Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/fybdIHA9DF4GQd_5SQpCxD5YkQk.roa
File: fybdIHA9DF4GQd_5SQpCxD5YkQk.roa (raw, json)
Hash identifier: 9fHnp+Z1hwDJgNt3MhcZu/wBTpgkVY1rH7qzO8dKEB8=
Subject key identifier: 7F:26:DD:20:70:3D:0C:5E:06:41:DF:F9:49:0A:42:C4:3E:58:91:09
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0196FD8FB23095161FB231A78CCF22BC9AE8
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/fybdIHA9DF4GQd_5SQpCxD5YkQk.roa
Signing time: Fri 23 May 2025 14:32:54 +0000
ROA not before: Fri 23 May 2025 14:32:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41745
IP address blocks: 92.118.169.0/24 maxlen: 24
92.118.170.0/24 maxlen: 24
185.58.115.0/24 maxlen: 24
185.113.139.0/24 maxlen: 24
193.221.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:8f:b2:30:95:16:1f:b2:31:a7:8c:cf:22:bc:9a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: May 23 14:32:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f26dd20703d0c5e0641dff9490a42c43e589109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d1:c6:af:cb:c5:5f:10:25:2b:24:a1:bf:b4:
9e:f2:20:1f:54:ac:fb:08:39:4f:ec:37:06:bf:f3:
2b:0a:71:5d:8c:17:b8:98:b0:37:49:26:c6:c2:86:
fe:39:05:77:77:b7:96:c1:89:ae:6b:ac:58:00:d6:
c7:13:a4:c4:80:7e:33:dc:e2:a6:9e:7b:62:33:7c:
b6:65:23:98:90:80:51:fc:4c:d9:84:89:ff:b2:3e:
1d:0c:cf:07:50:98:3a:95:7e:a4:16:c5:c6:ec:fc:
63:05:17:a3:69:f3:ad:b0:43:e9:48:2f:a1:32:8b:
fd:c8:7d:8a:d3:e3:19:ab:de:f0:a2:65:47:be:23:
04:08:e9:5e:68:10:dd:7b:f7:fb:a7:f7:40:10:24:
23:70:f2:01:b6:4c:0f:f1:b7:c4:1d:ec:6c:15:4f:
b9:74:fc:87:45:44:75:0a:0b:3b:fa:36:62:2a:73:
d9:1a:c4:aa:98:d8:78:06:e6:5d:5b:0e:e2:b6:5d:
8d:e8:02:bc:13:a9:03:51:fc:34:cc:be:54:8a:75:
df:fc:b2:b7:75:dc:c5:c5:5d:11:a3:09:a4:db:a5:
77:c9:75:b9:de:08:1d:89:84:1f:94:c2:7e:12:23:
da:ef:11:42:26:ac:4d:c8:c2:46:79:b3:c5:4b:46:
56:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:26:DD:20:70:3D:0C:5E:06:41:DF:F9:49:0A:42:C4:3E:58:91:09
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/fybdIHA9DF4GQd_5SQpCxD5YkQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.169.0-92.118.170.255
185.58.115.0/24
185.113.139.0/24
193.221.203.0/24
Signature Algorithm: sha256WithRSAEncryption
27:af:97:33:c2:ee:90:35:6a:8b:6a:9d:73:c2:61:63:0e:fd:
1a:4b:39:5a:52:27:cc:b9:80:45:53:99:d7:b4:63:45:ae:30:
54:39:59:03:fd:5f:82:11:1a:b8:5d:28:d0:78:a9:a1:18:bb:
ce:c9:b6:6c:9b:a3:6c:5a:c8:44:99:ca:a0:db:7f:26:e5:43:
38:78:94:f9:35:b7:47:1f:71:dc:fc:38:36:74:73:d0:f8:fd:
88:9d:8b:77:9f:20:2c:57:54:df:5a:14:c5:52:43:87:84:93:
5c:22:c9:18:53:52:81:25:db:ba:44:dc:ad:55:27:b8:28:61:
39:61:38:0b:69:86:b2:95:07:3b:80:5e:95:bd:3d:56:78:41:
f8:4d:04:16:34:e0:0a:91:ff:c1:4f:5e:6a:ef:0c:07:56:5d:
70:38:1e:1b:d7:de:c2:1c:46:9e:2d:19:31:cc:f0:75:b4:53:
be:37:7f:72:dc:4c:cd:11:f0:5c:05:ad:aa:50:90:ba:1a:e4:
54:a6:ed:5b:f8:e7:50:5e:e1:ed:c9:37:1a:09:cf:a9:6c:5b:
52:53:95:5c:50:c7:0a:37:dd:de:3e:e0:17:ee:8f:c8:77:82:
b1:db:ad:4f:d3:12:3c:a2:1e:00:7d:86:fb:ac:b8:4c:ac:db:
65:ce:de:81
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZb9j7IwlRYfsjGnjM8ivJroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNTIzMTQzMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjI2ZGQyMDcwM2QwYzVlMDY0MWRmZjk0OTBhNDJjNDNlNTg5MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NHGr8vFXxAlKyShv7Se8iAfVKz7
CDlP7DcGv/MrCnFdjBe4mLA3SSbGwob+OQV3d7eWwYmua6xYANbHE6TEgH4z3OKm
nntiM3y2ZSOYkIBR/EzZhIn/sj4dDM8HUJg6lX6kFsXG7PxjBRejafOtsEPpSC+h
Mov9yH2K0+MZq97womVHviMECOleaBDde/f7p/dAECQjcPIBtkwP8bfEHexsFU+5
dPyHRUR1Cgs7+jZiKnPZGsSqmNh4BuZdWw7itl2N6AK8E6kDUfw0zL5UinXf/LK3
ddzFxV0Rowmk26V3yXW53ggdiYQflMJ+EiPa7xFCJqxNyMJGebPFS0ZWbwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFH8m3SBwPQxeBkHf+UkKQsQ+WJEJMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvZnliZElIQTlERjRHUWRfNVNRcEN4RDVZa1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABcdqkD
BABcdqoDBAC5OnMDBAC5cYsDBADB3cswDQYJKoZIhvcNAQELBQADggEBACevlzPC
7pA1aotqnXPCYWMO/RpLOVpSJ8y5gEVTmde0Y0WuMFQ5WQP9X4IRGrhdKNB4qaEY
u87Jtmybo2xayESZyqDbfyblQzh4lPk1t0cfcdz8ODZ0c9D4/Yidi3efICxXVN9a
FMVSQ4eEk1wiyRhTUoEl27pE3K1VJ7goYTlhOAtphrKVBzuAXpW9PVZ4QfhNBBY0
4AqR/8FPXmrvDAdWXXA4HhvX3sIcRp4tGTHM8HW0U743f3LcTM0R8FwFrapQkLoa
5FSm7Vv451Be4e3JNxoJz6lsW1JTlVxQxwo33d4+4Bfuj8h3grHbrU/TEjyiHgB9
hvusuEys22XO3oE=
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:22:27 2025 by rpki-client