Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/fFDNE0jBCsbuSwHbNND790VHIUs.roa
File: fFDNE0jBCsbuSwHbNND790VHIUs.roa (raw, json)
Hash identifier: b2he0HY8iZ5ebk1T/0G0aRJSFCMcs4PxhlyzHEE/x2Q=
Subject key identifier: 7C:50:CD:13:48:C1:0A:C6:EE:4B:01:DB:34:D0:FB:F7:45:47:21:4B
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019712ED0E79524F68EC55D20D51B0D2EAB1
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/fFDNE0jBCsbuSwHbNND790VHIUs.roa
Signing time: Tue 27 May 2025 18:06:54 +0000
ROA not before: Tue 27 May 2025 18:06:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46562
IP address blocks: 104.232.36.0/24 maxlen: 24
2a07:c6c0:35::/48 maxlen: 48
2a07:c6c0:36::/48 maxlen: 48
2a07:c6c0:37::/48 maxlen: 48
2a07:c6c0:38::/48 maxlen: 48
2a0c:3ac0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:12:ed:0e:79:52:4f:68:ec:55:d2:0d:51:b0:d2:ea:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: May 27 18:06:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c50cd1348c10ac6ee4b01db34d0fbf74547214b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0a:4d:9f:bd:5b:16:9f:38:f2:9c:d1:ff:7f:
9d:9f:fe:3f:d6:4c:29:93:b3:41:33:dc:48:82:da:
9c:06:57:f3:bd:cd:e0:ed:a3:53:f5:ec:a8:38:07:
39:52:e8:cb:99:b4:33:77:4b:af:93:40:dd:42:68:
ae:f2:dd:79:a2:a9:f6:1c:b9:3b:ac:14:f0:22:c4:
ef:66:57:1b:07:cf:6b:36:cc:ed:1c:3e:74:d0:4d:
82:e6:5f:26:d6:34:e6:88:ec:18:72:93:7c:06:a3:
99:43:9a:e2:0b:1b:8c:3b:de:df:f9:24:b9:89:a0:
8f:c0:c7:31:e0:73:ab:d0:1a:01:e2:71:4e:ff:7d:
22:dc:62:da:16:b9:2d:fa:26:22:ef:c2:fb:84:ce:
d8:f4:8d:c5:f6:82:b9:74:e1:80:59:be:e2:ad:05:
15:35:69:3a:a9:37:18:3a:bb:00:72:39:c6:91:1d:
38:11:2b:79:4f:26:18:f7:03:f2:9a:81:2d:f8:47:
dc:f4:e3:55:64:cf:e5:19:10:3a:80:28:39:f6:f2:
f8:ba:6c:07:6c:90:f0:84:07:b4:55:89:08:da:c2:
14:54:30:e6:51:09:c6:1e:29:bd:d0:c7:48:34:c7:
ad:6e:e9:ef:7d:08:bb:ac:65:8d:e0:7f:85:d7:97:
55:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:50:CD:13:48:C1:0A:C6:EE:4B:01:DB:34:D0:FB:F7:45:47:21:4B
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/fFDNE0jBCsbuSwHbNND790VHIUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.232.36.0/24
IPv6:
2a07:c6c0:35::-2a07:c6c0:38:ffff:ffff:ffff:ffff:ffff
2a0c:3ac0::/48
Signature Algorithm: sha256WithRSAEncryption
49:85:8c:02:71:e3:37:22:6f:68:bf:2e:01:09:7a:6a:7c:dc:
16:aa:e5:83:1d:19:58:8d:96:21:84:df:ef:ad:63:98:ba:f9:
b8:d3:38:43:87:cf:04:bf:51:04:9a:be:fa:3f:4d:a4:12:bc:
57:6c:29:b7:70:52:85:57:5a:ae:3a:6d:90:0b:41:34:ae:9a:
8c:7b:3d:ca:fb:81:d0:59:4c:11:7e:c1:b1:27:60:cf:00:16:
a1:16:0f:b4:42:6a:4c:eb:35:ee:4a:47:b4:a4:f0:82:1f:be:
b4:2e:33:a2:11:cb:e1:2f:7d:b7:5d:b0:20:11:ea:4a:e7:da:
0e:f9:3d:fb:47:3d:d7:d6:2d:5d:7f:78:6b:50:2e:aa:5b:4b:
08:22:ca:1c:8f:cb:a3:fd:24:78:21:fa:48:98:04:e3:9c:69:
1b:29:52:4f:ac:c7:55:0e:67:46:31:2c:aa:47:56:6b:71:da:
60:f4:5a:9c:5d:7c:a3:ec:d7:3c:cd:82:f9:ba:a5:40:b4:00:
5a:c9:b5:df:b4:d0:e9:69:5e:59:6a:74:53:9a:87:b4:76:79:
fb:76:2f:72:ae:b7:4a:85:4e:07:20:aa:22:36:f6:56:e5:5f:
6c:46:b1:ee:e0:dd:ad:97:df:f5:31:ce:1e:fe:86:90:38:f3:
6b:07:11:f4
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZcS7Q55Uk9o7FXSDVGw0uqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNTI3MTgwNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzUwY2QxMzQ4YzEwYWM2ZWU0YjAxZGIzNGQwZmJmNzQ1NDcyMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgpNn71bFp848pzR/3+dn/4/1kwp
k7NBM9xIgtqcBlfzvc3g7aNT9eyoOAc5UujLmbQzd0uvk0DdQmiu8t15oqn2HLk7
rBTwIsTvZlcbB89rNsztHD500E2C5l8m1jTmiOwYcpN8BqOZQ5riCxuMO97f+SS5
iaCPwMcx4HOr0BoB4nFO/30i3GLaFrkt+iYi78L7hM7Y9I3F9oK5dOGAWb7irQUV
NWk6qTcYOrsAcjnGkR04ESt5TyYY9wPymoEt+Efc9ONVZM/lGRA6gCg59vL4umwH
bJDwhAe0VYkI2sIUVDDmUQnGHim90MdINMetbunvfQi7rGWN4H+F15dVbwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHxQzRNIwQrG7ksB2zTQ+/dFRyFLMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvZkZETkUwakJDc2J1U3dIYk5ORDc5MFZISVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQAaOgkMCME
AgACMB0wEgMHACoHxsAANQMHACoHxsAAOAMHACoMOsAAADANBgkqhkiG9w0BAQsF
AAOCAQEASYWMAnHjNyJvaL8uAQl6anzcFqrlgx0ZWI2WIYTf761jmLr5uNM4Q4fP
BL9RBJq++j9NpBK8V2wpt3BShVdarjptkAtBNK6ajHs9yvuB0FlMEX7BsSdgzwAW
oRYPtEJqTOs17kpHtKTwgh++tC4zohHL4S99t12wIBHqSufaDvk9+0c919YtXX94
a1AuqltLCCLKHI/Lo/0keCH6SJgE45xpGylST6zHVQ5nRjEsqkdWa3HaYPRanF18
o+zXPM2C+bqlQLQAWsm137TQ6WleWWp0U5qHtHZ5+3Yvcq63SoVOByCqIjb2VuVf
bEax7uDdrZff9THOHv6GkDjzawcR9A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:35:27 2025 by rpki-client