Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/FlduQKMxPetRFEf3K99xaEoZ7QU.roa
File: FlduQKMxPetRFEf3K99xaEoZ7QU.roa (raw, json)
Hash identifier: 2r4TM6IwMUnx2aicUZFPb2Iq+BV2xdiFUdzdromgaYg=
Subject key identifier: 16:57:6E:40:A3:31:3D:EB:51:14:47:F7:2B:DF:71:68:4A:19:ED:05
Certificate issuer: /CN=9280fdc9e7a86430c8e28f5e349e317fbb8a1ca9
Certificate serial: 01942143BF14EA857142C427BC7B7F5436F0
Authority key identifier: 92:80:FD:C9:E7:A8:64:30:C8:E2:8F:5E:34:9E:31:7F:BB:8A:1C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/koD9yeeoZDDI4o9eNJ4xf7uKHKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/FlduQKMxPetRFEf3K99xaEoZ7QU.roa
Signing time: Wed 01 Jan 2025 09:47:55 +0000
ROA not before: Wed 01 Jan 2025 09:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206993
IP address blocks: 185.169.172.0/24 maxlen: 24
185.169.173.0/24 maxlen: 24
185.169.174.0/24 maxlen: 24
185.169.175.0/24 maxlen: 24
193.160.34.0/24 maxlen: 24
193.160.35.0/24 maxlen: 24
193.160.36.0/24 maxlen: 24
193.160.37.0/24 maxlen: 24
193.160.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/koD9yeeoZDDI4o9eNJ4xf7uKHKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/koD9yeeoZDDI4o9eNJ4xf7uKHKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/koD9yeeoZDDI4o9eNJ4xf7uKHKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:bf:14:ea:85:71:42:c4:27:bc:7b:7f:54:36:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9280fdc9e7a86430c8e28f5e349e317fbb8a1ca9
Validity
Not Before: Jan 1 09:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16576e40a3313deb511447f72bdf71684a19ed05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ed:5e:82:31:14:21:b5:14:7b:bc:7c:4c:97:
51:7f:1d:f2:ee:2b:02:43:d0:71:6f:ab:11:23:f5:
1b:e5:e0:70:b3:36:c5:a0:27:c6:d3:85:ba:29:f5:
21:02:7d:65:76:e6:c9:38:57:ac:03:9c:a1:92:92:
01:20:69:ab:bd:4a:c9:ba:9c:c6:00:60:1a:86:29:
fe:75:d4:53:78:cf:ab:bf:ab:fb:49:3c:ab:00:bb:
bb:84:19:01:b1:dc:f3:2f:13:e6:69:0c:83:c6:d1:
dc:90:25:a5:d9:3a:3c:1d:9d:e9:2b:93:da:7b:fe:
74:a7:29:9e:00:88:1b:c9:6d:02:d2:0d:3c:7b:32:
57:cb:d3:b3:0c:f6:e9:43:b2:e9:d6:28:d3:8d:d7:
3f:92:13:fa:e0:c8:05:d1:08:57:b6:88:f7:45:d8:
a1:82:9b:ea:c9:f2:6d:10:5e:6c:f5:21:bd:b8:37:
81:d0:d6:c1:f6:90:9f:41:d0:b1:81:c6:75:ee:1b:
a8:d8:12:10:83:e7:ce:4a:66:51:b1:5d:59:8b:f5:
e8:74:a5:15:d2:d8:7f:fb:4d:7a:06:9a:b4:9c:e7:
db:31:f7:9c:d8:85:88:1b:84:ad:ad:9c:a5:14:56:
3e:bd:ed:62:e8:f4:b0:1c:57:1b:93:47:ef:c0:13:
e7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:57:6E:40:A3:31:3D:EB:51:14:47:F7:2B:DF:71:68:4A:19:ED:05
X509v3 Authority Key Identifier:
keyid:92:80:FD:C9:E7:A8:64:30:C8:E2:8F:5E:34:9E:31:7F:BB:8A:1C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/koD9yeeoZDDI4o9eNJ4xf7uKHKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/FlduQKMxPetRFEf3K99xaEoZ7QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/koD9yeeoZDDI4o9eNJ4xf7uKHKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.172.0/22
