Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/FAbnnF69oHTmqk-_EL74zctuaA4.roa
File: FAbnnF69oHTmqk-_EL74zctuaA4.roa (raw, json)
Hash identifier: fltdyHSTKiTHvNl3z1Whswl3hhYadpjXzd/kAG+oHEc=
Subject key identifier: 14:06:E7:9C:5E:BD:A0:74:E6:AA:4F:BF:10:BE:F8:CD:CB:6E:68:0E
Certificate issuer: /CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Certificate serial: 0194258FA7813A8D577D749769F9A1070386
Authority key identifier: B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/FAbnnF69oHTmqk-_EL74zctuaA4.roa
Signing time: Thu 02 Jan 2025 05:49:19 +0000
ROA not before: Thu 02 Jan 2025 05:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13287
IP address blocks: 185.127.128.0/24 maxlen: 24
185.127.130.0/24 maxlen: 24
185.127.131.0/24 maxlen: 24
2a06:c980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.mft
rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 08:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a7:81:3a:8d:57:7d:74:97:69:f9:a1:07:03:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85b0c8a75893a4f8e1ef0d9a4d41478d8b33278
Validity
Not Before: Jan 2 05:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1406e79c5ebda074e6aa4fbf10bef8cdcb6e680e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:96:06:be:55:fa:00:34:3d:0e:86:b5:29:f2:
6d:6d:b6:2c:b2:d9:e2:6b:f3:ed:41:00:dd:85:5e:
56:0b:d4:b0:8f:08:8c:92:b8:07:98:cd:67:b1:48:
bc:3b:b7:98:85:79:06:43:5e:e5:82:d7:33:07:4e:
85:6e:af:72:06:c0:a5:63:1f:59:43:36:3f:98:d0:
3c:b3:86:c5:06:b6:cd:20:c7:7a:e6:64:f5:7e:21:
c2:70:85:2d:46:f6:ce:8f:43:07:44:4e:69:ff:1e:
21:55:11:6c:6d:90:a6:50:f8:64:3d:d0:e1:e1:6d:
a5:b8:2e:31:4d:a7:1a:ba:c6:d9:84:fc:f3:57:ff:
4b:2b:3c:1f:b4:90:02:a3:e3:9f:c8:13:55:d9:5c:
5a:46:01:75:e4:f4:74:f2:48:f5:05:47:b3:b7:1d:
81:37:db:5f:7b:0f:fc:4d:05:d4:3c:28:e3:be:44:
e1:a6:e9:ad:d0:77:ab:30:41:06:06:59:05:fa:c0:
ee:10:fc:53:1b:13:e2:dd:5e:f5:7b:b6:f8:e8:fd:
5e:45:c4:42:df:d4:b4:35:24:cc:57:37:c2:7a:be:
88:8b:61:ca:c3:9f:a2:03:86:c3:48:31:f3:2f:e6:
af:0e:bf:f6:90:7b:83:aa:6d:d1:87:6f:70:4c:00:
a2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:06:E7:9C:5E:BD:A0:74:E6:AA:4F:BF:10:BE:F8:CD:CB:6E:68:0E
X509v3 Authority Key Identifier:
keyid:B8:5B:0C:8A:75:89:3A:4F:8E:1E:F0:D9:A4:D4:14:78:D8:B3:32:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFsMinWJOk-OHvDZpNQUeNizMng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/FAbnnF69oHTmqk-_EL74zctuaA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/8819e2-c4e3-4bce-a61c-305d41d53a65/1/uFsMinWJOk-OHvDZpNQUeNizMng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.128.0/24
