Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/88ZO1LonvA5g6agKP26X0QIrvNg.roa
File: 88ZO1LonvA5g6agKP26X0QIrvNg.roa (raw, json)
Hash identifier: 88803qHazZywP7yNSmd5kk0puekpujkfA0tA6VhKJh0=
Subject key identifier: F3:C6:4E:D4:BA:27:BC:0E:60:E9:A8:0A:3F:6E:97:D1:02:2B:BC:D8
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 0194258EF550238D65F54D1EECB11C7A4E6A
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/88ZO1LonvA5g6agKP26X0QIrvNg.roa
Signing time: Thu 02 Jan 2025 05:48:33 +0000
ROA not before: Thu 02 Jan 2025 05:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29694
IP address blocks: 46.254.132.0/24 maxlen: 24
46.254.133.0/24 maxlen: 24
46.254.134.0/24 maxlen: 24
85.187.14.0/24 maxlen: 24
85.187.243.0/24 maxlen: 24
85.187.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:f5:50:23:8d:65:f5:4d:1e:ec:b1:1c:7a:4e:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 05:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3c64ed4ba27bc0e60e9a80a3f6e97d1022bbcd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ee:b0:cb:5e:96:11:f9:3d:b7:16:f3:72:58:
8e:e8:98:81:19:b9:ba:6a:c1:a2:75:4a:3b:c7:89:
e8:06:42:90:6f:c7:1b:f3:7b:b3:0c:b2:aa:7c:bf:
70:c6:ee:ef:d3:78:97:5c:ab:47:d4:e7:19:f6:4e:
68:59:03:37:f2:fa:fc:95:8c:91:7e:5a:e4:9f:8e:
d5:ad:85:27:0d:12:32:66:7a:46:d3:0b:b8:c1:90:
ad:84:d0:cf:f9:da:54:ca:5c:0e:43:fe:fc:e9:a0:
52:f1:2d:cc:44:98:4a:d3:0a:9d:03:81:11:66:7f:
11:af:31:20:42:ba:63:ae:9a:fa:7c:13:f2:44:55:
5e:99:0f:1f:7b:f8:f9:1e:7f:88:03:f7:ed:4f:1c:
5e:8b:ef:cc:cd:93:03:12:37:9c:f9:bb:6d:0b:cc:
eb:4a:20:73:11:6b:96:42:35:0b:42:e3:54:7d:01:
2b:b9:65:e3:0a:1b:8e:77:57:8f:92:29:96:37:82:
40:d5:75:ed:7d:d6:7c:5c:d6:e0:08:3d:be:1d:77:
e8:bf:fd:8e:1d:e5:f5:59:96:05:08:93:c5:2a:a7:
85:f7:cc:d7:a7:cb:a5:f8:1e:51:79:14:11:0c:96:
59:cb:11:17:e6:57:24:00:6a:88:c6:1c:df:cc:ff:
fe:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C6:4E:D4:BA:27:BC:0E:60:E9:A8:0A:3F:6E:97:D1:02:2B:BC:D8
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/88ZO1LonvA5g6agKP26X0QIrvNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.132.0-46.254.134.255
85.187.14.0/24
85.187.243.0/24
85.187.249.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:31:0f:3c:13:3c:a8:b6:d9:43:a4:6d:94:54:8b:7d:07:4f:
e3:71:96:5b:4e:c3:e8:49:b5:0f:e7:28:46:b3:23:0b:d2:ff:
cc:3b:45:08:70:83:ff:16:c7:f2:0a:be:32:16:a2:67:0e:93:
37:58:3e:78:25:b6:02:4a:96:29:82:46:16:08:be:dd:1b:56:
3e:ac:c2:eb:96:2b:7a:17:fb:6c:b5:c6:ea:e3:03:f4:41:78:
b3:c8:b6:7e:37:43:f4:6d:85:da:8c:c0:72:fe:06:14:c7:81:
af:45:75:07:fc:27:14:fc:c4:cd:3b:74:ef:f5:b2:e9:c2:d7:
d3:f9:22:94:29:87:a0:85:ce:80:1d:1e:9e:68:83:08:20:aa:
55:4f:49:99:98:f3:91:97:6a:a8:fe:e3:8f:d5:65:a4:80:04:
d5:91:f2:9d:25:2b:9b:d9:9f:98:36:3b:e2:6e:62:c4:ea:02:
00:c8:0c:f6:70:13:60:22:cf:cd:c0:70:88:3b:6e:2b:64:21:
3d:9c:f9:06:7b:0f:4f:6b:94:38:eb:e8:80:f4:f8:e3:3d:64:
fe:ba:99:0d:a6:af:54:cb:fd:01:30:75:8d:c2:08:95:32:53:
4b:22:cc:ad:f5:26:58:ce:2a:42:04:0d:eb:ec:e9:8a:68:54:
99:51:e6:5c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQljvVQI41l9U0e7LEcek5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjUwMTAyMDU0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2M2NGVkNGJhMjdiYzBlNjBlOWE4MGEzZjZlOTdkMTAyMmJiY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu6wy16WEfk9txbzcliO6JiBGbm6
asGidUo7x4noBkKQb8cb83uzDLKqfL9wxu7v03iXXKtH1OcZ9k5oWQM38vr8lYyR
flrkn47VrYUnDRIyZnpG0wu4wZCthNDP+dpUylwOQ/786aBS8S3MRJhK0wqdA4ER
Zn8RrzEgQrpjrpr6fBPyRFVemQ8fe/j5Hn+IA/ftTxxei+/MzZMDEjec+bttC8zr
SiBzEWuWQjULQuNUfQEruWXjChuOd1ePkimWN4JA1XXtfdZ8XNbgCD2+HXfov/2O
HeX1WZYFCJPFKqeF98zXp8ul+B5ReRQRDJZZyxEX5lckAGqIxhzfzP/+jwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPPGTtS6J7wOYOmoCj9ul9ECK7zYMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvODhaTzFMb252QTVnNmFnS1AyNlgwUUlydk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAIu/oQD
BAAu/oYDBABVuw4DBABVu/MDBABVu/kwDQYJKoZIhvcNAQELBQADggEBAJ8xDzwT
PKi22UOkbZRUi30HT+NxlltOw+hJtQ/nKEazIwvS/8w7RQhwg/8Wx/IKvjIWomcO
kzdYPngltgJKlimCRhYIvt0bVj6swuuWK3oX+2y1xurjA/RBeLPItn43Q/RthdqM
wHL+BhTHga9FdQf8JxT8xM07dO/1sunC19P5IpQph6CFzoAdHp5ogwggqlVPSZmY
85GXaqj+44/VZaSABNWR8p0lK5vZn5g2O+JuYsTqAgDIDPZwE2Aiz83AcIg7bitk
IT2c+QZ7D09rlDjr6ID0+OM9ZP66mQ2mr1TL/QEwdY3CCJUyU0sizK31JljOKkIE
Devs6YpoVJlR5lw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:50 2025 by rpki-client