Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/1-FEZQAYxKOGbZtNoqgp3TsBstBI.roa
File: 1-FEZQAYxKOGbZtNoqgp3TsBstBI.roa (raw, json)
Hash identifier: mWm1xa0GsvGR4VAPAVWmqUQ/c+wTEHDE2Bz7si4FFW8=
Subject key identifier: F8:51:19:40:06:31:28:E1:9B:66:D3:68:AA:0A:77:4E:C0:6C:B4:12
Certificate issuer: /CN=68d6604c88c2e04e6167241315b74a758ce648c3
Certificate serial: 01941F8C6E1BD4F4ED251DAB9BD7DA9CAEA7
Authority key identifier: 68:D6:60:4C:88:C2:E0:4E:61:67:24:13:15:B7:4A:75:8C:E6:48:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNZgTIjC4E5hZyQTFbdKdYzmSMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/1-FEZQAYxKOGbZtNoqgp3TsBstBI.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35362
IP address blocks: 5.83.16.0/21 maxlen: 21
37.17.240.0/22 maxlen: 22
62.84.248.0/21 maxlen: 21
95.158.0.0/18 maxlen: 18
146.0.80.0/21 maxlen: 21
185.11.28.0/22 maxlen: 22
2a07:1080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/aNZgTIjC4E5hZyQTFbdKdYzmSMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/aNZgTIjC4E5hZyQTFbdKdYzmSMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNZgTIjC4E5hZyQTFbdKdYzmSMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6e:1b:d4:f4:ed:25:1d:ab:9b:d7:da:9c:ae:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d6604c88c2e04e6167241315b74a758ce648c3
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8511940063128e19b66d368aa0a774ec06cb412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:07:9b:5a:e4:46:87:42:53:88:61:2a:46:35:
30:bd:37:30:d2:41:ca:86:a3:4f:13:e3:10:14:23:
a7:7b:17:56:8d:c2:44:05:83:35:44:32:db:93:b7:
aa:c0:57:48:b2:98:9e:fe:08:54:a8:18:39:74:fc:
36:cb:91:5f:58:29:86:c0:9b:82:01:d9:5b:15:fc:
67:2a:37:3c:2a:4a:b9:83:84:0f:b9:a5:0a:0e:7c:
1d:f0:d4:a5:31:20:00:82:c5:7b:e9:53:02:99:fa:
80:4d:f7:42:8a:e9:e7:77:d8:6b:e8:01:4f:7f:83:
7c:81:f5:f4:63:c6:d0:e5:82:95:87:1a:b1:db:bb:
de:5c:30:73:45:ca:b6:d4:c6:f1:9d:77:52:9a:0d:
41:61:9a:4d:eb:bd:1d:0b:ca:37:32:5e:b8:04:e3:
37:26:36:c6:52:41:ee:32:9b:8d:98:f7:b0:b7:e0:
aa:93:f9:27:4a:a2:58:15:31:8b:84:5e:09:d9:c7:
e5:b1:74:2c:dc:8d:df:80:5f:83:00:24:83:b1:85:
d7:a6:78:0c:0f:3c:e1:a7:05:de:28:69:65:f8:7c:
81:14:2e:37:73:f1:47:65:06:e9:02:15:78:40:43:
db:75:bc:de:60:1c:55:18:f3:94:87:48:4a:77:e6:
3f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:51:19:40:06:31:28:E1:9B:66:D3:68:AA:0A:77:4E:C0:6C:B4:12
X509v3 Authority Key Identifier:
keyid:68:D6:60:4C:88:C2:E0:4E:61:67:24:13:15:B7:4A:75:8C:E6:48:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNZgTIjC4E5hZyQTFbdKdYzmSMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/1-FEZQAYxKOGbZtNoqgp3TsBstBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/006225-9bff-4583-8a15-7cc2945f2ca6/1/aNZgTIjC4E5hZyQTFbdKdYzmSMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.16.0/21
