Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fmMfImXYjm4-wqhQJIyD5VzgLJM.roa
File: fmMfImXYjm4-wqhQJIyD5VzgLJM.roa (raw, json)
Hash identifier: cxs1je2+z1HNOitSGcomeQ0lLzlVbT/Lrmqu5iGoGtg=
Subject key identifier: 7E:63:1F:22:65:D8:8E:6E:3E:C2:A8:50:24:8C:83:E5:5C:E0:2C:93
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01977D21D4FB422F193110B7F05C2756F935
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fmMfImXYjm4-wqhQJIyD5VzgLJM.roa
Signing time: Tue 17 Jun 2025 09:04:18 +0000
ROA not before: Tue 17 Jun 2025 09:04:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60777
IP address blocks: 93.170.0.0/24 maxlen: 24
93.170.25.0/24 maxlen: 24
95.46.108.0/24 maxlen: 24
95.47.136.0/24 maxlen: 24
2a02:128:4200::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:21:d4:fb:42:2f:19:31:10:b7:f0:5c:27:56:f9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jun 17 09:04:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e631f2265d88e6e3ec2a850248c83e55ce02c93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:51:e9:34:2e:24:26:5f:3d:7c:f3:3d:41:fa:
c4:8b:7c:4e:9e:ef:b2:bb:0e:cd:18:b3:29:04:7a:
7d:30:a6:5a:1b:4c:e8:67:7b:68:53:3e:6b:19:40:
f8:f0:ec:d0:27:91:d9:b6:ec:b5:07:11:b4:43:26:
f6:21:f8:4c:78:e5:77:21:a0:d2:f3:11:ce:3e:89:
83:56:bf:d3:67:f7:bc:cd:58:9d:68:67:87:63:48:
12:3e:e1:60:2e:03:5f:cc:44:9c:43:85:2a:5f:07:
cc:8e:90:49:79:37:1f:c2:46:06:e2:e5:fb:a4:91:
e7:32:07:4e:a6:b1:0d:af:bd:bc:52:a9:9a:6a:b3:
59:4f:71:7f:62:fe:1d:a2:57:c3:e8:84:93:9f:e6:
96:3e:c2:cf:83:a2:1e:05:21:c1:f4:ac:68:b0:79:
23:84:a0:60:ad:9e:1b:17:43:d2:e7:af:e1:d9:38:
cc:dc:e1:d4:18:d8:fb:58:4d:a5:7c:9d:de:56:be:
09:88:fb:a9:90:01:b8:af:67:b5:29:7f:d9:a0:0c:
fe:8b:1a:6a:17:0f:51:ba:88:b6:45:0e:5a:24:37:
55:ec:21:5c:8c:89:f4:51:19:17:a0:04:1d:7d:28:
76:83:2c:59:16:2b:a7:62:e1:ec:94:00:2e:4d:66:
d5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:63:1F:22:65:D8:8E:6E:3E:C2:A8:50:24:8C:83:E5:5C:E0:2C:93
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fmMfImXYjm4-wqhQJIyD5VzgLJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.0.0/24
93.170.25.0/24
95.46.108.0/24
95.47.136.0/24
IPv6:
2a02:128:4200::/44
Signature Algorithm: sha256WithRSAEncryption
78:00:5d:c1:74:d7:99:b2:b9:04:34:f9:c6:a4:55:bd:d5:99:
33:89:9c:15:e2:11:be:d9:ed:19:23:af:ff:23:fc:03:4c:8c:
4d:7e:f5:c7:f6:e6:05:87:0d:a0:0e:1b:24:c5:b3:52:1a:ae:
3a:5d:db:f7:1b:2a:79:fd:87:2c:5e:6a:f5:74:90:98:26:ef:
84:e8:aa:bf:75:6c:c7:61:f9:15:f9:a7:a0:cd:3f:4f:f2:2c:
6a:22:a9:da:a5:2a:4b:99:d2:f2:49:25:26:a9:56:5f:29:67:
d1:c3:e8:b5:62:47:a1:04:6a:a0:18:3a:b3:d1:fb:6e:22:a7:
3d:99:81:f1:64:d7:7d:5e:13:2e:0a:e6:74:e8:e9:2b:5a:69:
29:df:a0:2d:dc:86:f7:2e:d5:df:49:06:ef:e2:3b:4d:14:4c:
70:03:c4:d4:b9:e1:93:5c:ed:22:bf:ce:13:a0:b5:87:c2:c8:
1e:44:a5:90:29:86:1e:15:da:30:f1:e5:a9:75:81:dc:26:5b:
ee:37:21:5c:aa:5b:50:7c:dc:35:e0:fe:df:47:43:b1:ef:ab:
46:54:63:44:05:a3:ea:f4:a6:97:c2:93:6f:a7:a7:f0:0c:d6:
bc:c8:ec:b5:34:1a:9c:6b:45:e9:51:9c:c5:66:77:ee:d9:da:
a6:02:f2:53
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZd9IdT7Qi8ZMRC38FwnVvk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwNjE3MDkwNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTYzMWYyMjY1ZDg4ZTZlM2VjMmE4NTAyNDhjODNlNTVjZTAyYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VHpNC4kJl89fPM9QfrEi3xOnu+y
uw7NGLMpBHp9MKZaG0zoZ3toUz5rGUD48OzQJ5HZtuy1BxG0Qyb2IfhMeOV3IaDS
8xHOPomDVr/TZ/e8zVidaGeHY0gSPuFgLgNfzEScQ4UqXwfMjpBJeTcfwkYG4uX7
pJHnMgdOprENr728UqmaarNZT3F/Yv4dolfD6ISTn+aWPsLPg6IeBSHB9KxosHkj
hKBgrZ4bF0PS56/h2TjM3OHUGNj7WE2lfJ3eVr4JiPupkAG4r2e1KX/ZoAz+ixpq
Fw9Ruoi2RQ5aJDdV7CFcjIn0URkXoAQdfSh2gyxZFiunYuHslAAuTWbVpwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFH5jHyJl2I5uPsKoUCSMg+Vc4CyTMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZm1NZkltWFlqbTQtd3FoUUpJeUQ1VnpnTEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAXaoAAwQA
XaoZAwQAXy5sAwQAXy+IMA8EAgACMAkDBwQqAgEoQgAwDQYJKoZIhvcNAQELBQAD
ggEBAHgAXcF015myuQQ0+cakVb3VmTOJnBXiEb7Z7Rkjr/8j/ANMjE1+9cf25gWH
DaAOGyTFs1Iarjpd2/cbKnn9hyxeavV0kJgm74Toqr91bMdh+RX5p6DNP0/yLGoi
qdqlKkuZ0vJJJSapVl8pZ9HD6LViR6EEaqAYOrPR+24ipz2ZgfFk131eEy4K5nTo
6StaaSnfoC3chvcu1d9JBu/iO00UTHADxNS54ZNc7SK/zhOgtYfCyB5EpZAphh4V
2jDx5al1gdwmW+43IVyqW1B83DXg/t9HQ7Hvq0ZUY0QFo+r0ppfCk2+np/AM1rzI
7LU0GpxrRelRnMVmd+7Z2qYC8lM=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:38:15 2025 by rpki-client