193.160.34.0-193.160.38.255
Signature Algorithm: sha256WithRSAEncryption
b0:34:46:a6:5d:8c:62:02:a5:06:5e:d2:d2:bd:3f:b0:ee:35:
a0:e8:88:e1:bc:03:d6:83:8d:b1:6d:aa:61:c2:0c:7a:16:30:
c1:c7:48:38:89:68:6b:26:75:e7:e7:e8:eb:6e:4b:f2:e1:c1:
a9:9e:9a:f6:cb:3f:fe:91:cf:af:a5:71:b1:c4:1d:03:38:59:
4b:3f:17:68:87:85:09:53:fb:c5:07:c1:c3:f9:d7:5a:49:5a:
45:4a:93:3d:23:98:00:0f:be:38:36:01:5a:49:e4:02:ea:1e:
6c:cd:92:a7:65:69:4d:76:8a:ec:d6:3e:29:79:66:6a:98:02:
12:7b:da:86:de:4e:27:fa:91:3c:66:43:b5:a8:43:f5:09:04:
78:ee:87:56:b6:57:a6:e2:86:a0:c5:d3:9d:cc:93:9f:cc:64:
8b:7d:be:40:46:fe:a4:b5:9c:f3:d5:d3:06:ca:5d:20:a6:66:
06:21:dc:ce:53:7c:31:44:b4:10:cd:aa:7e:b0:0a:ed:56:23:
f8:1e:48:d1:89:9f:57:ce:37:d0:b7:b7:52:16:53:4b:6f:eb:
6b:58:f3:56:94:24:ff:fd:26:e7:b4:93:b3:16:38:25:71:2d:
5f:71:9b:89:16:84:04:07:0f:4d:35:f5:88:c2:bd:76:eb:00:
06:65:c4:c7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQhQ78U6oVxQsQnvHt/VDbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyODBmZGM5ZTdhODY0MzBjOGUyOGY1ZTM0OWUzMTdmYmI4
YTFjYTkwHhcNMjUwMTAxMDk0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjU3NmU0MGEzMzEzZGViNTExNDQ3ZjcyYmRmNzE2ODRhMTllZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+1egjEUIbUUe7x8TJdRfx3y7isC
Q9Bxb6sRI/Ub5eBwszbFoCfG04W6KfUhAn1ldubJOFesA5yhkpIBIGmrvUrJupzG
AGAahin+ddRTeM+rv6v7STyrALu7hBkBsdzzLxPmaQyDxtHckCWl2To8HZ3pK5Pa
e/50pymeAIgbyW0C0g08ezJXy9OzDPbpQ7Lp1ijTjdc/khP64MgF0QhXtoj3Rdih
gpvqyfJtEF5s9SG9uDeB0NbB9pCfQdCxgcZ17huo2BIQg+fOSmZRsV1Zi/XodKUV
0th/+016Bpq0nOfbMfec2IWIG4StrZylFFY+ve1i6PSwHFcbk0fvwBPnbwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBZXbkCjMT3rURRH9yvfcWhKGe0FMB8GA1UdIwQY
MBaAFJKA/cnnqGQwyOKPXjSeMX+7ihypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva29EOXllZW9aRERJNG85ZU5KNHhmN3VLSEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jZjQ5NDYtZjVjMi00NWFhLTlhNDEt
ZjQ0Mjk5ODY1YTI4LzEvRmxkdVFLTXhQZXRSRkVmM0s5OXhhRW9aN1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jZjQ5NDYtZjVjMi00NWFhLTlhNDEtZjQ0Mjk5ODY1YTI4
LzEva29EOXllZW9aRERJNG85ZU5KNHhmN3VLSEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuamsMAwD
BAHBoCIDBADBoCYwDQYJKoZIhvcNAQELBQADggEBALA0RqZdjGICpQZe0tK9P7Du
NaDoiOG8A9aDjbFtqmHCDHoWMMHHSDiJaGsmdefn6OtuS/LhwamemvbLP/6Rz6+l
cbHEHQM4WUs/F2iHhQlT+8UHwcP511pJWkVKkz0jmAAPvjg2AVpJ5ALqHmzNkqdl
aU12iuzWPil5ZmqYAhJ72obeTif6kTxmQ7WoQ/UJBHjuh1a2V6bihqDF053Mk5/M
ZIt9vkBG/qS1nPPV0wbKXSCmZgYh3M5TfDFEtBDNqn6wCu1WI/geSNGJn1fON9C3
t1IWU0tv62tY81aUJP/9Jue0k7MWOCVxLV9xm4kWhAQHD0019YjCvXbrAAZlxMc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:52:07 2025 by rpki-client