Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/6ac685-196b-41f1-9144-99d1ec9672b5/1/fMx4JRDhT-4EqpiMKvHy8Mkz708.roa
File: fMx4JRDhT-4EqpiMKvHy8Mkz708.roa (raw, json)
Hash identifier: mZ+R87KV+PsrYlu7YWRXhHM7+ZqAJ6Tj0DDGQTn9KvM=
Subject key identifier: 7C:CC:78:25:10:E1:4F:EE:04:AA:98:8C:2A:F1:F2:F0:C9:33:EF:4F
Certificate issuer: /CN=ab6eb3155e2cd53521199ba7f628c3cdbba7cf79
Certificate serial: 01942522023713937852C9F908DD20F7D320
Authority key identifier: AB:6E:B3:15:5E:2C:D5:35:21:19:9B:A7:F6:28:C3:CD:BB:A7:CF:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q26zFV4s1TUhGZun9ijDzbunz3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/6ac685-196b-41f1-9144-99d1ec9672b5/1/fMx4JRDhT-4EqpiMKvHy8Mkz708.roa
Signing time: Thu 02 Jan 2025 03:49:33 +0000
ROA not before: Thu 02 Jan 2025 03:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12552
IP address blocks: 82.96.0.0/18 maxlen: 18
82.96.28.0/22 maxlen: 22
82.96.43.0/24 maxlen: 24
83.140.0.0/16 maxlen: 16
83.140.30.0/24 maxlen: 24
83.140.95.0/24 maxlen: 24
83.140.96.0/23 maxlen: 23
83.140.99.0/24 maxlen: 24
83.140.108.0/22 maxlen: 22
83.140.113.0/24 maxlen: 24
83.140.156.0/23 maxlen: 23
83.140.171.0/24 maxlen: 24
83.140.220.0/24 maxlen: 24
83.140.221.0/24 maxlen: 24
83.140.231.0/24 maxlen: 24
83.140.249.0/24 maxlen: 24
93.158.64.0/18 maxlen: 18
93.158.68.0/22 maxlen: 22
93.158.76.0/24 maxlen: 24
93.158.78.0/24 maxlen: 24
93.158.88.0/22 maxlen: 22
93.158.92.0/23 maxlen: 23
93.158.95.0/24 maxlen: 24
93.158.98.0/23 maxlen: 23
93.158.100.0/24 maxlen: 24
93.158.102.0/23 maxlen: 23
93.158.107.0/24 maxlen: 24
93.158.108.0/23 maxlen: 23
185.165.172.0/22 maxlen: 22
185.165.172.0/24 maxlen: 24
195.140.200.0/22 maxlen: 22
217.75.96.0/19 maxlen: 19
2001:16d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/6ac685-196b-41f1-9144-99d1ec9672b5/1/q26zFV4s1TUhGZun9ijDzbunz3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/6ac685-196b-41f1-9144-99d1ec9672b5/1/q26zFV4s1TUhGZun9ijDzbunz3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/q26zFV4s1TUhGZun9ijDzbunz3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:02:37:13:93:78:52:c9:f9:08:dd:20:f7:d3:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6eb3155e2cd53521199ba7f628c3cdbba7cf79
Validity
Not Before: Jan 2 03:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ccc782510e14fee04aa988c2af1f2f0c933ef4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9b:00:f7:5a:39:53:ad:67:a0:b3:92:21:5b:
aa:04:7a:6d:ef:e3:f3:0d:b0:d3:4a:99:29:e6:2b:
9c:85:f0:07:e4:c1:4a:19:e4:62:0e:60:b2:e3:a4:
7e:3f:4c:8d:12:81:12:c7:11:50:b4:3b:97:a9:d4:
cc:2e:e9:76:f1:c0:cd:80:1a:f8:a9:0d:1b:a0:d8:
c1:f2:29:54:d4:c7:86:ac:99:a1:34:25:cf:97:f9:
e9:04:b8:a1:73:eb:f5:e9:f2:1d:76:d7:a5:fe:03:
e2:ed:ce:01:cc:50:65:97:22:d4:bf:2f:52:33:4e:
3e:08:0e:9a:28:71:7a:37:60:82:94:aa:bf:bf:e1:
49:45:3f:63:b9:74:41:b0:66:79:8c:cd:e5:8d:7a:
67:e4:93:78:25:d7:a6:47:7d:a8:9b:63:37:ae:06:
e6:1d:b6:b7:b4:70:7d:e8:68:ed:d7:69:a5:9c:cf:
1e:49:84:1e:1d:ee:bd:f4:7d:ef:a4:cd:d2:50:f1:
06:07:bf:a0:a8:68:e5:7a:16:17:a2:6d:2a:66:48:
5c:94:af:0f:58:96:24:ef:83:3f:9b:b3:5f:5c:9b:
f8:64:a2:4a:fc:03:85:86:a7:50:a1:c6:f9:0b:3f:
05:5c:c9:0c:a4:f1:a0:5c:2a:a4:72:ab:06:68:e2:
