Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/FofLk3d-9d-JAlFYXdgZTw1Nedg.roa
File: FofLk3d-9d-JAlFYXdgZTw1Nedg.roa (raw, json)
Hash identifier: 2KRfWwvbvbbQwWLhaFWopNfE6YAXhfN7JLjsMwGtiOw=
Subject key identifier: 16:87:CB:93:77:7E:F5:DF:89:02:51:58:5D:D8:19:4F:0D:4D:79:D8
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0194258F9F7FC3A75725EB780CC5A3524BA5
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/FofLk3d-9d-JAlFYXdgZTw1Nedg.roa
Signing time: Thu 02 Jan 2025 05:49:16 +0000
ROA not before: Thu 02 Jan 2025 05:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 2.57.148.0/24 maxlen: 24
5.133.110.0/24 maxlen: 24
45.88.82.0/24 maxlen: 24
45.88.83.0/24 maxlen: 24
45.91.161.0/24 maxlen: 24
45.132.207.0/24 maxlen: 24
45.136.248.0/24 maxlen: 24
45.138.145.0/24 maxlen: 24
45.143.140.0/24 maxlen: 24
45.147.244.0/24 maxlen: 24
45.147.245.0/24 maxlen: 24
45.147.247.0/24 maxlen: 24
80.242.62.0/24 maxlen: 24
87.247.143.0/24 maxlen: 24
103.145.21.0/24 maxlen: 24
109.94.216.0/24 maxlen: 24
109.94.217.0/24 maxlen: 24
109.94.218.0/24 maxlen: 24
109.94.219.0/24 maxlen: 24
192.144.16.0/24 maxlen: 24
194.59.12.0/24 maxlen: 24
194.156.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 13:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:9f:7f:c3:a7:57:25:eb:78:0c:c5:a3:52:4b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 05:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1687cb93777ef5df890251585dd8194f0d4d79d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:38:68:0d:98:3c:81:cc:b9:3f:b9:32:98:0e:
73:31:80:d0:ad:c6:8b:b6:d8:18:49:1f:7c:ba:fe:
23:5b:1d:cc:67:5d:a4:2f:45:aa:11:a1:4c:a2:64:
06:86:bb:60:b8:7c:85:69:d7:c4:dd:43:35:d2:6b:
99:22:f8:27:7a:96:73:44:05:0d:76:dd:76:73:a4:
bd:bf:c7:1f:8e:48:1f:76:54:f5:9f:e2:b1:8e:f9:
19:a9:d6:ec:1d:29:6b:62:47:4c:a4:70:e4:aa:a9:
21:d9:01:9c:e9:42:57:68:f7:59:a6:52:5a:6f:bc:
0d:07:3c:09:5d:5b:e9:d0:af:54:26:96:e2:90:7a:
90:55:4d:08:7d:e4:aa:1e:eb:8e:a4:59:3f:f6:29:
9e:7f:1e:b5:4c:c3:98:38:6a:6f:a4:e9:bc:1d:d2:
65:a6:12:e7:e2:3a:a7:a9:fe:ab:8a:7d:0a:81:25:
1e:35:d0:1a:d7:53:05:ea:bb:d1:c0:89:86:bb:84:
e7:28:09:32:db:0d:bb:75:cf:70:84:90:9e:ea:35:
bc:93:c5:ef:f1:3b:45:f5:44:64:52:23:3f:94:02:
61:f2:1f:85:d6:73:c9:34:43:6b:7f:f5:e4:73:be:
58:d4:7c:e5:73:62:cd:ae:5b:2c:fd:83:cc:91:ca:
33:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:87:CB:93:77:7E:F5:DF:89:02:51:58:5D:D8:19:4F:0D:4D:79:D8
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/FofLk3d-9d-JAlFYXdgZTw1Nedg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.148.0/24
