Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/88FJYTd8b-KHdvH7x_K99lUYWdQ.roa
File: 88FJYTd8b-KHdvH7x_K99lUYWdQ.roa (raw, json)
Hash identifier: ghtnktZiVNaMUpHUfiZ1KkJiqbduMhbZsfbCJ/7Zf6E=
Subject key identifier: F3:C1:49:61:37:7C:6F:E2:87:76:F1:FB:C7:F2:BD:F6:55:18:59:D4
Certificate issuer: /CN=15f889fed0085fc21b08fcbbb252c3106df99aa8
Certificate serial: 019427B3799F8501225C1E1DC6C261520F09
Authority key identifier: 15:F8:89:FE:D0:08:5F:C2:1B:08:FC:BB:B2:52:C3:10:6D:F9:9A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/88FJYTd8b-KHdvH7x_K99lUYWdQ.roa
Signing time: Thu 02 Jan 2025 15:47:40 +0000
ROA not before: Thu 02 Jan 2025 15:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13101
IP address blocks: 45.145.236.0/22 maxlen: 22
46.22.152.0/21 maxlen: 21
109.94.212.0/22 maxlen: 22
185.234.200.0/22 maxlen: 22
192.166.40.0/22 maxlen: 22
202.71.144.0/21 maxlen: 21
206.168.72.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/FfiJ_tAIX8IbCPy7slLDEG35mqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/FfiJ_tAIX8IbCPy7slLDEG35mqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:79:9f:85:01:22:5c:1e:1d:c6:c2:61:52:0f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f889fed0085fc21b08fcbbb252c3106df99aa8
Validity
Not Before: Jan 2 15:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3c14961377c6fe28776f1fbc7f2bdf6551859d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:3f:96:d1:ad:9b:ed:d0:d5:c5:64:6e:3a:70:
26:38:88:a0:6d:86:b9:e1:03:1c:c0:b2:86:ee:a2:
20:d7:18:5c:c8:37:09:df:1a:1a:4d:f3:46:e6:61:
40:d5:77:20:27:04:14:4e:c5:6e:ba:0b:3a:b2:a1:
9d:dd:1e:d0:4f:c9:6c:47:54:78:1d:89:11:f8:ba:
7b:43:70:90:c5:9a:07:95:da:c2:2f:0d:72:de:59:
cc:ba:01:f0:42:b1:df:f2:f8:57:ad:ca:e8:7d:e6:
31:1b:1b:1a:20:49:26:75:8a:20:ad:7c:d2:8d:ca:
f9:2e:e9:e6:22:ba:76:00:98:33:17:da:14:18:c8:
53:2d:eb:bb:10:4b:f4:d9:a0:f3:45:93:f2:9d:ec:
df:f6:b2:6b:63:6c:c1:89:aa:cc:8a:88:e9:b6:9f:
2c:e3:b3:2e:3b:42:f7:82:58:11:92:3f:7d:e1:7c:
bb:d7:0f:9b:a2:10:40:fb:ed:fb:d0:82:35:e0:fd:
60:09:d2:79:ea:24:4c:ad:4b:96:6b:e0:ab:55:cf:
23:63:4e:ff:40:bc:3c:ce:86:73:e0:fe:68:95:e2:
e8:4b:d5:5c:af:7d:60:16:a3:48:4a:68:7b:f4:28:
76:c2:ed:e1:45:e3:46:83:9d:77:b1:90:3b:f3:1d:
aa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C1:49:61:37:7C:6F:E2:87:76:F1:FB:C7:F2:BD:F6:55:18:59:D4
X509v3 Authority Key Identifier:
keyid:15:F8:89:FE:D0:08:5F:C2:1B:08:FC:BB:B2:52:C3:10:6D:F9:9A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/88FJYTd8b-KHdvH7x_K99lUYWdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/FfiJ_tAIX8IbCPy7slLDEG35mqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.236.0/22
46.22.152.0/21