185.127.130.0/23
IPv6:
2a06:c980::/29
Signature Algorithm: sha256WithRSAEncryption
ad:2b:ad:4b:6e:ac:59:6c:d8:65:01:0d:2e:26:9e:ba:38:b1:
cf:8d:32:48:ea:28:77:11:6a:82:37:ae:d7:29:ae:62:76:34:
96:56:7a:b1:ca:0a:2b:83:a9:79:d1:75:ef:c5:9a:27:22:3e:
f1:49:83:56:23:76:1f:5c:ab:12:de:ca:1a:ad:53:fa:a9:70:
77:34:2c:6b:88:43:57:79:a3:fb:85:da:58:35:1e:7e:a8:e3:
1a:90:97:f3:26:aa:c1:7c:e1:15:69:4c:4e:ed:dd:4f:f8:72:
f9:88:c1:ac:11:56:08:f5:34:01:20:8b:c9:95:e8:7d:61:71:
ac:b1:55:f6:ef:dc:a4:1d:2c:19:9f:8f:39:7b:89:79:37:02:
bf:b1:4f:eb:07:de:21:61:90:76:84:5a:04:ee:48:94:df:2c:
18:70:c1:0b:5f:cb:b0:c6:a5:43:d9:02:b9:ba:93:67:79:5b:
25:e0:93:a7:ac:8c:36:18:ae:6f:76:42:31:ae:24:77:d0:25:
71:6c:1f:7f:4c:d1:15:57:d7:8b:c0:72:5a:f8:9d:33:08:f4:
83:c2:77:da:06:69:87:60:cc:c4:68:9b:24:30:d6:f5:b8:2d:
bb:83:27:7f:46:90:ea:65:b0:43:80:f0:61:46:78:be:18:93:
3f:31:0b:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlj6eBOo1XfXSXafmhBwOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWIwYzhhNzU4OTNhNGY4ZTFlZjBkOWE0ZDQxNDc4ZDhi
MzMyNzgwHhcNMjUwMTAyMDU0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDA2ZTc5YzVlYmRhMDc0ZTZhYTRmYmYxMGJlZjhjZGNiNmU2ODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZYGvlX6ADQ9Doa1KfJtbbYsstni
a/PtQQDdhV5WC9SwjwiMkrgHmM1nsUi8O7eYhXkGQ17lgtczB06Fbq9yBsClYx9Z
QzY/mNA8s4bFBrbNIMd65mT1fiHCcIUtRvbOj0MHRE5p/x4hVRFsbZCmUPhkPdDh
4W2luC4xTacausbZhPzzV/9LKzwftJACo+OfyBNV2VxaRgF15PR08kj1BUeztx2B
N9tfew/8TQXUPCjjvkThpumt0HerMEEGBlkF+sDuEPxTGxPi3V71e7b46P1eRcRC
39S0NSTMVzfCer6Ii2HKw5+iA4bDSDHzL+avDr/2kHuDqm3Rh29wTACi+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBQG55xevaB05qpPvxC++M3LbmgOMB8GA1UdIwQY
MBaAFLhbDIp1iTpPjh7w2aTUFHjYszJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMt
MzA1ZDQxZDUzYTY1LzEvRkFibm5GNjlvSFRtcWstX0VMNzR6Y3R1YUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC84ODE5ZTItYzRlMy00YmNlLWE2MWMtMzA1ZDQxZDUzYTY1
LzEvdUZzTWluV0pPay1PSHZEWnBOUVVlTml6TW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuX+AAwQB
uX+CMA0EAgACMAcDBQMqBsmAMA0GCSqGSIb3DQEBCwUAA4IBAQCtK61LbqxZbNhl
AQ0uJp66OLHPjTJI6ih3EWqCN67XKa5idjSWVnqxygorg6l50XXvxZonIj7xSYNW
I3YfXKsS3soarVP6qXB3NCxriENXeaP7hdpYNR5+qOMakJfzJqrBfOEVaUxO7d1P
+HL5iMGsEVYI9TQBIIvJleh9YXGssVX279ykHSwZn485e4l5NwK/sU/rB94hYZB2
hFoE7kiU3ywYcMELX8uwxqVD2QK5upNneVsl4JOnrIw2GK5vdkIxriR30CVxbB9/
TNEVV9eLwHJa+J0zCPSDwnfaBmmHYMzEaJskMNb1uC27gyd/RpDqZbBDgPBhRni+
GJM/MQv3
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:48:08 2025 by rpki-client