Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/FCsvVRb4swZVn7i4DbPOyl1zfXM.roa
File: FCsvVRb4swZVn7i4DbPOyl1zfXM.roa (raw, json)
Hash identifier: pWG3xc+TD2BjxXH94IjEoL3ycjPpI1BrWH3pnVMhatw=
Subject key identifier: 14:2B:2F:55:16:F8:B3:06:55:9F:B8:B8:0D:B3:CE:CA:5D:73:7D:73
Certificate issuer: /CN=cbd4719d72d288a73218d8c1a498823333297e25
Certificate serial: 01962946102D9186B1DEEE90801DE81DA2C5
Authority key identifier: CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/FCsvVRb4swZVn7i4DbPOyl1zfXM.roa
Signing time: Sat 12 Apr 2025 09:12:59 +0000
ROA not before: Sat 12 Apr 2025 09:12:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50597
IP address blocks: 167.160.5.0/24 maxlen: 24
185.98.157.0/24 maxlen: 24
185.181.52.0/22 maxlen: 22
185.181.52.0/23 maxlen: 24
185.181.54.0/24 maxlen: 24
185.181.55.0/24 maxlen: 24
192.161.6.0/24 maxlen: 24
192.161.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:29:46:10:2d:91:86:b1:de:ee:90:80:1d:e8:1d:a2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd4719d72d288a73218d8c1a498823333297e25
Validity
Not Before: Apr 12 09:12:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=142b2f5516f8b306559fb8b80db3ceca5d737d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6b:fd:ed:22:28:d5:65:93:05:56:05:93:26:
4f:55:de:ea:46:1d:19:31:92:b6:a2:d9:55:94:f7:
ce:8e:0a:d7:58:6d:ff:c0:1f:c5:61:f5:ea:67:66:
04:f1:cf:e7:dd:14:7a:d2:a9:6f:5e:0c:1a:31:90:
0f:00:e4:a1:62:6b:06:27:1a:93:47:82:dd:d9:cd:
0a:0f:8f:ad:e2:89:4c:dd:37:95:9f:63:c9:72:18:
eb:58:6f:c2:3f:cb:a7:ab:30:44:7d:70:75:2a:d2:
4f:4a:17:1c:38:74:4f:40:02:de:70:78:52:95:ae:
f7:1b:75:18:81:7b:bf:11:95:39:2d:35:b9:e5:66:
8e:e0:f7:02:1a:87:09:24:82:aa:7a:51:85:1f:b3:
70:ef:07:11:1c:b3:d9:4e:12:6a:71:e6:d0:66:ab:
fe:22:a3:0e:19:91:84:73:28:41:59:29:48:d1:98:
7b:ae:21:0c:12:79:d6:91:d3:78:ab:6d:a5:6d:87:
e0:94:a4:18:58:7d:b0:0f:95:d1:c7:42:5b:cc:55:
2d:a8:1f:ac:21:7c:7e:3e:67:7a:af:82:81:87:aa:
eb:e4:82:f6:cf:0b:fa:59:b1:b0:bf:25:99:e4:6e:
f6:46:dd:cd:3a:63:23:99:e1:51:c1:49:3b:67:12:
f4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2B:2F:55:16:F8:B3:06:55:9F:B8:B8:0D:B3:CE:CA:5D:73:7D:73
X509v3 Authority Key Identifier:
keyid:CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/FCsvVRb4swZVn7i4DbPOyl1zfXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.5.0/24
185.98.157.0/24
185.181.52.0/22
192.161.6.0/23
