Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/FGboOzE5w8Avx6zvXiGJurlcXzU.roa
File: FGboOzE5w8Avx6zvXiGJurlcXzU.roa (raw, json)
Hash identifier: ME54k9XxSNDAp5P0H67LsrOuZ6Ebe7/DSYtgtZypMoY=
Subject key identifier: 14:66:E8:3B:31:39:C3:C0:2F:C7:AC:EF:5E:21:89:BA:B9:5C:5F:35
Certificate issuer: /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial: 019424B3961CCEF4353386A8FF3BC9B04371
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/FGboOzE5w8Avx6zvXiGJurlcXzU.roa
Signing time: Thu 02 Jan 2025 01:48:56 +0000
ROA not before: Thu 02 Jan 2025 01:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199524
IP address blocks: 91.188.250.0/24 maxlen: 24
91.188.251.0/24 maxlen: 24
91.202.245.0/24 maxlen: 24
91.202.246.0/23 maxlen: 23
185.109.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:96:1c:ce:f4:35:33:86:a8:ff:3b:c9:b0:43:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Validity
Not Before: Jan 2 01:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1466e83b3139c3c02fc7acef5e2189bab95c5f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:42:6a:9d:82:66:86:7d:bb:c4:74:7e:2c:97:
76:9d:b7:f6:6e:96:eb:fe:32:c9:5c:fa:d3:3b:db:
0c:cb:3d:3d:d4:45:8b:d8:ee:29:c0:de:50:e3:ad:
e0:36:8c:55:5b:ac:b8:95:fd:85:07:4e:31:21:bc:
94:88:08:27:74:4b:98:cd:0b:ac:20:61:84:91:c0:
de:b0:8c:c1:09:ed:b6:a7:20:ee:0e:6c:7c:81:84:
11:68:31:7c:5d:23:5a:f5:8e:de:9d:85:84:50:3f:
03:e1:cc:ea:0b:b8:c9:5f:2b:6f:05:01:c4:0b:f9:
78:d3:34:c1:06:8a:1f:18:78:70:88:4c:f0:c3:6d:
54:ee:09:35:5b:9f:45:2d:bc:e0:fe:b5:ce:1d:c2:
65:34:a4:d1:e7:07:af:a8:a3:60:d7:d2:b6:ce:32:
b3:26:3b:c5:0d:39:42:d9:8b:77:c4:6c:b6:23:fd:
e2:3c:fe:6b:0c:ce:5e:31:fa:ed:c2:8e:4a:5c:c8:
36:70:ef:05:88:33:77:15:28:23:d3:4d:1d:3a:08:
d9:21:69:66:73:dc:e0:83:b4:1b:7a:c4:bd:e1:d8:
c7:93:6c:69:d3:ac:38:c7:4b:3b:64:27:4e:6b:8b:
56:3c:f1:b7:e1:3d:d9:50:37:c7:b7:63:96:b4:3c:
e0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:66:E8:3B:31:39:C3:C0:2F:C7:AC:EF:5E:21:89:BA:B9:5C:5F:35
X509v3 Authority Key Identifier:
keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/FGboOzE5w8Avx6zvXiGJurlcXzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.250.0/23
91.202.245.0-91.202.247.255
185.109.31.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:1b:96:5a:9e:dc:d0:b1:02:0f:50:9e:e8:a3:89:dd:a5:e8:
d6:6a:b6:92:60:43:a6:a4:98:d5:76:a1:b7:9d:46:7c:35:c3:
a7:c6:69:2d:5b:c6:ee:0f:f2:89:ef:33:4c:70:7a:19:43:e8:
3d:82:d4:e4:3d:8c:f4:8b:66:f8:4c:1e:97:84:e2:4c:bc:b3:
68:ff:47:1d:52:f2:04:9e:7e:fe:6a:44:6b:1b:ce:1b:5b:33:
ef:63:d2:d3:e9:f4:13:2a:ae:0a:18:37:d3:cd:ac:da:39:0e:
d5:71:9f:73:d4:7e:f3:1b:64:0c:5d:9a:84:a0:7b:7c:d4:e4:
16:68:46:8c:a7:26:7d:b8:3e:ab:c7:db:5a:64:4f:d1:28:07:
8b:02:ed:ef:4b:14:d9:3c:bf:37:5d:e2:47:21:61:6f:75:2d:
12:c2:61:f3:2a:49:81:6d:8e:fc:d6:a7:6a:ee:8e:a1:73:fe:
b0:22:ad:7b:88:97:7f:56:33:9e:ab:3a:4c:d9:d5:e0:af:17:
3d:e6:cc:14:84:0d:67:9a:a7:e5:99:c9:f2:52:9f:31:27:71:
67:90:e2:23:9d:76:87:39:6e:fd:6c:f2:6a:88:66:f5:62:cf:
99:cb:25:62:dd:85:17:f6:ba:4f:c9:4f:d2:37:67:b8:15:4b:
f8:08:14:73
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQks5YczvQ1M4ao/zvJsENxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjE0NzBkMzliZTRiYTJkZDVkZjhmYTQ3YjE2Mzk2Mjc4
ZTY3MGEwHhcNMjUwMTAyMDE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDY2ZTgzYjMxMzljM2MwMmZjN2FjZWY1ZTIxODliYWI5NWM1ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUJqnYJmhn27xHR+LJd2nbf2bpbr
/jLJXPrTO9sMyz091EWL2O4pwN5Q463gNoxVW6y4lf2FB04xIbyUiAgndEuYzQus
IGGEkcDesIzBCe22pyDuDmx8gYQRaDF8XSNa9Y7enYWEUD8D4czqC7jJXytvBQHE
C/l40zTBBoofGHhwiEzww21U7gk1W59FLbzg/rXOHcJlNKTR5wevqKNg19K2zjKz
JjvFDTlC2Yt3xGy2I/3iPP5rDM5eMfrtwo5KXMg2cO8FiDN3FSgj000dOgjZIWlm
c9zgg7QbesS94djHk2xp06w4x0s7ZCdOa4tWPPG34T3ZUDfHt2OWtDzgTwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBRm6DsxOcPAL8es714hibq5XF81MB8GA1UdIwQY
MBaAFGFhRw05vkui3V34+kexY5YnjmcKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTkt
YzI0MGJmYzljYmMxLzEvRkdib096RTV3OEF2eDZ6dlhpR0p1cmxjWHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTktYzI0MGJmYzljYmMx
LzEvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBW7z6MAwD
BABbyvUDBANbyvADBAC5bR8wDQYJKoZIhvcNAQELBQADggEBAMkbllqe3NCxAg9Q
nuijid2l6NZqtpJgQ6akmNV2obedRnw1w6fGaS1bxu4P8onvM0xwehlD6D2C1OQ9
jPSLZvhMHpeE4ky8s2j/Rx1S8gSefv5qRGsbzhtbM+9j0tPp9BMqrgoYN9PNrNo5
DtVxn3PUfvMbZAxdmoSge3zU5BZoRoynJn24PqvH21pkT9EoB4sC7e9LFNk8vzdd
4kchYW91LRLCYfMqSYFtjvzWp2rujqFz/rAirXuIl39WM56rOkzZ1eCvFz3mzBSE
DWeap+WZyfJSnzEncWeQ4iOddoc5bv1s8mqIZvViz5nLJWLdhRf2uk/JT9I3Z7gV
S/gIFHM=
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:59:37 2025 by rpki-client