Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/kbFa4zyDCcJX0BPhU_Dw3UHlA_c.roa
File: kbFa4zyDCcJX0BPhU_Dw3UHlA_c.roa (raw, json)
Hash identifier: lHWDIZ/saM9nZZPfD7Y6mKPoP7i1Yj05/kMFolVAFbE=
Subject key identifier: 91:B1:5A:E3:3C:83:09:C2:57:D0:13:E1:53:F0:F0:DD:41:E5:03:F7
Certificate issuer: /CN=f3b5a8c0095825e13f46bdb370b7fdca9b9f8a52
Certificate serial: 01964007865B7190C1873EFC2264FCD38F78
Authority key identifier: F3:B5:A8:C0:09:58:25:E1:3F:46:BD:B3:70:B7:FD:CA:9B:9F:8A:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87WowAlYJeE_Rr2zcLf9ypufilI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/kbFa4zyDCcJX0BPhU_Dw3UHlA_c.roa
Signing time: Wed 16 Apr 2025 19:15:57 +0000
ROA not before: Wed 16 Apr 2025 19:15:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211540
IP address blocks: 195.242.204.0/23 maxlen: 23
2a14:6d40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/87WowAlYJeE_Rr2zcLf9ypufilI.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/87WowAlYJeE_Rr2zcLf9ypufilI.mft
rsync://rpki.ripe.net/repository/DEFAULT/87WowAlYJeE_Rr2zcLf9ypufilI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 07:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:40:07:86:5b:71:90:c1:87:3e:fc:22:64:fc:d3:8f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5a8c0095825e13f46bdb370b7fdca9b9f8a52
Validity
Not Before: Apr 16 19:15:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91b15ae33c8309c257d013e153f0f0dd41e503f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:df:b9:48:13:b1:48:e2:7a:97:59:1a:e2:f4:
54:33:30:90:63:43:e4:b2:49:eb:35:1e:98:97:3e:
5a:d1:8b:bc:99:dd:f2:9d:ce:d2:bf:0e:d8:1a:a0:
c4:63:19:fe:36:b2:89:33:d5:ac:c7:9f:99:be:22:
2f:76:0e:a1:05:67:3d:f9:78:96:95:82:cb:62:aa:
cd:21:6d:f3:55:3c:4a:55:26:a3:15:4a:b1:99:31:
ee:4d:65:f3:ce:6b:5e:75:63:41:9e:3e:ab:12:87:
ab:42:4c:83:90:80:32:da:a4:ce:e1:a9:7a:d3:7a:
33:06:54:1f:a7:0e:1f:9b:c4:0c:a8:e9:ae:06:b3:
85:e0:2f:77:d9:41:32:53:50:01:84:da:b2:9b:28:
d5:0c:74:e7:de:01:46:e7:e0:34:55:f6:fe:f9:22:
65:d5:9a:d2:c5:7d:14:6e:8f:08:a9:1c:51:96:46:
79:3a:4b:d0:cb:59:ca:79:14:23:99:54:85:8f:31:
37:59:99:6c:0f:a8:fc:dd:d3:1e:da:ce:39:9c:74:
6f:43:19:8a:b2:74:e9:2c:72:ba:f3:de:35:29:da:
95:dd:04:33:33:0c:e1:10:c6:c5:34:33:56:00:20:
20:a6:48:fd:36:4b:68:4e:80:22:56:65:00:fc:74:
5c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B1:5A:E3:3C:83:09:C2:57:D0:13:E1:53:F0:F0:DD:41:E5:03:F7
X509v3 Authority Key Identifier:
keyid:F3:B5:A8:C0:09:58:25:E1:3F:46:BD:B3:70:B7:FD:CA:9B:9F:8A:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87WowAlYJeE_Rr2zcLf9ypufilI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/kbFa4zyDCcJX0BPhU_Dw3UHlA_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/e2666e-69e1-437e-a021-2926bbc16796/1/87WowAlYJeE_Rr2zcLf9ypufilI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.204.0/23
