Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/3snRbpN2IGbVOo0FBzCUwBaJ8fA.roa
File: 3snRbpN2IGbVOo0FBzCUwBaJ8fA.roa (raw, json)
Hash identifier: 3Oueo8OlDtIcQuATt+YhMGVuFQeK2ksk6bcPZePfS/4=
Subject key identifier: DE:C9:D1:6E:93:76:20:66:D5:3A:8D:05:07:30:94:C0:16:89:F1:F0
Certificate issuer: /CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Certificate serial: 019422FAF835223A625C71A5CC3BA95F6BD0
Authority key identifier: FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/3snRbpN2IGbVOo0FBzCUwBaJ8fA.roa
Signing time: Wed 01 Jan 2025 17:47:40 +0000
ROA not before: Wed 01 Jan 2025 17:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213396
IP address blocks: 194.50.176.0/24 maxlen: 24
2a0a:4540::/48 maxlen: 48
2a0a:4540:3000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:f8:35:22:3a:62:5c:71:a5:cc:3b:a9:5f:6b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Validity
Not Before: Jan 1 17:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dec9d16e93762066d53a8d05073094c01689f1f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:18:e4:89:c6:e0:af:80:9f:73:8a:81:cb:6e:
6b:3a:b0:60:80:85:4e:23:f4:b0:3a:d6:2d:19:08:
a9:2c:25:15:68:ac:16:6a:df:ac:3d:28:7e:3d:16:
5c:21:8d:ca:82:15:11:ed:dc:01:bf:28:4d:9a:46:
17:13:ff:b9:bf:df:cb:68:d1:d8:10:a7:37:70:ff:
58:40:ca:cd:20:73:25:62:b5:e9:79:f3:39:57:e0:
6e:8c:60:92:99:4d:93:4e:fc:7c:99:98:38:87:e5:
15:43:a4:2f:38:37:1d:d7:93:64:1a:41:f7:8c:ce:
83:c8:91:42:40:87:59:cd:12:4c:7f:a5:01:2f:30:
1f:21:c0:9a:d3:48:54:63:97:d3:6a:2a:02:b7:53:
de:bb:be:ba:64:e8:5e:f0:b1:34:46:7d:ab:92:65:
c1:27:7a:25:65:a5:2b:90:02:b6:fa:08:06:af:16:
3c:bc:00:65:8a:ac:6c:e9:05:a3:e3:b5:01:0b:03:
26:9b:26:c8:c5:83:0d:42:2f:6b:05:70:98:f3:aa:
c6:93:8e:14:4e:c3:e9:9c:67:b8:78:05:37:f4:3d:
fe:52:28:96:70:9f:2c:2f:5d:53:d8:7c:dd:91:44:
47:2e:69:f3:b3:30:ff:d4:ad:f5:45:8b:29:1b:54:
2e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C9:D1:6E:93:76:20:66:D5:3A:8D:05:07:30:94:C0:16:89:F1:F0
X509v3 Authority Key Identifier:
keyid:FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/3snRbpN2IGbVOo0FBzCUwBaJ8fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.176.0/24
IPv6:
2a0a:4540::/48
2a0a:4540:3000::/48
Signature Algorithm: sha256WithRSAEncryption
79:ab:30:7e:e2:7c:d8:9f:d9:b4:6e:67:30:eb:2c:c8:8c:51:
04:c1:d8:dd:cc:45:51:4b:79:3f:a2:e9:cd:0f:5d:18:f2:5b:
17:27:1a:cc:56:f4:55:35:c1:7c:78:46:e7:1f:37:70:d5:42:
53:35:2c:dd:62:ff:a6:58:95:9c:66:e4:bc:c0:29:7e:e0:c9:
11:2f:23:47:0d:66:69:67:1a:10:80:03:7a:18:f0:09:df:9d:
a9:14:9a:09:bf:e5:d5:63:de:52:7f:df:54:b8:53:3c:32:19:
06:55:bc:cc:97:0b:16:01:df:6a:f7:1a:09:93:7e:c6:c9:a0:
5c:1d:56:d0:26:53:0c:f3:56:40:e6:4b:1a:6a:9e:22:6e:4c:
13:08:7e:64:d2:af:bc:bc:22:03:d4:96:0b:09:3b:fa:00:9b:
97:4f:ed:c1:b3:19:50:2c:5e:c7:65:e1:97:18:8a:89:13:9a:
4b:1c:8b:a9:0c:b2:9b:c7:92:95:0f:b8:cb:67:89:7c:fd:61:
c1:fb:53:b1:1a:3a:9a:4a:06:9e:f6:ee:f1:6d:7f:12:2a:4c:
40:c9:24:19:b6:db:1d:ca:96:86:90:33:fd:8e:aa:ed:fb:dd:
a8:69:08:24:81:f8:e0:2a:24:00:81:4a:da:dc:bf:87:df:36:
04:10:36:9a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQi+vg1IjpiXHGlzDupX2vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYWM1MGYxOWQ5OTMwYWVlYzA5Y2QyN2Y1MDhmYzUwMmVh
MTRkMWYwHhcNMjUwMTAxMTc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWM5ZDE2ZTkzNzYyMDY2ZDUzYThkMDUwNzMwOTRjMDE2ODlmMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRjkicbgr4Cfc4qBy25rOrBggIVO
I/SwOtYtGQipLCUVaKwWat+sPSh+PRZcIY3KghUR7dwBvyhNmkYXE/+5v9/LaNHY
EKc3cP9YQMrNIHMlYrXpefM5V+BujGCSmU2TTvx8mZg4h+UVQ6QvODcd15NkGkH3
jM6DyJFCQIdZzRJMf6UBLzAfIcCa00hUY5fTaioCt1Peu766ZOhe8LE0Rn2rkmXB
J3olZaUrkAK2+ggGrxY8vABliqxs6QWj47UBCwMmmybIxYMNQi9rBXCY86rGk44U
TsPpnGe4eAU39D3+UiiWcJ8sL11T2HzdkURHLmnzszD/1K31RYspG1QuNwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFN7J0W6TdiBm1TqNBQcwlMAWifHwMB8GA1UdIwQY
MBaAFPusUPGdmTCu7AnNJ/UI/FAuoU0fMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS02eFE4WjJaTUs3c0NjMG45UWo4VUM2aFRSOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04Yjkx
LWQ2MmU0NTRiZjM3Zi8xLzNzblJicE4ySUdiVk9vMEZCekNVd0JhSjhmQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04YjkxLWQ2MmU0NTRiZjM3
Zi8xLzEtNnhROFoyWk1LN3NDYzBuOVFqOFVDNmhUUjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBADCMrAw
GAQCAAIwEgMHACoKRUAAAAMHACoKRUAwADANBgkqhkiG9w0BAQsFAAOCAQEAeasw
fuJ82J/ZtG5nMOssyIxRBMHY3cxFUUt5P6LpzQ9dGPJbFycazFb0VTXBfHhG5x83
cNVCUzUs3WL/pliVnGbkvMApfuDJES8jRw1maWcaEIADehjwCd+dqRSaCb/l1WPe
Un/fVLhTPDIZBlW8zJcLFgHfavcaCZN+xsmgXB1W0CZTDPNWQOZLGmqeIm5MEwh+
ZNKvvLwiA9SWCwk7+gCbl0/twbMZUCxex2XhlxiKiROaSxyLqQyym8eSlQ+4y2eJ
fP1hwftTsRo6mkoGnvbu8W1/EipMQMkkGbbbHcqWhpAz/Y6q7fvdqGkIJIH44Cok
AIFK2ty/h982BBA2mg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 07:00:03 2025 by rpki-client