Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/fcl0lA4-JuaBcJ6aLG-eMI-7qJc.roa
File: fcl0lA4-JuaBcJ6aLG-eMI-7qJc.roa (raw, json)
Hash identifier: 4RAcs8mUjmppuB5fKY0ZG3ZKoVaFH2xKdlFqdAAFVJ0=
Subject key identifier: 7D:C9:74:94:0E:3E:26:E6:81:70:9E:9A:2C:6F:9E:30:8F:BB:A8:97
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0197118540D70C64275D19E7C8534C4441DE
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/fcl0lA4-JuaBcJ6aLG-eMI-7qJc.roa
Signing time: Tue 27 May 2025 11:33:54 +0000
ROA not before: Tue 27 May 2025 11:33:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.92.218.0/24 maxlen: 24
45.134.36.0/24 maxlen: 24
45.142.105.0/24 maxlen: 24
45.151.56.0/24 maxlen: 24
45.152.162.0/23 maxlen: 23
92.118.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Jun 2025 20:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:85:40:d7:0c:64:27:5d:19:e7:c8:53:4c:44:41:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: May 27 11:33:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dc974940e3e26e681709e9a2c6f9e308fbba897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:19:70:8f:6d:ed:9d:d2:97:8a:0f:a8:13:98:
5f:6d:14:ee:7e:0d:41:15:46:3a:45:80:69:c9:0f:
bd:02:4b:93:a9:6b:14:36:4f:8f:5b:fa:b5:25:55:
0c:be:42:07:6e:18:fd:66:d5:d3:42:11:d3:4a:ce:
0f:a8:16:eb:89:05:60:5d:28:10:c9:70:69:bb:2a:
6c:ca:3a:33:65:e1:3f:22:51:62:ef:14:29:71:cd:
a3:16:f3:a4:e8:3e:32:f6:10:99:3d:bc:4d:80:4f:
5e:23:d6:19:ae:9f:8f:9e:13:8c:94:a1:10:32:32:
c0:37:9e:76:a3:5f:fa:3c:68:23:a1:78:0c:ff:0d:
89:e0:28:ff:d1:d6:f0:20:40:a2:c6:44:7a:e2:c4:
0a:be:29:5c:87:5f:6e:1b:cd:90:03:20:c8:36:aa:
49:7b:d1:c9:71:d1:42:a6:16:81:84:e6:27:db:66:
59:ef:8d:67:e1:d0:6d:fb:2d:fe:f7:ee:52:d3:54:
fc:50:58:74:ad:cf:06:b1:b4:de:24:84:1e:12:44:
d3:c3:0c:6f:2d:8c:82:27:ee:d8:af:18:a3:07:b1:
7c:ea:e0:93:b0:da:c4:3b:4e:7a:ca:f1:c4:c6:b1:
c6:34:3a:f7:0c:eb:a8:e9:59:d0:b7:b0:4e:18:9c:
66:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C9:74:94:0E:3E:26:E6:81:70:9E:9A:2C:6F:9E:30:8F:BB:A8:97
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/fcl0lA4-JuaBcJ6aLG-eMI-7qJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.218.0/24
45.134.36.0/24
45.142.105.0/24
45.151.56.0/24
45.152.162.0/23
92.118.204.0/22
Signature Algorithm: sha256WithRSAEncryption
60:fb:54:c2:e5:6f:02:d7:bf:26:e0:d0:29:4f:33:40:01:5a:
f7:51:02:25:e9:05:0d:2c:0a:4f:8b:4c:df:bc:b9:10:d2:d5:
2c:1c:48:4c:8f:4e:8b:15:57:f4:e3:6c:55:05:7d:07:95:6b:
c3:8a:a4:5e:bb:ec:62:f5:ff:8f:01:ad:db:90:be:6f:19:21:
28:50:65:c1:f1:3c:e2:1b:50:ea:0d:8e:6c:17:44:be:e6:c8:
5b:2d:5c:0f:b1:c1:25:47:b4:10:12:d2:f4:7e:79:73:8b:b0:
83:a2:75:86:49:5e:9a:86:c3:71:63:c1:e4:33:7f:81:35:64:
86:83:e2:ca:06:26:1a:e5:ff:98:a6:f5:3f:52:1c:52:40:41:
10:af:0a:df:b3:19:5e:3c:08:a2:4c:b6:7b:a2:b2:d7:dd:fd:
bd:a3:54:04:4f:6b:2b:16:77:8b:19:ac:ce:ef:c2:16:fa:2d:
17:18:e6:4e:d1:29:fd:3b:c9:db:f1:d0:46:f7:50:c6:71:94:
00:6f:ea:68:83:f4:bc:88:78:1c:f0:53:5c:ed:a0:f2:fe:3e:
5a:09:78:97:61:14:5b:d8:5b:44:ff:20:30:49:e3:c1:5e:f7:
dc:7b:38:c7:bb:ad:bf:46:08:f5:f6:d4:f7:b9:bd:76:14:b8:
77:da:59:c9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZcRhUDXDGQnXRnnyFNMREHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNTI3MTEzMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM5NzQ5NDBlM2UyNmU2ODE3MDllOWEyYzZmOWUzMDhmYmJhODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRlwj23tndKXig+oE5hfbRTufg1B
FUY6RYBpyQ+9AkuTqWsUNk+PW/q1JVUMvkIHbhj9ZtXTQhHTSs4PqBbriQVgXSgQ
yXBpuypsyjozZeE/IlFi7xQpcc2jFvOk6D4y9hCZPbxNgE9eI9YZrp+PnhOMlKEQ
MjLAN552o1/6PGgjoXgM/w2J4Cj/0dbwIECixkR64sQKvilch19uG82QAyDINqpJ
e9HJcdFCphaBhOYn22ZZ741n4dBt+y3+9+5S01T8UFh0rc8GsbTeJIQeEkTTwwxv
LYyCJ+7YrxijB7F86uCTsNrEO056yvHExrHGNDr3DOuo6VnQt7BOGJxmWwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH3JdJQOPibmgXCemixvnjCPu6iXMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvZmNsMGxBNC1KdWFCY0o2YUxHLWVNSS03cUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVzaAwQA
LYYkAwQALY5pAwQALZc4AwQBLZiiAwQCXHbMMA0GCSqGSIb3DQEBCwUAA4IBAQBg
+1TC5W8C178m4NApTzNAAVr3UQIl6QUNLApPi0zfvLkQ0tUsHEhMj06LFVf042xV
BX0HlWvDiqReu+xi9f+PAa3bkL5vGSEoUGXB8TziG1DqDY5sF0S+5shbLVwPscEl
R7QQEtL0fnlzi7CDonWGSV6ahsNxY8HkM3+BNWSGg+LKBiYa5f+YpvU/UhxSQEEQ
rwrfsxlePAiiTLZ7orLX3f29o1QET2srFneLGazO78IW+i0XGOZO0Sn9O8nb8dBG
91DGcZQAb+pog/S8iHgc8FNc7aDy/j5aCXiXYRRb2FtE/yAwSePBXvfcezjHu62/
Rgj19tT3ub12FLh32lnJ
-----END CERTIFICATE-----
Generated at Mon Jun 2 06:44:58 2025 by rpki-client