Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DM-FLRN360kXuUzquJAn0cFVG-Q.roa
File: DM-FLRN360kXuUzquJAn0cFVG-Q.roa (raw, json)
Hash identifier: wBrWUeBBuZrzyzDQAZ9gWjgxoiwlM8DN8mUGWerJO84=
Subject key identifier: 0C:CF:85:2D:13:77:EB:49:17:B9:4C:EA:B8:90:27:D1:C1:55:1B:E4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019706406DA208B43AC71CDC9FBE4CA86EE2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DM-FLRN360kXuUzquJAn0cFVG-Q.roa
Signing time: Sun 25 May 2025 07:02:54 +0000
ROA not before: Sun 25 May 2025 07:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 84.21.188.0/24 maxlen: 24
2a06:a600::/29 maxlen: 29
2a06:b5c0::/29 maxlen: 29
2a06:bf40::/29 maxlen: 29
2a0e:1a84::/32 maxlen: 32
2a0e:f600:5f::/48 maxlen: 48
2a0f:1e84:20::/48 maxlen: 48
2a0f:3047::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
2a13:e100:323::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 19:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:06:40:6d:a2:08:b4:3a:c7:1c:dc:9f:be:4c:a8:6e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 25 07:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ccf852d1377eb4917b94ceab89027d1c1551be4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:26:e0:8f:8f:c2:ab:ce:5b:b6:60:5c:97:af:
95:53:3b:b2:52:ad:75:a4:8e:28:c3:db:85:1a:34:
c6:bc:e4:bc:66:5f:cb:8e:73:41:65:0d:14:d5:a4:
ec:fd:e7:e2:79:6f:f3:47:6b:2e:f5:71:75:95:6c:
80:a0:d2:aa:7e:e3:af:fd:74:ec:08:03:19:c8:d6:
72:7d:b1:60:6f:1d:07:07:73:a1:9f:68:02:1b:5d:
ff:96:99:f7:d3:f7:4e:81:a2:90:28:d8:e9:c1:87:
b7:9d:cf:63:9a:c7:ed:28:d5:5b:10:ac:c4:e8:82:
ae:8d:40:97:91:1b:77:c1:dd:14:95:df:9d:a7:ec:
c4:e5:04:41:26:62:42:29:18:11:45:a6:19:83:7c:
8e:7f:7f:64:55:da:40:de:4e:f4:db:14:ae:6f:62:
15:6e:2d:55:1f:8d:76:7e:fe:58:8f:26:8d:36:fb:
3e:c0:e4:1e:93:30:88:df:8b:04:c4:f6:3b:b0:45:
12:47:4f:aa:df:e7:17:5e:3b:22:7b:ea:c3:da:49:
90:26:86:c0:74:5d:47:82:33:57:ec:e7:1b:9f:dc:
97:b1:69:69:72:73:5f:51:cb:37:c3:d1:92:ea:8b:
ef:a3:7e:ea:e9:6f:b1:07:d8:7d:87:6e:a6:02:9d:
c1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:CF:85:2D:13:77:EB:49:17:B9:4C:EA:B8:90:27:D1:C1:55:1B:E4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DM-FLRN360kXuUzquJAn0cFVG-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.188.0/24
IPv6:
2a06:a600::/29
2a06:b5c0::/29
2a06:bf40::/29
2a0e:1a84::/32
2a0e:f600:5f::/48
2a0f:1e84:20::/48
2a0f:3047::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a13:2b40::/29
2a13:e100:323::/48
Signature Algorithm: sha256WithRSAEncryption
2b:2b:b7:29:ab:ac:3c:f0:96:83:b2:63:36:2f:c9:cf:a2:99:
d2:8f:00:3f:a0:b2:56:e6:31:cf:0c:35:65:54:81:5c:0d:68:
23:9b:e5:e7:e1:77:a5:e5:2c:ad:0d:07:8e:64:19:8e:a6:b5:
6a:d0:5d:e7:dd:de:6d:62:0e:45:85:87:5f:14:5f:f3:87:54:
29:06:04:b7:2a:7d:59:f0:13:24:ce:1e:c1:6a:75:4b:a0:c6:
1d:a2:31:8b:61:c2:45:d9:a5:ce:9e:b1:3b:87:b1:a2:5f:23:
0c:6a:45:ce:18:7b:73:8a:19:c5:70:3d:69:d2:97:02:c1:37:
47:f9:fa:f7:6c:c7:ee:1f:33:10:ee:a0:ac:84:36:62:59:cd:
c6:d8:82:67:f2:1e:f0:0d:df:71:14:32:4a:19:65:2a:98:6f:
e4:08:4e:5e:4e:c5:39:75:29:e0:c1:3f:f4:6d:ba:04:bc:bf:
be:ae:e5:fc:b0:b5:ec:4c:f7:c6:d2:a7:bb:e6:46:bd:de:77:
e2:24:f3:e0:4f:72:11:c5:a1:cb:37:84:34:aa:9a:da:11:fc:
84:d4:58:dd:97:3d:ba:9b:4e:3f:29:59:fa:1c:eb:02:35:7d:
f0:11:6a:ff:eb:68:32:f0:40:77:91:ee:c8:4d:24:c0:2c:e5:
af:29:43:6a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZcGQG2iCLQ6xxzcn75MqG7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTI1MDcwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2NmODUyZDEzNzdlYjQ5MTdiOTRjZWFiODkwMjdkMWMxNTUxYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoybgj4/Cq85btmBcl6+VUzuyUq11
pI4ow9uFGjTGvOS8Zl/LjnNBZQ0U1aTs/efieW/zR2su9XF1lWyAoNKqfuOv/XTs
CAMZyNZyfbFgbx0HB3Ohn2gCG13/lpn30/dOgaKQKNjpwYe3nc9jmsftKNVbEKzE
6IKujUCXkRt3wd0Uld+dp+zE5QRBJmJCKRgRRaYZg3yOf39kVdpA3k702xSub2IV
bi1VH412fv5YjyaNNvs+wOQekzCI34sExPY7sEUSR0+q3+cXXjsie+rD2kmQJobA
dF1HgjNX7Ocbn9yXsWlpcnNfUcs3w9GS6ovvo37q6W+xB9h9h26mAp3BcwIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFAzPhS0Td+tJF7lM6riQJ9HBVRvkMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRE0tRkxSTjM2MGtYdVV6cXVKQW4wY0ZWRy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wDAQCAAEwBgMEAFQVvDBf
BAIAAjBZAwUDKgamAAMFAyoGtcADBQMqBr9AAwUAKg4ahAMHACoO9gAAXwMHACoP
HoQAIAMHACoPMEcAAAMHACoPfQAAAQMHACoPvAChxAMFAyoTK0ADBwAqE+EAAyMw
DQYJKoZIhvcNAQELBQADggEBACsrtymrrDzwloOyYzYvyc+imdKPAD+gslbmMc8M
NWVUgVwNaCOb5efhd6XlLK0NB45kGY6mtWrQXefd3m1iDkWFh18UX/OHVCkGBLcq
fVnwEyTOHsFqdUugxh2iMYthwkXZpc6esTuHsaJfIwxqRc4Ye3OKGcVwPWnSlwLB
N0f5+vdsx+4fMxDuoKyENmJZzcbYgmfyHvAN33EUMkoZZSqYb+QITl5OxTl1KeDB
P/RtugS8v76u5fywtexM98bSp7vmRr3ed+Ik8+BPchHFocs3hDSqmtoR/ITUWN2X
PbqbTj8pWfoc6wI1ffARav/raDLwQHeR7shNJMAs5a8pQ2o=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:24:11 2025 by rpki-client