Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fvmqVqjA8PJjMnGUvWMbVtSCka8.roa
File: fvmqVqjA8PJjMnGUvWMbVtSCka8.roa (raw, json)
Hash identifier: mlucdc6wI+gEJI0AY8SIDb1uohCW+qCtXBcA8Htg7PU=
Subject key identifier: 7E:F9:AA:56:A8:C0:F0:F2:63:32:71:94:BD:63:1B:56:D4:82:91:AF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0196CA21BD6D650CB52404DCBABCB4C931A0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fvmqVqjA8PJjMnGUvWMbVtSCka8.roa
Signing time: Tue 13 May 2025 14:52:10 +0000
ROA not before: Tue 13 May 2025 14:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197537
IP address blocks: 89.213.206.0/23 maxlen: 24
109.176.203.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 17 May 2025 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ca:21:bd:6d:65:0c:b5:24:04:dc:ba:bc:b4:c9:31:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 13 14:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ef9aa56a8c0f0f263327194bd631b56d48291af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f3:03:3c:87:63:7f:41:08:6e:32:1d:4e:5b:
55:91:23:f6:60:ca:c0:ca:28:0e:4d:08:d4:18:aa:
0a:24:81:9f:85:0b:51:3b:51:33:df:0e:b7:a5:87:
04:23:54:d9:02:3e:e9:80:6b:b8:7f:0a:70:58:4a:
5c:98:22:f3:a2:f6:36:63:ba:a3:48:45:b2:e8:2e:
e6:f7:c5:63:d3:bd:03:e3:14:c3:76:ab:5f:fc:57:
08:7c:06:cc:97:1c:f8:ef:a6:95:ae:8c:a0:d1:b5:
05:c7:2c:5b:71:ee:df:23:2d:47:07:d8:87:d9:35:
07:22:cf:0d:2a:a3:e6:69:4e:db:26:67:d6:9f:52:
a3:c0:91:c5:c0:ef:5e:8b:76:0f:40:91:49:e7:56:
73:72:22:16:ef:dc:cd:c6:6b:00:af:0e:04:2f:c3:
3e:53:93:94:1b:7a:11:ba:ce:50:58:6b:64:59:f6:
2a:28:44:69:06:27:66:5a:1a:45:a0:23:a6:6b:a1:
cd:2d:7a:c0:db:ff:41:b7:ad:53:2a:8a:cf:2f:c5:
7e:ff:90:f9:b7:c3:35:a8:b5:fa:1b:ee:30:a6:a3:
88:14:b3:b3:82:75:2e:a4:33:f6:8e:18:a5:82:06:
f1:fe:83:5b:3b:2d:e8:a3:02:71:c2:96:6f:fc:35:
7f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F9:AA:56:A8:C0:F0:F2:63:32:71:94:BD:63:1B:56:D4:82:91:AF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fvmqVqjA8PJjMnGUvWMbVtSCka8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.206.0/23
109.176.203.0/24
213.218.215.0/24
213.218.247.0/24
Signature Algorithm: sha256WithRSAEncryption
58:4c:2c:e5:39:ec:38:ba:72:b1:87:20:07:94:03:53:62:73:
14:f7:cb:b3:a1:34:59:3c:42:0b:c3:c0:6b:b0:a6:c4:1d:85:
9e:73:e7:4d:f2:4f:d4:cb:9e:23:6b:3f:c2:6a:6a:b1:ca:cb:
df:38:26:d7:a0:97:3d:78:20:f8:e2:e4:29:ce:8d:db:66:17:
14:3b:33:5c:83:a9:74:99:82:5e:4a:cc:da:22:68:3b:88:1f:
91:d9:ff:40:76:56:b5:c2:69:df:bc:02:59:de:50:a4:62:25:
2d:ac:2d:0f:a8:d0:c9:d5:3a:46:94:79:b0:c8:be:e4:8c:43:
e9:e1:e6:3c:6d:b4:1d:51:23:d2:d0:a4:f3:ba:a0:6f:43:e0:
c2:2a:75:5f:51:7a:9b:61:99:16:55:52:88:94:09:1d:ee:fe:
d4:9c:b6:ae:e5:4b:22:97:15:38:fa:f0:10:b4:9f:c6:74:11:
67:71:db:f3:f7:fb:48:de:32:2b:f6:37:68:6e:14:2c:cf:cd:
21:c8:ca:a4:48:da:8a:87:9c:05:c7:ae:7c:af:42:b3:05:c5:
39:da:5e:47:b5:25:1b:45:0c:66:c1:fc:63:3e:60:d4:dc:c8:
d1:ea:5f:ef:fb:5e:36:08:69:04:28:c8:0a:b5:f4:42:92:0e:
c4:e2:a8:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbKIb1tZQy1JATcury0yTGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTEzMTQ1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWY5YWE1NmE4YzBmMGYyNjMzMjcxOTRiZDYzMWI1NmQ0ODI5MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPMDPIdjf0EIbjIdTltVkSP2YMrA
yigOTQjUGKoKJIGfhQtRO1Ez3w63pYcEI1TZAj7pgGu4fwpwWEpcmCLzovY2Y7qj
SEWy6C7m98Vj070D4xTDdqtf/FcIfAbMlxz476aVroyg0bUFxyxbce7fIy1HB9iH
2TUHIs8NKqPmaU7bJmfWn1KjwJHFwO9ei3YPQJFJ51ZzciIW79zNxmsArw4EL8M+
U5OUG3oRus5QWGtkWfYqKERpBidmWhpFoCOma6HNLXrA2/9Bt61TKorPL8V+/5D5
t8M1qLX6G+4wpqOIFLOzgnUupDP2jhilggbx/oNbOy3oowJxwpZv/DV/7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH75qlaowPDyYzJxlL1jG1bUgpGvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZnZtcVZxakE4UEpqTW5HVXZXTWJWdFNDa2E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWdXOAwQA
bbDLAwQA1drXAwQA1dr3MA0GCSqGSIb3DQEBCwUAA4IBAQBYTCzlOew4unKxhyAH
lANTYnMU98uzoTRZPEILw8BrsKbEHYWec+dN8k/Uy54jaz/CamqxysvfOCbXoJc9
eCD44uQpzo3bZhcUOzNcg6l0mYJeSszaImg7iB+R2f9Adla1wmnfvAJZ3lCkYiUt
rC0PqNDJ1TpGlHmwyL7kjEPp4eY8bbQdUSPS0KTzuqBvQ+DCKnVfUXqbYZkWVVKI
lAkd7v7UnLau5UsilxU4+vAQtJ/GdBFncdvz9/tI3jIr9jdobhQsz80hyMqkSNqK
h5wFx658r0KzBcU52l5HtSUbRQxmwfxjPmDU3MjR6l/v+142CGkEKMgKtfRCkg7E
4qjr
-----END CERTIFICATE-----
Generated at Sat May 17 02:17:16 2025 by rpki-client