Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/fxKWammhxktdopvkLoZ3A56OufQ.roa
File: fxKWammhxktdopvkLoZ3A56OufQ.roa (raw, json)
Hash identifier: 08wF4FXl5oiKNSJuMhza0MfLxqdEwIGUPGz/746c+dw=
Subject key identifier: 7F:12:96:6A:69:A1:C6:4B:5D:A2:9B:E4:2E:86:77:03:9E:8E:B9:F4
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0195BE8AEA2FEFB940B2F3D6B885E73C94B3
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/fxKWammhxktdopvkLoZ3A56OufQ.roa
Signing time: Sat 22 Mar 2025 15:48:49 +0000
ROA not before: Sat 22 Mar 2025 15:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 194.238.40.0/23 maxlen: 24
213.18.196.0/22 maxlen: 22
217.179.50.0/23 maxlen: 24
217.179.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 02:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:be:8a:ea:2f:ef:b9:40:b2:f3:d6:b8:85:e7:3c:94:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Mar 22 15:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f12966a69a1c64b5da29be42e8677039e8eb9f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0b:29:65:73:5b:5e:ed:3a:75:9a:d0:69:ce:
e5:a1:67:05:d5:fa:8d:7f:2a:63:13:cb:60:b6:7e:
31:07:3b:f3:46:b3:84:51:fc:96:c4:34:43:46:38:
d8:ce:5f:80:10:f7:12:05:61:82:fa:69:4e:b1:ca:
13:3c:17:10:81:a0:d5:a0:37:9d:dc:c8:98:34:9e:
56:89:95:36:12:69:6a:d5:57:5e:c8:4d:7d:af:c9:
45:a2:2d:58:cc:01:22:de:2b:2c:ee:5e:8a:07:d2:
3a:8d:ef:a0:83:10:bd:56:68:4b:74:a4:a3:b9:6b:
d8:eb:4b:a4:bf:69:c0:0e:26:cc:ad:7b:12:27:9a:
1b:4f:1e:4c:93:b6:bb:8a:3f:5d:36:8a:79:5e:27:
8e:c9:2d:39:95:25:a2:65:8a:a4:ba:e5:0a:22:f6:
1b:02:a2:cb:53:cd:02:49:e6:28:96:29:1d:f9:12:
c3:89:92:64:b1:96:d4:0f:c8:87:3c:cf:a7:3d:a5:
b0:1a:dd:bb:7f:d7:9f:de:c2:0f:b7:a8:40:d9:f0:
30:0e:9a:f0:4f:b8:dc:20:a1:6e:11:54:61:79:d6:
53:d9:55:bf:1e:b7:f8:a1:d1:c6:49:45:18:9d:0d:
24:87:89:d3:ed:60:e0:2f:7a:a0:2a:8f:a1:82:5d:
92:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:12:96:6A:69:A1:C6:4B:5D:A2:9B:E4:2E:86:77:03:9E:8E:B9:F4
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/fxKWammhxktdopvkLoZ3A56OufQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.40.0/23
213.18.196.0/22
217.179.50.0/23
217.179.228.0/22
Signature Algorithm: sha256WithRSAEncryption
32:ef:19:f1:ab:0a:a5:68:9b:fb:da:7b:75:f5:63:a6:a2:05:
e2:19:ef:56:9d:d3:a0:3b:c5:72:86:22:0d:4d:d5:e2:52:59:
b6:f3:38:f6:92:00:f4:8f:13:9f:4f:74:6f:1f:32:1d:67:23:
06:c4:ee:e7:08:73:18:9a:b2:3e:b9:56:2a:17:ad:46:d0:4a:
f7:eb:c5:41:c4:38:b6:c6:0d:ba:cd:e4:06:f6:44:aa:43:39:
55:eb:4c:1d:66:9e:a0:06:c9:a3:96:ed:16:4b:43:5b:9a:14:
64:0e:c7:d8:81:5e:ce:04:2b:ae:10:26:05:31:2b:5d:41:85:
22:5c:48:17:a2:9c:9c:14:81:ae:e3:d3:5b:c1:36:78:90:07:
10:2b:c4:da:06:61:8b:8b:27:b2:c3:c8:e4:10:6e:6c:1a:c5:
f2:5c:18:c0:1a:21:e0:1e:d4:a6:6b:85:c6:c3:6a:92:07:c5:
79:b3:d8:5e:90:5b:bb:60:92:97:f0:5d:a1:84:36:1f:0a:97:
4b:77:ce:44:9c:04:31:aa:f0:be:c3:44:37:99:20:ba:15:32:
90:ee:95:51:da:70:50:e6:a8:6a:6f:62:02:7d:c7:c1:92:c0:
13:00:e5:28:19:1b:2d:2b:36:62:ef:ad:7b:48:c4:5e:de:0c:
ae:b1:60:a7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZW+iuov77lAsvPWuIXnPJSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMzIyMTU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjEyOTY2YTY5YTFjNjRiNWRhMjliZTQyZTg2NzcwMzllOGViOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwspZXNbXu06dZrQac7loWcF1fqN
fypjE8tgtn4xBzvzRrOEUfyWxDRDRjjYzl+AEPcSBWGC+mlOscoTPBcQgaDVoDed
3MiYNJ5WiZU2Emlq1VdeyE19r8lFoi1YzAEi3iss7l6KB9I6je+ggxC9VmhLdKSj
uWvY60ukv2nADibMrXsSJ5obTx5Mk7a7ij9dNop5XieOyS05lSWiZYqkuuUKIvYb
AqLLU80CSeYolikd+RLDiZJksZbUD8iHPM+nPaWwGt27f9ef3sIPt6hA2fAwDprw
T7jcIKFuEVRhedZT2VW/Hrf4odHGSUUYnQ0kh4nT7WDgL3qgKo+hgl2SYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH8SlmppocZLXaKb5C6GdwOejrn0MB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvZnhLV2FtbWh4a3Rkb3B2a0xvWjNBNTZPdWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwu4oAwQC
1RLEAwQB2bMyAwQC2bPkMA0GCSqGSIb3DQEBCwUAA4IBAQAy7xnxqwqlaJv72nt1
9WOmogXiGe9WndOgO8VyhiINTdXiUlm28zj2kgD0jxOfT3RvHzIdZyMGxO7nCHMY
mrI+uVYqF61G0Er368VBxDi2xg26zeQG9kSqQzlV60wdZp6gBsmjlu0WS0NbmhRk
DsfYgV7OBCuuECYFMStdQYUiXEgXopycFIGu49NbwTZ4kAcQK8TaBmGLiyeyw8jk
EG5sGsXyXBjAGiHgHtSma4XGw2qSB8V5s9hekFu7YJKX8F2hhDYfCpdLd85EnAQx
qvC+w0Q3mSC6FTKQ7pVR2nBQ5qhqb2ICfcfBksATAOUoGRstKzZi7617SMRe3gyu
sWCn
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:44:50 2025 by rpki-client