Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/FyzxwbgLSadTJLpy9TRdd9F-gGk.roa
File: FyzxwbgLSadTJLpy9TRdd9F-gGk.roa (raw, json)
Hash identifier: iyPnEDozqJhAVhpqbdklx7ETcR+WTKfp9SYU0Q+jnpE=
Subject key identifier: 17:2C:F1:C1:B8:0B:49:A7:53:24:BA:72:F5:34:5D:77:D1:7E:80:69
Certificate issuer: /CN=a206dfffab1d518c132f6d56d8d4a31d9059f4bf
Certificate serial: 01941F8CA65497732F7F188B94EC0A63D7CA
Authority key identifier: A2:06:DF:FF:AB:1D:51:8C:13:2F:6D:56:D8:D4:A3:1D:90:59:F4:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogbf_6sdUYwTL21W2NSjHZBZ9L8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/FyzxwbgLSadTJLpy9TRdd9F-gGk.roa
Signing time: Wed 01 Jan 2025 01:48:18 +0000
ROA not before: Wed 01 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210363
IP address blocks: 212.46.49.0/24 maxlen: 24
2a0c:5e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/ogbf_6sdUYwTL21W2NSjHZBZ9L8.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/ogbf_6sdUYwTL21W2NSjHZBZ9L8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogbf_6sdUYwTL21W2NSjHZBZ9L8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 21:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a6:54:97:73:2f:7f:18:8b:94:ec:0a:63:d7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a206dfffab1d518c132f6d56d8d4a31d9059f4bf
Validity
Not Before: Jan 1 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=172cf1c1b80b49a75324ba72f5345d77d17e8069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b7:3a:cd:46:76:2a:5c:db:7a:64:da:e1:30:
ed:96:ef:73:c0:ab:a2:ba:98:31:22:8e:06:ae:ff:
7b:94:f1:bb:ac:e3:91:b4:cf:a8:81:86:b3:79:b5:
ea:51:69:52:ce:de:92:06:ff:ed:64:e1:02:97:12:
f0:c7:bf:4b:a9:43:b8:5f:5a:8d:5d:af:86:5e:45:
4c:35:af:1d:82:07:37:e9:03:6a:2c:2b:42:ee:b1:
01:68:2c:44:08:6a:11:0b:71:21:2f:9c:61:50:03:
e7:23:aa:e6:c5:4e:1d:a3:c4:50:0e:32:7a:47:7a:
44:7a:7f:27:1a:a8:59:37:65:11:e7:eb:ca:8d:b5:
32:10:62:aa:f0:0c:1e:46:96:6c:8d:f0:7d:03:fc:
2f:3d:b6:5c:17:1c:13:fc:46:83:71:a5:77:d9:e8:
fe:8a:3e:f5:a2:3e:62:01:56:78:c7:c6:4d:65:84:
c9:53:a2:14:94:b0:a5:83:8e:27:9e:63:a4:81:d9:
0a:56:59:4d:41:b1:16:93:d6:5a:df:64:ac:2a:e5:
f9:45:e5:f2:a8:a9:c1:b3:e4:19:30:e9:bb:8d:24:
a2:26:32:9e:82:27:1c:57:fb:08:e8:3b:12:40:e9:
30:51:58:14:12:db:12:97:b1:07:ef:49:a5:28:10:
13:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:2C:F1:C1:B8:0B:49:A7:53:24:BA:72:F5:34:5D:77:D1:7E:80:69
X509v3 Authority Key Identifier:
keyid:A2:06:DF:FF:AB:1D:51:8C:13:2F:6D:56:D8:D4:A3:1D:90:59:F4:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogbf_6sdUYwTL21W2NSjHZBZ9L8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/FyzxwbgLSadTJLpy9TRdd9F-gGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f5931e-0f84-40bd-ad0a-671a1f0af059/1/ogbf_6sdUYwTL21W2NSjHZBZ9L8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.46.49.0/24
