Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/fEMD1Qw1-K78TFax9wsXAdNUiZc.roa
File: fEMD1Qw1-K78TFax9wsXAdNUiZc.roa (raw, json)
Hash identifier: zI5YMBWWK0MgL2oV8W3UKZtv3pFv7wUr61mj7J1xZ8I=
Subject key identifier: 7C:43:03:D5:0C:35:F8:AE:FC:4C:56:B1:F7:0B:17:01:D3:54:89:97
Certificate issuer: /CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Certificate serial: 01942826892655AD0BBC17E721F043350FCA
Authority key identifier: FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/fEMD1Qw1-K78TFax9wsXAdNUiZc.roa
Signing time: Thu 02 Jan 2025 17:53:21 +0000
ROA not before: Thu 02 Jan 2025 17:53:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 213.109.176.0/24 maxlen: 24
213.109.177.0/24 maxlen: 24
213.109.178.0/24 maxlen: 24
213.109.179.0/24 maxlen: 24
2a00:de61::/40 maxlen: 48
2a00:de61:100::/40 maxlen: 48
2a00:de61:200::/40 maxlen: 48
2a00:de61:300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:89:26:55:ad:0b:bc:17:e7:21:f0:43:35:0f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Validity
Not Before: Jan 2 17:53:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c4303d50c35f8aefc4c56b1f70b1701d3548997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:79:8b:b6:6f:a8:cc:b9:54:dc:a9:67:18:c6:
40:e1:d0:d8:5d:8d:b7:30:7e:1b:76:31:35:2c:52:
4a:a7:23:05:5c:7a:25:94:30:7c:f3:0c:d3:5e:f3:
9f:c6:79:3a:5d:11:21:34:2d:53:88:04:47:a3:4f:
7d:a3:e5:87:e0:d3:ca:36:d1:4c:af:ae:26:7c:2a:
b2:27:85:e6:1c:07:ec:c8:e2:af:ac:4f:ce:72:bb:
0b:58:4d:22:4b:41:61:d9:57:fb:31:ca:bb:ca:dd:
bf:f9:6a:02:1c:5a:0a:33:54:45:6f:af:f9:a1:aa:
8c:31:d7:c8:dc:9f:01:6c:16:1a:24:21:29:4f:ab:
b2:d4:39:eb:85:5b:f1:62:2b:41:d3:d0:1c:44:d5:
21:a8:45:a6:20:db:ae:d1:18:3b:59:f8:b9:fc:de:
74:4c:aa:f7:d9:f5:ea:41:0e:71:8f:86:9b:2b:9c:
d3:f1:65:36:a9:cd:71:be:58:bf:3d:3b:f7:d8:fc:
26:ed:57:e0:c5:36:b1:ac:88:63:60:67:75:24:e9:
ea:b3:f5:b8:c0:b3:fc:7d:88:bd:30:7c:68:18:61:
bb:51:d3:ee:fb:6e:32:73:0d:fd:d5:df:35:5a:14:
2b:9c:a5:39:3a:f2:78:9e:a4:71:83:da:a1:58:17:
e2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:43:03:D5:0C:35:F8:AE:FC:4C:56:B1:F7:0B:17:01:D3:54:89:97
X509v3 Authority Key Identifier:
keyid:FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/fEMD1Qw1-K78TFax9wsXAdNUiZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.176.0/22
IPv6:
2a00:de61::/38
Signature Algorithm: sha256WithRSAEncryption
5b:6b:ba:ea:35:f1:37:60:7d:fd:e6:44:9d:de:d7:d8:1f:d6:
05:c9:bd:5e:cc:db:a5:2b:a1:80:da:1d:0b:77:e7:93:21:ea:
b5:c2:34:63:82:30:f7:20:32:1f:79:c5:cf:2d:7e:68:f6:e6:
5a:13:f9:13:80:fa:ba:92:05:e7:84:3e:fa:8a:67:bd:60:19:
a9:da:14:7e:a4:60:2d:47:81:c6:94:a9:14:41:22:9c:8b:c1:
a0:18:1a:0c:4f:0a:67:53:db:af:46:44:08:b7:e8:4a:92:d9:
76:51:0b:8b:91:62:f3:14:76:20:21:ea:ad:61:64:5a:f2:2f:
c4:96:58:06:12:7b:40:22:fc:60:79:52:b3:77:a7:b8:4e:9e:
0a:3b:d6:20:11:5a:b4:fa:fa:a4:42:ae:b0:ef:bb:76:08:45:
e1:98:3b:f5:9c:77:3c:5a:cf:4c:a4:42:dc:37:62:3b:c7:2c:
7b:7a:79:2c:b2:48:5a:6d:2d:98:13:27:67:0f:04:2c:8d:ce:
a5:53:ed:87:0c:2e:df:87:6a:e5:a7:41:95:92:bd:c3:ec:41:
dd:ed:dc:5b:87:11:6c:31:21:fb:d9:00:fc:2b:fc:74:18:ad:
69:3f:f0:58:22:07:a8:17:17:18:a6:d5:10:e6:f3:7d:fb:8a:
04:37:c5:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJokmVa0LvBfnIfBDNQ/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNjRhMWY3Y2E0MGI1ODExNmU2YmM4MzhlMDYyZjljNzEy
MjI4YTQwHhcNMjUwMTAyMTc1MzIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzQzMDNkNTBjMzVmOGFlZmM0YzU2YjFmNzBiMTcwMWQzNTQ4OTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXmLtm+ozLlU3KlnGMZA4dDYXY23
MH4bdjE1LFJKpyMFXHollDB88wzTXvOfxnk6XREhNC1TiARHo099o+WH4NPKNtFM
r64mfCqyJ4XmHAfsyOKvrE/OcrsLWE0iS0Fh2Vf7Mcq7yt2/+WoCHFoKM1RFb6/5
oaqMMdfI3J8BbBYaJCEpT6uy1DnrhVvxYitB09AcRNUhqEWmINuu0Rg7Wfi5/N50
TKr32fXqQQ5xj4abK5zT8WU2qc1xvli/PTv32Pwm7VfgxTaxrIhjYGd1JOnqs/W4
wLP8fYi9MHxoGGG7UdPu+24ycw391d81WhQrnKU5OvJ4nqRxg9qhWBfiPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHxDA9UMNfiu/ExWsfcLFwHTVImXMB8GA1UdIwQY
MBaAFPpkoffKQLWBFua8g44GL5xxIiikMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1tU2g5OHBBdFlFVzVyeURqZ1l2bkhFaUtLUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVm
LTViODNkMGU5NjAxMi8xL2ZFTUQxUXcxLUs3OFRGYXg5d3NYQWROVWlaYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVmLTViODNkMGU5NjAx
Mi8xLzEtbVNoOThwQXRZRVc1cnlEamdZdm5IRWlLS1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBALVbbAw
DgQCAAIwCAMGAioA3mEAMA0GCSqGSIb3DQEBCwUAA4IBAQBba7rqNfE3YH395kSd
3tfYH9YFyb1ezNulK6GA2h0Ld+eTIeq1wjRjgjD3IDIfecXPLX5o9uZaE/kTgPq6
kgXnhD76ime9YBmp2hR+pGAtR4HGlKkUQSKci8GgGBoMTwpnU9uvRkQIt+hKktl2
UQuLkWLzFHYgIeqtYWRa8i/EllgGEntAIvxgeVKzd6e4Tp4KO9YgEVq0+vqkQq6w
77t2CEXhmDv1nHc8Ws9MpELcN2I7xyx7enksskhabS2YEydnDwQsjc6lU+2HDC7f
h2rlp0GVkr3D7EHd7dxbhxFsMSH72QD8K/x0GK1pP/BYIgeoFxcYptUQ5vN9+4oE
N8XJ
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:10:35 2025 by rpki-client