37.17.240.0/22
62.84.248.0/21
95.158.0.0/18
146.0.80.0/21
185.11.28.0/22
IPv6:
2a07:1080::/29
Signature Algorithm: sha256WithRSAEncryption
14:50:3b:4b:e9:7a:10:61:05:24:9e:d8:02:c8:7e:ed:21:db:
2c:40:2c:31:30:d7:e1:79:02:b1:9c:84:2a:b2:e2:b8:f9:e0:
93:eb:d8:de:91:75:08:7f:f0:27:bb:24:97:fb:eb:aa:41:af:
b0:60:b9:53:d5:89:6d:ac:8e:32:b0:a1:4d:3e:bf:06:c3:20:
77:0d:16:f5:73:f3:bb:64:6d:eb:7f:32:90:18:aa:ce:e1:53:
fd:68:52:fc:5a:89:48:c4:c8:2b:0b:9e:d1:27:9d:de:9c:a3:
89:ec:12:a4:fa:29:94:26:f6:b8:4f:2b:11:7e:19:21:d2:67:
b7:7b:c4:80:bf:94:c0:20:2c:d6:81:3a:d9:be:ac:32:98:ed:
93:c6:a7:45:13:43:33:c2:15:02:16:ae:9e:23:30:46:b4:d1:
29:6f:b1:84:39:69:24:8f:e9:bf:a0:19:b2:d2:e6:bb:95:a5:
28:b3:7c:7c:d6:c4:a9:5e:b3:ac:75:3f:5f:ce:f4:ad:2f:34:
4d:b0:a7:35:23:4e:53:30:b2:46:31:36:e0:10:42:fe:69:c1:
3a:f1:47:0a:78:10:75:e0:23:b7:9c:fd:17:71:cb:d7:8e:e6:
53:d8:69:c2:c5:83:9d:fd:26:63:80:69:96:6b:b3:22:5b:99:
c3:45:7b:9d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQfjG4b1PTtJR2rm9fanK6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDY2MDRjODhjMmUwNGU2MTY3MjQxMzE1Yjc0YTc1OGNl
NjQ4YzMwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODUxMTk0MDA2MzEyOGUxOWI2NmQzNjhhYTBhNzc0ZWMwNmNiNDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgebWuRGh0JTiGEqRjUwvTcw0kHK
hqNPE+MQFCOnexdWjcJEBYM1RDLbk7eqwFdIspie/ghUqBg5dPw2y5FfWCmGwJuC
AdlbFfxnKjc8Kkq5g4QPuaUKDnwd8NSlMSAAgsV76VMCmfqATfdCiunnd9hr6AFP
f4N8gfX0Y8bQ5YKVhxqx27veXDBzRcq21MbxnXdSmg1BYZpN670dC8o3Ml64BOM3
JjbGUkHuMpuNmPewt+Cqk/knSqJYFTGLhF4J2cflsXQs3I3fgF+DACSDsYXXpngM
DzzhpwXeKGll+HyBFC43c/FHZQbpAhV4QEPbdbzeYBxVGPOUh0hKd+Y/GQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPhRGUAGMSjhm2bTaKoKd07AbLQSMB8GA1UdIwQY
MBaAFGjWYEyIwuBOYWckExW3SnWM5kjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5aZ1RJakM0RTVoWnlRVEZiZEtkWXptU01NLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8wMDYyMjUtOWJmZi00NTgzLThhMTUt
N2NjMjk0NWYyY2E2LzEvMS1GRVpRQVl4S09HYlp0Tm9xZ3AzVHNCc3RCSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTQvMDA2MjI1LTliZmYtNDU4My04YTE1LTdjYzI5NDVmMmNh
Ni8xL2FOWmdUSWpDNEU1aFp5UVRGYmRLZFl6bVNNTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAwVTEAME
AiUR8AMEAz5U+AMEBl+eAAMEA5IAUAMEArkLHDANBAIAAjAHAwUDKgcQgDANBgkq
hkiG9w0BAQsFAAOCAQEAFFA7S+l6EGEFJJ7YAsh+7SHbLEAsMTDX4XkCsZyEKrLi
uPngk+vY3pF1CH/wJ7skl/vrqkGvsGC5U9WJbayOMrChTT6/BsMgdw0W9XPzu2Rt
638ykBiqzuFT/WhS/FqJSMTIKwue0Sed3pyjiewSpPoplCb2uE8rEX4ZIdJnt3vE
gL+UwCAs1oE62b6sMpjtk8anRRNDM8IVAhauniMwRrTRKW+xhDlpJI/pv6AZstLm
u5WlKLN8fNbEqV6zrHU/X870rS80TbCnNSNOUzCyRjE24BBC/mnBOvFHCngQdeAj
t5z9F3HL147mU9hpwsWDnf0mY4BplmuzIluZw0V7nQ==
-----END CERTIFICATE-----
Generated at Mon Mar 10 00:49:21 2025 by rpki-client