Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/FBdl7VOodLJhSXYfDoAofAIRhnA.roa
File: FBdl7VOodLJhSXYfDoAofAIRhnA.roa (raw, json)
Hash identifier: I3zrIjexf9/s3BfDjPpCzKMEPfl4E3s1P3fqPquhjIg=
Subject key identifier: 14:17:65:ED:53:A8:74:B2:61:49:76:1F:0E:80:28:7C:02:11:86:70
Certificate issuer: /CN=2ceadee58f864f472eb422b0b95497b85075a12b
Certificate serial: 019422FB2446787E2B7549CB565D26918E70
Authority key identifier: 2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/FBdl7VOodLJhSXYfDoAofAIRhnA.roa
Signing time: Wed 01 Jan 2025 17:47:51 +0000
ROA not before: Wed 01 Jan 2025 17:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200675
IP address blocks: 138.124.188.0/22 maxlen: 22
185.71.176.0/22 maxlen: 22
185.232.76.0/22 maxlen: 22
2a05:3400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:24:46:78:7e:2b:75:49:cb:56:5d:26:91:8e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ceadee58f864f472eb422b0b95497b85075a12b
Validity
Not Before: Jan 1 17:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=141765ed53a874b26149761f0e80287c02118670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:30:34:22:1b:85:2b:22:4a:5c:2b:b5:54:fc:
07:6b:90:ec:1f:08:2d:88:4c:2f:fc:4f:3b:82:37:
be:79:a7:46:c3:75:84:19:70:47:fe:6e:9f:07:4e:
7d:bd:85:2f:97:78:12:96:0c:c6:54:7c:16:66:1f:
c7:dd:13:77:c2:1d:26:8d:38:82:dd:5a:f3:9d:15:
4f:2a:0e:86:cf:8c:1d:36:4c:bf:8f:97:05:c6:06:
82:0f:5b:dd:a2:f0:ff:fa:43:ea:62:da:0c:2e:e7:
12:a4:74:39:63:e1:e9:dd:cd:3a:fa:85:0f:e4:fc:
80:f8:ca:3e:72:05:38:8f:7c:97:63:6c:31:6e:62:
2a:73:96:ca:76:15:5a:53:0c:f9:cb:74:f0:f0:f4:
2a:8c:71:3d:88:d6:b1:2a:ef:a7:15:42:36:72:1e:
33:94:9c:0f:ea:e2:a7:80:de:54:c7:36:e8:81:72:
35:5e:58:ed:12:c6:dd:3d:f8:65:1b:21:5c:78:7c:
a3:9f:56:40:9e:56:b6:cc:dd:75:bf:40:7a:03:12:
c1:1f:b3:6d:a1:a5:7c:24:f2:f7:20:44:9a:5f:d7:
fb:c4:6e:1a:e0:f0:70:f3:ce:fc:59:bd:79:04:3a:
ae:6d:29:03:3a:9a:11:52:e8:52:33:4a:c1:25:60:
c7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:17:65:ED:53:A8:74:B2:61:49:76:1F:0E:80:28:7C:02:11:86:70
X509v3 Authority Key Identifier:
keyid:2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/FBdl7VOodLJhSXYfDoAofAIRhnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.188.0/22
185.71.176.0/22
185.232.76.0/22
IPv6:
2a05:3400::/29
Signature Algorithm: sha256WithRSAEncryption
59:f2:72:9a:9e:7f:09:46:78:11:d2:b8:5c:c6:74:80:0f:4d:
06:b1:a1:d1:3b:dd:c2:48:15:8e:37:18:ba:cf:40:f5:9f:21:
