Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/fScTC-RTAL4AeGIUFDXeFWgxNOU.roa
File: fScTC-RTAL4AeGIUFDXeFWgxNOU.roa (raw, json)
Hash identifier: LpQDvJVc9hMoS+6x9uoQSz8d+i8pdM/6GrU1p5QPkoU=
Subject key identifier: 7D:27:13:0B:E4:53:00:BE:00:78:62:14:14:35:DE:15:68:31:34:E5
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 019426D9CAC9A99E0DD785EE959516EDF89D
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/fScTC-RTAL4AeGIUFDXeFWgxNOU.roa
Signing time: Thu 02 Jan 2025 11:49:54 +0000
ROA not before: Thu 02 Jan 2025 11:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208905
IP address blocks: 85.130.240.0/22 maxlen: 24
85.130.244.0/23 maxlen: 24
85.130.248.0/21 maxlen: 24
109.67.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 16:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ca:c9:a9:9e:0d:d7:85:ee:95:95:16:ed:f8:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 2 11:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d27130be45300be007862141435de15683134e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2e:57:37:dd:99:15:bb:bf:8e:99:e1:fd:8e:
54:b2:17:55:b8:a5:8e:11:b5:e1:85:e5:f3:2d:fb:
ad:f2:ea:e2:94:58:4e:68:ac:7a:da:38:f3:77:4b:
7b:52:e0:d1:61:8d:1a:a9:23:84:47:5d:c5:7e:1f:
86:c0:f4:e7:ed:e3:ba:11:10:70:f7:64:f6:de:46:
72:c2:bb:11:a5:6f:bc:82:e7:8d:c5:7a:13:19:c5:
8a:db:b9:18:db:8b:ab:d6:c2:d1:28:fb:49:5a:59:
0a:16:42:74:ee:e1:05:09:ae:d6:33:73:13:db:d7:
b2:64:85:81:00:1d:03:36:35:11:ea:d4:de:f2:eb:
ec:0b:24:53:a5:c2:5c:d4:09:21:3a:f5:10:87:6a:
46:0e:5f:ae:85:c8:bc:ec:61:43:02:52:d2:5f:ae:
42:fb:11:e7:76:07:4f:94:1f:25:7f:1a:51:67:0a:
24:36:b4:aa:4a:2a:7a:51:9f:1e:03:3c:7e:cb:ab:
01:e0:64:ef:0a:e8:72:fa:41:09:b9:19:4d:00:23:
df:e7:ed:f5:a1:2c:89:54:21:b1:74:9a:b4:2e:8b:
71:e4:fe:8e:b5:6a:f8:f5:e1:66:0a:53:2c:2c:5a:
d7:47:20:25:58:36:ef:61:3d:e1:f4:f7:59:95:c0:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:27:13:0B:E4:53:00:BE:00:78:62:14:14:35:DE:15:68:31:34:E5
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/fScTC-RTAL4AeGIUFDXeFWgxNOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.130.240.0-85.130.245.255
85.130.248.0/21
109.67.184.0/21
Signature Algorithm: sha256WithRSAEncryption
25:9e:2d:fe:f8:0b:7a:16:01:3c:b4:31:6c:9c:dc:f3:f9:b7:
90:d4:70:b8:cf:e3:a1:99:11:7b:12:38:88:bc:96:71:40:1b:
83:fe:fd:5e:bd:6b:6b:43:26:30:6f:2f:f9:8e:0a:f0:df:76:
0c:ff:34:f2:9d:73:d5:f8:7f:62:98:07:9c:70:f0:06:10:74:
97:79:e8:df:45:2c:e5:77:a6:80:34:16:33:98:fe:6e:e2:6b:
13:49:6e:c5:01:af:b7:bc:30:0b:eb:9d:94:5b:42:8d:6b:13:
df:97:43:d6:85:92:45:e5:65:f8:d6:80:7e:8a:56:2d:f2:96:
e0:bc:d5:ad:67:a3:2e:2d:8d:69:2f:56:30:5e:2a:2a:d8:9d:
aa:b6:a9:a4:3f:29:7f:87:74:dd:ef:bc:60:60:05:46:6b:56:
e4:18:38:ca:7c:e8:d9:a1:92:a1:f2:2d:2b:36:ca:c6:5f:07:
75:8c:16:33:84:84:41:32:2c:c9:0d:bf:fb:77:9e:56:c9:12:
b5:9a:62:dc:38:34:32:fb:d1:1a:39:ce:d4:cf:ba:7b:f5:75:
bc:ed:cc:e4:c1:2a:c6:8d:7d:77:ff:f6:16:20:05:11:8f:f6:
3e:88:ec:99:dd:d1:40:78:42:ca:fc:a2:be:64:36:a8:04:70:
42:85:ba:82
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQm2crJqZ4N14XulZUW7fidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjUwMTAyMTE0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDI3MTMwYmU0NTMwMGJlMDA3ODYyMTQxNDM1ZGUxNTY4MzEzNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS5XN92ZFbu/jpnh/Y5UshdVuKWO
EbXhheXzLfut8urilFhOaKx62jjzd0t7UuDRYY0aqSOER13Ffh+GwPTn7eO6ERBw
92T23kZywrsRpW+8gueNxXoTGcWK27kY24ur1sLRKPtJWlkKFkJ07uEFCa7WM3MT
29eyZIWBAB0DNjUR6tTe8uvsCyRTpcJc1AkhOvUQh2pGDl+uhci87GFDAlLSX65C
+xHndgdPlB8lfxpRZwokNrSqSip6UZ8eAzx+y6sB4GTvCuhy+kEJuRlNACPf5+31
oSyJVCGxdJq0Lotx5P6OtWr49eFmClMsLFrXRyAlWDbvYT3h9PdZlcAI+wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH0nEwvkUwC+AHhiFBQ13hVoMTTlMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvZlNjVEMtUlRBTDRBZUdJVUZEWGVGV2d4Tk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBARVgvAD
BAFVgvQDBANVgvgDBANtQ7gwDQYJKoZIhvcNAQELBQADggEBACWeLf74C3oWATy0
MWyc3PP5t5DUcLjP46GZEXsSOIi8lnFAG4P+/V69a2tDJjBvL/mOCvDfdgz/NPKd
c9X4f2KYB5xw8AYQdJd56N9FLOV3poA0FjOY/m7iaxNJbsUBr7e8MAvrnZRbQo1r
E9+XQ9aFkkXlZfjWgH6KVi3yluC81a1noy4tjWkvVjBeKirYnaq2qaQ/KX+HdN3v
vGBgBUZrVuQYOMp86NmhkqHyLSs2ysZfB3WMFjOEhEEyLMkNv/t3nlbJErWaYtw4
NDL70Ro5ztTPunv1dbztzOTBKsaNfXf/9hYgBRGP9j6I7Jnd0UB4Qsr8or5kNqgE
cEKFuoI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:17:27 2025 by rpki-client