Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/FA5kIU24hM_qMfpPw3H0FEFE5Rg.roa
File: FA5kIU24hM_qMfpPw3H0FEFE5Rg.roa (raw, json)
Hash identifier: h787qQINJkY9AEcKodXyVYw/H10um2LVQVfl/N4LsrI=
Subject key identifier: 14:0E:64:21:4D:B8:84:CF:EA:31:FA:4F:C3:71:F4:14:41:44:E5:18
Certificate issuer: /CN=c75799ff4335b7b1ae7188edfa53fd7e213eb216
Certificate serial: 019427B5B0CD2B86BB6C9843B0E163A64CCA
Authority key identifier: C7:57:99:FF:43:35:B7:B1:AE:71:88:ED:FA:53:FD:7E:21:3E:B2:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1eZ_0M1t7GucYjt-lP9fiE-shY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/FA5kIU24hM_qMfpPw3H0FEFE5Rg.roa
Signing time: Thu 02 Jan 2025 15:50:06 +0000
ROA not before: Thu 02 Jan 2025 15:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41477
IP address blocks: 91.215.164.0/22 maxlen: 23
91.215.165.0/24 maxlen: 24
91.215.166.0/24 maxlen: 24
91.215.167.0/24 maxlen: 24
185.34.164.0/22 maxlen: 23
185.34.165.0/24 maxlen: 24
185.34.166.0/24 maxlen: 24
185.34.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/x1eZ_0M1t7GucYjt-lP9fiE-shY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/x1eZ_0M1t7GucYjt-lP9fiE-shY.mft
rsync://rpki.ripe.net/repository/DEFAULT/x1eZ_0M1t7GucYjt-lP9fiE-shY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b0:cd:2b:86:bb:6c:98:43:b0:e1:63:a6:4c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c75799ff4335b7b1ae7188edfa53fd7e213eb216
Validity
Not Before: Jan 2 15:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=140e64214db884cfea31fa4fc371f4144144e518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bf:1c:14:bb:b3:ba:12:81:e5:9f:c2:86:03:
e1:da:7a:17:16:c9:a9:7c:07:e1:4f:d2:a5:38:84:
1a:1a:26:df:f8:1c:ba:62:7a:aa:60:9b:32:a2:22:
c7:0b:27:33:5e:70:c5:da:aa:78:e4:62:2b:e6:f1:
9a:d3:bb:7c:70:62:70:c5:51:df:78:4c:32:80:4e:
27:6e:a7:4b:ef:12:6d:bc:54:16:7c:65:27:57:2b:
ef:3e:45:c8:b4:ac:9e:d1:fc:c2:46:0b:59:da:b9:
ac:8f:f0:87:ba:9d:a2:d8:f2:27:d5:fa:0b:a8:73:
3a:03:1d:d5:1b:41:5c:e3:79:00:c3:59:74:4e:bf:
a8:bf:75:90:c5:11:58:f0:54:76:02:b7:89:d2:53:
f7:17:6c:68:29:a7:e5:7d:b4:75:bb:0e:71:dd:dc:
07:cc:f6:61:ca:8c:15:09:19:be:a1:38:1a:86:79:
0e:c3:f8:f7:cf:65:73:b0:0c:1b:10:0f:d2:29:a8:
72:98:8f:75:90:6b:8a:20:11:f0:00:76:1a:f4:3b:
e0:aa:70:2f:8d:af:e8:3a:9d:7c:d1:52:7a:43:78:
cd:63:d5:f2:2b:ba:6b:aa:be:2b:0a:00:7b:28:30:
bb:a2:c5:ae:20:a2:f3:94:6b:db:dd:76:80:88:c2:
ff:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:0E:64:21:4D:B8:84:CF:EA:31:FA:4F:C3:71:F4:14:41:44:E5:18
X509v3 Authority Key Identifier:
keyid:C7:57:99:FF:43:35:B7:B1:AE:71:88:ED:FA:53:FD:7E:21:3E:B2:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1eZ_0M1t7GucYjt-lP9fiE-shY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/FA5kIU24hM_qMfpPw3H0FEFE5Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/x1eZ_0M1t7GucYjt-lP9fiE-shY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.164.0/22
