Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/fpgWctlYfhtD2b7JhJTvSCLJrDs.roa
File: fpgWctlYfhtD2b7JhJTvSCLJrDs.roa (raw, json)
Hash identifier: UKi88JiqiGZ0MEK9MPejZczXJ9M9BqXZg22tRSLdK14=
Subject key identifier: 7E:98:16:72:D9:58:7E:1B:43:D9:BE:C9:84:94:EF:48:22:C9:AC:3B
Certificate issuer: /CN=894928a39627cd5ee5f975bd897c2d775ab29940
Certificate serial: 019666A6EBEBAAE175A5D22C8840B8963DDC
Authority key identifier: 89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/fpgWctlYfhtD2b7JhJTvSCLJrDs.roa
Signing time: Thu 24 Apr 2025 07:15:37 +0000
ROA not before: Thu 24 Apr 2025 07:15:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9183
IP address blocks: 139.15.0.0/16 maxlen: 24
185.112.176.0/22 maxlen: 24
192.48.31.0/24 maxlen: 24
193.108.217.0/24 maxlen: 24
193.141.57.0/24 maxlen: 24
194.39.218.0/23 maxlen: 24
2a03:cc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 04:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:a6:eb:eb:aa:e1:75:a5:d2:2c:88:40:b8:96:3d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=894928a39627cd5ee5f975bd897c2d775ab29940
Validity
Not Before: Apr 24 07:15:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e981672d9587e1b43d9bec98494ef4822c9ac3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:da:0c:f3:b9:46:0c:4f:05:ca:7b:e9:17:94:
ca:95:23:d4:b7:da:6f:73:b2:cc:fb:8e:fe:83:a6:
95:37:55:14:b9:50:f1:6a:59:71:33:c9:ad:59:60:
e2:49:1f:42:ca:10:b9:f2:f3:7d:d5:b2:80:17:c8:
43:78:4d:fd:a3:87:46:61:a8:50:5d:88:50:e3:1a:
cd:7f:fd:17:3c:9a:e9:a9:53:89:2f:67:e5:79:b0:
c4:14:2f:32:d9:81:5f:d7:38:70:4c:79:de:42:10:
ac:61:9f:54:b2:8d:ca:a9:d8:a4:13:b0:f2:b9:85:
0a:28:7f:a7:9f:5d:73:79:15:be:71:fa:ff:f9:c4:
b9:df:d7:0d:56:a7:35:a6:c4:20:d1:17:d1:0f:87:
f9:a7:cb:da:37:df:6b:34:32:8d:17:bf:c6:cb:c9:
17:d7:1b:f7:36:4d:d6:50:04:cd:c1:ed:b9:1f:60:
6e:ab:9f:9d:25:e8:56:bb:df:dd:e9:16:30:7c:ab:
5b:5e:ed:bf:82:fd:3e:1f:11:4e:bc:e7:2f:14:ab:
da:93:62:c9:cb:f3:ee:87:a6:4f:bb:d1:98:b4:b5:
89:7a:15:84:2a:95:ce:d3:4f:71:d6:3b:21:f5:b3:
24:36:b2:b9:64:1a:cc:7e:b9:04:b8:3e:2e:96:61:
54:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:98:16:72:D9:58:7E:1B:43:D9:BE:C9:84:94:EF:48:22:C9:AC:3B
X509v3 Authority Key Identifier:
keyid:89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/fpgWctlYfhtD2b7JhJTvSCLJrDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.15.0.0/16
185.112.176.0/22
192.48.31.0/24
193.108.217.0/24
193.141.57.0/24
194.39.218.0/23
