Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/7243b8-a8f9-4520-80c1-0565f337dcbe/1/fjo3TJF5UJdtWXbH-RXUzzkMGLw.roa
File: fjo3TJF5UJdtWXbH-RXUzzkMGLw.roa (raw, json)
Hash identifier: 3e8hosZ9ppBndt6p8XyvpqJUy9gK6SPz4ut0nyjSkJ4=
Subject key identifier: 7E:3A:37:4C:91:79:50:97:6D:59:76:C7:F9:15:D4:CF:39:0C:18:BC
Certificate issuer: /CN=edcc2d279130d1a1bb3ee5a3b5f3323057b3c4fd
Certificate serial: 019423D7FCFE85FFC02E1A2F4A69DC45CB70
Authority key identifier: ED:CC:2D:27:91:30:D1:A1:BB:3E:E5:A3:B5:F3:32:30:57:B3:C4:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cwtJ5Ew0aG7PuWjtfMyMFezxP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/7243b8-a8f9-4520-80c1-0565f337dcbe/1/fjo3TJF5UJdtWXbH-RXUzzkMGLw.roa
Signing time: Wed 01 Jan 2025 21:49:04 +0000
ROA not before: Wed 01 Jan 2025 21:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41033
IP address blocks: 185.235.184.0/24 maxlen: 24
185.235.185.0/24 maxlen: 24
185.235.187.0/24 maxlen: 24
2a0d:7100:1::/48 maxlen: 48
2a0d:7100:2::/48 maxlen: 48
2a0d:7100:3::/48 maxlen: 48
2a0d:7100:4::/48 maxlen: 48
2a0d:7100:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/7243b8-a8f9-4520-80c1-0565f337dcbe/1/7cwtJ5Ew0aG7PuWjtfMyMFezxP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/7243b8-a8f9-4520-80c1-0565f337dcbe/1/7cwtJ5Ew0aG7PuWjtfMyMFezxP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/7cwtJ5Ew0aG7PuWjtfMyMFezxP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 00:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:fc:fe:85:ff:c0:2e:1a:2f:4a:69:dc:45:cb:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edcc2d279130d1a1bb3ee5a3b5f3323057b3c4fd
Validity
Not Before: Jan 1 21:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e3a374c917950976d5976c7f915d4cf390c18bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3e:ef:5e:75:37:55:d8:26:6e:fd:f3:46:a9:
c4:ba:4b:af:28:a6:47:19:b7:06:cf:c9:e4:9f:df:
b1:e8:2e:76:b3:45:71:71:06:e1:43:30:7b:16:d8:
9b:88:31:70:5b:66:ea:ee:a2:4d:9f:96:41:80:0b:
2e:b5:5a:90:8a:ff:76:82:13:ca:81:fd:56:32:49:
ee:15:81:8c:8a:2c:4f:b6:86:a8:b0:fa:10:cc:09:
bd:3b:6a:4f:51:fc:e4:d1:de:a9:9f:31:8e:62:d8:
86:37:6b:58:2f:96:7a:2a:63:fc:87:06:c6:c7:91:
d9:1f:e7:21:8b:57:01:bb:a3:d8:48:79:0f:75:4f:
a7:d1:9e:a0:be:39:17:29:b9:2f:2e:6c:b0:3d:82:
a5:cf:fc:9f:da:3e:fb:14:ce:9c:c6:2f:ee:2f:51:
55:82:4e:a9:17:d8:98:b3:66:69:8e:64:0d:d8:b5:
22:c4:1a:db:83:32:3b:c5:d1:af:64:f1:a1:6c:89:
3e:b8:40:57:cc:cf:e3:ef:bc:61:dd:be:7d:71:8f:
65:27:6e:ca:a9:bf:8e:4e:81:49:f5:64:0f:6c:ba:
47:67:90:9d:39:3e:bd:71:d3:52:d4:24:64:79:31:
f7:23:8c:0b:21:da:77:98:23:5d:99:0c:8f:88:f2:
29:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:3A:37:4C:91:79:50:97:6D:59:76:C7:F9:15:D4:CF:39:0C:18:BC
X509v3 Authority Key Identifier:
