Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/fvocZOR5mjQw63-hlnTV0AYJ-n0.roa
File: fvocZOR5mjQw63-hlnTV0AYJ-n0.roa (raw, json)
Hash identifier: EDtt1bNtketuScVPOmt7fRRKZDdXsTL+CjwO3mYdaKU=
Subject key identifier: 7E:FA:1C:64:E4:79:9A:34:30:EB:7F:A1:96:74:D5:D0:06:09:FA:7D
Certificate issuer: /CN=70de707d6c01006b2aca687eaab29cb4736b7668
Certificate serial: 01941FFABA32B0AB886D4024D785CAFBEAD8
Authority key identifier: 70:DE:70:7D:6C:01:00:6B:2A:CA:68:7E:AA:B2:9C:B4:73:6B:76:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/fvocZOR5mjQw63-hlnTV0AYJ-n0.roa
Signing time: Wed 01 Jan 2025 03:48:32 +0000
ROA not before: Wed 01 Jan 2025 03:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208357
IP address blocks: 185.54.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/cN5wfWwBAGsqymh-qrKctHNrdmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/cN5wfWwBAGsqymh-qrKctHNrdmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 20:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ba:32:b0:ab:88:6d:40:24:d7:85:ca:fb:ea:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70de707d6c01006b2aca687eaab29cb4736b7668
Validity
Not Before: Jan 1 03:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7efa1c64e4799a3430eb7fa19674d5d00609fa7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1c:ce:2a:23:71:1f:6a:55:bb:9c:69:31:40:
0b:ce:bb:62:60:41:73:f2:57:df:f5:0f:f5:2f:91:
2a:27:85:fc:4a:43:8c:37:8f:f6:07:1b:33:81:de:
44:c5:d6:1c:1d:af:2d:12:53:29:0c:b1:2b:7f:2f:
2e:64:60:6b:a5:34:e9:de:bf:71:53:c9:56:2e:e8:
77:3a:1a:f1:44:46:48:1d:a1:46:50:a9:7d:9f:11:
82:af:1b:1f:60:ee:90:8c:73:22:a3:4a:b3:df:4f:
b5:42:fa:97:e1:83:7c:f5:9a:d9:5d:0f:f8:56:1b:
89:bb:9c:15:ef:82:24:c5:5a:14:c9:0e:2c:b1:a4:
46:75:32:bd:86:3a:70:b4:d7:0e:a5:11:34:c6:d0:
67:5b:29:a9:af:ac:16:7d:11:51:3e:9e:9f:d2:f2:
28:48:30:48:9f:ad:9b:6f:23:ae:f5:ec:f4:9f:1a:
53:0c:36:f9:b7:10:57:3a:81:e4:45:0c:6b:b6:3e:
8c:91:14:e9:cf:8d:04:bc:67:f4:2f:f0:b8:f0:3d:
fb:0b:0d:5c:d0:32:a2:c3:c5:6a:39:52:e1:8b:71:
20:91:5e:13:e0:e4:08:e8:62:3d:c5:97:17:89:70:
b9:ca:a8:d6:6a:e6:f5:bd:68:7f:22:4c:94:51:15:
87:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:FA:1C:64:E4:79:9A:34:30:EB:7F:A1:96:74:D5:D0:06:09:FA:7D
X509v3 Authority Key Identifier:
keyid:70:DE:70:7D:6C:01:00:6B:2A:CA:68:7E:AA:B2:9C:B4:73:6B:76:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/fvocZOR5mjQw63-hlnTV0AYJ-n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/cN5wfWwBAGsqymh-qrKctHNrdmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.138.0/24
