Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/fs4X3zJFq3DUP70BE5KHHq5PW6A.roa
File: fs4X3zJFq3DUP70BE5KHHq5PW6A.roa (raw, json)
Hash identifier: bGR4PpXG1RT4m3/7nflg7BgdcGbpPQ/v8739XylkQso=
Subject key identifier: 7E:CE:17:DF:32:45:AB:70:D4:3F:BD:01:13:92:87:1E:AE:4F:5B:A0
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 01942825614F6B957C33A2CE88B0FE447E70
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/fs4X3zJFq3DUP70BE5KHHq5PW6A.roa
Signing time: Thu 02 Jan 2025 17:52:05 +0000
ROA not before: Thu 02 Jan 2025 17:52:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201086
IP address blocks: 185.86.80.0/24 maxlen: 24
185.205.19.0/24 maxlen: 24
185.254.95.0/24 maxlen: 24
193.36.63.0/24 maxlen: 24
194.145.138.0/24 maxlen: 24
2a0a:fa40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:61:4f:6b:95:7c:33:a2:ce:88:b0:fe:44:7e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: Jan 2 17:52:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ece17df3245ab70d43fbd011392871eae4f5ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2b:9b:77:97:61:55:83:d9:fc:7e:60:fe:7e:
66:42:2c:6f:0d:c6:7b:b7:a5:26:26:16:13:06:ef:
43:d7:0d:e9:eb:63:02:bd:97:78:9d:e7:42:ee:07:
c6:94:bd:c2:72:d7:54:e7:89:6e:ea:21:ab:ec:e4:
64:e8:be:6e:cc:88:05:70:27:f4:68:e6:e9:4b:f9:
2d:1d:46:37:89:94:fb:ba:96:24:98:3c:be:e8:d5:
7b:fb:9b:ca:40:bf:77:a4:04:1c:1c:48:e9:6b:c3:
66:f5:d9:59:e5:6c:6d:b5:0f:85:4d:ea:f6:e7:5d:
f4:85:96:b5:47:29:a9:73:08:0d:c8:04:0f:a8:c9:
b7:0d:d7:82:1d:96:dc:ea:a0:51:7e:19:5c:9c:68:
39:34:4a:78:f9:ab:1e:dc:b7:c6:1c:63:62:df:74:
58:df:b7:13:fb:e1:7e:10:cd:bc:f7:a2:69:41:65:
bd:23:d1:4a:b6:1e:79:9d:6a:31:bd:6b:e6:b4:99:
a5:a8:d0:fc:0e:28:d3:76:e8:fa:50:9f:e6:c3:34:
1e:a1:65:ad:df:ad:c2:e6:1e:1a:01:9f:bd:20:9b:
94:ff:7c:b8:b7:86:3b:3b:4a:e4:60:bb:c1:08:80:
d2:e5:71:c9:9f:2f:74:52:8e:74:9a:5d:88:55:3f:
72:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:CE:17:DF:32:45:AB:70:D4:3F:BD:01:13:92:87:1E:AE:4F:5B:A0
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/fs4X3zJFq3DUP70BE5KHHq5PW6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.80.0/24
185.205.19.0/24
185.254.95.0/24
193.36.63.0/24
194.145.138.0/24
IPv6:
2a0a:fa40::/32
Signature Algorithm: sha256WithRSAEncryption
73:0c:96:73:ae:88:9a:2d:d1:36:95:78:45:de:9a:57:df:2f:
b3:24:92:8a:d1:49:49:dd:3f:03:35:81:cf:a2:14:78:b9:93:
79:27:bd:61:29:10:03:78:92:df:83:e3:44:41:fa:2a:61:b7:
98:93:8b:9d:46:6f:12:02:d2:be:1f:c1:7e:1f:74:fd:8b:d7:
86:6a:9c:91:30:f5:a4:0e:c2:22:d5:29:e8:f2:e1:c3:19:99:
31:47:f3:c9:fd:ab:ac:04:f5:63:c4:37:2d:e6:c3:a8:9e:03:
c8:58:e7:35:9b:a7:53:86:fc:26:1a:3e:94:25:ad:8a:10:a6:
a8:82:e0:4a:4e:bf:4a:81:74:74:7a:ed:4b:5f:56:16:b0:73:
e9:1f:e9:04:23:90:52:af:bd:4d:62:5e:5e:ed:2a:2f:33:7b:
dc:19:b4:dd:5b:54:b9:f9:64:4e:b6:5c:47:4f:bb:f9:98:42:
36:c5:a2:c8:b1:58:8c:66:c3:de:19:76:7c:d9:28:e1:68:1e:
2b:60:5e:e8:9b:05:f0:d6:c5:a6:10:e2:36:76:e1:04:b3:31:
5b:3e:83:a4:69:89:3f:7a:86:f3:4f:d8:44:5e:7e:ac:0d:c2:
24:c9:3b:05:53:2e:13:4c:5d:cd:9b:84:83:65:95:16:08:e1:
bc:90:8b:9b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQoJWFPa5V8M6LOiLD+RH5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjUwMTAyMTc1MjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWNlMTdkZjMyNDVhYjcwZDQzZmJkMDExMzkyODcxZWFlNGY1YmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSubd5dhVYPZ/H5g/n5mQixvDcZ7
t6UmJhYTBu9D1w3p62MCvZd4nedC7gfGlL3CctdU54lu6iGr7ORk6L5uzIgFcCf0
aObpS/ktHUY3iZT7upYkmDy+6NV7+5vKQL93pAQcHEjpa8Nm9dlZ5WxttQ+FTer2
5130hZa1RympcwgNyAQPqMm3DdeCHZbc6qBRfhlcnGg5NEp4+ase3LfGHGNi33RY
37cT++F+EM2896JpQWW9I9FKth55nWoxvWvmtJmlqND8DijTduj6UJ/mwzQeoWWt
363C5h4aAZ+9IJuU/3y4t4Y7O0rkYLvBCIDS5XHJny90Uo50ml2IVT9yxwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFH7OF98yRatw1D+9AROShx6uT1ugMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvZnM0WDN6SkZxM0RVUDcwQkU1S0hIcTVQVzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAuVZQAwQA
uc0TAwQAuf5fAwQAwSQ/AwQAwpGKMA0EAgACMAcDBQAqCvpAMA0GCSqGSIb3DQEB
CwUAA4IBAQBzDJZzroiaLdE2lXhF3ppX3y+zJJKK0UlJ3T8DNYHPohR4uZN5J71h
KRADeJLfg+NEQfoqYbeYk4udRm8SAtK+H8F+H3T9i9eGapyRMPWkDsIi1Sno8uHD
GZkxR/PJ/ausBPVjxDct5sOongPIWOc1m6dThvwmGj6UJa2KEKaoguBKTr9KgXR0
eu1LX1YWsHPpH+kEI5BSr71NYl5e7SovM3vcGbTdW1S5+WROtlxHT7v5mEI2xaLI
sViMZsPeGXZ82SjhaB4rYF7omwXw1sWmEOI2duEEszFbPoOkaYk/eobzT9hEXn6s
DcIkyTsFUy4TTF3Nm4SDZZUWCOG8kIub
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:38:51 2025 by rpki-client