Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/FNknYOM-2Xofk1XbcOJNM1rObAg.roa
File: FNknYOM-2Xofk1XbcOJNM1rObAg.roa (raw, json)
Hash identifier: FASTd9f7x4x3qa5aRCBcwSFhMWBiMZ3cOy9OdE4lRwc=
Subject key identifier: 14:D9:27:60:E3:3E:D9:7A:1F:93:55:DB:70:E2:4D:33:5A:CE:6C:08
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 019420682731EB0EEFCEED7E8D149CB6BCE8
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/FNknYOM-2Xofk1XbcOJNM1rObAg.roa
Signing time: Wed 01 Jan 2025 05:48:04 +0000
ROA not before: Wed 01 Jan 2025 05:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29014
IP address blocks: 81.28.224.0/20 maxlen: 24
2a00:1c38::/32 maxlen: 48
2a00:1c39::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:27:31:eb:0e:ef:ce:ed:7e:8d:14:9c:b6:bc:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 05:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14d92760e33ed97a1f9355db70e24d335ace6c08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:62:91:f2:00:0f:10:04:95:33:ac:a4:02:24:
a0:00:59:d1:8a:d7:c9:07:3c:c8:f8:c4:46:88:41:
e2:0d:f9:b1:55:4f:d4:7d:ab:e8:3f:19:7c:16:6d:
0c:e8:88:19:26:5d:4a:99:86:cc:e3:8d:8f:31:6b:
35:6a:fb:af:bf:3b:8a:8f:f2:a9:8f:21:a9:34:4e:
8f:3f:88:83:05:dc:c2:02:8b:49:8d:5d:22:40:25:
c6:a2:8c:ba:67:56:8a:98:95:1b:76:2e:c6:31:60:
e0:c7:a6:5c:8c:8b:0d:f3:41:97:10:86:81:1e:0c:
09:e8:77:02:21:16:11:d8:af:6d:18:02:e8:4d:c5:
be:0a:9c:12:a4:55:cb:c0:50:93:36:b1:64:44:05:
3b:3e:79:5c:e2:bd:3e:43:36:93:aa:8e:8d:a2:9e:
b5:f8:4e:75:16:5c:3d:c4:6f:11:48:07:c9:ef:88:
e0:54:de:d6:c6:eb:19:77:6c:7a:c5:a7:4d:f3:27:
59:1a:4e:66:ed:50:cd:65:c4:eb:be:b7:6d:a6:c0:
bc:05:65:17:ab:f0:ed:57:35:5b:d0:70:52:3c:93:
fb:73:36:b9:94:64:36:4d:dd:87:a2:fc:2e:19:d2:
14:65:70:e9:8e:fa:7b:d2:54:c1:27:79:5c:96:48:
b7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D9:27:60:E3:3E:D9:7A:1F:93:55:DB:70:E2:4D:33:5A:CE:6C:08
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/FNknYOM-2Xofk1XbcOJNM1rObAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.28.224.0/20
IPv6:
2a00:1c38::/31
Signature Algorithm: sha256WithRSAEncryption
6c:f9:a8:71:de:88:a8:31:d7:e0:c0:07:34:65:76:64:12:ea:
ed:50:1c:f9:32:b3:64:af:98:33:19:ea:15:a2:5d:51:f2:76:
d6:dd:91:a4:60:5e:1a:5a:60:31:4f:b0:eb:85:bb:97:06:81:
21:88:3c:bb:29:3c:ab:4d:44:9a:ff:ec:be:0a:fa:f7:4f:b7:
64:74:f0:bb:1d:b9:56:83:94:69:d1:71:e5:34:62:ef:d6:7e:
b8:f1:9e:3b:9f:0c:ae:81:37:e5:da:cf:d6:38:3b:a1:d2:1e:
d3:1b:8d:1b:bc:eb:03:79:42:03:df:40:0a:3f:57:3a:c3:de:
30:15:83:1b:73:c0:fb:0a:48:53:6e:27:d9:4a:10:eb:43:3e:
4f:b0:0b:a9:09:14:4a:3a:16:c3:e1:9d:4e:f8:8b:dd:d3:a4:
f1:ec:9e:43:3b:e7:6a:bd:df:e0:fd:16:e3:77:41:d9:2b:87:
b1:e9:1f:b6:8f:d3:8c:05:00:9a:82:3b:58:74:34:a6:c7:ee:
be:2f:4d:24:e6:00:5f:db:44:ac:a6:ad:af:a0:19:b0:ae:a3:
63:6d:56:ab:54:92:af:3c:6f:c6:19:8c:8a:f1:eb:c3:27:ba:
16:24:c5:b2:7d:e5:28:16:53:26:44:53:7a:1e:0c:d3:a3:93:
46:7e:9c:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaCcx6w7vzu1+jRSctrzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIy
ZWNmOTMwHhcNMjUwMTAxMDU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQ5Mjc2MGUzM2VkOTdhMWY5MzU1ZGI3MGUyNGQzMzVhY2U2YzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWKR8gAPEASVM6ykAiSgAFnRitfJ
BzzI+MRGiEHiDfmxVU/UfavoPxl8Fm0M6IgZJl1KmYbM442PMWs1avuvvzuKj/Kp
jyGpNE6PP4iDBdzCAotJjV0iQCXGooy6Z1aKmJUbdi7GMWDgx6ZcjIsN80GXEIaB
HgwJ6HcCIRYR2K9tGALoTcW+CpwSpFXLwFCTNrFkRAU7Pnlc4r0+QzaTqo6Nop61
+E51Flw9xG8RSAfJ74jgVN7WxusZd2x6xadN8ydZGk5m7VDNZcTrvrdtpsC8BWUX
q/DtVzVb0HBSPJP7cza5lGQ2Td2HovwuGdIUZXDpjvp70lTBJ3lclki3RwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBTZJ2DjPtl6H5NV23DiTTNazmwIMB8GA1UdIwQY
MBaAFF7gBL76VT3bNVZPt3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjIt
ZTIyOGFhYjQ1MDE0LzEvRk5rbllPTS0yWG9mazFYYmNPSk5NMXJPYkFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0
LzEvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEURzgMA0E
AgACMAcDBQEqABw4MA0GCSqGSIb3DQEBCwUAA4IBAQBs+ahx3oioMdfgwAc0ZXZk
EurtUBz5MrNkr5gzGeoVol1R8nbW3ZGkYF4aWmAxT7DrhbuXBoEhiDy7KTyrTUSa
/+y+Cvr3T7dkdPC7HblWg5Rp0XHlNGLv1n648Z47nwyugTfl2s/WODuh0h7TG40b
vOsDeUID30AKP1c6w94wFYMbc8D7CkhTbifZShDrQz5PsAupCRRKOhbD4Z1O+Ivd
06Tx7J5DO+dqvd/g/Rbjd0HZK4ex6R+2j9OMBQCagjtYdDSmx+6+L00k5gBf20Ss
pq2voBmwrqNjbVarVJKvPG/GGYyK8evDJ7oWJMWyfeUoFlMmRFN6HgzTo5NGfpy7
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:26:35 2025 by rpki-client