Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Fg0P5v307E-OFkx7CrC2nGtUHaY.roa
File: Fg0P5v307E-OFkx7CrC2nGtUHaY.roa (raw, json)
Hash identifier: IwIElsB1taW4j8jNzusZvcn31KiWCMk79CNETLAW57s=
Subject key identifier: 16:0D:0F:E6:FD:F4:EC:4F:8E:16:4C:7B:0A:B0:B6:9C:6B:54:1D:A6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194FF5DC6AAA95EDEB6EE6B4B4098BCA985
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Fg0P5v307E-OFkx7CrC2nGtUHaY.roa
Signing time: Thu 13 Feb 2025 12:52:03 +0000
ROA not before: Thu 13 Feb 2025 12:52:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 45.139.123.0/24 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 14:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:5d:c6:aa:a9:5e:de:b6:ee:6b:4b:40:98:bc:a9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 13 12:52:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=160d0fe6fdf4ec4f8e164c7b0ab0b69c6b541da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:60:80:52:05:bb:d5:10:cc:47:09:75:5a:57:
fb:e1:45:04:e2:0b:61:92:a1:b9:f0:7c:77:d5:2d:
02:ae:c4:28:c8:25:99:0d:26:fc:09:3e:5c:87:c1:
c5:8b:2b:1d:04:a7:0c:77:5d:36:40:f4:76:69:4b:
d5:75:f4:ab:c1:3f:e0:99:cc:7b:d6:79:58:01:87:
66:32:84:98:5a:7c:ef:7d:74:30:fd:63:7e:29:35:
54:5b:ca:50:66:c4:67:3c:6d:85:4b:08:cb:9e:8d:
aa:44:a2:a6:75:28:48:68:48:b7:cd:77:e9:5e:78:
33:e1:7a:95:fe:62:69:33:c5:8f:c0:bb:71:f9:4b:
f7:41:d7:64:f3:bf:84:97:5b:67:c6:35:75:63:7f:
ce:4e:a6:18:50:9a:a9:a4:e1:90:27:1f:19:00:83:
d2:3e:bd:e6:8f:83:cc:d0:84:7c:4e:40:7d:4c:42:
01:8a:01:e7:72:c5:b0:fb:e6:f1:00:31:e3:a7:2b:
b0:96:b5:25:cb:4a:af:20:77:34:f2:b9:5c:e9:e5:
60:0f:9b:a3:6c:26:1a:55:0c:7d:f0:20:6e:83:6b:
1d:b8:54:ea:3c:08:35:ab:0b:04:1d:c8:c5:50:34:
40:fe:88:ae:5d:79:73:ac:bc:12:ce:48:1d:0e:ab:
3e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0D:0F:E6:FD:F4:EC:4F:8E:16:4C:7B:0A:B0:B6:9C:6B:54:1D:A6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Fg0P5v307E-OFkx7CrC2nGtUHaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.123.0/24
91.92.67.0/24
94.156.152.0/24
193.47.62.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:fb:72:ad:8f:b1:46:0b:e5:89:0f:7d:81:9b:07:f3:f9:2e:
6e:68:30:b0:cc:b6:a0:70:58:c4:cf:e2:56:f0:cb:66:de:31:
16:9d:68:e1:12:b7:36:64:dc:22:ca:48:52:bf:d4:89:43:41:
4f:92:c3:09:95:e0:e8:2f:ed:92:2d:b3:0b:a9:ae:90:2f:54:
ff:c9:be:1f:b6:5e:84:e5:41:5e:2f:d1:e4:30:da:f5:1c:1a:
68:e7:86:8e:f8:22:86:96:bc:3b:a8:e3:f7:b5:1f:67:7d:28:
e9:4c:24:5f:a4:66:af:65:90:29:1f:75:36:dc:52:45:c3:7c:
e9:b9:19:53:ad:ad:fb:60:3b:2a:e6:a5:90:a0:13:6c:5d:7d:
98:da:6e:06:2e:15:af:fd:1d:73:b4:fa:83:45:8b:ec:20:66:
c9:31:ff:01:5a:f7:22:c1:43:b6:81:e2:51:2e:8f:15:1d:92:
2b:60:5d:67:8f:1e:95:b4:43:e1:0e:71:ad:dc:d0:39:21:ab:
56:fa:f6:08:a9:b8:c4:6a:cc:19:23:a3:a8:8f:40:65:1a:58:
7e:bb:fc:83:1e:2d:af:3d:2b:20:e9:be:69:13:56:18:9a:1b:
ce:d8:76:05:04:92:a6:e3:85:9d:bc:8d:2b:42:51:05:3e:1c:
c4:d1:4b:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZT/XcaqqV7etu5rS0CYvKmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjEzMTI1MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjBkMGZlNmZkZjRlYzRmOGUxNjRjN2IwYWIwYjY5YzZiNTQxZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mCAUgW71RDMRwl1Wlf74UUE4gth
kqG58Hx31S0CrsQoyCWZDSb8CT5ch8HFiysdBKcMd102QPR2aUvVdfSrwT/gmcx7
1nlYAYdmMoSYWnzvfXQw/WN+KTVUW8pQZsRnPG2FSwjLno2qRKKmdShIaEi3zXfp
Xngz4XqV/mJpM8WPwLtx+Uv3Qddk87+El1tnxjV1Y3/OTqYYUJqppOGQJx8ZAIPS
Pr3mj4PM0IR8TkB9TEIBigHncsWw++bxADHjpyuwlrUly0qvIHc08rlc6eVgD5uj
bCYaVQx98CBug2sduFTqPAg1qwsEHcjFUDRA/oiuXXlzrLwSzkgdDqs+UwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBYND+b99OxPjhZMewqwtpxrVB2mMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRmcwUDV2MzA3RS1PRmt4N0NyQzJuR3RVSGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYt7AwQA
W1xDAwQAXpyYAwQAwS8+MA0GCSqGSIb3DQEBCwUAA4IBAQA8+3Ktj7FGC+WJD32B
mwfz+S5uaDCwzLagcFjEz+JW8Mtm3jEWnWjhErc2ZNwiykhSv9SJQ0FPksMJleDo
L+2SLbMLqa6QL1T/yb4ftl6E5UFeL9HkMNr1HBpo54aO+CKGlrw7qOP3tR9nfSjp
TCRfpGavZZApH3U23FJFw3zpuRlTra37YDsq5qWQoBNsXX2Y2m4GLhWv/R1ztPqD
RYvsIGbJMf8BWvciwUO2geJRLo8VHZIrYF1njx6VtEPhDnGt3NA5IatW+vYIqbjE
aswZI6Ooj0BlGlh+u/yDHi2vPSsg6b5pE1YYmhvO2HYFBJKm44WdvI0rQlEFPhzE
0Utq
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:54:22 2025 by rpki-client