69045ede5ef8e5c39a2fc17f9f0d2dc
Validity
Not Before: Jan 1 09:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14b2b80576a34d3b73a3383acf04b65b4756f135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1c:12:1a:8b:7e:40:fa:29:10:5e:07:79:c5:
71:3f:22:88:4b:75:ec:be:4e:ac:e7:54:a7:32:8c:
54:eb:25:0e:b2:3e:5e:cd:e7:c7:dd:8a:89:c3:37:
56:d2:25:8f:14:fa:fa:42:9c:42:9a:f3:41:f1:c2:
34:4f:7f:a6:0e:7a:5f:0a:18:a1:6b:98:b4:5b:41:
35:95:89:1f:61:30:8b:82:9e:5d:fd:da:bf:68:d1:
d9:40:8b:6f:8d:83:cf:85:70:0c:26:0e:ba:3f:36:
dd:10:ee:cc:2c:3b:0c:f9:1a:c8:4e:e5:bf:16:2d:
60:a9:f9:14:b5:e7:c3:2a:5c:37:d2:03:3e:35:13:
63:35:74:09:36:70:43:54:26:81:52:97:2d:44:98:
90:e4:0b:e5:80:a2:ee:5a:6e:cc:6e:78:d3:d5:1a:
4e:35:c2:b6:eb:b2:aa:43:67:6a:ac:bb:ab:2c:63:
e5:ee:20:50:7b:bc:e7:c4:fb:0e:ee:51:04:ee:70:
1f:d4:7c:e2:bd:93:a2:49:64:ca:83:88:3a:7e:1a:
3c:81:91:0e:56:e3:87:ef:9a:39:0d:45:0a:c8:bd:
5d:b3:00:d2:aa:78:3e:da:80:1a:2d:74:cd:7d:af:
04:78:32:af:89:4a:99:21:f2:45:27:22:4b:fe:a4:
52:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B2:B8:05:76:A3:4D:3B:73:A3:38:3A:CF:04:B6:5B:47:56:F1:35
X509v3 Authority Key Identifier:
keyid:FB:36:46:FB:A6:90:45:ED:E5:EF:8E:5C:39:A2:FC:17:F9:F0:D2:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zZG-6aQRe3l745cOaL8F_nw0tw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/FLK4BXajTTtzozg6zwS2W0dW8TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/706f54-87a5-45e7-bf22-8a6b547666aa/1/1-zZG-6aQRe3l745cOaL8F_nw0tw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.170.171.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:ee:80:e4:d2:3a:f3:3c:2d:2c:24:52:0d:be:b7:8b:87:80:
54:26:80:be:c6:09:9f:7a:79:a4:e2:63:30:6a:65:e4:24:10:
81:9a:b1:bf:71:c5:5c:c4:8c:50:37:af:d2:df:fc:45:59:dd:
b0:17:53:79:ec:46:fa:36:1e:2d:81:45:9e:47:89:75:11:72:
7e:4d:02:f4:50:97:c0:ee:d9:0a:5d:0b:23:88:31:d4:1f:54:
8d:4b:43:5e:26:15:be:4d:57:9d:44:81:09:ca:2c:8a:ed:7a:
15:3e:22:b2:79:ac:78:1d:ad:9b:5e:c5:42:2c:e9:48:76:05:
02:3f:40:9d:f2:2d:04:14:42:ea:f7:b2:17:02:6d:25:77:c7:
82:60:ab:54:66:40:05:de:94:22:7a:52:57:f3:21:e7:3b:9c:
f2:8c:ba:b4:93:67:7d:c5:9b:2e:33:23:73:74:4f:2b:d1:ad:
7c:66:47:84:0c:49:b6:82:4c:82:84:e8:67:9a:0d:f1:60:bf:
53:df:74:54:93:0a:90:1b:f9:98:70:af:d9:8d:53:06:24:41:
85:86:c9:12:a3:63:94:63:bd:11:3c:6b:ce:d2:07:2e:2c:8b:
3d:cb:f3:4d:48:01:a6:5c:2d:73:03:fb:9a:ec:11:79:00:6a:
00:27:41:46
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQhQ4MCVpgSRQBa2vScF7O0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzY0NmZiYTY5MDQ1ZWRlNWVmOGU1YzM5YTJmYzE3Zjlm
MGQyZGMwHhcNMjUwMTAxMDk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGIyYjgwNTc2YTM0ZDNiNzNhMzM4M2FjZjA0YjY1YjQ3NTZmMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBwSGot+QPopEF4HecVxPyKIS3Xs
vk6s51SnMoxU6yUOsj5ezefH3YqJwzdW0iWPFPr6QpxCmvNB8cI0T3+mDnpfChih
a5i0W0E1lYkfYTCLgp5d/dq/aNHZQItvjYPPhXAMJg66PzbdEO7MLDsM+RrITuW/
Fi1gqfkUtefDKlw30gM+NRNjNXQJNnBDVCaBUpctRJiQ5AvlgKLuWm7MbnjT1RpO
NcK267KqQ2dqrLurLGPl7iBQe7znxPsO7lEE7nAf1HzivZOiSWTKg4g6fho8gZEO
VuOH75o5DUUKyL1dswDSqng+2oAaLXTNfa8EeDKviUqZIfJFJyJL/qRSHwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBSyuAV2o007c6M4Os8EtltHVvE1MB8GA1UdIwQY
MBaAFPs2RvumkEXt5e+OXDmi/Bf58NLcMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16WkctNmFRUmUzbDc0NWNPYUw4Rl9udzB0dy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvNzA2ZjU0LTg3YTUtNDVlNy1iZjIy
LThhNmI1NDc2NjZhYS8xL0ZMSzRCWGFqVFR0em96ZzZ6d1MyVzBkVzhUVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvNzA2ZjU0LTg3YTUtNDVlNy1iZjIyLThhNmI1NDc2NjZh
YS8xLzEtelpHLTZhUVJlM2w3NDVjT2FMOEZfbncwdHcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDqqsw
DQYJKoZIhvcNAQELBQADggEBAErugOTSOvM8LSwkUg2+t4uHgFQmgL7GCZ96eaTi
YzBqZeQkEIGasb9xxVzEjFA3r9Lf/EVZ3bAXU3nsRvo2Hi2BRZ5HiXURcn5NAvRQ
l8Du2QpdCyOIMdQfVI1LQ14mFb5NV51EgQnKLIrtehU+IrJ5rHgdrZtexUIs6Uh2
BQI/QJ3yLQQUQur3shcCbSV3x4Jgq1RmQAXelCJ6UlfzIec7nPKMurSTZ33Fmy4z
I3N0TyvRrXxmR4QMSbaCTIKE6GeaDfFgv1PfdFSTCpAb+Zhwr9mNUwYkQYWGyRKj
Y5RjvRE8a87SBy4siz3L801IAaZcLXMD+5rsEXkAagAnQUY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:42:31 2025 by rpki-client