Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/fMjdAQm5WWjX107kmWjwWyD5LwQ.roa
File: fMjdAQm5WWjX107kmWjwWyD5LwQ.roa (raw, json)
Hash identifier: l0N+np95OzXLgeVPAbMAHAftw2B/8U/CKLsG00LUnV0=
Subject key identifier: 7C:C8:DD:01:09:B9:59:68:D7:D7:4E:E4:99:68:F0:5B:20:F9:2F:04
Certificate issuer: /CN=19bcc407bf3881e2966a548c432b3f04014699dd
Certificate serial: 019420682B1589C55ED0DD507684378AD06A
Authority key identifier: 19:BC:C4:07:BF:38:81:E2:96:6A:54:8C:43:2B:3F:04:01:46:99:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbzEB784geKWalSMQys_BAFGmd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/fMjdAQm5WWjX107kmWjwWyD5LwQ.roa
Signing time: Wed 01 Jan 2025 05:48:05 +0000
ROA not before: Wed 01 Jan 2025 05:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12926
IP address blocks: 185.113.156.0/22 maxlen: 22
213.63.0.0/17 maxlen: 17
213.63.128.0/17 maxlen: 17
213.141.0.0/19 maxlen: 19
2a00:fa00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/GbzEB784geKWalSMQys_BAFGmd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/GbzEB784geKWalSMQys_BAFGmd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/GbzEB784geKWalSMQys_BAFGmd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2b:15:89:c5:5e:d0:dd:50:76:84:37:8a:d0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19bcc407bf3881e2966a548c432b3f04014699dd
Validity
Not Before: Jan 1 05:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cc8dd0109b95968d7d74ee49968f05b20f92f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:34:7e:32:27:c1:f0:3d:24:bc:a4:f8:e9:58:
01:61:c5:a8:29:64:7b:fd:7c:03:ce:a7:ea:66:64:
ad:1d:a6:ff:97:32:92:41:ec:7c:2b:3d:97:32:9a:
50:1c:17:da:cf:98:a3:4d:5b:fa:d1:26:cc:00:fe:
b9:19:da:5b:34:9a:5a:57:f0:72:46:c0:f3:f2:fb:
ce:1a:16:ad:ef:09:b3:cc:d1:cc:bd:14:16:3d:35:
6f:3d:2f:aa:2b:c9:ca:d5:e7:40:06:50:aa:2f:4e:
c4:ac:f7:ee:10:e0:c6:75:f6:53:20:12:9f:50:58:
3c:00:e8:f4:f5:ab:ed:38:ed:22:44:5e:6e:2a:7c:
f6:66:e7:bf:6b:14:75:69:82:f2:9a:db:5d:bc:7c:
95:8b:fb:e6:0c:e6:cd:6e:76:06:b6:16:47:01:f3:
e7:f3:f6:57:8d:7e:95:01:9a:39:1e:79:4e:f1:50:
dc:29:7f:cf:28:72:28:1b:8d:d1:d5:09:8e:a7:e4:
01:56:a3:0f:1d:b1:01:bb:28:7e:fc:23:59:a8:5a:
f1:74:ed:60:69:60:5c:e4:f2:50:c3:4f:09:9e:36:
e8:81:57:5b:79:22:78:9c:90:28:f3:15:b3:3f:12:
d7:ab:4c:d3:4f:f1:74:72:79:12:d4:88:45:3c:d8:
ea:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C8:DD:01:09:B9:59:68:D7:D7:4E:E4:99:68:F0:5B:20:F9:2F:04
X509v3 Authority Key Identifier:
keyid:19:BC:C4:07:BF:38:81:E2:96:6A:54:8C:43:2B:3F:04:01:46:99:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbzEB784geKWalSMQys_BAFGmd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/fMjdAQm5WWjX107kmWjwWyD5LwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/GbzEB784geKWalSMQys_BAFGmd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.156.0/22
