Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/fvmPK9oBYawf3WrvWH2W-IrLack.roa
File: fvmPK9oBYawf3WrvWH2W-IrLack.roa (raw, json)
Hash identifier: jbyIzGoc+3nZMPPaYxP5PgX+7SvKTCObiN1ijSSrLNI=
Subject key identifier: 7E:F9:8F:2B:DA:01:61:AC:1F:DD:6A:EF:58:7D:96:F8:8A:CB:69:C9
Certificate issuer: /CN=810af00225106b2096e9b21d9ac2f2040688dea2
Certificate serial: 019422FC2A5B8E887D90F7D1E2294A32C72D
Authority key identifier: 81:0A:F0:02:25:10:6B:20:96:E9:B2:1D:9A:C2:F2:04:06:88:DE:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQrwAiUQayCW6bIdmsLyBAaI3qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/fvmPK9oBYawf3WrvWH2W-IrLack.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198890
IP address blocks: 80.79.13.0/24 maxlen: 24
87.120.100.0/22 maxlen: 22
93.187.110.0/24 maxlen: 24
185.161.184.0/23 maxlen: 23
2a13:1540::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/gQrwAiUQayCW6bIdmsLyBAaI3qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2a:5b:8e:88:7d:90:f7:d1:e2:29:4a:32:c7:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=810af00225106b2096e9b21d9ac2f2040688dea2
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ef98f2bda0161ac1fdd6aef587d96f88acb69c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bc:e8:c2:8f:29:27:8d:fc:f9:72:33:b2:f0:
a3:2b:57:cb:45:04:a4:cc:a4:4a:1c:b6:83:56:90:
c7:b2:4f:3f:cf:06:04:9a:60:48:3b:95:fd:9f:bb:
07:5a:ec:5b:27:74:0d:d6:e8:b5:7d:38:02:bd:8a:
3b:41:e1:58:46:15:f9:7b:7e:b1:4e:9d:e9:e6:49:
dc:8c:ff:8b:77:56:5b:33:64:a4:4a:cf:cd:91:ca:
dd:30:6a:9d:2f:6e:e7:e2:91:fa:f5:a7:d3:96:53:
ec:11:b2:de:df:ec:7c:07:f1:99:e9:6c:2b:74:65:
e6:eb:96:2f:fe:cd:eb:5d:c0:f3:16:0d:20:07:8f:
d2:b2:6a:05:a7:5c:e0:01:3c:7a:17:ab:b0:e9:b3:
fd:17:b5:db:64:57:98:ab:5f:66:16:95:e3:0d:4f:
1a:33:28:35:35:fd:b9:c6:73:a1:0b:d8:7b:33:15:
a1:1d:e4:2a:10:ef:5d:9c:8b:43:ab:fc:9e:9d:39:
22:15:39:aa:14:c7:6f:59:e4:7b:ba:ea:38:bd:de:
66:61:b3:00:12:ff:79:4f:2d:ea:7a:29:74:e4:af:
59:bf:22:96:dd:4f:99:b0:93:a4:7f:a8:14:01:a5:
9f:8f:4f:1e:4f:9a:80:d1:8c:28:88:4d:f0:41:da:
16:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F9:8F:2B:DA:01:61:AC:1F:DD:6A:EF:58:7D:96:F8:8A:CB:69:C9
X509v3 Authority Key Identifier:
keyid:81:0A:F0:02:25:10:6B:20:96:E9:B2:1D:9A:C2:F2:04:06:88:DE:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQrwAiUQayCW6bIdmsLyBAaI3qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/fvmPK9oBYawf3WrvWH2W-IrLack.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.13.0/24
87.120.100.0/22
93.187.110.0/24
185.161.184.0/23
IPv6:
2a13:1540::/48