5.133.110.0/24
45.88.82.0/23
45.91.161.0/24
45.132.207.0/24
45.136.248.0/24
45.138.145.0/24
45.143.140.0/24
45.147.244.0/23
45.147.247.0/24
80.242.62.0/24
87.247.143.0/24
103.145.21.0/24
109.94.216.0/22
192.144.16.0/24
194.59.12.0/24
194.156.1.0/24
Signature Algorithm: sha256WithRSAEncryption
64:4b:d5:88:f5:6d:50:dc:ea:c0:65:1e:84:d5:53:9c:e6:0d:
67:aa:77:53:6a:90:14:16:c3:2a:e9:9e:87:6f:01:8f:76:27:
aa:91:11:62:c7:9d:2b:f6:8d:a8:9c:34:84:67:ae:64:7d:6f:
6c:98:e2:da:6f:42:07:1d:d9:d0:e5:3e:47:93:e6:53:e2:b5:
65:6f:06:a0:ac:66:73:6b:cb:57:69:5a:51:57:25:24:2c:69:
23:b5:1f:ff:68:8e:0a:e2:54:8c:71:65:9b:bf:71:a9:13:ea:
8d:87:45:6a:d3:83:41:74:51:d7:39:e3:4b:f0:e0:38:59:4c:
23:48:89:15:0d:ab:d4:29:c7:ab:3a:fb:59:eb:b3:b7:ad:51:
19:00:aa:cb:40:f9:ff:ea:7b:35:21:3a:d4:97:75:fd:91:01:
b4:88:a8:4f:d7:d9:c6:8b:6b:f5:4c:d9:b7:41:eb:58:b4:16:
89:0e:6b:d7:b8:8f:71:e9:66:1a:e1:75:6c:1e:5c:9c:97:15:
ca:aa:61:64:58:fb:ec:19:5b:98:73:0e:c0:89:ed:3f:74:98:
90:5f:67:00:f5:9d:12:c2:1d:8c:18:0e:24:83:92:5a:2f:5f:
a6:fa:61:7e:98:d2:1a:47:2d:1e:01:66:37:cf:3e:d1:ad:38:
66:87:c2:8a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQlj59/w6dXJet4DMWjUkulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwMTAyMDU0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjg3Y2I5Mzc3N2VmNWRmODkwMjUxNTg1ZGQ4MTk0ZjBkNGQ3OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmThoDZg8gcy5P7kymA5zMYDQrcaL
ttgYSR98uv4jWx3MZ12kL0WqEaFMomQGhrtguHyFadfE3UM10muZIvgnepZzRAUN
dt12c6S9v8cfjkgfdlT1n+KxjvkZqdbsHSlrYkdMpHDkqqkh2QGc6UJXaPdZplJa
b7wNBzwJXVvp0K9UJpbikHqQVU0IfeSqHuuOpFk/9imefx61TMOYOGpvpOm8HdJl
phLn4jqnqf6rin0KgSUeNdAa11MF6rvRwImGu4TnKAky2w27dc9whJCe6jW8k8Xv
8TtF9URkUiM/lAJh8h+F1nPJNENrf/Xkc75Y1Hzlc2LNrlss/YPMkcozUwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFBaHy5N3fvXfiQJRWF3YGU8NTXnYMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvRm9mTGszZC05ZC1KQWxGWVhkZ1pUdzFOZWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAAjmUAwQA
BYVuAwQBLVhSAwQALVuhAwQALYTPAwQALYj4AwQALYqRAwQALY+MAwQBLZP0AwQA
LZP3AwQAUPI+AwQAV/ePAwQAZ5EVAwQCbV7YAwQAwJAQAwQAwjsMAwQAwpwBMA0G
CSqGSIb3DQEBCwUAA4IBAQBkS9WI9W1Q3OrAZR6E1VOc5g1nqndTapAUFsMq6Z6H
bwGPdieqkRFix50r9o2onDSEZ65kfW9smOLab0IHHdnQ5T5Hk+ZT4rVlbwagrGZz
a8tXaVpRVyUkLGkjtR//aI4K4lSMcWWbv3GpE+qNh0Vq04NBdFHXOeNL8OA4WUwj
SIkVDavUKcerOvtZ67O3rVEZAKrLQPn/6ns1ITrUl3X9kQG0iKhP19nGi2v1TNm3
QetYtBaJDmvXuI9x6WYa4XVsHlyclxXKqmFkWPvsGVuYcw7Aie0/dJiQX2cA9Z0S
wh2MGA4kg5JaL1+m+mF+mNIaRy0eAWY3zz7RrThmh8KK
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:34:22 2025 by rpki-client