Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/FofuUHCsYy2TWoAryzf8NlyduYw.roa
File: FofuUHCsYy2TWoAryzf8NlyduYw.roa (raw, json)
Hash identifier: R69ugPfWWsxLjShfG0VPEFk8EHkq5i3Md6nRP/x8COw=
Subject key identifier: 16:87:EE:50:70:AC:63:2D:93:5A:80:2B:CB:37:FC:36:5C:9D:B9:8C
Certificate issuer: /CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Certificate serial: 019420D6250DCE4BE7186A813DA28F8B6107
Authority key identifier: 98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/FofuUHCsYy2TWoAryzf8NlyduYw.roa
Signing time: Wed 01 Jan 2025 07:48:12 +0000
ROA not before: Wed 01 Jan 2025 07:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44358
IP address blocks: 185.150.42.0/24 maxlen: 24
194.0.3.0/24 maxlen: 24
194.0.18.0/24 maxlen: 24
194.0.19.0/24 maxlen: 24
194.0.20.0/24 maxlen: 24
2001:678:6::/48 maxlen: 48
2001:678:19::/48 maxlen: 48
2001:678:88::/48 maxlen: 48
2001:678:8c::/48 maxlen: 48
2a07:ab42::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/mAPED3e8iPryCfMdNh67q1yurEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/mAPED3e8iPryCfMdNh67q1yurEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:25:0d:ce:4b:e7:18:6a:81:3d:a2:8f:8b:61:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Validity
Not Before: Jan 1 07:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1687ee5070ac632d935a802bcb37fc365c9db98c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e6:84:4e:03:92:79:b5:ae:75:e1:14:ae:df:
e9:f9:51:50:40:f2:77:73:4a:5e:06:48:95:f3:36:
e5:46:6a:7a:f1:a3:cf:e9:34:92:8f:b5:17:dc:fd:
c1:7f:73:17:12:2e:0d:c8:7b:77:95:d5:05:74:e0:
93:fa:06:dc:27:df:d9:01:10:f0:2f:d7:62:cf:5d:
a2:47:b6:14:fe:4a:28:97:34:21:d6:ac:6f:de:ee:
3f:bd:fb:d9:98:17:0b:81:b7:fd:a9:60:38:8c:9c:
ac:7d:be:32:b8:f4:fb:34:57:5e:60:73:b1:89:42:
09:93:7a:cb:21:ca:ca:15:fd:5d:98:13:f1:60:6a:
d1:fc:3d:f9:6b:d4:8e:2c:15:31:d6:ce:e1:bc:7c:
c2:64:8d:7f:89:63:06:e7:1e:a4:72:32:34:db:4a:
72:5c:dc:09:86:a3:f0:d4:8f:da:a2:2b:0b:ff:28:
41:68:f5:38:96:16:5e:ad:dc:79:f9:b7:d5:ff:1e:
d8:a5:bb:b3:91:ef:0b:9f:d9:f4:99:0e:e4:6f:a7:
9b:09:14:29:20:b8:e0:a7:48:c3:4b:80:7f:d2:7d:
25:73:ab:cd:12:49:05:43:c7:1f:8b:e3:1f:86:e7:
82:2d:bb:9e:b9:90:43:3f:4e:44:65:ff:d7:9a:80:
6c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:87:EE:50:70:AC:63:2D:93:5A:80:2B:CB:37:FC:36:5C:9D:B9:8C
X509v3 Authority Key Identifier:
keyid:98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/FofuUHCsYy2TWoAryzf8NlyduYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/mAPED3e8iPryCfMdNh67q1yurEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.42.0/24
194.0.3.0/24
194.0.18.0-194.0.20.255
IPv6:
2001:678:6::/48
2001:678:19::/48
2001:678:88::/48
