Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/fiUjLhELITdpDid32o55NdTSDUs.roa
File: fiUjLhELITdpDid32o55NdTSDUs.roa (raw, json)
Hash identifier: 94ZZevlA/NkXuzZUHS2Qq6u93TDFYKoJju0eXiF70b0=
Subject key identifier: 7E:25:23:2E:11:0B:21:37:69:0E:27:77:DA:8E:79:35:D4:D2:0D:4B
Certificate issuer: /CN=b96e8b6d73f2f38548996f66621330a8d7108529
Certificate serial: 019427479DA0A63F261C94AFCF5749C05182
Authority key identifier: B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/fiUjLhELITdpDid32o55NdTSDUs.roa
Signing time: Thu 02 Jan 2025 13:49:52 +0000
ROA not before: Thu 02 Jan 2025 13:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60880
IP address blocks: 5.133.84.0/22 maxlen: 22
5.133.84.0/24 maxlen: 24
185.197.188.0/22 maxlen: 22
185.205.240.0/22 maxlen: 22
192.145.24.0/22 maxlen: 22
194.164.116.0/23 maxlen: 23
2a0a:7cc0::/29 maxlen: 29
2a0a:7cc0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 23:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9d:a0:a6:3f:26:1c:94:af:cf:57:49:c0:51:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b96e8b6d73f2f38548996f66621330a8d7108529
Validity
Not Before: Jan 2 13:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e25232e110b2137690e2777da8e7935d4d20d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:61:0b:a0:30:24:8d:e5:c1:f3:cf:ec:71:0a:
b5:e1:f8:ef:bb:fd:8a:23:88:ad:ac:bb:4c:de:f0:
a2:f9:17:93:32:66:f8:12:0c:65:66:65:bf:37:d8:
92:06:92:b2:e1:86:3f:a7:cc:92:34:d6:82:a2:1b:
61:7e:a4:c6:b4:01:00:3d:b7:6a:e5:1a:f1:e4:12:
12:2a:ca:ee:72:ab:9d:f5:c0:b4:f9:eb:98:31:bf:
03:9e:34:77:74:63:5a:1b:79:65:f2:7c:c1:7e:52:
8d:68:e2:ec:95:d7:62:3a:9e:9b:65:0f:a9:18:b0:
fe:ae:6d:01:ec:d5:14:e2:f4:cb:19:bb:cf:3f:35:
e7:f6:37:3b:67:bf:2f:1b:8f:b1:f5:3b:7c:86:7e:
1e:ba:d3:eb:03:e8:55:a8:5a:0d:2c:77:5e:95:26:
10:c3:fd:fd:c5:9f:03:73:82:51:dd:de:51:6a:1f:
ca:12:c2:80:8d:00:8f:23:fe:c1:7c:7b:21:ed:52:
48:54:60:1d:9d:4c:d8:03:48:07:df:35:44:2d:a5:
3e:a9:7a:4a:9b:cc:d7:b7:47:f4:fa:0a:56:2b:50:
69:38:35:a8:4a:16:68:cb:f8:25:d3:52:29:a8:1a:
3d:2b:26:a3:0f:36:50:bb:bf:5b:fc:e9:ce:dc:51:
ef:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:25:23:2E:11:0B:21:37:69:0E:27:77:DA:8E:79:35:D4:D2:0D:4B
X509v3 Authority Key Identifier:
keyid:B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/fiUjLhELITdpDid32o55NdTSDUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.84.0/22
185.197.188.0/22
185.205.240.0/22
192.145.24.0/22
194.164.116.0/23
