Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/FLJVwq3wzQuxp8jY2tLAT-Rnh-Y.roa
File: FLJVwq3wzQuxp8jY2tLAT-Rnh-Y.roa (raw, json)
Hash identifier: BIb7Su95oQINtrVuibHjqkXlgWcfxoPczkywr4wwUxM=
Subject key identifier: 14:B2:55:C2:AD:F0:CD:0B:B1:A7:C8:D8:DA:D2:C0:4F:E4:67:87:E6
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 0194266C03942EF6545BEEB233E26358BC7A
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/FLJVwq3wzQuxp8jY2tLAT-Rnh-Y.roa
Signing time: Thu 02 Jan 2025 09:50:00 +0000
ROA not before: Thu 02 Jan 2025 09:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 176.67.80.0/23 maxlen: 23
185.91.122.0/23 maxlen: 23
2a05:e9c0:5600::/40 maxlen: 40
2a05:e9c0:6200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 12:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:03:94:2e:f6:54:5b:ee:b2:33:e2:63:58:bc:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Jan 2 09:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14b255c2adf0cd0bb1a7c8d8dad2c04fe46787e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:22:d0:e3:32:05:a9:de:ea:5c:58:3f:04:
53:57:56:ee:24:2c:22:20:6a:76:47:f0:d9:04:50:
1c:32:5c:03:bf:18:09:72:ca:69:92:ec:a7:83:66:
1b:62:ae:c4:b5:8b:34:69:08:d4:20:ed:dc:db:6a:
a8:c4:71:f2:e4:eb:0e:13:d3:15:91:19:16:40:4c:
8d:39:40:93:e6:89:a2:61:e0:01:ea:9b:a4:17:4f:
57:a4:bf:59:be:69:0f:1b:c2:ba:43:83:c7:8b:36:
c3:3d:f3:8d:70:2a:36:ef:22:8f:a6:59:1f:9b:07:
0a:a5:40:fa:8d:f5:c3:a2:f8:aa:a1:fe:b0:4d:c4:
78:de:da:80:33:77:79:89:be:ea:b9:83:80:fb:29:
cf:41:4b:a0:57:92:ed:63:d0:2a:97:3a:ba:e9:98:
c4:21:51:f4:4a:86:5b:5a:8f:d8:0c:25:e9:55:ea:
51:4d:33:4d:85:90:50:32:5a:78:a6:66:2f:40:a1:
f8:30:38:00:91:1a:bc:77:a6:2e:89:ab:1f:e3:a7:
67:4e:ed:9c:e5:2f:1a:04:df:0f:91:89:46:5f:a4:
25:a6:b0:94:f1:a9:3e:7a:bd:84:be:df:71:5b:46:
34:00:1f:f9:cc:71:10:ed:6c:85:5e:5b:97:88:55:
5d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B2:55:C2:AD:F0:CD:0B:B1:A7:C8:D8:DA:D2:C0:4F:E4:67:87:E6
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/FLJVwq3wzQuxp8jY2tLAT-Rnh-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.80.0/23
185.91.122.0/23
IPv6:
2a05:e9c0:5600::/40
2a05:e9c0:6200::/40
Signature Algorithm: sha256WithRSAEncryption
38:a6:82:9d:74:aa:94:20:17:3e:2f:2d:41:85:57:ca:35:21:
2c:b3:bc:af:a6:10:37:7f:cd:33:d2:1b:11:9a:ac:fe:4e:80:
32:1b:8c:80:e5:e3:40:cc:30:6e:30:60:34:30:59:57:26:35:
31:2c:8e:8f:01:fb:f3:10:7a:e4:6a:6d:fa:2a:6b:48:b6:97:
0c:1b:40:c1:e8:30:24:49:16:1f:b1:d3:12:3c:c0:65:a8:87:
a7:e0:8a:ad:af:33:57:25:ae:3e:f3:1c:90:a1:6b:33:ac:e9:
b6:b1:d6:ea:8e:5a:ae:d5:d3:b9:f6:f0:4e:d5:e2:ec:23:4a:
8d:4b:ab:28:ee:66:00:80:a8:e2:bd:88:97:28:83:72:36:41:
3b:25:35:87:76:33:7b:fd:8e:b2:c5:f4:23:04:ec:ff:58:04:
c2:40:d1:f8:7f:f0:10:f3:0d:5c:2e:a0:66:94:b3:e3:72:e5:
ed:a0:6f:e0:6e:2a:86:c0:f3:13:2f:9f:ef:43:07:0e:37:1b:
c0:fc:5f:3a:2b:bb:db:e2:ad:bb:80:e6:51:6b:7c:41:34:7a:
79:dc:a4:64:5f:99:7f:69:86:7c:89:38:a9:f9:41:e5:fa:9e:
2d:79:c6:24:fe:09:67:24:e8:67:3b:5c:b8:80:a9:ae:aa:03:
54:5f:15:31
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQmbAOULvZUW+6yM+JjWLx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjUwMTAyMDk1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGIyNTVjMmFkZjBjZDBiYjFhN2M4ZDhkYWQyYzA0ZmU0Njc4N2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTMi0OMyBane6lxYPwRTV1buJCwi
IGp2R/DZBFAcMlwDvxgJcsppkuyng2YbYq7EtYs0aQjUIO3c22qoxHHy5OsOE9MV
kRkWQEyNOUCT5omiYeAB6pukF09XpL9ZvmkPG8K6Q4PHizbDPfONcCo27yKPplkf
mwcKpUD6jfXDoviqof6wTcR43tqAM3d5ib7quYOA+ynPQUugV5LtY9Aqlzq66ZjE
IVH0SoZbWo/YDCXpVepRTTNNhZBQMlp4pmYvQKH4MDgAkRq8d6Yuiasf46dnTu2c
5S8aBN8PkYlGX6QlprCU8ak+er2Evt9xW0Y0AB/5zHEQ7WyFXluXiFVd8wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBSyVcKt8M0LsafI2NrSwE/kZ4fmMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvRkxKVndxM3d6UXV4cDhqWTJ0TEFULVJuaC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBsENQAwQB
uVt6MBYEAgACMBADBgAqBenAVgMGACoF6cBiMA0GCSqGSIb3DQEBCwUAA4IBAQA4
poKddKqUIBc+Ly1BhVfKNSEss7yvphA3f80z0hsRmqz+ToAyG4yA5eNAzDBuMGA0
MFlXJjUxLI6PAfvzEHrkam36KmtItpcMG0DB6DAkSRYfsdMSPMBlqIen4IqtrzNX
Ja4+8xyQoWszrOm2sdbqjlqu1dO59vBO1eLsI0qNS6so7mYAgKjivYiXKINyNkE7
JTWHdjN7/Y6yxfQjBOz/WATCQNH4f/AQ8w1cLqBmlLPjcuXtoG/gbiqGwPMTL5/v
QwcONxvA/F86K7vb4q27gOZRa3xBNHp53KRkX5l/aYZ8iTip+UHl+p4tecYk/gln
JOhnO1y4gKmuqgNUXxUx
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:32:29 2025 by rpki-client