Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/FxWebtYYlGe-nsvzX4oDF8uD6mE.roa
File: FxWebtYYlGe-nsvzX4oDF8uD6mE.roa (raw, json)
Hash identifier: k4FRn4gBtVdswS2WfZGMM+Vy5KwCdhuYYS+n70PWeoU=
Subject key identifier: 17:15:9E:6E:D6:18:94:67:BE:9E:CB:F3:5F:8A:03:17:CB:83:EA:61
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 0196FA229E2F4B8BFB43BDE8CDD05F6E1DCB
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/FxWebtYYlGe-nsvzX4oDF8uD6mE.roa
Signing time: Thu 22 May 2025 22:34:54 +0000
ROA not before: Thu 22 May 2025 22:34:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6205
IP address blocks: 104.247.188.0/24 maxlen: 24
104.247.189.0/24 maxlen: 24
104.247.191.0/24 maxlen: 24
185.73.131.0/24 maxlen: 24
2a03:a5a0:4:2::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fa:22:9e:2f:4b:8b:fb:43:bd:e8:cd:d0:5f:6e:1d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: May 22 22:34:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17159e6ed6189467be9ecbf35f8a0317cb83ea61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a5:af:fe:7a:49:9d:ef:42:a0:74:05:62:63:
ba:04:68:8e:5e:1e:02:38:6c:04:56:8a:c3:4f:2f:
1d:63:58:1f:86:18:9b:d8:99:65:f1:dc:e0:a1:d6:
89:e7:25:6a:49:98:27:94:84:a8:58:17:84:bd:3c:
ed:23:c4:c6:cc:ca:49:aa:c3:45:2d:7d:4d:06:ba:
e1:46:9b:78:c2:7a:be:ad:b3:b2:68:4c:46:0f:63:
a1:b6:51:d4:dd:90:d0:58:47:8f:b7:67:6c:9d:da:
ff:47:f3:0a:f0:b9:ad:57:58:e2:a6:41:9a:31:c7:
8d:e3:b3:8c:22:c2:62:e7:ef:37:d3:21:b0:c4:46:
f7:d0:52:1b:ba:0d:c8:39:05:99:3a:94:6c:da:c8:
7a:c6:62:33:6b:a8:a8:ed:33:dc:a9:7a:32:55:14:
60:a4:de:69:5d:5e:a1:d6:69:72:ba:65:3d:5e:be:
e6:11:1f:85:a9:a0:18:16:ff:ea:01:98:f3:3f:53:
31:dd:31:f0:c3:e4:9c:1f:91:1e:45:62:3e:76:06:
23:0f:69:6e:87:6f:b8:2d:88:53:df:c0:3d:7b:75:
b4:6c:46:37:ac:7e:f5:41:65:02:da:f7:e0:b6:d4:
05:ba:21:b8:58:82:4d:c5:62:7c:5a:a6:ab:ca:66:
66:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:15:9E:6E:D6:18:94:67:BE:9E:CB:F3:5F:8A:03:17:CB:83:EA:61
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/FxWebtYYlGe-nsvzX4oDF8uD6mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.188.0/23
104.247.191.0/24
185.73.131.0/24
IPv6:
2a03:a5a0:4:2::/64
Signature Algorithm: sha256WithRSAEncryption
6d:17:df:af:c9:90:9f:52:af:49:07:25:07:f5:14:e9:f0:e3:
dd:5f:6c:9b:00:8d:1e:02:0f:bc:c9:6e:b1:0a:fe:96:4c:98:
e9:ff:e1:98:15:1d:44:8d:73:cf:de:65:f5:f5:8d:b6:ca:78:
94:f8:37:de:d0:a6:fd:ff:00:f6:8e:fa:6e:24:58:62:c5:a2:
99:a6:23:54:06:bb:ff:ce:ff:49:66:ad:50:8e:e7:17:de:4d:
3f:34:bc:85:d1:f1:83:20:f7:a0:78:e9:5d:ff:f8:88:7f:d3:
14:01:31:50:ea:93:5a:8a:a4:44:a1:59:c0:2b:d2:09:c1:b9:
d4:5e:11:19:c8:36:2a:b3:d6:23:c5:43:ed:6a:53:84:fc:59:
68:10:b0:8a:a8:26:1a:ab:42:c5:ec:22:fc:38:72:13:13:ca:
5d:af:15:ae:b3:6c:0c:bc:80:5f:1a:e7:76:58:1f:2f:ff:dd:
14:0d:7e:e9:fb:35:59:1c:6b:2e:46:c3:0e:17:9a:98:5e:3c:
91:05:c4:20:7a:71:cb:3c:2b:ae:66:5a:bf:8f:cb:a1:c6:1f:
2d:e9:9c:bc:6f:da:58:66:09:bc:27:1d:3c:d2:1a:06:4d:d7:
49:27:f8:8d:ac:6d:fb:cc:d7:9f:44:0f:48:4c:ac:45:75:10:
1b:50:96:c2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZb6Ip4vS4v7Q73ozdBfbh3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjUwNTIyMjIzNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzE1OWU2ZWQ2MTg5NDY3YmU5ZWNiZjM1ZjhhMDMxN2NiODNlYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqWv/npJne9CoHQFYmO6BGiOXh4C
OGwEVorDTy8dY1gfhhib2Jll8dzgodaJ5yVqSZgnlISoWBeEvTztI8TGzMpJqsNF
LX1NBrrhRpt4wnq+rbOyaExGD2OhtlHU3ZDQWEePt2dsndr/R/MK8LmtV1jipkGa
MceN47OMIsJi5+830yGwxEb30FIbug3IOQWZOpRs2sh6xmIza6io7TPcqXoyVRRg
pN5pXV6h1mlyumU9Xr7mER+FqaAYFv/qAZjzP1Mx3THww+ScH5EeRWI+dgYjD2lu
h2+4LYhT38A9e3W0bEY3rH71QWUC2vfgttQFuiG4WIJNxWJ8WqarymZmMwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFBcVnm7WGJRnvp7L81+KAxfLg+phMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvRnhXZWJ0WVlsR2UtbnN2elg0b0RGOHVENm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAYBAIAATASAwQBaPe8AwQA
aPe/AwQAuUmDMBEEAgACMAsDCQAqA6WgAAQAAjANBgkqhkiG9w0BAQsFAAOCAQEA
bRffr8mQn1KvSQclB/UU6fDj3V9smwCNHgIPvMlusQr+lkyY6f/hmBUdRI1zz95l
9fWNtsp4lPg33tCm/f8A9o76biRYYsWimaYjVAa7/87/SWatUI7nF95NPzS8hdHx
gyD3oHjpXf/4iH/TFAExUOqTWoqkRKFZwCvSCcG51F4RGcg2KrPWI8VD7WpThPxZ
aBCwiqgmGqtCxewi/DhyExPKXa8VrrNsDLyAXxrndlgfL//dFA1+6fs1WRxrLkbD
DheamF48kQXEIHpxyzwrrmZav4/LocYfLemcvG/aWGYJvCcdPNIaBk3XSSf4jaxt
+8zXn0QPSEysRXUQG1CWwg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:35:29 2025 by rpki-client