68:7e:5f:e5:4b:3b:cc:12:94:e7:e7:a9:49:63:74:24:31:fe:
08:25:70:3a:0a:2f:e4:6c:52:05:c0:af:b0:53:4e:65:6c:95:
07:04:4c:0b:4a:39:87:ac:11:3f:50:f7:36:a5:95:43:8e:6f:
31:18:46:71:bb:51:0d:0b:29:ec:2b:4e:f6:3a:f9:be:c8:88:
71:12:2e:f3:eb:ec:b5:dd:d9:ed:78:1c:90:a9:b3:ad:57:85:
49:b9:e8:73:c1:0f:b4:d4:66:01:25:d4:ab:b9:bd:07:2e:2e:
41:11:98:63:5c:27:83:80:c9:f6:37:57:92:0a:75:06:89:b3:
48:87:fd:2a:7a:5b:b8:0d:5a:99:a7:4a:b5:bc:a5:a0:0d:e8:
0c:86:51:18:49:32:4b:50:0b:e5:9d:3a:5a:23:09:37:63:3c:
6a:8a:c6:e6:9b:7d:73:2d:57:b6:d8:58:51:1a:87:d9:28:77:
24:c5:13:af:3f:9f:89:9f:04:db:e1:94:88:f4:96:93:c5:b8:
0f:a9:ae:57:39:71:78:3f:e3:3a:6f:86:be:88:a0:c4:d6:32:
6f:d5:5d:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQi+yRGeH4rdUnLVl0mkY5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZWFkZWU1OGY4NjRmNDcyZWI0MjJiMGI5NTQ5N2I4NTA3
NWExMmIwHhcNMjUwMTAxMTc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDE3NjVlZDUzYTg3NGIyNjE0OTc2MWYwZTgwMjg3YzAyMTE4NjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDA0IhuFKyJKXCu1VPwHa5DsHwgt
iEwv/E87gje+eadGw3WEGXBH/m6fB059vYUvl3gSlgzGVHwWZh/H3RN3wh0mjTiC
3VrznRVPKg6Gz4wdNky/j5cFxgaCD1vdovD/+kPqYtoMLucSpHQ5Y+Hp3c06+oUP
5PyA+Mo+cgU4j3yXY2wxbmIqc5bKdhVaUwz5y3Tw8PQqjHE9iNaxKu+nFUI2ch4z
lJwP6uKngN5UxzbogXI1XljtEsbdPfhlGyFceHyjn1ZAnla2zN11v0B6AxLBH7Nt
oaV8JPL3IESaX9f7xG4a4PBw8878Wb15BDqubSkDOpoRUuhSM0rBJWDHmwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBQXZe1TqHSyYUl2Hw6AKHwCEYZwMB8GA1UdIwQY
MBaAFCzq3uWPhk9HLrQisLlUl7hQdaErMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9yZTVZLUdUMGN1dENLd3VWU1h1RkIxb1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83YzJlODQtZTZjYy00NzUxLTg4N2It
YmM3YTI0YzJlMjE5LzEvRkJkbDdWT29kTEpoU1hZZkRvQW9mQUlSaG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83YzJlODQtZTZjYy00NzUxLTg4N2ItYmM3YTI0YzJlMjE5
LzEvTE9yZTVZLUdUMGN1dENLd3VWU1h1RkIxb1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCiny8AwQC
uUewAwQCuehMMA0EAgACMAcDBQMqBTQAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ8nKa
nn8JRngR0rhcxnSAD00GsaHRO93CSBWONxi6z0D1nyFofl/lSzvMEpTn56lJY3Qk
Mf4IJXA6Ci/kbFIFwK+wU05lbJUHBEwLSjmHrBE/UPc2pZVDjm8xGEZxu1ENCyns
K072Ovm+yIhxEi7z6+y13dnteByQqbOtV4VJuehzwQ+01GYBJdSrub0HLi5BEZhj
XCeDgMn2N1eSCnUGibNIh/0qelu4DVqZp0q1vKWgDegMhlEYSTJLUAvlnTpaIwk3
Yzxqisbmm31zLVe22FhRGofZKHckxROvP5+JnwTb4ZSI9JaTxbgPqa5XOXF4P+M6
b4a+iKDE1jJv1V1t
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:31:01 2025 by rpki-client