Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/FNUQanu9g30CB8nbV4vNSU8f7jM.roa
File: FNUQanu9g30CB8nbV4vNSU8f7jM.roa (raw, json)
Hash identifier: IqvdgFfnbRltyax3es1NYZCCU6t/WnmDX7u4htxiU80=
Subject key identifier: 14:D5:10:6A:7B:BD:83:7D:02:07:C9:DB:57:8B:CD:49:4F:1F:EE:33
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 019427B5C57AFB5AFC4EE884E6B14C141F22
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/FNUQanu9g30CB8nbV4vNSU8f7jM.roa
Signing time: Thu 02 Jan 2025 15:50:11 +0000
ROA not before: Thu 02 Jan 2025 15:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212833
IP address blocks: 91.223.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c5:7a:fb:5a:fc:4e:e8:84:e6:b1:4c:14:1f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 2 15:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14d5106a7bbd837d0207c9db578bcd494f1fee33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:19:70:fa:ba:4d:49:b1:48:d9:db:4a:9d:c0:
9e:1d:0c:fe:cd:6a:1c:d5:89:34:1d:32:01:16:c2:
96:83:35:84:3c:23:1b:0f:73:cc:ba:3c:83:98:3d:
4f:32:0c:77:4d:f6:21:fe:db:23:0d:60:ee:92:57:
07:ac:05:32:e9:59:58:90:05:f2:b3:ae:90:ae:e8:
f2:cd:95:22:2a:dc:05:9c:24:95:5c:ff:0c:8f:d2:
08:91:c1:ba:99:02:c7:26:e3:9c:dc:5e:3c:9a:6d:
f3:a6:92:c0:19:af:30:fd:ff:03:4d:33:e7:b2:45:
f6:02:bf:7e:8b:d6:c3:49:90:a3:c8:c0:21:e9:d6:
f0:ce:6a:bd:86:f2:88:1a:0e:c3:a6:a3:13:69:64:
b2:18:21:aa:9d:f4:da:d5:1b:3e:22:74:c1:27:55:
73:7e:84:1d:77:89:b5:d6:76:39:92:80:2a:0a:27:
e3:4d:03:17:75:2b:34:d8:86:4c:c7:a1:1e:55:7a:
52:23:ca:f7:d0:89:b2:d4:b8:a5:1f:19:39:6c:27:
c5:9d:5d:59:d1:de:b5:ca:a4:0d:16:93:3d:61:61:
e1:51:fd:38:47:72:6a:c8:2c:14:b2:fe:40:87:3d:
45:af:3a:f8:c9:a7:83:78:9a:8f:9b:f3:56:39:b9:
06:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D5:10:6A:7B:BD:83:7D:02:07:C9:DB:57:8B:CD:49:4F:1F:EE:33
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/FNUQanu9g30CB8nbV4vNSU8f7jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.7.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:68:43:88:ab:0e:6e:73:90:4b:dc:92:f3:9d:a9:ae:13:cb:
92:67:20:89:bb:cc:cc:5d:88:bd:5d:68:e1:b6:c3:be:9c:83:
b0:07:fe:ea:3f:b1:28:ba:d4:ea:8f:e2:73:55:d0:d7:3d:6c:
06:04:a9:8a:42:8b:23:3a:e8:c9:7b:dd:ad:ab:d1:1f:53:78:
96:c2:5a:17:39:ba:e0:95:07:d7:87:81:eb:67:4a:46:f7:cf:
79:05:89:90:5d:9f:61:bf:57:93:c7:5c:e1:4b:8c:7a:e4:99:
a4:84:18:f3:14:f3:c2:d7:60:46:50:12:7f:b1:a4:e3:6a:bc:
86:51:7e:53:bd:ab:25:88:39:b5:81:db:c0:6d:ae:4b:39:5f:
3d:38:d9:12:fc:ac:73:92:1b:c4:4e:fa:31:12:55:72:23:4e:
df:b9:32:d9:58:a6:72:2c:16:7c:d0:94:eb:98:15:f0:4b:5f:
72:d1:d0:57:25:ba:d0:16:65:48:0f:f8:ef:9e:ff:fd:8a:b7:
84:07:81:bc:ac:9c:3c:fa:66:f9:56:c7:c5:42:98:e5:9b:8c:
bf:a5:60:59:f7:bf:15:b1:ad:c0:cb:68:2d:af:03:8d:99:e3:
b5:3f:b5:cc:e1:a7:e6:bc:46:a8:b7:ee:f9:f2:a7:8f:b9:25:
ee:98:4f:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntcV6+1r8TuiE5rFMFB8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjUwMTAyMTU1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQ1MTA2YTdiYmQ4MzdkMDIwN2M5ZGI1NzhiY2Q0OTRmMWZlZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthlw+rpNSbFI2dtKncCeHQz+zWoc
1Yk0HTIBFsKWgzWEPCMbD3PMujyDmD1PMgx3TfYh/tsjDWDuklcHrAUy6VlYkAXy
s66QrujyzZUiKtwFnCSVXP8Mj9IIkcG6mQLHJuOc3F48mm3zppLAGa8w/f8DTTPn
skX2Ar9+i9bDSZCjyMAh6dbwzmq9hvKIGg7DpqMTaWSyGCGqnfTa1Rs+InTBJ1Vz
foQdd4m11nY5koAqCifjTQMXdSs02IZMx6EeVXpSI8r30Imy1LilHxk5bCfFnV1Z
0d61yqQNFpM9YWHhUf04R3JqyCwUsv5Ahz1Frzr4yaeDeJqPm/NWObkGBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTVEGp7vYN9AgfJ21eLzUlPH+4zMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvRk5VUWFudTlnMzBDQjhuYlY0dk5TVThmN2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW98HMA0G
CSqGSIb3DQEBCwUAA4IBAQB/aEOIqw5uc5BL3JLznamuE8uSZyCJu8zMXYi9XWjh
tsO+nIOwB/7qP7EoutTqj+JzVdDXPWwGBKmKQosjOujJe92tq9EfU3iWwloXObrg
lQfXh4HrZ0pG9895BYmQXZ9hv1eTx1zhS4x65JmkhBjzFPPC12BGUBJ/saTjaryG
UX5TvasliDm1gdvAba5LOV89ONkS/KxzkhvETvoxElVyI07fuTLZWKZyLBZ80JTr
mBXwS19y0dBXJbrQFmVID/jvnv/9ireEB4G8rJw8+mb5VsfFQpjlm4y/pWBZ978V
sa3Ay2gtrwONmeO1P7XM4afmvEaot+758qePuSXumE/o
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:01 2025 by rpki-client