185.34.164.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:80:74:ae:e2:5d:38:5c:ab:b5:7d:a9:99:aa:b6:58:f2:39:
30:0d:04:2e:6d:0b:ff:7a:39:6a:e2:44:1c:f2:28:e7:a6:7a:
68:3e:ca:9a:00:0a:83:bd:78:80:80:60:10:3b:19:b3:c4:4e:
5c:81:8f:9a:6c:86:73:30:e1:46:e8:38:a5:a2:7a:b9:d3:c1:
b2:3f:5e:7a:8b:7c:b9:39:65:4a:b5:82:39:7b:65:4e:c5:89:
50:ef:b6:58:5e:8d:92:c1:df:31:12:4d:d8:91:26:2a:3a:0b:
44:26:e2:4b:a1:58:c5:05:e8:ea:3e:67:7d:ac:dc:31:76:90:
57:52:f7:55:1d:18:e5:10:69:88:6b:f7:a3:04:7b:9a:89:21:
b2:9c:07:f0:b1:b0:86:20:69:56:fe:0d:1a:2a:dc:dd:97:3a:
3f:54:30:e5:74:be:97:51:4f:81:c8:c4:2b:26:76:1b:b8:ec:
dc:4c:4b:da:c1:68:ce:6f:81:e0:e7:f7:2c:74:ce:69:ab:07:
53:97:44:b3:a7:b6:52:00:25:27:a4:14:d0:da:0c:1e:ee:3a:
a2:f1:6e:d2:15:75:3a:23:18:a1:16:64:99:07:4e:16:3f:7d:
22:95:d7:b4:c7:11:2f:19:2a:c3:49:bb:c2:46:ae:3b:aa:72:
34:d6:62:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntbDNK4a7bJhDsOFjpkzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTc5OWZmNDMzNWI3YjFhZTcxODhlZGZhNTNmZDdlMjEz
ZWIyMTYwHhcNMjUwMTAyMTU1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDBlNjQyMTRkYjg4NGNmZWEzMWZhNGZjMzcxZjQxNDQxNDRlNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL8cFLuzuhKB5Z/ChgPh2noXFsmp
fAfhT9KlOIQaGibf+By6YnqqYJsyoiLHCyczXnDF2qp45GIr5vGa07t8cGJwxVHf
eEwygE4nbqdL7xJtvFQWfGUnVyvvPkXItKye0fzCRgtZ2rmsj/CHup2i2PIn1foL
qHM6Ax3VG0Fc43kAw1l0Tr+ov3WQxRFY8FR2AreJ0lP3F2xoKaflfbR1uw5x3dwH
zPZhyowVCRm+oTgahnkOw/j3z2VzsAwbEA/SKahymI91kGuKIBHwAHYa9DvgqnAv
ja/oOp180VJ6Q3jNY9XyK7prqr4rCgB7KDC7osWuIKLzlGvb3XaAiML/9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBQOZCFNuITP6jH6T8Nx9BRBROUYMB8GA1UdIwQY
MBaAFMdXmf9DNbexrnGI7fpT/X4hPrIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFlWl8wTTF0N0d1Y1lqdC1sUDlmaUUtc2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xZTRjMDMtZjYxOS00N2EzLTgxYmQt
MzZlZjdhZWViZTNiLzEvRkE1a0lVMjRoTV9xTWZwUHczSDBGRUZFNVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xZTRjMDMtZjYxOS00N2EzLTgxYmQtMzZlZjdhZWViZTNi
LzEveDFlWl8wTTF0N0d1Y1lqdC1sUDlmaUUtc2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9ekAwQC
uSKkMA0GCSqGSIb3DQEBCwUAA4IBAQCxgHSu4l04XKu1famZqrZY8jkwDQQubQv/
ejlq4kQc8ijnpnpoPsqaAAqDvXiAgGAQOxmzxE5cgY+abIZzMOFG6Dilonq508Gy
P156i3y5OWVKtYI5e2VOxYlQ77ZYXo2Swd8xEk3YkSYqOgtEJuJLoVjFBejqPmd9
rNwxdpBXUvdVHRjlEGmIa/ejBHuaiSGynAfwsbCGIGlW/g0aKtzdlzo/VDDldL6X
UU+ByMQrJnYbuOzcTEvawWjOb4Hg5/csdM5pqwdTl0Szp7ZSACUnpBTQ2gwe7jqi
8W7SFXU6IxihFmSZB04WP30ilde0xxEvGSrDSbvCRq47qnI01mL6
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:27:12 2025 by rpki-client