IPv6:
2a0a:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
27:ff:78:c9:24:a8:11:88:8d:35:59:d0:bd:15:08:c1:d7:4d:
3c:2a:2e:9d:37:10:ba:dd:0b:71:0b:15:f9:98:d0:d4:43:86:
f7:f7:85:a1:f9:7c:e8:98:07:38:fa:75:a1:26:74:da:26:b7:
db:03:e7:61:73:04:64:ad:ac:67:f4:ab:df:c1:05:f7:52:85:
e6:b4:37:62:d1:13:78:76:7b:3b:d1:c7:6a:3e:9f:48:22:79:
67:13:a3:6e:a1:7f:21:09:08:04:80:55:4f:ad:e0:9f:5b:4c:
4e:61:79:b0:f2:f1:3c:a1:d1:17:f4:f1:a1:31:55:f8:4c:64:
48:d9:0a:f5:af:b2:36:22:be:26:37:3e:8e:53:6c:2a:d8:29:
f4:d4:d0:fa:74:a4:06:7b:cd:08:b9:9b:00:a2:27:eb:d1:b9:
7e:ac:51:60:02:f5:2f:17:ed:f0:d7:7b:da:c1:9d:ee:5b:27:
d8:44:47:79:5e:5c:b6:47:81:ce:e9:de:6a:51:a0:ef:5f:4a:
84:f2:3d:0b:71:52:83:75:58:d0:cb:fc:7f:3b:50:f8:09:d3:
dd:39:3e:e3:a9:42:9c:ba:c7:45:67:f2:db:22:47:6e:25:f2:
85:6d:9a:1f:a1:b6:2c:86:03:d4:25:00:a6:6c:10:c5:f5:17:
b1:0d:10:a7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQnR52gpj8mHJSvz1dJwFGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NmU4YjZkNzNmMmYzODU0ODk5NmY2NjYyMTMzMGE4ZDcx
MDg1MjkwHhcNMjUwMTAyMTM0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTI1MjMyZTExMGIyMTM3NjkwZTI3NzdkYThlNzkzNWQ0ZDIwZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32ELoDAkjeXB88/scQq14fjvu/2K
I4itrLtM3vCi+ReTMmb4EgxlZmW/N9iSBpKy4YY/p8ySNNaCohthfqTGtAEAPbdq
5Rrx5BISKsrucqud9cC0+euYMb8DnjR3dGNaG3ll8nzBflKNaOLslddiOp6bZQ+p
GLD+rm0B7NUU4vTLGbvPPzXn9jc7Z78vG4+x9Tt8hn4eutPrA+hVqFoNLHdelSYQ
w/39xZ8Dc4JR3d5Rah/KEsKAjQCPI/7BfHsh7VJIVGAdnUzYA0gH3zVELaU+qXpK
m8zXt0f0+gpWK1BpODWoShZoy/gl01IpqBo9KyajDzZQu79b/OnO3FHvJQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFH4lIy4RCyE3aQ4nd9qOeTXU0g1LMB8GA1UdIwQY
MBaAFLlui21z8vOFSJlvZmITMKjXEIUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYt
YmMwMDQ2NDllZTk5LzEvZmlVakxoRUxJVGRwRGlkMzJvNTVOZFRTRFVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYtYmMwMDQ2NDllZTk5
LzEvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBYVUAwQC
ucW8AwQCuc3wAwQCwJEYAwQBwqR0MA0EAgACMAcDBQMqCnzAMA0GCSqGSIb3DQEB
CwUAA4IBAQAn/3jJJKgRiI01WdC9FQjB1008Ki6dNxC63QtxCxX5mNDUQ4b394Wh
+XzomAc4+nWhJnTaJrfbA+dhcwRkraxn9KvfwQX3UoXmtDdi0RN4dns70cdqPp9I
InlnE6NuoX8hCQgEgFVPreCfW0xOYXmw8vE8odEX9PGhMVX4TGRI2Qr1r7I2Ir4m
Nz6OU2wq2Cn01ND6dKQGe80IuZsAoifr0bl+rFFgAvUvF+3w13vawZ3uWyfYREd5
Xly2R4HO6d5qUaDvX0qE8j0LcVKDdVjQy/x/O1D4CdPdOT7jqUKcusdFZ/LbIkdu
JfKFbZofobYshgPUJQCmbBDF9RexDRCn
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:31:43 2025 by rpki-client