IPv6:
2a0c:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
49:32:9b:0b:eb:c6:92:29:cd:96:74:c9:b8:ad:f4:6d:bc:c6:
eb:03:e5:45:58:9c:a4:eb:50:8d:2a:55:1f:7f:46:02:99:c6:
11:6e:db:f0:7f:88:cf:6b:a4:a5:81:1c:a0:ae:a2:95:e6:c8:
46:d9:a1:51:e8:b6:ca:17:b6:72:c4:42:d2:dd:aa:96:56:90:
e0:74:af:00:49:8f:4b:51:b9:c6:2f:06:4d:db:93:4a:cf:0c:
90:1f:03:d9:bc:ac:a0:87:13:b5:a9:ac:3d:06:36:4c:87:56:
b4:83:5c:12:11:10:c8:0e:21:21:d8:f3:ca:a9:2f:4b:47:48:
f7:f0:f3:73:f8:03:46:53:fa:5f:2c:6e:03:c5:df:d3:45:54:
b1:7e:3a:07:73:12:65:d5:18:b1:e6:c5:7e:6c:f0:86:ca:ac:
12:0f:16:2c:42:c9:ca:be:ff:54:8e:ea:1f:2b:8e:b8:84:16:
24:18:95:03:c2:24:59:2e:72:19:c0:51:4a:ad:78:10:ec:af:
b4:fb:59:51:b7:60:66:da:a4:53:c4:66:c7:e1:ed:e0:a3:6f:
fc:b0:2d:53:c1:ed:5a:6d:49:2e:ab:d6:44:94:12:4e:69:45:
d7:44:3b:ad:00:8b:fc:56:6a:7a:cd:41:23:c8:ed:58:f4:32:
52:1d:e0:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjKZUl3MvfxiLlOwKY9fKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDZkZmZmYWIxZDUxOGMxMzJmNmQ1NmQ4ZDRhMzFkOTA1
OWY0YmYwHhcNMjUwMTAxMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzJjZjFjMWI4MGI0OWE3NTMyNGJhNzJmNTM0NWQ3N2QxN2U4MDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7c6zUZ2KlzbemTa4TDtlu9zwKui
upgxIo4Grv97lPG7rOORtM+ogYazebXqUWlSzt6SBv/tZOEClxLwx79LqUO4X1qN
Xa+GXkVMNa8dggc36QNqLCtC7rEBaCxECGoRC3EhL5xhUAPnI6rmxU4do8RQDjJ6
R3pEen8nGqhZN2UR5+vKjbUyEGKq8AweRpZsjfB9A/wvPbZcFxwT/EaDcaV32ej+
ij71oj5iAVZ4x8ZNZYTJU6IUlLClg44nnmOkgdkKVllNQbEWk9Za32SsKuX5ReXy
qKnBs+QZMOm7jSSiJjKegiccV/sI6DsSQOkwUVgUEtsSl7EH70mlKBATuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBcs8cG4C0mnUyS6cvU0XXfRfoBpMB8GA1UdIwQY
MBaAFKIG3/+rHVGMEy9tVtjUox2QWfS/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2diZl82c2RVWXdUTDIxVzJOU2pIWkJaOUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNTkzMWUtMGY4NC00MGJkLWFkMGEt
NjcxYTFmMGFmMDU5LzEvRnl6eHdiZ0xTYWRUSkxweTlUUmRkOUYtZ0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNTkzMWUtMGY4NC00MGJkLWFkMGEtNjcxYTFmMGFmMDU5
LzEvb2diZl82c2RVWXdUTDIxVzJOU2pIWkJaOUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1C4xMA0E
AgACMAcDBQMqDF6AMA0GCSqGSIb3DQEBCwUAA4IBAQBJMpsL68aSKc2WdMm4rfRt
vMbrA+VFWJyk61CNKlUff0YCmcYRbtvwf4jPa6SlgRygrqKV5shG2aFR6LbKF7Zy
xELS3aqWVpDgdK8ASY9LUbnGLwZN25NKzwyQHwPZvKyghxO1qaw9BjZMh1a0g1wS
ERDIDiEh2PPKqS9LR0j38PNz+ANGU/pfLG4Dxd/TRVSxfjoHcxJl1Rix5sV+bPCG
yqwSDxYsQsnKvv9UjuofK464hBYkGJUDwiRZLnIZwFFKrXgQ7K+0+1lRt2Bm2qRT
xGbH4e3go2/8sC1Twe1abUkuq9ZElBJOaUXXRDutAIv8Vmp6zUEjyO1Y9DJSHeBc
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:43:56 2025 by rpki-client