Signature Algorithm: sha256WithRSAEncryption
1d:53:e1:97:e2:da:b4:62:d9:c9:90:83:6d:29:17:57:a1:81:
26:f2:6b:a3:f7:16:04:07:16:f0:65:e0:37:24:15:58:e0:5b:
94:d9:99:f0:09:c0:86:d1:55:0a:3b:0e:f4:67:97:bf:a2:b2:
c8:8a:de:ce:52:32:4e:0b:4c:2f:1f:bc:16:9e:9e:a7:b7:f7:
22:a6:aa:d7:7a:74:f6:66:7b:a6:85:b8:1e:7b:7b:a9:a6:ae:
e6:2d:4e:01:4b:6b:b0:5f:88:8a:7a:ab:7f:0f:ca:4e:06:69:
28:a2:76:7d:84:8a:9c:79:61:c6:67:4d:53:08:2b:63:aa:15:
7b:e8:19:9c:06:a2:0e:f9:2a:c1:17:1a:51:94:30:0a:ba:c9:
98:ea:80:4c:65:01:3a:f9:24:f0:ff:f0:99:06:50:dc:47:cf:
d2:8a:59:76:b6:d7:88:a9:e1:b1:cf:8c:dc:8f:20:48:7b:73:
7d:d5:a7:27:4a:87:e8:a3:b7:84:58:27:c8:26:b5:87:09:40:
50:4b:64:cb:04:25:a6:4b:08:bd:80:db:e8:b1:48:57:3c:95:
f5:9c:84:77:4e:76:18:c7:a5:7a:ce:e8:4e:a8:8f:92:ae:d0:
3a:19:18:32:4a:31:21:b9:cd:37:14:04:ff:8c:df:74:63:cc:
a0:9e:36:2c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQi/Cpbjoh9kPfR4ilKMsctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMGFmMDAyMjUxMDZiMjA5NmU5YjIxZDlhYzJmMjA0MDY4
OGRlYTIwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWY5OGYyYmRhMDE2MWFjMWZkZDZhZWY1ODdkOTZmODhhY2I2OWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Lzowo8pJ438+XIzsvCjK1fLRQSk
zKRKHLaDVpDHsk8/zwYEmmBIO5X9n7sHWuxbJ3QN1ui1fTgCvYo7QeFYRhX5e36x
Tp3p5kncjP+Ld1ZbM2SkSs/NkcrdMGqdL27n4pH69afTllPsEbLe3+x8B/GZ6Wwr
dGXm65Yv/s3rXcDzFg0gB4/SsmoFp1zgATx6F6uw6bP9F7XbZFeYq19mFpXjDU8a
Myg1Nf25xnOhC9h7MxWhHeQqEO9dnItDq/yenTkiFTmqFMdvWeR7uuo4vd5mYbMA
Ev95Ty3qeil05K9ZvyKW3U+ZsJOkf6gUAaWfj08eT5qA0YwoiE3wQdoWDQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFH75jyvaAWGsH91q71h9lviKy2nJMB8GA1UdIwQY
MBaAFIEK8AIlEGsglumyHZrC8gQGiN6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1Fyd0FpVVFheUNXNmJJZG1zTHlCQWFJM3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NDJhOWItOWVkNy00OTNkLTgzZjMt
M2NhNDg4ZGVlZTg5LzEvZnZtUEs5b0JZYXdmM1dydldIMlctSXJMYWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NDJhOWItOWVkNy00OTNkLTgzZjMtM2NhNDg4ZGVlZTg5
LzEvZ1Fyd0FpVVFheUNXNmJJZG1zTHlCQWFJM3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAUE8NAwQC
V3hkAwQAXbtuAwQBuaG4MA8EAgACMAkDBwAqExVAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAB1T4Zfi2rRi2cmQg20pF1ehgSbya6P3FgQHFvBl4DckFVjgW5TZmfAJwIbR
VQo7DvRnl7+issiK3s5SMk4LTC8fvBaenqe39yKmqtd6dPZme6aFuB57e6mmruYt
TgFLa7BfiIp6q38Pyk4GaSiidn2Eipx5YcZnTVMIK2OqFXvoGZwGog75KsEXGlGU
MAq6yZjqgExlATr5JPD/8JkGUNxHz9KKWXa214ip4bHPjNyPIEh7c33VpydKh+ij
t4RYJ8gmtYcJQFBLZMsEJaZLCL2A2+ixSFc8lfWchHdOdhjHpXrO6E6oj5Ku0DoZ
GDJKMSG5zTcUBP+M33RjzKCeNiw=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:38:07 2025 by rpki-client