Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/FLnErLvOpzZbsRT_gxw1xkGyG-k.roa
File: FLnErLvOpzZbsRT_gxw1xkGyG-k.roa (raw, json)
Hash identifier: hVcpYnUD1s1paKRtMc3s9Fba/ywgfiiofSMSn9fncl4=
Subject key identifier: 14:B9:C4:AC:BB:CE:A7:36:5B:B1:14:FF:83:1C:35:C6:41:B2:1B:E9
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0195141BD39918CA0C7004B9B7F2D286E1C0
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/FLnErLvOpzZbsRT_gxw1xkGyG-k.roa
Signing time: Mon 17 Feb 2025 13:32:02 +0000
ROA not before: Mon 17 Feb 2025 13:32:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 194.31.164.0/24 maxlen: 24
194.31.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 21:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:14:1b:d3:99:18:ca:0c:70:04:b9:b7:f2:d2:86:e1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Feb 17 13:32:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14b9c4acbbcea7365bb114ff831c35c641b21be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:eb:54:c0:17:2b:dd:0b:38:07:bb:7c:a4:3c:
d6:3b:27:9a:ba:32:b0:27:bb:e3:66:00:d3:d6:47:
1f:5f:94:e0:28:60:00:98:51:da:5d:ea:01:f9:91:
23:dc:2c:fd:09:94:3f:3b:78:37:39:75:e7:d9:37:
9a:fc:16:e0:e9:32:6c:94:c8:b2:a3:e5:01:23:f7:
88:c2:fd:3b:58:16:67:44:e8:cc:13:f8:49:f1:48:
21:d5:6d:98:da:72:e8:d5:c7:4b:3e:d2:63:18:54:
34:8d:4d:38:3a:45:b4:5e:2f:d8:ea:8e:57:62:b8:
f7:0c:69:85:87:5f:9f:b7:e1:18:5d:48:b6:71:12:
6f:62:6a:cb:f5:4d:4c:e9:f6:cd:73:6d:0e:23:82:
ea:12:0c:64:8e:19:8b:fa:d1:b0:cf:85:1f:b8:e8:
a6:3d:19:ce:ed:be:7a:96:4b:64:3f:ce:b1:80:50:
40:81:06:8b:b9:7d:55:01:09:b8:1b:96:a9:ac:73:
42:9e:93:3c:10:52:7c:97:d1:6e:2f:fe:43:6f:3c:
a8:46:fc:3e:50:c0:b8:5b:5b:1e:61:b4:72:14:fb:
41:a5:92:24:16:5e:87:23:cb:2c:01:57:36:1a:d9:
07:5a:a8:1a:58:31:fd:3a:26:32:ef:95:7c:e2:1c:
14:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B9:C4:AC:BB:CE:A7:36:5B:B1:14:FF:83:1C:35:C6:41:B2:1B:E9
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/FLnErLvOpzZbsRT_gxw1xkGyG-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.164.0/24
194.31.166.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:15:43:38:43:5f:7f:45:94:65:10:e7:2f:27:87:c2:9b:a2:
95:7a:f6:ae:12:79:8c:3f:5d:8e:09:75:b0:7c:d2:62:a0:a2:
da:78:52:c6:e4:32:89:74:e0:4d:a8:46:19:92:e2:4e:66:5c:
5e:d4:70:2c:61:d8:e0:43:0f:d1:d4:0c:7b:73:b4:c6:06:a6:
a9:c8:2d:49:5a:9b:e1:00:5d:87:01:25:b7:ed:e8:53:05:49:
24:b5:28:7d:70:97:40:aa:24:32:fc:73:cd:09:ee:ca:46:e4:
72:04:35:a9:db:de:f3:83:ee:04:e3:bd:31:9a:67:26:e3:a2:
5d:9e:e3:50:91:0f:92:68:76:f0:ce:67:0b:ec:ba:aa:59:51:
09:c9:1b:8c:5e:02:83:2a:5a:20:94:74:aa:bd:ad:65:81:bd:
93:3b:d8:e4:23:27:dd:cf:b3:2c:0e:aa:93:6f:9c:05:98:c0:
e2:94:e8:bc:d2:02:87:f4:b8:28:e7:59:a0:3a:cd:30:ff:82:
1c:ec:3d:51:28:fa:8d:7d:14:cc:92:e3:18:7c:c8:9f:7c:88:
01:a9:a0:d7:80:bc:2a:32:e3:78:ce:9a:14:71:05:2b:49:f3:
bd:37:86:9b:8c:30:b6:b5:93:75:51:6a:14:a5:e3:b8:ba:63:
f8:4d:be:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUUG9OZGMoMcAS5t/LShuHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwMjE3MTMzMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGI5YzRhY2JiY2VhNzM2NWJiMTE0ZmY4MzFjMzVjNjQxYjIxYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+tUwBcr3Qs4B7t8pDzWOyeaujKw
J7vjZgDT1kcfX5TgKGAAmFHaXeoB+ZEj3Cz9CZQ/O3g3OXXn2Tea/Bbg6TJslMiy
o+UBI/eIwv07WBZnROjME/hJ8Ugh1W2Y2nLo1cdLPtJjGFQ0jU04OkW0Xi/Y6o5X
Yrj3DGmFh1+ft+EYXUi2cRJvYmrL9U1M6fbNc20OI4LqEgxkjhmL+tGwz4UfuOim
PRnO7b56lktkP86xgFBAgQaLuX1VAQm4G5aprHNCnpM8EFJ8l9FuL/5DbzyoRvw+
UMC4W1seYbRyFPtBpZIkFl6HI8ssAVc2GtkHWqgaWDH9OiYy75V84hwUVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBS5xKy7zqc2W7EU/4McNcZBshvpMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvRkxuRXJMdk9welpic1JUX2d4dzF4a0d5Ry1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwh+kAwQA
wh+mMA0GCSqGSIb3DQEBCwUAA4IBAQAtFUM4Q19/RZRlEOcvJ4fCm6KVevauEnmM
P12OCXWwfNJioKLaeFLG5DKJdOBNqEYZkuJOZlxe1HAsYdjgQw/R1Ax7c7TGBqap
yC1JWpvhAF2HASW37ehTBUkktSh9cJdAqiQy/HPNCe7KRuRyBDWp297zg+4E470x
mmcm46JdnuNQkQ+SaHbwzmcL7LqqWVEJyRuMXgKDKloglHSqva1lgb2TO9jkIyfd
z7MsDqqTb5wFmMDilOi80gKH9Lgo51mgOs0w/4Ic7D1RKPqNfRTMkuMYfMiffIgB
qaDXgLwqMuN4zpoUcQUrSfO9N4abjDC2tZN1UWoUpeO4umP4Tb7z
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:44:13 2025 by rpki-client