2001:678:8c::/48
2a07:ab42::/48
Signature Algorithm: sha256WithRSAEncryption
b0:d5:58:ce:ff:3f:24:cf:3c:43:d1:62:dd:0b:7c:8a:8b:f1:
17:4d:cd:ab:e5:d9:85:0a:a5:f6:a7:e5:0a:ee:41:12:97:5b:
2f:de:ff:e2:e6:74:79:3c:ff:02:c9:cc:fc:03:9f:41:ba:aa:
ce:54:7c:40:05:50:a0:9a:17:44:84:e1:35:66:21:93:aa:18:
8b:c6:39:6b:5c:c3:e5:6f:4c:a0:78:aa:21:ec:0d:8e:f3:e9:
41:e7:be:0e:e6:57:cc:f6:aa:85:9b:12:ff:29:40:26:52:2c:
1b:3f:26:25:32:2b:d2:c0:0d:64:8e:78:95:1b:82:ac:b9:b2:
1a:30:c5:fc:50:3b:4d:c3:16:a5:71:fe:42:da:c1:e2:5d:13:
aa:f9:dc:29:ac:30:7f:c8:37:c5:27:68:77:66:63:0b:0d:8e:
a2:5d:02:4c:88:cc:50:4f:47:27:d6:ec:1d:a0:90:a8:0b:22:
f7:07:e8:23:d7:04:e7:f7:27:71:88:7d:da:f7:74:fa:2d:25:
9c:02:58:8b:ff:a8:59:72:97:87:b0:c6:23:9a:e7:a7:25:be:
22:9b:f5:ea:70:af:c0:b0:d7:c2:f6:4a:73:7b:b2:72:d8:bc:
67:f1:fb:78:c6:75:dd:af:c5:f2:f9:bc:2d:f3:9a:f7:f2:09:
2d:5d:d4:aa
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZQg1iUNzkvnGGqBPaKPi2EHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MDNjNDBmNzdiYzg4ZmFmMjA5ZjMxZDM2MWViYmFiNWNh
ZWFjNGEwHhcNMjUwMTAxMDc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjg3ZWU1MDcwYWM2MzJkOTM1YTgwMmJjYjM3ZmMzNjVjOWRiOThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseaETgOSebWudeEUrt/p+VFQQPJ3
c0peBkiV8zblRmp68aPP6TSSj7UX3P3Bf3MXEi4NyHt3ldUFdOCT+gbcJ9/ZARDw
L9diz12iR7YU/koolzQh1qxv3u4/vfvZmBcLgbf9qWA4jJysfb4yuPT7NFdeYHOx
iUIJk3rLIcrKFf1dmBPxYGrR/D35a9SOLBUx1s7hvHzCZI1/iWMG5x6kcjI020py
XNwJhqPw1I/aoisL/yhBaPU4lhZerdx5+bfV/x7Ypbuzke8Ln9n0mQ7kb6ebCRQp
ILjgp0jDS4B/0n0lc6vNEkkFQ8cfi+MfhueCLbueuZBDP05EZf/XmoBsKQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFBaH7lBwrGMtk1qAK8s3/DZcnbmMMB8GA1UdIwQY
MBaAFJgDxA93vIj68gnzHTYeu6tcrqxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUFQRUQzZThpUHJ5Q2ZNZE5oNjdxMXl1ckVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iYWQ0YTAtM2U5Yi00NzY0LThhMjQt
ZjNhMjZmMDU1ZjRlLzEvRm9mdVVIQ3NZeTJUV29Bcnl6ZjhObHlkdVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iYWQ0YTAtM2U5Yi00NzY0LThhMjQtZjNhMjZmMDU1ZjRl
LzEvbUFQRUQzZThpUHJ5Q2ZNZE5oNjdxMXl1ckVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAgBAIAATAaAwQAuZYqAwQA
wgADMAwDBAHCABIDBADCABQwMwQCAAIwLQMHACABBngABgMHACABBngAGQMHACAB
BngAiAMHACABBngAjAMHACoHq0IAADANBgkqhkiG9w0BAQsFAAOCAQEAsNVYzv8/
JM88Q9Fi3Qt8iovxF03Nq+XZhQql9qflCu5BEpdbL97/4uZ0eTz/AsnM/AOfQbqq
zlR8QAVQoJoXRIThNWYhk6oYi8Y5a1zD5W9MoHiqIewNjvPpQee+DuZXzPaqhZsS
/ylAJlIsGz8mJTIr0sANZI54lRuCrLmyGjDF/FA7TcMWpXH+QtrB4l0TqvncKaww
f8g3xSdod2ZjCw2Ool0CTIjMUE9HJ9bsHaCQqAsi9wfoI9cE5/cncYh92vd0+i0l
nAJYi/+oWXKXh7DGI5rnpyW+Ipv16nCvwLDXwvZKc3uycti8Z/H7eMZ13a/F8vm8
LfOa9/IJLV3Uqg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:52:58 2025 by rpki-client