Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/FXtqlVz9BH3ZDPEZPxmCa9TfrwA.roa
File: FXtqlVz9BH3ZDPEZPxmCa9TfrwA.roa (raw, json)
Hash identifier: 3L0nh/vsx7Y2oyXktpKwkY/6EmuWr4Okiu3hcsgEwXQ=
Subject key identifier: 15:7B:6A:95:5C:FD:04:7D:D9:0C:F1:19:3F:19:82:6B:D4:DF:AF:00
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747DC45DE5AC678EDFD10781E67300B
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/FXtqlVz9BH3ZDPEZPxmCa9TfrwA.roa
Signing time: Thu 02 Jan 2025 13:50:08 +0000
ROA not before: Thu 02 Jan 2025 13:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204914
IP address blocks: 2.56.165.0/24 maxlen: 24
77.83.242.0/24 maxlen: 24
89.190.158.0/24 maxlen: 24
185.234.75.0/24 maxlen: 24
194.56.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:dc:45:de:5a:c6:78:ed:fd:10:78:1e:67:30:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=157b6a955cfd047dd90cf1193f19826bd4dfaf00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:c2:35:ee:57:bb:15:44:4e:ab:6e:4f:f7:
59:f0:fd:58:30:3a:8f:22:47:bf:3c:d1:9e:e5:3b:
19:9f:83:cd:ea:2c:31:e4:d9:d7:cc:17:e1:44:18:
5e:f3:cd:1d:1c:34:81:c1:fa:36:27:8c:ed:a3:8e:
83:25:60:e9:94:ea:2a:4e:de:aa:a6:43:78:22:08:
fa:4a:01:85:92:57:27:6f:9e:43:5c:ca:80:15:b6:
7e:b6:f9:10:ad:cc:27:41:39:d0:25:a7:8d:38:ef:
f7:a8:07:39:c1:ec:1b:2d:f5:48:93:58:11:f2:0e:
97:cf:a2:26:b5:ce:b8:d5:ea:60:2c:d0:a1:80:20:
d1:ad:5f:4f:2e:38:6b:15:08:db:14:43:04:6c:a3:
b4:9f:8a:1f:69:80:b0:08:34:4a:e1:4f:4d:8c:27:
c3:a3:dc:2f:80:cd:0e:d3:49:30:61:ff:b8:fb:2e:
75:d5:b1:2a:b7:b4:e2:d3:3d:5a:4a:d3:b2:f5:29:
d6:23:0c:7e:c2:3b:72:d2:54:8a:c5:38:0e:ff:d5:
6b:6a:65:51:21:fa:ea:be:98:5e:81:0c:a0:26:60:
24:f1:c0:37:0f:b3:c0:30:59:7c:bb:32:ce:8b:8e:
c1:11:c4:02:36:d8:cc:1a:9d:d2:a4:44:d3:d4:bd:
a3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7B:6A:95:5C:FD:04:7D:D9:0C:F1:19:3F:19:82:6B:D4:DF:AF:00
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/FXtqlVz9BH3ZDPEZPxmCa9TfrwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.165.0/24
77.83.242.0/24
89.190.158.0/24
185.234.75.0/24
194.56.226.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ae:7c:67:b1:68:51:c4:12:00:b5:0f:fc:1d:38:8e:43:85:
bc:94:e6:fd:af:f8:0b:7d:38:e6:1d:b5:69:3a:40:2c:1e:98:
f8:57:df:29:6c:87:07:82:a0:b0:1d:ce:df:46:59:c3:3e:08:
3b:ff:d0:1e:be:47:d2:61:6c:de:4a:8b:84:97:b5:61:58:48:
fd:b2:f0:19:aa:4f:7f:38:4f:45:4b:d1:5e:15:0f:c6:f1:73:
7a:1e:44:0c:e3:9e:75:42:5d:8e:43:cd:f8:3c:84:3d:f6:a9:
66:6a:03:ae:f4:5a:39:a5:3d:98:ab:08:4f:6e:5e:8d:25:12:
2b:1d:39:55:e4:51:8b:37:6d:9c:9d:94:29:75:41:3a:1b:b4:
da:82:43:8b:36:d5:2d:c4:6a:0e:10:a6:db:ce:b7:e0:ae:6c:
f5:b6:df:95:41:58:d1:c9:23:b0:4c:a5:27:12:56:8f:33:c2:
a2:98:d6:7a:20:0d:4d:88:c5:3b:48:a3:46:9f:72:1b:df:6f:
a1:79:75:88:80:d6:5d:67:2a:81:a4:da:b2:27:97:90:65:eb:
82:0d:a2:94:5f:a7:aa:56:1d:f8:43:ef:7f:78:c0:5f:86:79:
33:6b:02:f2:59:44:51:7d:5b:cb:b5:77:11:6b:f3:41:be:b0:
c9:4b:91:e7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnR9xF3lrGeO39EHgeZzALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdiNmE5NTVjZmQwNDdkZDkwY2YxMTkzZjE5ODI2YmQ0ZGZhZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgDCNe5XuxVETqtuT/dZ8P1YMDqP
Ike/PNGe5TsZn4PN6iwx5NnXzBfhRBhe880dHDSBwfo2J4zto46DJWDplOoqTt6q
pkN4Igj6SgGFklcnb55DXMqAFbZ+tvkQrcwnQTnQJaeNOO/3qAc5wewbLfVIk1gR
8g6Xz6Imtc641epgLNChgCDRrV9PLjhrFQjbFEMEbKO0n4ofaYCwCDRK4U9NjCfD
o9wvgM0O00kwYf+4+y511bEqt7Ti0z1aStOy9SnWIwx+wjty0lSKxTgO/9VramVR
IfrqvphegQygJmAk8cA3D7PAMFl8uzLOi47BEcQCNtjMGp3SpETT1L2jmQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBV7apVc/QR92QzxGT8ZgmvU368AMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvRlh0cWxWejlCSDNaRFBFWlB4bUNhOVRmcndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjilAwQA
TVPyAwQAWb6eAwQAuepLAwQAwjjiMA0GCSqGSIb3DQEBCwUAA4IBAQBArnxnsWhR
xBIAtQ/8HTiOQ4W8lOb9r/gLfTjmHbVpOkAsHpj4V98pbIcHgqCwHc7fRlnDPgg7
/9AevkfSYWzeSouEl7VhWEj9svAZqk9/OE9FS9FeFQ/G8XN6HkQM4551Ql2OQ834
PIQ99qlmagOu9Fo5pT2YqwhPbl6NJRIrHTlV5FGLN22cnZQpdUE6G7TagkOLNtUt
xGoOEKbbzrfgrmz1tt+VQVjRySOwTKUnElaPM8KimNZ6IA1NiMU7SKNGn3Ib32+h
eXWIgNZdZyqBpNqyJ5eQZeuCDaKUX6eqVh34Q+9/eMBfhnkzawLyWURRfVvLtXcR
a/NBvrDJS5Hn
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:00:41 2025 by rpki-client