Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/k_9bhWj2JcQnyMq-FPfEv0otOUw.roa
File: k_9bhWj2JcQnyMq-FPfEv0otOUw.roa (raw, json)
Hash identifier: Zs3oxA2HTYXtiE5lUDi8OJy4SVF/+vQT5qkuzqaf+ew=
Subject key identifier: 93:FF:5B:85:68:F6:25:C4:27:C8:CA:BE:14:F7:C4:BF:4A:2D:39:4C
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01941FFA423363A8341E074B34C8BF0F46DA
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/k_9bhWj2JcQnyMq-FPfEv0otOUw.roa
Signing time: Wed 01 Jan 2025 03:48:02 +0000
ROA not before: Wed 01 Jan 2025 03:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133944
IP address blocks: 43.245.116.0/23 maxlen: 23
45.141.80.0/22 maxlen: 22
193.148.92.0/23 maxlen: 23
207.244.216.0/22 maxlen: 22
209.35.4.0/23 maxlen: 23
209.35.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:42:33:63:a8:34:1e:07:4b:34:c8:bf:0f:46:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 03:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93ff5b8568f625c427c8cabe14f7c4bf4a2d394c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9b:b0:21:6c:fc:53:fe:4a:68:e9:dd:cd:30:
5b:5c:71:8e:eb:24:29:8f:f3:25:36:63:65:31:28:
b2:4e:2c:02:26:52:31:e6:65:5e:05:75:5e:ed:a2:
ef:bc:99:4a:7b:27:96:d5:e7:ad:05:df:6f:47:92:
6a:ab:28:a1:52:c8:33:ab:b9:4e:b8:00:50:b6:0c:
52:29:2d:f6:76:57:5f:07:69:23:a2:26:72:f3:fc:
27:89:cc:75:d8:b6:85:4c:f2:1f:b0:cb:c3:43:35:
ea:65:35:8a:20:e7:0f:bb:98:8b:4c:84:02:bd:c5:
e6:0c:8e:45:0b:f5:e5:c9:89:e4:c2:55:4a:3b:16:
5f:d7:80:ce:87:82:2a:5a:44:cb:41:c0:dd:cf:cd:
ae:a9:bb:9c:a7:f3:d8:b8:b4:bd:8e:3a:a9:8b:41:
fc:87:64:02:09:99:74:04:0f:74:ea:d8:df:2e:07:
2d:c5:67:2d:72:4b:ef:b8:14:88:1f:20:ce:a1:8a:
4c:a1:09:f9:b8:d1:f1:db:e6:f8:18:7c:53:df:49:
60:97:79:6c:fb:f9:94:ea:1a:f2:db:d6:88:bc:45:
ce:45:29:4c:05:b2:f1:90:6b:19:a7:c3:5e:25:26:
4f:6c:08:53:1d:6a:e6:3a:dd:60:5d:b8:b6:09:f5:
a9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:FF:5B:85:68:F6:25:C4:27:C8:CA:BE:14:F7:C4:BF:4A:2D:39:4C
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/k_9bhWj2JcQnyMq-FPfEv0otOUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.245.116.0/23
45.141.80.0/22
193.148.92.0/23
207.244.216.0/22
209.35.4.0/23
209.35.113.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:ab:ac:03:4c:9a:77:08:c2:e2:23:29:33:f8:e1:d3:3f:77:
a3:d7:dc:7f:06:79:21:38:e4:77:ec:bd:a1:04:30:e4:5c:67:
8b:bf:4c:b9:72:60:58:08:8e:68:5b:bf:d5:ba:c0:34:c7:f8:
e5:2c:2b:d7:dc:3a:13:82:20:51:07:0f:69:13:fe:ef:3c:8b:
e1:27:0e:44:e6:b1:9f:5d:11:15:b2:f9:97:e1:29:5e:80:21:
cd:c8:f6:57:27:8c:62:de:7b:d1:59:43:21:20:83:bd:f7:0d:
17:43:65:37:da:62:d3:6b:54:1e:77:bd:e4:7d:1f:e6:60:ba:
2d:16:d6:ea:af:4b:b3:e7:b8:6c:56:f5:67:59:03:a8:8a:da:
49:44:0d:96:94:55:68:95:c5:14:a0:83:2e:3b:ca:c7:e8:17:
ed:f3:1f:a0:63:aa:19:91:b1:13:24:5d:35:a1:07:75:aa:ca:
b0:99:9e:4f:39:58:5c:6f:2d:6c:49:76:45:df:ad:99:b6:07:
cd:68:bb:bf:13:9f:6d:d5:b9:06:1c:1a:ad:56:98:3f:34:c4:
80:cd:44:56:2b:a3:f3:51:f3:03:30:1c:5e:02:d2:4c:8c:d0:
20:72:ed:3d:53:21:e7:b5:7a:3d:e6:5e:cf:04:c8:de:b9:97:
d4:a9:58:9d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQf+kIzY6g0HgdLNMi/D0baMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjUwMTAxMDM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2ZmNWI4NTY4ZjYyNWM0MjdjOGNhYmUxNGY3YzRiZjRhMmQzOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpuwIWz8U/5KaOndzTBbXHGO6yQp
j/MlNmNlMSiyTiwCJlIx5mVeBXVe7aLvvJlKeyeW1eetBd9vR5JqqyihUsgzq7lO
uABQtgxSKS32dldfB2kjoiZy8/wnicx12LaFTPIfsMvDQzXqZTWKIOcPu5iLTIQC
vcXmDI5FC/XlyYnkwlVKOxZf14DOh4IqWkTLQcDdz82uqbucp/PYuLS9jjqpi0H8
h2QCCZl0BA906tjfLgctxWctckvvuBSIHyDOoYpMoQn5uNHx2+b4GHxT30lgl3ls
+/mU6hry29aIvEXORSlMBbLxkGsZp8NeJSZPbAhTHWrmOt1gXbi2CfWpIwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJP/W4Vo9iXEJ8jKvhT3xL9KLTlMMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEva185YmhXajJKY1FueU1xLUZQZkV2MG90T1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBK/V0AwQC
LY1QAwQBwZRcAwQCz/TYAwQB0SMEAwQA0SNxMA0GCSqGSIb3DQEBCwUAA4IBAQA8
q6wDTJp3CMLiIykz+OHTP3ej19x/BnkhOOR37L2hBDDkXGeLv0y5cmBYCI5oW7/V
usA0x/jlLCvX3DoTgiBRBw9pE/7vPIvhJw5E5rGfXREVsvmX4SlegCHNyPZXJ4xi
3nvRWUMhIIO99w0XQ2U32mLTa1Qed73kfR/mYLotFtbqr0uz57hsVvVnWQOoitpJ
RA2WlFVolcUUoIMuO8rH6Bft8x+gY6oZkbETJF01oQd1qsqwmZ5POVhcby1sSXZF
362ZtgfNaLu/E59t1bkGHBqtVpg/NMSAzURWK6PzUfMDMBxeAtJMjNAgcu09UyHn
tXo95l7PBMjeuZfUqVid
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:16:48 2025 by rpki-client