Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/FoWNQ1gpwJC_vJTYQPjNq4EOPsk.roa
File: FoWNQ1gpwJC_vJTYQPjNq4EOPsk.roa (raw, json)
Hash identifier: y3YmRhUlwwI5SoZwTRIclzEsG8VBx6W5icxmsvJXHic=
Subject key identifier: 16:85:8D:43:58:29:C0:90:BF:BC:94:D8:40:F8:CD:AB:81:0E:3E:C9
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 019427481C278B2B165FD8D293E41D0E6F98
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/FoWNQ1gpwJC_vJTYQPjNq4EOPsk.roa
Signing time: Thu 02 Jan 2025 13:50:24 +0000
ROA not before: Thu 02 Jan 2025 13:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8903
IP address blocks: 185.123.120.0/22 maxlen: 24
212.66.160.0/24 maxlen: 24
212.80.160.0/19 maxlen: 24
213.170.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.mft
rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 13:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1c:27:8b:2b:16:5f:d8:d2:93:e4:1d:0e:6f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 13:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16858d435829c090bfbc94d840f8cdab810e3ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2c:7e:f8:fe:de:2d:9e:28:a9:8f:12:60:ba:
10:60:a3:45:0f:6c:18:93:e7:72:d8:09:16:33:79:
1c:dc:f0:9c:c8:78:bf:4c:90:35:65:ad:1e:08:ba:
3e:af:89:48:c0:7d:64:90:ae:a2:fa:ec:de:4e:c0:
d5:dc:8a:6f:f0:42:f7:dd:79:f8:4c:28:56:ce:fc:
9e:2d:41:33:1c:33:0d:17:d9:10:bf:cd:e6:f6:3a:
fb:5b:16:c8:db:47:36:50:1c:fa:ab:f9:f8:22:ad:
9a:83:63:bc:39:4e:10:be:19:d6:30:09:56:9b:51:
6a:23:2a:42:45:1e:0f:0d:0d:1a:ec:f7:45:41:e5:
74:d6:31:39:b9:a1:47:84:bc:01:29:99:e2:9b:28:
16:a4:6a:4b:a6:d1:f1:25:9e:fb:e1:f9:32:cd:b0:
85:f3:c3:e0:b6:2b:7b:69:34:ca:d1:69:bf:cb:a4:
25:35:3b:6e:e4:9e:2f:63:db:7d:68:c8:a1:dc:4a:
3e:f3:df:67:2b:ac:0f:89:c9:ad:6a:d9:f4:c9:d6:
71:38:cd:d0:1d:86:cf:96:6b:f8:14:a3:d8:fd:9e:
18:ed:cf:3b:1b:b7:49:3f:cc:65:5f:bc:2f:3a:21:
ff:13:70:78:e2:a2:3a:3f:37:2e:f4:b8:4e:3c:b3:
a3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:85:8D:43:58:29:C0:90:BF:BC:94:D8:40:F8:CD:AB:81:0E:3E:C9
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/FoWNQ1gpwJC_vJTYQPjNq4EOPsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.120.0/22
212.66.160.0/24
212.80.160.0/19
213.170.32.0/19
Signature Algorithm: sha256WithRSAEncryption
3d:33:51:e1:91:ee:2c:7e:01:57:4f:b2:b1:35:8f:68:60:2b:
67:55:ac:40:33:f8:12:f9:f1:8f:a8:e4:e5:f8:7e:94:9d:07:
83:88:3d:f9:ff:69:85:d6:82:df:94:1f:e8:6a:7b:87:9f:99:
a3:c2:0a:06:20:25:b0:f3:d6:d4:51:7d:f6:71:79:64:82:fd:
8e:32:bd:ac:8d:b4:10:d3:f0:6d:9c:4e:5c:93:0b:d1:90:70:
8d:b2:37:76:f0:f5:39:93:3c:2a:78:7d:c5:f0:62:cb:9b:6b:
38:04:97:02:af:a3:14:21:7b:69:91:32:60:68:5a:a1:d8:a1:
ba:16:38:9d:e9:d7:d1:50:c8:9a:f9:2d:92:44:72:89:bc:4b:
6d:21:c0:e0:fa:cf:9f:e0:d0:37:55:6b:44:e5:26:a0:12:3c:
31:28:ff:0f:a6:a9:39:d1:60:06:38:9f:0a:80:a6:df:3e:3c:
29:a7:8b:8a:24:8c:ce:bd:27:2a:a2:3b:9b:28:cf:a8:6b:ca:
b7:b2:1b:8c:15:08:58:29:83:a5:32:79:db:ec:da:93:bc:44:
d7:99:3d:83:33:18:c4:b4:30:38:1c:e1:dc:4c:c0:eb:f5:7a:
e0:db:ad:4f:06:5e:67:ec:aa:db:13:fc:c6:5a:da:81:91:4f:
e8:c9:d5:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSBwniysWX9jSk+QdDm+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjUwMTAyMTM1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjg1OGQ0MzU4MjljMDkwYmZiYzk0ZDg0MGY4Y2RhYjgxMGUzZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyx++P7eLZ4oqY8SYLoQYKNFD2wY
k+dy2AkWM3kc3PCcyHi/TJA1Za0eCLo+r4lIwH1kkK6i+uzeTsDV3Ipv8EL33Xn4
TChWzvyeLUEzHDMNF9kQv83m9jr7WxbI20c2UBz6q/n4Iq2ag2O8OU4QvhnWMAlW
m1FqIypCRR4PDQ0a7PdFQeV01jE5uaFHhLwBKZnimygWpGpLptHxJZ774fkyzbCF
88Pgtit7aTTK0Wm/y6QlNTtu5J4vY9t9aMih3Eo+899nK6wPicmtatn0ydZxOM3Q
HYbPlmv4FKPY/Z4Y7c87G7dJP8xlX7wvOiH/E3B44qI6Pzcu9LhOPLOjOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBaFjUNYKcCQv7yU2ED4zauBDj7JMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvRm9XTlExZ3B3SkNfdkpUWVFQak5xNEVPUHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXt4AwQA
1EKgAwQF1FCgAwQF1aogMA0GCSqGSIb3DQEBCwUAA4IBAQA9M1Hhke4sfgFXT7Kx
NY9oYCtnVaxAM/gS+fGPqOTl+H6UnQeDiD35/2mF1oLflB/oanuHn5mjwgoGICWw
89bUUX32cXlkgv2OMr2sjbQQ0/BtnE5ckwvRkHCNsjd28PU5kzwqeH3F8GLLm2s4
BJcCr6MUIXtpkTJgaFqh2KG6Fjid6dfRUMia+S2SRHKJvEttIcDg+s+f4NA3VWtE
5SagEjwxKP8Ppqk50WAGOJ8KgKbfPjwpp4uKJIzOvScqojubKM+oa8q3shuMFQhY
KYOlMnnb7NqTvETXmT2DMxjEtDA4HOHcTMDr9Xrg261PBl5n7KrbE/zGWtqBkU/o
ydUY
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:38:22 2025 by rpki-client