Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/fsOnaX4tr6VeXJENVam_r7FGZAQ.roa
File: fsOnaX4tr6VeXJENVam_r7FGZAQ.roa (raw, json)
Hash identifier: hHwUXFYP1l9gP70QmfIy18+VkKqbCEzGkYH7C8X8l0A=
Subject key identifier: 7E:C3:A7:69:7E:2D:AF:A5:5E:5C:91:0D:55:A9:BF:AF:B1:46:64:04
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0194274737ED18734BFD81BB75BF7AB531B9
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/fsOnaX4tr6VeXJENVam_r7FGZAQ.roa
Signing time: Thu 02 Jan 2025 13:49:26 +0000
ROA not before: Thu 02 Jan 2025 13:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213107
IP address blocks: 185.86.14.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:37:ed:18:73:4b:fd:81:bb:75:bf:7a:b5:31:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ec3a7697e2dafa55e5c910d55a9bfafb1466404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d1:3d:7f:68:05:89:e7:2b:1a:62:52:7f:8c:
77:10:4c:3f:f4:8e:8b:40:79:b4:ba:d9:0d:94:ab:
21:b8:1c:03:ed:bb:f7:63:77:d9:71:df:99:73:a7:
e5:66:f4:e0:65:f8:3a:df:c4:d2:43:cb:c9:9a:ab:
66:25:33:95:79:fc:03:a1:fd:b1:ef:31:53:b4:05:
c6:e2:67:8f:6a:b2:a1:6c:79:82:be:aa:11:7b:81:
a0:ee:49:53:23:a3:ce:4c:89:f3:ce:88:0b:ee:5a:
1f:0b:a8:7f:8a:6f:4d:c9:6d:a2:71:48:2c:0e:5e:
9c:89:3a:60:0a:a3:78:30:7d:b9:d6:a2:45:29:5d:
b5:ef:0d:81:fe:11:c8:f3:ba:b7:63:60:ef:17:b9:
09:10:49:56:d4:91:06:c7:8d:9d:67:e3:60:aa:9e:
95:99:13:b0:ad:6b:fb:6d:e1:98:7b:88:84:05:77:
a7:35:e1:8c:79:66:66:ed:a2:fe:23:ca:21:0b:4b:
83:46:0b:e0:57:3e:c7:d5:88:6c:d6:06:04:19:7c:
63:82:4b:33:77:36:7e:a3:b9:06:ed:68:12:69:87:
e8:43:82:eb:1e:de:34:d3:e1:52:f8:f5:34:c5:b4:
d7:67:89:76:6d:03:9f:ee:06:82:7e:71:a2:75:8f:
1d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C3:A7:69:7E:2D:AF:A5:5E:5C:91:0D:55:A9:BF:AF:B1:46:64:04
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/fsOnaX4tr6VeXJENVam_r7FGZAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.14.0/24
185.88.175.0/24
185.98.63.0/24
185.185.232.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:c3:92:c4:2c:fe:09:a7:ef:54:c4:68:f9:91:22:84:d5:68:
5f:2e:53:24:0f:98:47:ab:24:93:3b:16:db:c9:fb:33:e9:99:
9a:5a:7e:dc:10:f5:03:7c:49:de:11:5f:85:f9:34:d2:55:ec:
5a:e8:f1:21:c0:7c:f6:21:08:49:6c:42:73:93:a3:39:12:32:
f8:35:3a:63:d5:11:b3:e1:95:16:21:09:ec:f3:24:0e:d1:98:
c0:7b:d6:99:81:6f:41:34:4c:9d:73:39:0b:2f:8c:27:96:f5:
ac:ae:b2:84:36:62:d5:51:c8:63:fd:ce:66:ea:cc:67:8a:ee:
fb:e0:7d:7a:59:2f:21:7a:5e:38:dd:f8:49:3b:1c:99:81:35:
d5:15:09:44:bd:02:40:c9:5c:74:39:d4:92:a8:f4:ed:d3:36:
1d:97:6f:c1:62:95:25:45:3e:8c:16:b4:88:93:eb:e0:f2:6f:
bf:91:79:64:dc:24:37:d9:9c:46:49:0c:91:b8:f6:8b:5b:c8:
cc:ef:bc:89:56:c6:1a:54:61:91:05:93:20:b0:9e:1e:ec:1e:
bc:f4:15:af:d4:f5:3a:00:0e:8e:40:03:e2:97:10:cc:02:33:
db:87:24:cc:3c:23:77:1f:da:d7:1f:05:03:8d:62:95:0b:ba:
e7:0c:51:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnRzftGHNL/YG7db96tTG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWMzYTc2OTdlMmRhZmE1NWU1YzkxMGQ1NWE5YmZhZmIxNDY2NDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39E9f2gFiecrGmJSf4x3EEw/9I6L
QHm0utkNlKshuBwD7bv3Y3fZcd+Zc6flZvTgZfg638TSQ8vJmqtmJTOVefwDof2x
7zFTtAXG4meParKhbHmCvqoRe4Gg7klTI6POTInzzogL7lofC6h/im9NyW2icUgs
Dl6ciTpgCqN4MH251qJFKV217w2B/hHI87q3Y2DvF7kJEElW1JEGx42dZ+Ngqp6V
mROwrWv7beGYe4iEBXenNeGMeWZm7aL+I8ohC0uDRgvgVz7H1Yhs1gYEGXxjgksz
dzZ+o7kG7WgSaYfoQ4LrHt400+FS+PU0xbTXZ4l2bQOf7gaCfnGidY8dxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH7Dp2l+La+lXlyRDVWpv6+xRmQEMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZnNPbmFYNHRyNlZlWEpFTlZhbV9yN0ZHWkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuVYOAwQA
uVivAwQAuWI/AwQAubnoMA0GCSqGSIb3DQEBCwUAA4IBAQCdw5LELP4Jp+9UxGj5
kSKE1WhfLlMkD5hHqySTOxbbyfsz6ZmaWn7cEPUDfEneEV+F+TTSVexa6PEhwHz2
IQhJbEJzk6M5EjL4NTpj1RGz4ZUWIQns8yQO0ZjAe9aZgW9BNEydczkLL4wnlvWs
rrKENmLVUchj/c5m6sxniu774H16WS8hel443fhJOxyZgTXVFQlEvQJAyVx0OdSS
qPTt0zYdl2/BYpUlRT6MFrSIk+vg8m+/kXlk3CQ32ZxGSQyRuPaLW8jM77yJVsYa
VGGRBZMgsJ4e7B689BWv1PU6AA6OQAPilxDMAjPbhyTMPCN3H9rXHwUDjWKVC7rn
DFHm
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:31:43 2025 by rpki-client