Signature Algorithm: sha256WithRSAEncryption
88:62:cb:1c:91:f9:24:f3:5d:7a:5d:d9:42:ae:73:0b:5d:8b:
93:99:49:fc:c7:71:46:7f:17:19:77:c6:d1:45:38:2f:7c:dc:
32:eb:a4:e2:81:6e:aa:d9:64:2f:dc:c6:cb:7d:d6:cb:25:9f:
0e:e1:2f:b8:8c:33:4b:96:ca:52:72:3e:92:77:42:ff:30:dd:
22:a0:7f:1e:ee:ef:e5:f9:5b:d7:24:f3:73:f4:25:7d:97:46:
a8:56:81:95:70:fa:de:ca:75:ef:71:e7:02:0f:67:0d:18:62:
90:e3:91:cf:17:91:eb:26:43:48:56:76:d4:ee:c5:1f:67:4c:
ce:e5:28:f7:6a:a6:74:98:71:79:3c:34:7d:c1:31:89:ae:10:
a3:1a:f1:c4:26:29:ee:75:7b:ec:7d:13:32:f6:1d:d5:b4:1a:
c0:22:96:fa:e8:ea:9e:e9:ab:f5:2e:a9:bc:81:ec:91:cf:15:
0b:cd:d6:15:c1:20:98:27:05:58:8f:f2:c6:82:98:f1:e1:55:
6f:31:75:31:c6:82:70:0b:77:d0:13:6a:38:10:68:f6:8f:21:
cd:e1:ac:91:9d:5c:ad:fe:27:09:a9:c8:01:81:f7:32:00:67:
cf:f6:7a:86:26:35:b7:42:20:95:9f:75:0d:5c:77:cc:54:7f:
17:81:e1:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZYpRhAtkYax3u6QgB3oHaLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDQ3MTlkNzJkMjg4YTczMjE4ZDhjMWE0OTg4MjMzMzMy
OTdlMjUwHhcNMjUwNDEyMDkxMjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDJiMmY1NTE2ZjhiMzA2NTU5ZmI4YjgwZGIzY2VjYTVkNzM3ZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Wv97SIo1WWTBVYFkyZPVd7qRh0Z
MZK2otlVlPfOjgrXWG3/wB/FYfXqZ2YE8c/n3RR60qlvXgwaMZAPAOShYmsGJxqT
R4Ld2c0KD4+t4olM3TeVn2PJchjrWG/CP8unqzBEfXB1KtJPShccOHRPQALecHhS
la73G3UYgXu/EZU5LTW55WaO4PcCGocJJIKqelGFH7Nw7wcRHLPZThJqcebQZqv+
IqMOGZGEcyhBWSlI0Zh7riEMEnnWkdN4q22lbYfglKQYWH2wD5XRx0JbzFUtqB+s
IXx+Pmd6r4KBh6rr5IL2zwv6WbGwvyWZ5G72Rt3NOmMjmeFRwUk7ZxL0AQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBQrL1UW+LMGVZ+4uA2zzspdc31zMB8GA1UdIwQY
MBaAFMvUcZ1y0oinMhjYwaSYgjMzKX4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUt
YjQ5MmQ2ZmY0ODNmLzEvRkNzdlZSYjRzd1pWbjdpNERiUE95bDF6ZlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUtYjQ5MmQ2ZmY0ODNm
LzEveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAp6AFAwQA
uWKdAwQCubU0AwQBwKEGMA0GCSqGSIb3DQEBCwUAA4IBAQCIYssckfkk8116XdlC
rnMLXYuTmUn8x3FGfxcZd8bRRTgvfNwy66TigW6q2WQv3MbLfdbLJZ8O4S+4jDNL
lspScj6Sd0L/MN0ioH8e7u/l+VvXJPNz9CV9l0aoVoGVcPreynXvcecCD2cNGGKQ
45HPF5HrJkNIVnbU7sUfZ0zO5Sj3aqZ0mHF5PDR9wTGJrhCjGvHEJinudXvsfRMy
9h3VtBrAIpb66Oqe6av1Lqm8geyRzxULzdYVwSCYJwVYj/LGgpjx4VVvMXUxxoJw
C3fQE2o4EGj2jyHN4ayRnVyt/icJqcgBgfcyAGfP9nqGJjW3QiCVn3UNXHfMVH8X
geGS
-----END CERTIFICATE-----
Generated at Tue Apr 15 22:07:39 2025 by rpki-client