Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/rF48GSjCA8nAgS7e7P_0TwDWMHI.roa
File: rF48GSjCA8nAgS7e7P_0TwDWMHI.roa (raw, json)
Hash identifier: mzK0vZsIrvw7/YH7xF2HGiJG11ODO49sPGy1ll1t6eQ=
Subject key identifier: AC:5E:3C:19:28:C2:03:C9:C0:81:2E:DE:EC:FF:F4:4F:00:D6:30:72
Certificate issuer: /CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
Certificate serial: 0195B6273EBAF53066E92F91401E53DCC86B
Authority key identifier: 29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/rF48GSjCA8nAgS7e7P_0TwDWMHI.roa
Signing time: Fri 21 Mar 2025 00:43:00 +0000
ROA not before: Fri 21 Mar 2025 00:43:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393439
IP address blocks: 81.85.160.0/22 maxlen: 22
81.85.164.0/24 maxlen: 24
81.85.165.0/24 maxlen: 24
81.85.166.0/24 maxlen: 24
81.85.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b6:27:3e:ba:f5:30:66:e9:2f:91:40:1e:53:dc:c8:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
Validity
Not Before: Mar 21 00:43:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac5e3c1928c203c9c0812edeecfff44f00d63072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:30:6e:e7:12:e5:f2:61:06:d1:b8:5c:af:19:
c8:58:4d:e4:bc:a7:68:19:64:1a:99:ec:7a:f2:06:
7c:53:f5:83:cb:d2:f7:60:84:9b:ef:59:6f:6e:e0:
2c:79:d7:e0:07:73:ab:7a:cd:dc:47:6d:5c:aa:4c:
cb:bb:3a:c4:c2:b0:cc:0d:1c:82:13:fc:a5:9a:36:
42:92:87:eb:cc:77:aa:29:4a:a5:69:98:d7:c8:1c:
70:04:45:52:a8:b0:cf:1d:2a:33:ab:87:41:6b:3d:
d4:6a:3a:d4:0b:8c:32:82:65:16:4e:ad:7c:5f:ad:
0b:32:60:21:34:a4:57:bf:83:25:13:25:48:d0:ef:
b8:ea:d8:db:5a:fa:7c:28:65:32:90:51:f3:f2:98:
a3:21:f3:42:8b:9a:16:c4:e0:26:f7:4e:37:8e:7a:
61:fe:de:1e:95:5d:a7:cd:c5:c1:10:e0:e0:08:45:
9f:43:ed:30:91:18:e5:e2:37:80:31:3d:f8:00:c8:
fe:e2:ef:ef:17:a1:8b:b1:87:b0:5a:6f:44:69:b3:
25:34:b0:f4:a4:e2:fc:c6:28:ca:01:d3:cb:d8:66:
98:cf:ca:1f:ee:4a:31:14:00:df:0a:90:c7:76:3b:
50:55:54:57:d1:e9:cc:56:81:73:6e:b7:33:84:4a:
e6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5E:3C:19:28:C2:03:C9:C0:81:2E:DE:EC:FF:F4:4F:00:D6:30:72
X509v3 Authority Key Identifier:
keyid:29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/rF48GSjCA8nAgS7e7P_0TwDWMHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.160.0-81.85.166.255
81.85.168.0/21
Signature Algorithm: sha256WithRSAEncryption
75:c4:c3:ea:c1:42:f6:af:ac:98:a2:02:83:e8:45:04:8b:17:
b3:85:02:fb:ed:db:d3:e9:49:44:4c:14:c0:cd:46:36:e1:20:
dd:99:9c:69:78:cc:ae:74:40:82:e9:90:b2:81:87:46:7b:54:
c2:68:47:ae:ea:fa:71:bb:26:64:51:82:ef:36:b4:8c:7f:71:
0b:29:dc:8e:f9:ed:2f:37:70:29:6b:71:c1:f6:cf:88:31:ed:
48:3e:6e:bd:df:c8:18:96:3e:55:04:98:66:b0:72:ba:6d:c4:
66:a5:25:b8:33:c0:bb:a1:30:be:05:f2:83:3b:2b:55:a8:5d:
63:ea:61:4a:ca:12:49:c4:3c:a1:de:90:6d:ef:83:70:99:e4:
24:e9:e4:13:ac:07:0c:5d:65:d1:54:83:10:e9:9b:1e:d3:d2:
6e:9f:49:46:3c:44:8d:45:89:9e:26:8b:b0:35:18:9f:57:d5:
f7:76:14:25:d3:56:13:6e:49:cd:45:08:79:b3:89:26:f6:cb:
ed:be:b4:2b:36:25:75:90:3f:34:55:b3:0b:16:44:96:f3:49:
cb:6e:46:d6:36:77:e9:5f:34:c9:52:1a:60:c7:a5:11:3a:86:
80:01:55:5d:81:d6:54:1f:09:96:97:9c:24:91:ac:00:9a:4f:
80:b8:38:d4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZW2Jz669TBm6S+RQB5T3MhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjZhMzAwYmY3ZDQwYjdmOGQ2MTgxYzViOGE3ZGJjNzFi
N2QxMjMwHhcNMjUwMzIxMDA0MzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzVlM2MxOTI4YzIwM2M5YzA4MTJlZGVlY2ZmZjQ0ZjAwZDYzMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTBu5xLl8mEG0bhcrxnIWE3kvKdo
GWQamex68gZ8U/WDy9L3YISb71lvbuAsedfgB3Ores3cR21cqkzLuzrEwrDMDRyC
E/ylmjZCkofrzHeqKUqlaZjXyBxwBEVSqLDPHSozq4dBaz3UajrUC4wygmUWTq18
X60LMmAhNKRXv4MlEyVI0O+46tjbWvp8KGUykFHz8pijIfNCi5oWxOAm9043jnph
/t4elV2nzcXBEODgCEWfQ+0wkRjl4jeAMT34AMj+4u/vF6GLsYewWm9EabMlNLD0
pOL8xijKAdPL2GaYz8of7koxFADfCpDHdjtQVVRX0enMVoFzbrczhErmSQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKxePBkowgPJwIEu3uz/9E8A1jByMB8GA1UdIwQY
MBaAFCn2owC/fUC3+NYYHFuKfbxxt9EjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTct
Yjg0YzQxM2RmYWE0LzEvckY0OEdTakNBOG5BZ1M3ZTdQXzBUd0RXTUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTctYjg0YzQxM2RmYWE0
LzEvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVRVaAD
BABRVaYDBANRVagwDQYJKoZIhvcNAQELBQADggEBAHXEw+rBQvavrJiiAoPoRQSL
F7OFAvvt29PpSURMFMDNRjbhIN2ZnGl4zK50QILpkLKBh0Z7VMJoR67q+nG7JmRR
gu82tIx/cQsp3I757S83cClrccH2z4gx7Ug+br3fyBiWPlUEmGawcrptxGalJbgz
wLuhML4F8oM7K1WoXWPqYUrKEknEPKHekG3vg3CZ5CTp5BOsBwxdZdFUgxDpmx7T
0m6fSUY8RI1FiZ4mi7A1GJ9X1fd2FCXTVhNuSc1FCHmziSb2y+2+tCs2JXWQPzRV
swsWRJbzSctuRtY2d+lfNMlSGmDHpRE6hoABVV2B1lQfCZaXnCSRrACaT4C4ONQ=
-----END CERTIFICATE-----
Generated at Tue Apr 15 15:04:03 2025 by rpki-client