Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/Fc-IaUdYzYO5dqZAUEbmajEzC6Q.roa
File: Fc-IaUdYzYO5dqZAUEbmajEzC6Q.roa (raw, json)
Hash identifier: X8wYVxwVSi64eSBFgWeo409dfz2ei02HOXjRq1htjB0=
Subject key identifier: 15:CF:88:69:47:58:CD:83:B9:76:A6:40:50:46:E6:6A:31:33:0B:A4
Certificate issuer: /CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Certificate serial: 0195DD9DEEB497FC93BFC316B6D64126CA79
Authority key identifier: FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/Fc-IaUdYzYO5dqZAUEbmajEzC6Q.roa
Signing time: Fri 28 Mar 2025 16:37:49 +0000
ROA not before: Fri 28 Mar 2025 16:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7488
IP address blocks: 185.34.144.0/22 maxlen: 22
185.92.188.0/22 maxlen: 22
185.170.76.0/22 maxlen: 22
195.34.70.0/24 maxlen: 24
195.34.71.0/24 maxlen: 24
2a14:7a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:9d:ee:b4:97:fc:93:bf:c3:16:b6:d6:41:26:ca:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Validity
Not Before: Mar 28 16:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15cf88694758cd83b976a6405046e66a31330ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:15:e6:8d:ab:6d:fd:ef:68:84:12:71:85:e3:
2b:43:f7:98:9d:cf:e8:ea:ba:1a:b9:3f:e7:6b:8b:
fb:16:73:4c:7e:6a:c4:ef:19:fa:33:19:5c:24:a2:
86:0c:58:81:32:42:49:ad:dc:83:bc:83:cc:73:e1:
0e:01:d5:f4:64:64:b1:26:c3:61:5e:4c:a6:9a:35:
62:ec:b9:f2:c7:f7:31:30:d8:b9:09:64:ee:80:65:
8e:9b:b5:59:8c:51:eb:b6:20:b0:4f:63:ad:90:b0:
17:cf:38:4d:a2:0b:0f:d9:43:f4:7e:74:b7:ab:6b:
93:88:d8:2c:20:c5:94:46:05:24:b9:ec:f4:e9:df:
a8:a1:80:8c:0e:10:0b:0c:a7:20:d9:06:57:a4:3e:
0f:8f:08:50:4a:8b:5e:81:3e:1a:2f:e4:fb:ed:06:
21:75:0b:9a:e0:c6:bc:1e:e5:b8:9b:0a:14:a3:d4:
13:bc:b3:d2:5a:3e:07:a2:59:94:67:c8:19:09:76:
2b:b4:df:7c:bd:26:b3:15:86:26:31:36:c8:fa:61:
c9:ed:51:46:5a:2c:4d:e8:cb:5a:2f:86:82:f0:77:
1b:29:a1:ba:6f:7e:02:cb:8d:82:df:64:56:7d:fe:
5d:10:13:4a:80:4f:cf:9d:bb:07:e4:1e:80:55:5d:
6b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:CF:88:69:47:58:CD:83:B9:76:A6:40:50:46:E6:6A:31:33:0B:A4
X509v3 Authority Key Identifier:
keyid:FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/Fc-IaUdYzYO5dqZAUEbmajEzC6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.144.0/22
185.92.188.0/22
185.170.76.0/22
195.34.70.0/23
IPv6:
2a14:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
70:59:62:0c:85:d9:d5:8f:d4:ed:f6:ec:45:13:97:bb:e9:e0:
68:ad:5e:41:f6:4e:d6:d7:50:1b:39:e7:f3:c5:61:4d:1b:1b:
7e:d7:44:b2:3f:62:ce:c4:d9:0f:3a:2e:ab:20:91:fc:46:13:
14:08:dc:5a:af:2e:03:f9:59:c9:3f:05:03:a6:a1:6e:80:f8:
89:de:1e:e2:60:7a:6d:af:5f:2b:cb:9b:77:4e:e5:91:97:f7:
5c:50:b6:03:1b:57:e9:18:27:f5:b7:30:8c:85:3b:f9:af:e2:
f6:45:ea:d2:02:fa:8f:f3:c3:ff:6f:17:cd:50:5a:86:0d:59:
8f:af:00:bb:d5:3e:a6:72:12:75:a6:44:dc:b9:04:e6:e1:ce:
4c:7a:36:2f:61:94:8f:49:02:c7:fc:ee:50:70:08:1b:71:c4:
09:0b:9d:6b:cd:af:66:4a:b3:56:38:96:6d:45:76:3c:dc:80:
d8:f9:19:d6:ab:f0:62:34:eb:68:ac:ec:2f:b7:f1:f2:d0:6c:
05:1c:9a:c4:f2:38:05:7e:07:2a:29:d5:48:e4:2e:01:97:74:
bc:57:17:50:47:29:87:37:61:85:d8:2d:92:a6:ed:56:e1:59:
e9:60:29:eb:b6:58:b4:6e:cf:47:fc:63:89:d4:82:b9:67:7c:
27:95:6f:dc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZXdne60l/yTv8MWttZBJsp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNzExMDU0YTg5NDQ2YTc2ZjQ5M2NlMmMxMjdhOTQ4ZWJh
NGE4ZmYwHhcNMjUwMzI4MTYzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWNmODg2OTQ3NThjZDgzYjk3NmE2NDA1MDQ2ZTY2YTMxMzMwYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBXmjatt/e9ohBJxheMrQ/eYnc/o
6roauT/na4v7FnNMfmrE7xn6MxlcJKKGDFiBMkJJrdyDvIPMc+EOAdX0ZGSxJsNh
XkymmjVi7Lnyx/cxMNi5CWTugGWOm7VZjFHrtiCwT2OtkLAXzzhNogsP2UP0fnS3
q2uTiNgsIMWURgUkuez06d+ooYCMDhALDKcg2QZXpD4PjwhQSotegT4aL+T77QYh
dQua4Ma8HuW4mwoUo9QTvLPSWj4HolmUZ8gZCXYrtN98vSazFYYmMTbI+mHJ7VFG
WixN6MtaL4aC8HcbKaG6b34Cy42C32RWff5dEBNKgE/PnbsH5B6AVV1rRQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBXPiGlHWM2DuXamQFBG5moxMwukMB8GA1UdIwQY
MBaAFP9xEFSolEanb0k84sEnqUjrpKj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAt
NDdhYzM4OWQzMjYxLzEvRmMtSWFVZFl6WU81ZHFaQVVFYm1hakV6QzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAtNDdhYzM4OWQzMjYx
LzEvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSKQAwQC
uVy8AwQCuapMAwQBwyJGMA0EAgACMAcDBQMqFHpAMA0GCSqGSIb3DQEBCwUAA4IB
AQBwWWIMhdnVj9Tt9uxFE5e76eBorV5B9k7W11AbOefzxWFNGxt+10SyP2LOxNkP
Oi6rIJH8RhMUCNxary4D+VnJPwUDpqFugPiJ3h7iYHptr18ry5t3TuWRl/dcULYD
G1fpGCf1tzCMhTv5r+L2RerSAvqP88P/bxfNUFqGDVmPrwC71T6mchJ1pkTcuQTm
4c5MejYvYZSPSQLH/O5QcAgbccQJC51rza9mSrNWOJZtRXY83IDY+RnWq/BiNOto
rOwvt/Hy0GwFHJrE8jgFfgcqKdVI5C4Bl3S8VxdQRymHN2GF2C2Spu1W4VnpYCnr
tli0bs9H/GOJ1IK5Z3wnlW/c
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:42:43 2025 by rpki-client