keyid:ED:CC:2D:27:91:30:D1:A1:BB:3E:E5:A3:B5:F3:32:30:57:B3:C4:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cwtJ5Ew0aG7PuWjtfMyMFezxP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/7243b8-a8f9-4520-80c1-0565f337dcbe/1/fjo3TJF5UJdtWXbH-RXUzzkMGLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/7243b8-a8f9-4520-80c1-0565f337dcbe/1/7cwtJ5Ew0aG7PuWjtfMyMFezxP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.184.0/23
185.235.187.0/24
IPv6:
2a0d:7100:1::-2a0d:7100:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
54:26:fb:fa:76:f8:9e:26:10:0b:19:31:a5:77:f1:3a:89:9a:
5d:57:b1:a5:f1:07:ef:9c:e2:f6:6a:d7:51:d6:f6:90:94:36:
d8:70:6e:60:4d:a6:f3:f1:66:4a:38:bc:55:49:c6:40:0e:62:
4a:9f:df:35:fe:99:80:22:3f:83:24:fa:5b:f2:df:f9:7e:df:
e7:8e:48:d4:61:aa:15:70:77:31:d3:35:be:2f:eb:3b:c7:0b:
10:b8:31:f4:d4:be:c3:60:52:90:d8:ec:8e:e1:3c:a1:c3:d7:
46:f9:73:1a:0a:7f:9a:3e:c4:bb:82:a7:30:61:8a:99:0b:2b:
79:82:b1:b4:85:ea:35:46:a6:1a:60:07:60:f6:5a:76:22:fb:
fe:31:26:be:0f:53:42:96:02:eb:5f:c6:d5:97:54:32:f1:49:
8e:11:15:e7:f3:fc:d5:cb:fa:c1:01:ac:40:67:79:48:ef:1a:
3d:5d:3c:f1:a0:f7:45:33:a0:97:d9:38:46:d7:d8:83:03:d5:
58:d4:b3:72:b3:32:1b:a7:5a:8d:cd:64:c8:65:95:96:d6:61:
ea:b0:1d:84:1b:c6:4a:6a:35:3b:29:58:87:ea:01:d7:f7:a3:
69:40:08:a7:de:79:a0:bf:65:6d:e7:fa:38:82:9f:49:9e:c3:
01:c6:38:4b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQj1/z+hf/ALhovSmncRctwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkY2MyZDI3OTEzMGQxYTFiYjNlZTVhM2I1ZjMzMjMwNTdi
M2M0ZmQwHhcNMjUwMTAxMjE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTNhMzc0YzkxNzk1MDk3NmQ1OTc2YzdmOTE1ZDRjZjM5MGMxOGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2D7vXnU3Vdgmbv3zRqnEukuvKKZH
GbcGz8nkn9+x6C52s0VxcQbhQzB7FtibiDFwW2bq7qJNn5ZBgAsutVqQiv92ghPK
gf1WMknuFYGMiixPtoaosPoQzAm9O2pPUfzk0d6pnzGOYtiGN2tYL5Z6KmP8hwbG
x5HZH+chi1cBu6PYSHkPdU+n0Z6gvjkXKbkvLmywPYKlz/yf2j77FM6cxi/uL1FV
gk6pF9iYs2ZpjmQN2LUixBrbgzI7xdGvZPGhbIk+uEBXzM/j77xh3b59cY9lJ27K
qb+OToFJ9WQPbLpHZ5CdOT69cdNS1CRkeTH3I4wLIdp3mCNdmQyPiPIpSwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFH46N0yReVCXbVl2x/kV1M85DBi8MB8GA1UdIwQY
MBaAFO3MLSeRMNGhuz7lo7XzMjBXs8T9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2N3dEo1RXcwYUc3UHVXanRmTXlNRmV6eFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83MjQzYjgtYThmOS00NTIwLTgwYzEt
MDU2NWYzMzdkY2JlLzEvZmpvM1RKRjVVSmR0V1hiSC1SWFV6emtNR0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83MjQzYjgtYThmOS00NTIwLTgwYzEtMDU2NWYzMzdkY2Jl
LzEvN2N3dEo1RXcwYUc3UHVXanRmTXlNRmV6eFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQBueu4AwQA
ueu7MBoEAgACMBQwEgMHACoNcQAAAQMHASoNcQAABDANBgkqhkiG9w0BAQsFAAOC
AQEAVCb7+nb4niYQCxkxpXfxOomaXVexpfEH75zi9mrXUdb2kJQ22HBuYE2m8/Fm
Sji8VUnGQA5iSp/fNf6ZgCI/gyT6W/Lf+X7f545I1GGqFXB3MdM1vi/rO8cLELgx
9NS+w2BSkNjsjuE8ocPXRvlzGgp/mj7Eu4KnMGGKmQsreYKxtIXqNUamGmAHYPZa
diL7/jEmvg9TQpYC61/G1ZdUMvFJjhEV5/P81cv6wQGsQGd5SO8aPV088aD3RTOg
l9k4RtfYgwPVWNSzcrMyG6dajc1kyGWVltZh6rAdhBvGSmo1OylYh+oB1/ejaUAI
p955oL9lbef6OIKfSZ7DAcY4Sw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:17:02 2025 by rpki-client