Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fbKaE0afgsScJ0wi0Ylxa1XBobw.roa
File: fbKaE0afgsScJ0wi0Ylxa1XBobw.roa (raw, json)
Hash identifier: IKoO7IYXAYFnccg0NzPCucJLvX8bpTrhLdWkhg615vo=
Subject key identifier: 7D:B2:9A:13:46:9F:82:C4:9C:27:4C:22:D1:89:71:6B:55:C1:A1:BC
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA381B5D88B2573586658BC3D11AC6
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fbKaE0afgsScJ0wi0Ylxa1XBobw.roa
Signing time: Wed 01 Jan 2025 03:47:59 +0000
ROA not before: Wed 01 Jan 2025 03:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48874
IP address blocks: 85.204.116.0/24 maxlen: 24
86.104.10.0/24 maxlen: 24
86.104.194.0/24 maxlen: 24
89.32.41.0/24 maxlen: 24
89.40.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:38:1b:5d:88:b2:57:35:86:65:8b:c3:d1:1a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7db29a13469f82c49c274c22d189716b55c1a1bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a9:53:2d:08:9d:4b:00:b3:4f:fe:02:e8:a5:
27:2b:6a:5f:80:ee:9d:00:3a:99:62:38:c2:1c:9c:
89:12:dc:c6:0e:8c:44:50:27:40:51:9c:b8:62:86:
fc:cd:29:87:06:8b:b9:eb:26:52:31:c7:b3:fa:61:
7d:61:5a:e9:39:c3:e5:4f:44:93:a1:19:ec:29:e4:
dd:23:0d:68:89:16:da:8c:72:cc:07:13:8f:88:8c:
f1:60:38:05:ef:af:8c:7e:59:cc:21:e9:92:8f:6a:
d3:f1:29:fe:3a:d3:6d:0b:08:60:78:e6:7a:73:6c:
ba:b5:07:3d:4d:52:d7:3b:8a:5f:e3:d4:0b:08:5a:
b4:41:43:df:8c:62:7f:7a:9b:ee:3d:cc:b0:8f:aa:
2c:a1:8d:44:ae:3a:14:a3:81:1c:af:bc:94:f0:69:
98:ce:ec:f7:9b:fd:5d:d1:2e:1a:a3:cc:62:5d:39:
f5:04:03:58:a5:46:bd:12:fd:8b:b7:f4:4c:d1:6e:
10:e6:29:0b:8e:35:0b:1b:7e:6e:22:1f:0c:87:f5:
38:7d:5a:18:b8:92:d7:03:bb:65:1f:a1:f8:61:78:
72:8f:45:9d:31:b3:e5:72:b8:89:21:a6:93:26:fc:
f3:77:7d:2f:f4:98:15:3a:2c:05:eb:2f:72:0a:60:
a6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B2:9A:13:46:9F:82:C4:9C:27:4C:22:D1:89:71:6B:55:C1:A1:BC
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fbKaE0afgsScJ0wi0Ylxa1XBobw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.116.0/24
86.104.10.0/24
86.104.194.0/24
89.32.41.0/24
89.40.73.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f9:ae:13:df:28:19:14:ab:8f:6e:61:57:e6:93:fb:9b:1b:
f5:62:49:a6:8b:27:bc:0e:4e:1b:27:a8:23:2b:0f:4e:50:8d:
19:86:c5:17:05:1d:35:90:1e:82:75:3a:94:07:bc:3f:c6:b9:
95:66:cc:23:5b:34:26:fc:82:e5:87:70:1c:45:57:16:8a:dd:
31:f5:a1:15:3a:e0:69:25:31:7c:d9:a1:da:8b:2f:5a:42:71:
34:3c:4e:c7:3c:f2:c1:47:a5:8b:34:a1:ec:a8:91:15:7b:61:
fc:a4:a6:dc:96:dd:eb:e9:98:9a:10:be:2f:c9:6a:e2:14:7f:
d6:81:f3:18:99:8d:fb:85:04:59:a7:39:4b:49:af:31:d0:5b:
46:e3:cb:67:68:35:05:1b:d5:27:f3:ec:bb:1d:54:3e:0c:58:
22:18:70:21:f1:8b:45:79:68:bf:fa:e6:7b:b8:39:bb:9b:b6:
d5:47:f8:44:85:3d:83:cf:1d:42:cc:f6:2e:5c:8b:c4:a1:ac:
60:27:db:43:44:f2:7d:5b:be:d8:7b:d7:c6:b2:31:5a:e6:f3:
cd:ec:1d:48:c3:45:1e:b2:df:51:11:19:79:91:9d:2e:91:55:
b1:65:2d:99:43:1f:13:d7:67:3d:29:50:9b:b0:b4:1b:85:41:
f5:be:9e:ca
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQf+jgbXYiyVzWGZYvD0RrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGIyOWExMzQ2OWY4MmM0OWMyNzRjMjJkMTg5NzE2YjU1YzFhMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKlTLQidSwCzT/4C6KUnK2pfgO6d
ADqZYjjCHJyJEtzGDoxEUCdAUZy4Yob8zSmHBou56yZSMcez+mF9YVrpOcPlT0ST
oRnsKeTdIw1oiRbajHLMBxOPiIzxYDgF76+MflnMIemSj2rT8Sn+OtNtCwhgeOZ6
c2y6tQc9TVLXO4pf49QLCFq0QUPfjGJ/epvuPcywj6osoY1ErjoUo4Ecr7yU8GmY
zuz3m/1d0S4ao8xiXTn1BANYpUa9Ev2Lt/RM0W4Q5ikLjjULG35uIh8Mh/U4fVoY
uJLXA7tlH6H4YXhyj0WdMbPlcriJIaaTJvzzd30v9JgVOiwF6y9yCmCmWQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH2ymhNGn4LEnCdMItGJcWtVwaG8MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvZmJLYUUwYWZnc1NjSjB3aTBZbHhhMVhCb2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVcx0AwQA
VmgKAwQAVmjCAwQAWSApAwQAWShJMA0GCSqGSIb3DQEBCwUAA4IBAQB/+a4T3ygZ
FKuPbmFX5pP7mxv1Ykmmiye8Dk4bJ6gjKw9OUI0ZhsUXBR01kB6CdTqUB7w/xrmV
ZswjWzQm/ILlh3AcRVcWit0x9aEVOuBpJTF82aHaiy9aQnE0PE7HPPLBR6WLNKHs
qJEVe2H8pKbclt3r6ZiaEL4vyWriFH/WgfMYmY37hQRZpzlLSa8x0FtG48tnaDUF
G9Un8+y7HVQ+DFgiGHAh8YtFeWi/+uZ7uDm7m7bVR/hEhT2Dzx1CzPYuXIvEoaxg
J9tDRPJ9W77Ye9fGsjFa5vPN7B1Iw0Uest9RERl5kZ0ukVWxZS2ZQx8T12c9KVCb
sLQbhUH1vp7K
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:48:06 2025 by rpki-client