IPv6:
2a03:cc00::/32
Signature Algorithm: sha256WithRSAEncryption
75:6d:4c:98:0a:36:47:f8:19:7c:22:1e:b8:77:5d:c9:a1:8c:
0d:39:1a:e9:06:60:15:44:a3:ce:2a:fc:c1:e2:6b:fd:15:6f:
24:19:02:f4:97:f1:f2:64:0a:25:e2:f9:72:7c:41:cf:f4:b4:
8c:c9:83:5a:e6:99:7f:0a:99:b0:c5:19:0f:b8:08:9e:61:e3:
ee:27:6e:61:88:32:8c:f1:c2:e7:4f:9b:1b:1e:36:0e:34:7d:
9d:bd:65:c7:da:64:93:67:45:67:13:a8:de:12:9d:f4:b0:38:
bf:9c:48:ba:d9:1d:59:ff:be:60:26:2b:b1:6b:ba:b5:4e:bb:
a1:40:14:70:88:ce:aa:09:19:2b:6e:2a:96:d6:1a:ac:e9:6e:
f2:54:1e:53:59:5c:30:f1:1d:c3:12:71:5b:2f:d5:48:fe:0c:
53:3c:14:6d:b8:11:9c:7c:0d:30:66:1f:bd:3f:73:83:53:fa:
b1:d1:38:d3:9b:d7:69:e2:71:a5:2e:3e:48:41:51:00:e2:e6:
6a:4d:37:40:89:bf:6a:dd:18:c0:19:17:c2:4d:1a:7b:da:54:
19:61:ec:54:f2:23:4b:d4:45:b3:0c:4e:89:68:3b:34:08:51:
cf:51:57:ab:44:61:15:8e:26:86:3c:5e:1c:15:32:11:e7:1a:
70:51:31:fb
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZZmpuvrquF1pdIsiEC4lj3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NDkyOGEzOTYyN2NkNWVlNWY5NzViZDg5N2MyZDc3NWFi
Mjk5NDAwHhcNMjUwNDI0MDcxNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTk4MTY3MmQ5NTg3ZTFiNDNkOWJlYzk4NDk0ZWY0ODIyYzlhYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudoM87lGDE8FynvpF5TKlSPUt9pv
c7LM+47+g6aVN1UUuVDxallxM8mtWWDiSR9CyhC58vN91bKAF8hDeE39o4dGYahQ
XYhQ4xrNf/0XPJrpqVOJL2flebDEFC8y2YFf1zhwTHneQhCsYZ9Uso3KqdikE7Dy
uYUKKH+nn11zeRW+cfr/+cS539cNVqc1psQg0RfRD4f5p8vaN99rNDKNF7/Gy8kX
1xv3Nk3WUATNwe25H2Buq5+dJehWu9/d6RYwfKtbXu2/gv0+HxFOvOcvFKvak2LJ
y/Puh6ZPu9GYtLWJehWEKpXO009x1jsh9bMkNrK5ZBrMfrkEuD4ulmFUOwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFH6YFnLZWH4bQ9m+yYSU70giyaw7MB8GA1UdIwQY
MBaAFIlJKKOWJ81e5fl1vYl8LXdasplAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEt
MTU5M2Q0MDQ1Y2JjLzEvZnBnV2N0bFlmaHREMmI3SmhKVHZTQ0xKckRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEtMTU5M2Q0MDQ1Y2Jj
LzEvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwMAiw8DBAK5
cLADBADAMB8DBADBbNkDBADBjTkDBAHCJ9owDQQCAAIwBwMFACoDzAAwDQYJKoZI
hvcNAQELBQADggEBAHVtTJgKNkf4GXwiHrh3XcmhjA05GukGYBVEo84q/MHia/0V
byQZAvSX8fJkCiXi+XJ8Qc/0tIzJg1rmmX8KmbDFGQ+4CJ5h4+4nbmGIMozxwudP
mxseNg40fZ29ZcfaZJNnRWcTqN4SnfSwOL+cSLrZHVn/vmAmK7FrurVOu6FAFHCI
zqoJGStuKpbWGqzpbvJUHlNZXDDxHcMScVsv1Uj+DFM8FG24EZx8DTBmH70/c4NT
+rHRONOb12nicaUuPkhBUQDi5mpNN0CJv2rdGMAZF8JNGnvaVBlh7FTyI0vURbMM
ToloOzQIUc9RV6tEYRWOJoY8XhwVMhHnGnBRMfs=
-----END CERTIFICATE-----
Generated at Thu May 8 13:10:46 2025 by rpki-client