Signature Algorithm: sha256WithRSAEncryption
32:fb:78:28:0f:8c:9d:c3:93:c1:95:09:71:0c:97:90:b4:26:
0f:f4:2e:21:40:d1:09:df:3e:b1:85:94:1d:a7:fc:56:ff:9a:
71:c3:0c:9f:7c:d6:f7:c5:cf:90:dc:ea:e4:2a:59:ce:e7:dc:
b5:ad:2c:a9:a5:a7:6c:93:a5:a0:32:bd:cc:7b:a9:ea:89:97:
a5:91:cf:0d:f2:b6:e9:b7:43:d8:fd:20:e8:33:e3:35:a2:14:
d5:fd:91:57:60:15:89:c9:9b:74:0c:c6:ef:b8:c2:de:de:b7:
97:9a:07:be:b6:4d:23:70:cf:5e:17:ca:8d:1d:b2:3b:88:ec:
1e:2d:6a:cc:ee:7b:af:10:b4:c7:09:64:e2:04:12:c2:3d:d5:
05:b0:b6:0b:dc:c3:ac:ef:32:27:0a:1b:f2:01:43:6e:d2:50:
41:5a:f8:17:c2:c4:7a:be:f5:7e:9c:e1:03:84:49:f7:7e:35:
f2:5d:91:28:87:3a:67:62:29:fb:8a:03:92:24:92:e8:d9:7f:
27:52:10:cf:09:aa:48:b8:b4:7d:ed:a8:24:c2:27:3d:00:36:
93:b0:27:f7:59:1b:1b:62:63:42:f2:1f:73:42:31:ac:96:2c:
5e:f6:7b:03:d3:67:ec:be:3b:5a:5d:3a:3c:e8:a6:31:d3:15:
26:cd:be:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+roysKuIbUAk14XK++rYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZGU3MDdkNmMwMTAwNmIyYWNhNjg3ZWFhYjI5Y2I0NzM2
Yjc2NjgwHhcNMjUwMTAxMDM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWZhMWM2NGU0Nzk5YTM0MzBlYjdmYTE5Njc0ZDVkMDA2MDlmYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRzOKiNxH2pVu5xpMUALzrtiYEFz
8lff9Q/1L5EqJ4X8SkOMN4/2Bxszgd5ExdYcHa8tElMpDLErfy8uZGBrpTTp3r9x
U8lWLuh3OhrxREZIHaFGUKl9nxGCrxsfYO6QjHMio0qz30+1QvqX4YN89ZrZXQ/4
VhuJu5wV74IkxVoUyQ4ssaRGdTK9hjpwtNcOpRE0xtBnWympr6wWfRFRPp6f0vIo
SDBIn62bbyOu9ez0nxpTDDb5txBXOoHkRQxrtj6MkRTpz40EvGf0L/C48D37Cw1c
0DKiw8VqOVLhi3EgkV4T4OQI6GI9xZcXiXC5yqjWaub1vWh/IkyUURWHAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH76HGTkeZo0MOt/oZZ01dAGCfp9MB8GA1UdIwQY
MBaAFHDecH1sAQBrKspofqqynLRza3ZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY041d2ZXd0JBR3NxeW1oLXFyS2N0SE5yZG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82Y2UwYzAtOTM3Yy00YTQzLTllODQt
MThlNWM1MzdkNTFkLzEvZnZvY1pPUjVtalF3NjMtaGxuVFYwQVlKLW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82Y2UwYzAtOTM3Yy00YTQzLTllODQtMThlNWM1MzdkNTFk
LzEvY041d2ZXd0JBR3NxeW1oLXFyS2N0SE5yZG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTaKMA0G
CSqGSIb3DQEBCwUAA4IBAQAy+3goD4ydw5PBlQlxDJeQtCYP9C4hQNEJ3z6xhZQd
p/xW/5pxwwyffNb3xc+Q3OrkKlnO59y1rSyppadsk6WgMr3Me6nqiZelkc8N8rbp
t0PY/SDoM+M1ohTV/ZFXYBWJyZt0DMbvuMLe3reXmge+tk0jcM9eF8qNHbI7iOwe
LWrM7nuvELTHCWTiBBLCPdUFsLYL3MOs7zInChvyAUNu0lBBWvgXwsR6vvV+nOED
hEn3fjXyXZEohzpnYin7igOSJJLo2X8nUhDPCapIuLR97agkwic9ADaTsCf3WRsb
YmNC8h9zQjGslixe9nsD02fsvjtaXTo86KYx0xUmzb57
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:18:11 2025 by rpki-client