213.63.0.0/16
213.141.0.0/19
IPv6:
2a00:fa00::/32
Signature Algorithm: sha256WithRSAEncryption
7e:fd:9e:25:4b:da:e3:7b:d3:55:c2:e9:13:12:0d:91:69:aa:
29:d7:71:07:6b:84:c9:30:43:09:a4:b8:86:48:0f:14:44:35:
83:ad:ae:af:bf:1a:94:50:87:4a:c6:31:1b:94:44:01:98:2b:
39:b9:9c:ea:a4:e4:89:e0:f3:68:01:9b:32:a3:51:14:62:6b:
75:32:fd:9e:01:5b:29:8f:d2:e1:74:f9:cb:62:58:4c:06:64:
b1:e5:e9:77:99:53:03:06:78:cb:3a:b0:66:da:8f:9a:b6:17:
38:36:e0:14:ae:45:8b:80:cd:5c:43:57:8b:8c:60:a3:7a:80:
00:13:f9:b1:21:dd:bb:8a:9f:8a:d6:66:2b:fc:84:e5:10:57:
5c:46:ad:fe:33:c0:4d:74:a1:4d:40:a7:b9:b0:c0:d6:b7:bf:
d8:62:c5:22:b4:94:7e:0c:ad:4f:3f:98:4d:5a:87:68:c6:5e:
66:9e:63:e0:ce:bd:96:2f:60:c7:1e:38:14:84:2f:0f:ca:d6:
6c:93:02:d4:2e:b7:74:22:78:73:c3:10:7c:8a:d9:6b:36:73:
2a:2e:07:0a:00:f4:bf:5d:39:88:60:26:e6:f4:7e:5d:80:7e:
84:a0:63:ef:99:83:73:9f:af:48:1c:0f:f8:f3:7d:7e:7f:3c:
a4:9a:1a:6a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQgaCsVicVe0N1QdoQ3itBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YmNjNDA3YmYzODgxZTI5NjZhNTQ4YzQzMmIzZjA0MDE0
Njk5ZGQwHhcNMjUwMTAxMDU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M4ZGQwMTA5Yjk1OTY4ZDdkNzRlZTQ5OTY4ZjA1YjIwZjkyZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojR+MifB8D0kvKT46VgBYcWoKWR7
/XwDzqfqZmStHab/lzKSQex8Kz2XMppQHBfaz5ijTVv60SbMAP65GdpbNJpaV/By
RsDz8vvOGhat7wmzzNHMvRQWPTVvPS+qK8nK1edABlCqL07ErPfuEODGdfZTIBKf
UFg8AOj09avtOO0iRF5uKnz2Zue/axR1aYLymttdvHyVi/vmDObNbnYGthZHAfPn
8/ZXjX6VAZo5HnlO8VDcKX/PKHIoG43R1QmOp+QBVqMPHbEBuyh+/CNZqFrxdO1g
aWBc5PJQw08JnjbogVdbeSJ4nJAo8xWzPxLXq0zTT/F0cnkS1IhFPNjquQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHzI3QEJuVlo19dO5Jlo8Fsg+S8EMB8GA1UdIwQY
MBaAFBm8xAe/OIHilmpUjEMrPwQBRpndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2J6RUI3ODRnZUtXYWxTTVF5c19CQUZHbWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy80ZWNhNWUtNDM0My00NmZlLWJiYjYt
NDQ5NzdkN2FiOWNhLzEvZk1qZEFRbTVXV2pYMTA3a21XandXeUQ1THdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy80ZWNhNWUtNDM0My00NmZlLWJiYjYtNDQ5NzdkN2FiOWNh
LzEvR2J6RUI3ODRnZUtXYWxTTVF5c19CQUZHbWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCuXGcAwMA
1T8DBAXVjQAwDQQCAAIwBwMFACoA+gAwDQYJKoZIhvcNAQELBQADggEBAH79niVL
2uN701XC6RMSDZFpqinXcQdrhMkwQwmkuIZIDxRENYOtrq+/GpRQh0rGMRuURAGY
Kzm5nOqk5Ing82gBmzKjURRia3Uy/Z4BWymP0uF0+ctiWEwGZLHl6XeZUwMGeMs6
sGbaj5q2Fzg24BSuRYuAzVxDV4uMYKN6gAAT+bEh3buKn4rWZiv8hOUQV1xGrf4z
wE10oU1Ap7mwwNa3v9hixSK0lH4MrU8/mE1ah2jGXmaeY+DOvZYvYMceOBSELw/K
1myTAtQut3QieHPDEHyK2Ws2cyouBwoA9L9dOYhgJub0fl2AfoSgY++Zg3Ofr0gc
D/jzfX5/PKSaGmo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:16:02 2025 by rpki-client