Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/FC18L6lC5yaJe6exeGTUDqFYlIo.roa
File: FC18L6lC5yaJe6exeGTUDqFYlIo.roa (raw, json)
Hash identifier: GydOuNkxodWdIUJZgEfyA03NGxGVxZmhiSQz6U5MpVU=
Subject key identifier: 14:2D:7C:2F:A9:42:E7:26:89:7B:A7:B1:78:64:D4:0E:A1:58:94:8A
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0194282392331F6C87470F66C9DD664C1674
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/FC18L6lC5yaJe6exeGTUDqFYlIo.roa
Signing time: Thu 02 Jan 2025 17:50:07 +0000
ROA not before: Thu 02 Jan 2025 17:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47628
IP address blocks: 91.224.54.0/24 maxlen: 24
91.224.55.0/24 maxlen: 24
185.57.140.0/24 maxlen: 24
185.57.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.mft
rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 15:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:92:33:1f:6c:87:47:0f:66:c9:dd:66:4c:16:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 17:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=142d7c2fa942e726897ba7b17864d40ea158948a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1d:84:68:0b:2e:57:d9:16:4d:50:af:33:74:
20:48:57:cd:3a:6a:1a:93:c9:ee:eb:ce:fb:f5:40:
64:a0:bf:4c:7b:af:34:dc:7d:b3:2f:65:44:d3:ba:
2c:2d:b6:ae:e8:f9:23:21:29:49:29:5a:9d:23:a9:
a3:da:d7:0b:ff:47:81:00:4f:cd:82:01:fd:cf:3a:
00:a8:59:c1:03:d9:f2:85:5d:74:c8:cf:82:a4:d0:
be:70:c5:c9:67:bf:36:49:1c:7e:93:2f:4d:40:f3:
7a:9c:b3:4c:bb:a2:6d:1c:24:2a:85:bf:ea:ba:21:
1a:2f:5e:3b:75:cb:32:64:8d:5f:97:c9:4c:3e:fa:
c1:58:c0:d0:9c:6b:b3:79:47:a4:55:14:83:a4:e7:
d1:8c:37:73:d4:42:49:41:b0:55:c0:cc:d4:81:1a:
b7:54:42:ff:6c:4f:9a:cd:f3:b0:a6:b5:56:e5:b7:
d4:62:15:49:2f:0d:72:ce:59:66:79:b8:7c:c7:c4:
81:a8:bb:ca:a5:98:5e:84:0a:22:cf:82:83:4d:c6:
5a:19:cc:9d:dc:b4:65:3c:68:f5:89:9c:0b:e8:fc:
04:98:36:0e:55:f1:af:8a:64:2d:a4:87:02:19:1e:
22:3b:16:1f:59:ad:67:d6:e1:59:88:4e:bd:df:33:
a5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2D:7C:2F:A9:42:E7:26:89:7B:A7:B1:78:64:D4:0E:A1:58:94:8A
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/FC18L6lC5yaJe6exeGTUDqFYlIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.54.0/23
185.57.140.0/23
Signature Algorithm: sha256WithRSAEncryption
23:2c:bf:61:d8:c7:65:2b:e9:42:d1:b1:4b:fd:32:5f:7b:02:
a4:6b:d6:6d:40:db:62:e8:ea:fb:18:c0:40:12:9f:6e:16:90:
9c:39:4b:d1:f6:d8:fe:21:77:42:b8:35:89:cd:e1:51:7d:18:
cc:52:a0:7d:9f:fd:87:d9:b2:f5:70:46:e6:fe:53:c1:0d:e5:
b2:f1:c5:34:c9:2f:1c:1f:9f:06:80:e4:54:3d:a8:d4:45:fb:
c6:51:a3:4d:3f:71:42:dd:7a:40:ed:28:5f:db:eb:be:a9:c3:
d3:07:9b:ff:e2:4c:5a:4b:d8:9d:f2:02:c6:f3:a4:df:d5:c1:
1d:2f:a3:c3:c0:f4:9f:74:ee:8c:f3:c7:f0:2b:19:0f:87:ca:
32:fa:ee:d7:63:3f:21:d9:5b:04:56:0f:a7:87:2d:56:e3:52:
d0:3c:dd:5d:de:5a:a1:6c:be:df:a5:33:a1:d3:3e:89:5c:fd:
5e:d8:82:b9:c2:fd:33:88:fb:13:a1:54:9c:23:4c:2f:9d:5d:
51:f7:7f:aa:7a:2e:11:31:23:59:0d:1b:0b:73:65:18:ee:97:
d2:78:c7:33:6b:57:a4:c0:10:cf:b1:06:87:91:19:5d:be:11:
e7:e6:1f:ff:6a:5a:2c:92:ab:24:a1:42:74:6a:ad:b2:34:fc:
5c:fc:f2:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoI5IzH2yHRw9myd1mTBZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjUwMTAyMTc1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDJkN2MyZmE5NDJlNzI2ODk3YmE3YjE3ODY0ZDQwZWExNTg5NDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR2EaAsuV9kWTVCvM3QgSFfNOmoa
k8nu68779UBkoL9Me6803H2zL2VE07osLbau6PkjISlJKVqdI6mj2tcL/0eBAE/N
ggH9zzoAqFnBA9nyhV10yM+CpNC+cMXJZ782SRx+ky9NQPN6nLNMu6JtHCQqhb/q
uiEaL147dcsyZI1fl8lMPvrBWMDQnGuzeUekVRSDpOfRjDdz1EJJQbBVwMzUgRq3
VEL/bE+azfOwprVW5bfUYhVJLw1yzllmebh8x8SBqLvKpZhehAoiz4KDTcZaGcyd
3LRlPGj1iZwL6PwEmDYOVfGvimQtpIcCGR4iOxYfWa1n1uFZiE693zOlvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBQtfC+pQucmiXunsXhk1A6hWJSKMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvRkMxOEw2bEM1eWFKZTZleGVHVFVEcUZZbElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+A2AwQB
uTmMMA0GCSqGSIb3DQEBCwUAA4IBAQAjLL9h2MdlK+lC0bFL/TJfewKka9ZtQNti
6Or7GMBAEp9uFpCcOUvR9tj+IXdCuDWJzeFRfRjMUqB9n/2H2bL1cEbm/lPBDeWy
8cU0yS8cH58GgORUPajURfvGUaNNP3FC3XpA7Shf2+u+qcPTB5v/4kxaS9id8gLG
86Tf1cEdL6PDwPSfdO6M88fwKxkPh8oy+u7XYz8h2VsEVg+nhy1W41LQPN1d3lqh
bL7fpTOh0z6JXP1e2IK5wv0ziPsToVScI0wvnV1R93+qei4RMSNZDRsLc2UY7pfS
eMcza1ekwBDPsQaHkRldvhHn5h//aloskqskoUJ0aq2yNPxc/PL6
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:07 2025 by rpki-client