Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/fN1BDsW9C5C9Bqke6ry_fePDBlM.roa
File: fN1BDsW9C5C9Bqke6ry_fePDBlM.roa (raw, json)
Hash identifier: 3fdGseWrPkjGKUusjcENuIavE0xvyg7utbXjROm1P3E=
Subject key identifier: 7C:DD:41:0E:C5:BD:0B:90:BD:06:A9:1E:EA:BC:BF:7D:E3:C3:06:53
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 0195DD6B9507A69A1D63954D1F0BFE8EB6E5
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/fN1BDsW9C5C9Bqke6ry_fePDBlM.roa
Signing time: Fri 28 Mar 2025 15:42:50 +0000
ROA not before: Fri 28 Mar 2025 15:42:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8530
IP address blocks: 5.39.176.0/21 maxlen: 21
80.87.16.0/20 maxlen: 20
87.236.128.0/21 maxlen: 21
88.151.152.0/21 maxlen: 21
89.38.120.0/21 maxlen: 21
91.143.64.0/20 maxlen: 20
93.115.176.0/20 maxlen: 20
94.142.168.0/21 maxlen: 21
185.52.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 21:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:6b:95:07:a6:9a:1d:63:95:4d:1f:0b:fe:8e:b6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 28 15:42:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cdd410ec5bd0b90bd06a91eeabcbf7de3c30653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:56:eb:f0:5d:2b:47:7d:65:12:52:24:b8:31:
42:81:03:ae:c9:a3:3f:ea:c6:84:0d:9a:ea:d4:79:
c1:65:0c:3b:ea:02:08:0a:bb:d8:f2:1d:12:77:e4:
a8:b1:91:fd:4e:27:db:1c:27:cc:a9:23:5d:d4:4d:
18:e0:1f:8c:ba:da:5e:11:f8:c4:1d:87:62:08:79:
51:3a:bf:26:db:ee:2b:3e:f6:f9:9d:f1:f7:a3:e0:
6d:7e:5c:78:be:c2:9c:41:1a:d7:92:5a:15:d4:53:
01:d2:40:dd:ab:21:3a:20:e2:9f:5c:cc:a0:88:10:
f3:99:98:c8:4b:d5:af:f8:fb:53:a2:f5:55:d2:04:
96:0d:f8:48:99:6a:15:3f:80:f4:b4:90:32:3a:2b:
0d:74:f5:96:bb:4a:4b:d7:ce:fc:e1:d3:2d:06:8f:
10:7f:4b:12:f9:29:77:3d:a6:6d:77:11:ef:2b:18:
e8:61:91:9c:f8:be:4c:0e:7f:b3:c1:bf:71:eb:e5:
5a:5f:6f:f4:bf:42:91:01:84:51:0f:e9:da:e8:3f:
b7:20:a5:62:d1:53:71:b3:6e:4f:9c:78:f5:94:99:
d5:cb:20:cd:f5:9f:84:d5:23:90:4d:5e:29:da:5a:
cf:00:dd:ac:97:c2:8e:82:dc:7b:47:de:f0:eb:fe:
b0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:DD:41:0E:C5:BD:0B:90:BD:06:A9:1E:EA:BC:BF:7D:E3:C3:06:53
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/fN1BDsW9C5C9Bqke6ry_fePDBlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.176.0/21
80.87.16.0/20
87.236.128.0/21
88.151.152.0/21
89.38.120.0/21
91.143.64.0/20
93.115.176.0/20
94.142.168.0/21
185.52.144.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:0b:ad:b1:8a:67:38:97:2c:1b:71:b1:39:7e:f5:fd:1b:56:
51:3d:8c:3d:8a:01:e2:ea:14:64:ff:dd:38:b5:99:84:47:a5:
6e:21:02:17:cf:3e:1e:01:f9:16:be:04:85:4d:f3:13:0f:30:
8c:02:9b:a6:9d:09:97:b4:05:53:78:8d:f8:54:4a:6b:74:d4:
d2:5b:cc:77:0e:b2:3f:7a:e3:72:7e:cd:21:7a:71:08:cb:2b:
63:d4:d4:7b:33:bf:ee:f2:40:87:7d:1f:2d:e2:31:43:63:c5:
36:d6:85:42:3f:9e:53:0b:04:0a:e7:cd:07:53:f7:1a:90:13:
de:fd:1a:2f:18:9b:7e:ad:c8:e3:ad:11:a3:4c:ac:3a:a2:39:
c1:e3:e4:60:32:0b:33:3f:72:0f:a8:53:63:de:ad:73:6f:4d:
30:69:eb:47:b2:1b:79:0b:af:00:e9:0e:41:f1:1f:a1:9c:bb:
bc:b8:d6:af:06:4a:c4:64:4d:4c:c6:bc:61:91:9e:a2:cb:0a:
23:60:4f:be:38:dc:23:a9:79:87:0c:e5:c5:db:84:23:f1:d6:
60:19:b6:e3:8d:65:81:1b:75:4a:de:f9:71:57:5b:40:7e:89:
17:25:1a:8b:05:b2:48:62:34:0c:ac:18:d7:95:43:51:4c:7b:
6c:c8:ee:bb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZXda5UHppodY5VNHwv+jrblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwMzI4MTU0MjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2RkNDEwZWM1YmQwYjkwYmQwNmE5MWVlYWJjYmY3ZGUzYzMwNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklbr8F0rR31lElIkuDFCgQOuyaM/
6saEDZrq1HnBZQw76gIICrvY8h0Sd+SosZH9TifbHCfMqSNd1E0Y4B+MutpeEfjE
HYdiCHlROr8m2+4rPvb5nfH3o+Btflx4vsKcQRrXkloV1FMB0kDdqyE6IOKfXMyg
iBDzmZjIS9Wv+PtTovVV0gSWDfhImWoVP4D0tJAyOisNdPWWu0pL18784dMtBo8Q
f0sS+Sl3PaZtdxHvKxjoYZGc+L5MDn+zwb9x6+VaX2/0v0KRAYRRD+na6D+3IKVi
0VNxs25PnHj1lJnVyyDN9Z+E1SOQTV4p2lrPAN2sl8KOgtx7R97w6/6wfQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHzdQQ7FvQuQvQapHuq8v33jwwZTMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvZk4xQkRzVzlDNUM5QnFrZTZyeV9mZVBEQmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDBSewAwQE
UFcQAwQDV+yAAwQDWJeYAwQDWSZ4AwQEW49AAwQEXXOwAwQDXo6oAwQCuTSQMA0G
CSqGSIb3DQEBCwUAA4IBAQCKC62ximc4lywbcbE5fvX9G1ZRPYw9igHi6hRk/904
tZmER6VuIQIXzz4eAfkWvgSFTfMTDzCMApumnQmXtAVTeI34VEprdNTSW8x3DrI/
euNyfs0henEIyytj1NR7M7/u8kCHfR8t4jFDY8U21oVCP55TCwQK580HU/cakBPe
/RovGJt+rcjjrRGjTKw6ojnB4+RgMgszP3IPqFNj3q1zb00waetHsht5C68A6Q5B
8R+hnLu8uNavBkrEZE1MxrxhkZ6iywojYE++ONwjqXmHDOXF24Qj8dZgGbbjjWWB
G3VK3vlxV1tAfokXJRqLBbJIYjQMrBjXlUNRTHtsyO67
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:11:36 2025 by rpki-client