5b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CC:78:25:10:E1:4F:EE:04:AA:98:8C:2A:F1:F2:F0:C9:33:EF:4F
X509v3 Authority Key Identifier:
keyid:AB:6E:B3:15:5E:2C:D5:35:21:19:9B:A7:F6:28:C3:CD:BB:A7:CF:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q26zFV4s1TUhGZun9ijDzbunz3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/6ac685-196b-41f1-9144-99d1ec9672b5/1/fMx4JRDhT-4EqpiMKvHy8Mkz708.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/6ac685-196b-41f1-9144-99d1ec9672b5/1/q26zFV4s1TUhGZun9ijDzbunz3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.96.0.0/18
83.140.0.0/16
93.158.64.0/18
185.165.172.0/22
195.140.200.0/22
217.75.96.0/19
IPv6:
2001:16d8::/32
Signature Algorithm: sha256WithRSAEncryption
3b:ad:89:1f:c8:7d:5e:31:6a:d3:df:0d:ef:e4:5c:cb:97:3f:
c3:ce:9b:7f:db:8a:74:85:76:b4:c8:ae:85:e4:bb:fb:23:0b:
4f:62:ca:0d:9c:e1:33:bd:73:d5:ff:54:5f:9a:df:ce:40:4d:
91:42:44:34:7c:5a:bc:90:29:23:f2:5b:fe:2a:0f:82:f5:4a:
78:22:dc:39:e4:b6:a8:ed:25:8f:63:bd:0d:00:6d:49:64:38:
57:c4:3e:84:ec:76:1e:44:40:96:c3:50:c0:11:1e:08:97:01:
90:fd:fa:34:48:19:84:0a:7a:cd:fa:d2:c0:85:15:b9:e7:9d:
99:2e:dc:56:04:e4:27:04:2e:30:5b:4f:fc:26:6a:67:6e:d3:
ce:74:72:f0:4b:dc:ff:09:7f:ed:72:fe:18:f2:11:16:b5:8e:
7e:3b:19:14:d1:fc:08:ba:18:fb:95:77:cf:bb:13:1d:b2:97:
fa:8d:b1:30:fb:e8:28:ee:b5:73:77:4e:ba:ce:10:a8:35:f2:
b7:d1:13:71:71:5b:56:20:ed:e3:9d:4b:a2:c6:d2:bf:00:42:
09:3e:30:4b:ac:65:08:2e:8a:c7:d7:4f:25:20:5e:53:63:c3:
fd:bb:ed:45:64:3c:ac:d4:9b:34:ac:38:46:8f:b3:e3:c1:ef:
a7:33:e2:55
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQlIgI3E5N4Usn5CN0g99MgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmViMzE1NWUyY2Q1MzUyMTE5OWJhN2Y2MjhjM2NkYmJh
N2NmNzkwHhcNMjUwMTAyMDM0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2NjNzgyNTEwZTE0ZmVlMDRhYTk4OGMyYWYxZjJmMGM5MzNlZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5sA91o5U61noLOSIVuqBHpt7+Pz
DbDTSpkp5iuchfAH5MFKGeRiDmCy46R+P0yNEoESxxFQtDuXqdTMLul28cDNgBr4
qQ0boNjB8ilU1MeGrJmhNCXPl/npBLihc+v16fIddtel/gPi7c4BzFBllyLUvy9S
M04+CA6aKHF6N2CClKq/v+FJRT9juXRBsGZ5jM3ljXpn5JN4JdemR32om2M3rgbm
Hba3tHB96Gjt12mlnM8eSYQeHe699H3vpM3SUPEGB7+gqGjlehYXom0qZkhclK8P
WJYk74M/m7NfXJv4ZKJK/AOFhqdQocb5Cz8FXMkMpPGgXCqkcqsGaOJbewIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHzMeCUQ4U/uBKqYjCrx8vDJM+9PMB8GA1UdIwQY
MBaAFKtusxVeLNU1IRmbp/Yow827p895MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTI2ekZWNHMxVFVoR1p1bjlpakR6YnVuejNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy82YWM2ODUtMTk2Yi00MWYxLTkxNDQt
OTlkMWVjOTY3MmI1LzEvZk14NEpSRGhULTRFcXBpTUt2SHk4TWt6NzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy82YWM2ODUtMTk2Yi00MWYxLTkxNDQtOTlkMWVjOTY3MmI1
LzEvcTI2ekZWNHMxVFVoR1p1bjlpakR6YnVuejNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQGUmAAAwMA
U4wDBAZdnkADBAK5pawDBALDjMgDBAXZS2AwDQQCAAIwBwMFACABFtgwDQYJKoZI
hvcNAQELBQADggEBADutiR/IfV4xatPfDe/kXMuXP8POm3/binSFdrTIroXku/sj
C09iyg2c4TO9c9X/VF+a385ATZFCRDR8WryQKSPyW/4qD4L1Sngi3DnktqjtJY9j
vQ0AbUlkOFfEPoTsdh5EQJbDUMARHgiXAZD9+jRIGYQKes360sCFFbnnnZku3FYE
5CcELjBbT/wmamdu0850cvBL3P8Jf+1y/hjyERa1jn47GRTR/Ai6GPuVd8+7Ex2y
l/qNsTD76CjutXN3TrrOEKg18rfRE3FxW1Yg7eOdS6LG0r8AQgk+MEusZQguisfX
TyUgXlNjw/277UVkPKzUmzSsOEaPs+PB76cz4lU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:51:16 2025 by rpki-client