IPv6:
2a14:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
00:c3:92:68:b7:03:84:6d:21:56:98:19:fa:fe:63:03:3a:53:
0e:2e:37:e8:65:2c:97:b5:09:8f:a5:23:2c:4b:c2:f2:4e:95:
37:ad:e6:75:5c:b7:08:48:50:1a:db:3d:9b:f1:98:d8:45:80:
a1:5e:3d:d9:de:5c:73:ff:d2:21:d9:80:e8:c9:8e:45:9e:31:
8e:24:24:6f:a8:d4:d2:6e:be:ae:d3:c8:83:c3:74:aa:c7:a1:
e0:7c:6f:00:e1:49:3e:0a:23:df:6f:23:bb:62:8a:bf:4b:1c:
f9:34:84:4a:9c:55:c6:3d:fc:9a:6c:35:8b:5f:96:7a:6c:1a:
91:0a:61:07:b5:b7:04:45:23:f6:5c:51:91:44:00:40:41:04:
9f:a8:d5:72:89:1f:df:15:2e:c9:84:ad:5e:20:a1:4b:e0:97:
49:f8:bb:13:14:4d:99:9d:4c:d9:ac:be:5c:27:99:db:04:9d:
f7:6a:10:50:42:6d:09:6e:fa:23:4a:0c:cb:af:35:9e:4e:34:
d5:cb:9a:18:a0:35:72:88:81:22:d3:c8:36:a4:d8:01:f2:c2:
44:5d:ae:15:da:c3:f8:dd:90:fe:b7:91:15:40:ed:58:df:25:
98:2f:26:f1:3b:1a:1d:d4:8a:6d:9f:e6:c9:09:ee:5c:22:c9:
ef:22:2b:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZAB4ZbcZDBhz78ImT80494MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjVhOGMwMDk1ODI1ZTEzZjQ2YmRiMzcwYjdmZGNhOWI5
ZjhhNTIwHhcNMjUwNDE2MTkxNTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWIxNWFlMzNjODMwOWMyNTdkMDEzZTE1M2YwZjBkZDQxZTUwM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9+5SBOxSOJ6l1ka4vRUMzCQY0Pk
sknrNR6Ylz5a0Yu8md3ync7Svw7YGqDEYxn+NrKJM9Wsx5+ZviIvdg6hBWc9+XiW
lYLLYqrNIW3zVTxKVSajFUqxmTHuTWXzzmtedWNBnj6rEoerQkyDkIAy2qTO4al6
03ozBlQfpw4fm8QMqOmuBrOF4C932UEyU1ABhNqymyjVDHTn3gFG5+A0Vfb++SJl
1ZrSxX0Ubo8IqRxRlkZ5OkvQy1nKeRQjmVSFjzE3WZlsD6j83dMe2s45nHRvQxmK
snTpLHK68941KdqV3QQzMwzhEMbFNDNWACAgpkj9NktoToAiVmUA/HRcRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJGxWuM8gwnCV9AT4VPw8N1B5QP3MB8GA1UdIwQY
MBaAFPO1qMAJWCXhP0a9s3C3/cqbn4pSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdXb3dBbFlKZUVfUnIyemNMZjl5cHVmaWxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9lMjY2NmUtNjllMS00MzdlLWEwMjEt
MjkyNmJiYzE2Nzk2LzEva2JGYTR6eURDY0pYMEJQaFVfRHczVUhsQV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9lMjY2NmUtNjllMS00MzdlLWEwMjEtMjkyNmJiYzE2Nzk2
LzEvODdXb3dBbFlKZUVfUnIyemNMZjl5cHVmaWxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw/LMMA0E
AgACMAcDBQMqFG1AMA0GCSqGSIb3DQEBCwUAA4IBAQAAw5JotwOEbSFWmBn6/mMD
OlMOLjfoZSyXtQmPpSMsS8LyTpU3reZ1XLcISFAa2z2b8ZjYRYChXj3Z3lxz/9Ih
2YDoyY5FnjGOJCRvqNTSbr6u08iDw3Sqx6HgfG8A4Uk+CiPfbyO7Yoq/Sxz5NIRK
nFXGPfyabDWLX5Z6bBqRCmEHtbcERSP2XFGRRABAQQSfqNVyiR/fFS7JhK1eIKFL
4JdJ+LsTFE2ZnUzZrL5cJ5nbBJ33ahBQQm0JbvojSgzLrzWeTjTVy5oYoDVyiIEi
08g2pNgB8sJEXa4V2sP43ZD+t5EVQO1Y3yWYLybxOxod1Iptn+bJCe5cIsnvIiuF
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:52 2025 by rpki-client