Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-FNV42eC2YCZKQVCZ_thO8lcbQ8.roa
File: 1-FNV42eC2YCZKQVCZ_thO8lcbQ8.roa (raw, json)
Hash identifier: YeKeT2Ne1XCKEs4Yu+zZqAi1fuKxPoSBggfEq+nFg3I=
Subject key identifier: F8:53:55:E3:67:82:D9:80:99:29:05:42:67:FB:61:3B:C9:5C:6D:0F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194B59FA7A3646028987F3C406BE3C1B4B3
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-FNV42eC2YCZKQVCZ_thO8lcbQ8.roa
Signing time: Thu 30 Jan 2025 05:12:06 +0000
ROA not before: Thu 30 Jan 2025 05:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48314
IP address blocks: 5.175.233.0/24 maxlen: 24
77.90.0.0/24 maxlen: 24
77.90.2.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
77.90.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b5:9f:a7:a3:64:60:28:98:7f:3c:40:6b:e3:c1:b4:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 30 05:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f85355e36782d9809929054267fb613bc95c6d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:72:00:78:3e:e6:7a:96:5b:f6:17:68:41:76:
46:4d:8d:58:89:6c:e0:56:06:e7:63:61:c0:17:64:
58:8f:52:0c:aa:4d:23:c6:93:82:12:7b:0d:2b:95:
9c:90:25:13:05:53:f8:f5:bd:74:f5:17:8a:91:dc:
e4:b2:6e:33:d9:70:ef:97:3e:37:14:fa:35:42:c5:
f5:5b:69:e7:31:f0:f5:6a:8e:05:05:78:2d:f2:9e:
53:78:a0:b6:58:66:59:18:a0:cc:f5:68:6f:e6:0f:
75:39:a7:77:c7:67:14:a0:f1:2b:31:fe:89:2b:35:
e9:56:49:8d:a7:fa:06:a2:d4:4b:f9:11:2f:c5:e8:
eb:23:bc:dd:d8:36:eb:09:5b:72:24:b1:fb:a7:fe:
42:08:5a:22:16:3a:f5:41:2c:70:04:c6:36:79:7e:
9c:59:9d:73:02:01:92:34:3d:7d:34:ca:b9:f2:ab:
38:c4:43:5e:9a:7b:f6:fc:4e:01:22:6e:08:50:af:
8b:fc:ee:16:da:57:72:b2:70:ec:23:6f:a6:f9:ca:
7e:82:60:1f:74:85:3f:bb:ad:82:73:9c:a7:2d:9d:
16:82:f1:f4:ad:12:ca:ce:14:9d:d6:e5:cf:4a:5b:
a1:a6:ae:35:0a:7f:39:59:da:71:8f:dd:2a:fe:30:
80:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:53:55:E3:67:82:D9:80:99:29:05:42:67:FB:61:3B:C9:5C:6D:0F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-FNV42eC2YCZKQVCZ_thO8lcbQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.233.0/24
77.90.0.0/24
77.90.2.0/24
77.90.8.0/24
77.90.13.0/24
77.90.51.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:e2:45:86:4b:af:46:1d:87:26:a8:c1:0f:cf:02:21:2f:85:
2f:00:ab:18:3c:6d:06:de:4f:ce:08:f2:50:c2:ac:ac:7e:d9:
de:6d:cd:aa:6c:4b:c0:da:d1:ed:a1:1a:b7:b8:bd:07:02:08:
f6:76:82:9b:9b:30:86:2d:7f:80:79:0e:ea:e9:20:46:c8:ce:
e7:13:e5:78:e7:91:82:a3:fb:f4:d2:35:28:05:e0:2f:58:74:
f2:bb:46:02:8d:76:4e:2d:3b:f0:0e:72:5d:4d:ed:17:71:94:
ce:39:7e:3b:be:e5:18:40:d9:05:6e:fd:b5:f0:62:ce:cc:a2:
79:a7:b1:db:e5:61:2d:d6:cf:f7:34:3b:23:33:93:da:c2:3a:
7c:31:b5:4d:2a:c6:af:8b:37:e7:95:31:90:6a:12:ae:95:1d:
40:98:15:b3:20:16:d1:a2:f0:11:ee:07:88:00:ae:86:12:b1:
bf:a6:ed:7a:ed:c8:60:ca:66:78:af:31:7c:7d:40:76:80:f2:
fe:1e:50:74:b4:87:f1:80:d5:db:21:22:db:0d:13:64:bb:0e:
12:6d:39:76:42:aa:c1:19:8d:88:67:b0:6c:50:a3:e1:de:47:
a5:58:cc:1d:4c:26:11:7b:af:d7:d0:17:13:6c:69:40:67:a5:
00:8e:49:bf
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZS1n6ejZGAomH88QGvjwbSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTMwMDUxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODUzNTVlMzY3ODJkOTgwOTkyOTA1NDI2N2ZiNjEzYmM5NWM2ZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnIAeD7mepZb9hdoQXZGTY1YiWzg
VgbnY2HAF2RYj1IMqk0jxpOCEnsNK5WckCUTBVP49b109ReKkdzksm4z2XDvlz43
FPo1QsX1W2nnMfD1ao4FBXgt8p5TeKC2WGZZGKDM9Whv5g91Oad3x2cUoPErMf6J
KzXpVkmNp/oGotRL+REvxejrI7zd2DbrCVtyJLH7p/5CCFoiFjr1QSxwBMY2eX6c
WZ1zAgGSND19NMq58qs4xENemnv2/E4BIm4IUK+L/O4W2ldysnDsI2+m+cp+gmAf
dIU/u62Cc5ynLZ0WgvH0rRLKzhSd1uXPSluhpq41Cn85Wdpxj90q/jCAvQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPhTVeNngtmAmSkFQmf7YTvJXG0PMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMS1GTlY0MmVDMllDWktRVkNaX3RoTzhsY2JROC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTAvOTY1ODM3LTUyY2ItNDZiNC1hZWRiLWUxYmQ4OGQzZmQw
Ny8xL1BtQ1hhWWFHNFZWZlVmYklnN3hhV0ZTYkkySS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAAWv6QME
AE1aAAMEAE1aAgMEAE1aCAMEAE1aDQMEAE1aMzANBgkqhkiG9w0BAQsFAAOCAQEA
PuJFhkuvRh2HJqjBD88CIS+FLwCrGDxtBt5PzgjyUMKsrH7Z3m3NqmxLwNrR7aEa
t7i9BwII9naCm5swhi1/gHkO6ukgRsjO5xPleOeRgqP79NI1KAXgL1h08rtGAo12
Ti078A5yXU3tF3GUzjl+O77lGEDZBW79tfBizsyieaex2+VhLdbP9zQ7IzOT2sI6
fDG1TSrGr4s355UxkGoSrpUdQJgVsyAW0aLwEe4HiACuhhKxv6bteu3IYMpmeK8x
fH1AdoDy/h5QdLSH8YDV2yEi2w0TZLsOEm05dkKqwRmNiGewbFCj4d5HpVjMHUwm
EXuv19AXE2xpQGelAI5Jvw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:01:10 2025 by rpki-client