Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/FM5BR3fy8jLa_aS_duxaLPD1zS0.roa
File: FM5BR3fy8jLa_aS_duxaLPD1zS0.roa (raw, json)
Hash identifier: E3RNJGjOtbojon2Sppjcze5zlMUeT+F/SdNiHT4AD/A=
Subject key identifier: 14:CE:41:47:77:F2:F2:32:DA:FD:A4:BF:76:EC:5A:2C:F0:F5:CD:2D
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 0194B745B6F54DA7F1A78C61DB6249BF312F
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/FM5BR3fy8jLa_aS_duxaLPD1zS0.roa
Signing time: Thu 30 Jan 2025 12:53:06 +0000
ROA not before: Thu 30 Jan 2025 12:53:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56630
IP address blocks: 94.241.128.0/22 maxlen: 24
94.241.184.0/22 maxlen: 24
178.253.8.0/22 maxlen: 24
178.253.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:45:b6:f5:4d:a7:f1:a7:8c:61:db:62:49:bf:31:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Jan 30 12:53:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14ce414777f2f232dafda4bf76ec5a2cf0f5cd2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:14:61:5c:b7:4a:ce:86:93:d2:c5:38:cd:ea:
10:f5:28:a2:0e:c3:a4:df:3d:39:9e:ef:ab:9f:c3:
5b:71:af:79:7b:dc:60:17:df:2a:11:45:59:f8:4c:
5f:1a:0b:46:bd:97:ea:2a:98:25:9c:64:be:8f:51:
c3:ee:73:8d:50:44:80:82:ca:b1:ad:4e:16:87:3c:
6a:fb:a4:88:1d:0c:da:75:79:84:c9:9f:a0:c1:fc:
70:89:6c:31:83:60:62:58:fc:c6:67:fc:41:be:55:
d3:bb:70:e0:76:b0:3a:98:8f:90:fc:00:3e:82:b5:
39:76:f9:42:fa:9b:70:63:04:55:ee:92:85:be:86:
a5:0d:d3:01:ae:64:a2:43:3b:14:e0:89:9c:82:e7:
90:f2:28:91:75:27:01:a0:2a:c4:d5:e4:e4:7e:1e:
24:38:5e:9f:4d:25:eb:47:80:02:fd:33:8c:8f:bd:
4c:48:32:3d:17:2f:b5:c6:af:46:32:57:1b:68:c3:
d6:18:a3:1a:3b:bd:10:fd:4f:97:3e:33:8e:60:06:
0e:d4:cb:d6:7e:48:e8:2c:76:55:ce:05:c2:44:8b:
69:0f:79:03:26:f7:60:eb:13:c0:a4:0d:8f:ce:31:
fa:c1:cf:16:a2:05:9a:3e:2f:6a:35:0b:16:fe:8d:
e2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:CE:41:47:77:F2:F2:32:DA:FD:A4:BF:76:EC:5A:2C:F0:F5:CD:2D
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/FM5BR3fy8jLa_aS_duxaLPD1zS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.241.128.0/22
94.241.184.0/22
178.253.8.0/22
178.253.48.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:34:0a:a2:9d:a2:27:ba:7a:5c:dc:a6:a5:35:67:07:85:ab:
69:86:e2:a3:55:bc:f5:54:5a:16:c7:38:5d:cc:0c:59:7f:b0:
67:b1:9f:71:16:f6:75:02:46:39:05:33:80:d0:05:06:bc:79:
0d:73:9a:19:d7:cb:4d:23:dd:db:9c:a5:c1:63:fd:0f:06:f9:
fd:e2:02:27:3a:33:19:be:d1:da:0c:57:2a:4e:6c:b8:45:e0:
a9:3c:ef:d5:55:1c:b7:fc:82:4d:12:d0:9b:5b:e4:68:cf:31:
32:ab:49:9b:c3:67:76:b1:b5:85:4f:34:48:86:cb:68:24:de:
f1:26:03:f5:13:4c:c0:6a:c9:77:ee:0e:3c:88:95:a4:84:10:
b0:3d:f9:f8:b4:d6:cc:d1:ec:ec:94:13:33:b7:ca:40:90:e3:
cf:2c:12:49:93:a0:05:08:94:b2:db:c6:60:54:0c:d7:9f:d6:
3e:d0:16:cb:73:fa:91:4c:7d:0e:f7:d0:ac:b4:11:1f:66:5d:
c2:99:66:3b:11:eb:10:a7:88:b3:76:52:5d:aa:92:5f:5b:e5:
61:b5:51:3a:5f:35:20:2d:61:da:53:32:6b:31:36:f2:18:12:
54:6b:e5:bd:bd:12:ca:30:e9:65:2f:a9:e4:35:6f:f3:25:8b:
87:1f:50:37
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZS3Rbb1Tafxp4xh22JJvzEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjUwMTMwMTI1MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGNlNDE0Nzc3ZjJmMjMyZGFmZGE0YmY3NmVjNWEyY2YwZjVjZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhRhXLdKzoaT0sU4zeoQ9SiiDsOk
3z05nu+rn8Nbca95e9xgF98qEUVZ+ExfGgtGvZfqKpglnGS+j1HD7nONUESAgsqx
rU4Whzxq+6SIHQzadXmEyZ+gwfxwiWwxg2BiWPzGZ/xBvlXTu3DgdrA6mI+Q/AA+
grU5dvlC+ptwYwRV7pKFvoalDdMBrmSiQzsU4ImcgueQ8iiRdScBoCrE1eTkfh4k
OF6fTSXrR4AC/TOMj71MSDI9Fy+1xq9GMlcbaMPWGKMaO70Q/U+XPjOOYAYO1MvW
fkjoLHZVzgXCRItpD3kDJvdg6xPApA2PzjH6wc8WogWaPi9qNQsW/o3iVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBTOQUd38vIy2v2kv3bsWizw9c0tMB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEvRk01QlIzZnk4akxhX2FTX2R1eGFMUEQxelMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCXvGAAwQC
XvG4AwQCsv0IAwQCsv0wMA0GCSqGSIb3DQEBCwUAA4IBAQB/NAqinaInunpc3Kal
NWcHhatphuKjVbz1VFoWxzhdzAxZf7BnsZ9xFvZ1AkY5BTOA0AUGvHkNc5oZ18tN
I93bnKXBY/0PBvn94gInOjMZvtHaDFcqTmy4ReCpPO/VVRy3/IJNEtCbW+RozzEy
q0mbw2d2sbWFTzRIhstoJN7xJgP1E0zAasl37g48iJWkhBCwPfn4tNbM0ezslBMz
t8pAkOPPLBJJk6AFCJSy28ZgVAzXn9Y+0BbLc/qRTH0O99CstBEfZl3CmWY7EesQ
p4izdlJdqpJfW+VhtVE6XzUgLWHaUzJrMTbyGBJUa+W9vRLKMOllL6nkNW/zJYuH
H1A3
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:09:21 2025 by rpki-client