109.94.212.0/22
185.234.200.0/22
192.166.40.0/22
202.71.144.0/21
206.168.72.0/21
Signature Algorithm: sha256WithRSAEncryption
23:51:61:ef:63:ac:59:91:9a:56:6c:b4:f0:08:f1:82:c9:23:
1c:50:28:fa:21:ef:9d:96:24:da:f5:ab:d2:77:30:02:66:91:
69:0d:0f:a8:83:a2:0d:74:97:c4:5a:82:25:d6:ee:fb:0f:29:
ed:db:2f:74:c8:89:be:aa:08:f7:54:90:82:7f:fa:68:80:aa:
ca:6e:10:12:c8:26:5b:b9:e7:eb:1b:52:48:96:5b:bb:3e:e1:
e4:73:7a:11:cf:5f:49:ce:dc:91:89:96:90:7e:f7:01:3d:40:
bf:9a:91:fc:4c:00:1e:98:52:83:d5:bd:9b:be:3a:82:45:55:
ec:14:db:0a:ea:9d:df:4b:d2:97:f2:cd:b9:93:25:fe:c9:7f:
35:9b:8c:61:16:0d:d6:2f:35:59:b1:ef:1c:0c:13:16:fa:84:
4d:67:81:bb:be:2b:b2:b5:30:a7:87:92:c4:66:08:8a:5b:a4:
7f:df:f8:a4:c3:5f:2e:63:60:e8:8a:d9:6a:20:2a:27:96:ef:
dd:b6:35:5b:f8:12:e7:88:59:e8:a8:8b:7e:64:7d:f7:e1:c4:
ad:f9:03:35:8b:b0:3c:bc:2f:cd:7f:4a:85:96:83:4c:d3:e3:
9a:4d:dc:34:94:31:78:6d:45:06:ac:0f:de:d9:c2:cb:72:92:
bd:11:50:35
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQns3mfhQEiXB4dxsJhUg8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Zjg4OWZlZDAwODVmYzIxYjA4ZmNiYmIyNTJjMzEwNmRm
OTlhYTgwHhcNMjUwMTAyMTU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2MxNDk2MTM3N2M2ZmUyODc3NmYxZmJjN2YyYmRmNjU1MTg1OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8D+W0a2b7dDVxWRuOnAmOIigbYa5
4QMcwLKG7qIg1xhcyDcJ3xoaTfNG5mFA1XcgJwQUTsVuugs6sqGd3R7QT8lsR1R4
HYkR+Lp7Q3CQxZoHldrCLw1y3lnMugHwQrHf8vhXrcrofeYxGxsaIEkmdYogrXzS
jcr5LunmIrp2AJgzF9oUGMhTLeu7EEv02aDzRZPynezf9rJrY2zBiarMiojptp8s
47MuO0L3glgRkj994Xy71w+bohBA++370II14P1gCdJ56iRMrUuWa+CrVc8jY07/
QLw8zoZz4P5oleLoS9Vcr31gFqNISmh79Ch2wu3hReNGg513sZA78x2qqQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPPBSWE3fG/ih3bx+8fyvfZVGFnUMB8GA1UdIwQY
MBaAFBX4if7QCF/CGwj8u7JSwxBt+ZqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZpSl90QUlYOEliQ1B5N3NsTERFRzM1bXFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9mOTUyZmItOTMxOC00OWI2LWI5NDYt
MWUzYTE5NTQ3OGUwLzEvODhGSllUZDhiLUtIZHZIN3hfSzk5bFVZV2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9mOTUyZmItOTMxOC00OWI2LWI5NDYtMWUzYTE5NTQ3OGUw
LzEvRmZpSl90QUlYOEliQ1B5N3NsTERFRzM1bXFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLZHsAwQD
LhaYAwQCbV7UAwQCuerIAwQCwKYoAwQDykeQAwQDzqhIMA0GCSqGSIb3DQEBCwUA
A4IBAQAjUWHvY6xZkZpWbLTwCPGCySMcUCj6Ie+dliTa9avSdzACZpFpDQ+og6IN
dJfEWoIl1u77Dynt2y90yIm+qgj3VJCCf/pogKrKbhASyCZbuefrG1JIllu7PuHk
c3oRz19JztyRiZaQfvcBPUC/mpH8TAAemFKD1b2bvjqCRVXsFNsK6p3fS9KX8s25
kyX+yX81m4xhFg3WLzVZse8cDBMW+oRNZ4G7viuytTCnh5LEZgiKW6R/3/ikw18u
Y2DoitlqIConlu/dtjVb+BLniFnoqIt+ZH334cSt+QM1i7A8vC/Nf0qFloNM0+Oa
Tdw0lDF4bUUGrA/e2cLLcpK9EVA1
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:50:15 2025 by rpki-client