Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/fsmjJGHVGMdtbxt5zTmroIJ61d8.roa
File: fsmjJGHVGMdtbxt5zTmroIJ61d8.roa (raw, json)
Hash identifier: ekmZpLPLY3VD8IwMlJiRaCQQJFiTrijdYs2CPHyN2+k=
Subject key identifier: 7E:C9:A3:24:61:D5:18:C7:6D:6F:1B:79:CD:39:AB:A0:82:7A:D5:DF
Certificate issuer: /CN=dab1c03088ebfe553812b31547c03c90a25d8771
Certificate serial: 01966B14D8D177A5902ECEB6A39D781E4A3D
Authority key identifier: DA:B1:C0:30:88:EB:FE:55:38:12:B3:15:47:C0:3C:90:A2:5D:87:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/fsmjJGHVGMdtbxt5zTmroIJ61d8.roa
Signing time: Fri 25 Apr 2025 03:54:10 +0000
ROA not before: Fri 25 Apr 2025 03:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58130
IP address blocks: 176.116.96.0/20 maxlen: 20
176.116.96.0/24 maxlen: 24
176.116.97.0/24 maxlen: 24
176.116.99.0/24 maxlen: 24
176.116.101.0/24 maxlen: 24
176.116.104.0/24 maxlen: 24
176.116.105.0/24 maxlen: 24
176.116.106.0/24 maxlen: 24
176.116.107.0/24 maxlen: 24
176.116.108.0/24 maxlen: 24
176.116.111.0/24 maxlen: 24
176.116.112.0/22 maxlen: 22
185.165.140.0/23 maxlen: 23
185.165.142.0/23 maxlen: 23
2001:67c:1050::/48 maxlen: 48
2a0a:1a00::/29 maxlen: 29
2a0a:1a00::/30 maxlen: 30
2a0a:1a00:f000:9000::/56 maxlen: 56
2a0a:1a04::/30 maxlen: 30
2a0a:1a06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 15:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:14:d8:d1:77:a5:90:2e:ce:b6:a3:9d:78:1e:4a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dab1c03088ebfe553812b31547c03c90a25d8771
Validity
Not Before: Apr 25 03:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ec9a32461d518c76d6f1b79cd39aba0827ad5df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:59:b4:fb:8d:86:8e:03:16:6b:3d:b7:15:99:
8f:43:3b:92:c6:72:f1:bc:db:58:28:d3:36:9d:af:
44:f0:28:15:1b:26:89:e9:e3:fb:80:51:8e:d2:19:
e2:d5:82:15:19:63:d1:a1:99:6c:75:a6:ca:7c:a7:
5e:a7:3e:ed:85:38:2d:04:0a:0e:a2:49:fe:10:08:
8c:b9:0b:f7:0d:2b:29:d5:53:41:d6:7e:57:e4:12:
c4:e6:89:36:74:91:69:2b:ed:6d:99:9d:0d:0f:f9:
0c:aa:03:76:f5:ce:a5:c5:d3:54:cb:17:76:bb:97:
12:40:3e:45:4f:9f:e8:61:ef:ba:2c:d2:33:b3:64:
39:88:be:36:e8:c7:43:75:bb:a6:3c:bd:0e:69:d6:
50:3a:15:d9:40:92:0f:24:05:97:dc:03:c8:e1:fb:
80:bc:a7:4e:93:af:23:d9:d4:18:3f:d6:f8:45:ad:
7d:9d:23:c9:cd:ed:5f:0e:58:e9:76:d4:0f:98:19:
0b:df:85:4a:e6:13:ff:1c:20:65:0c:08:3a:8b:27:
7f:97:e6:cd:2c:4d:17:9f:d4:7d:d9:6f:40:65:63:
d6:5e:4b:9a:fc:b2:7d:c7:b4:a9:51:db:9e:52:cc:
f6:e8:c0:14:44:b9:61:37:6b:84:a1:be:85:56:4d:
fb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C9:A3:24:61:D5:18:C7:6D:6F:1B:79:CD:39:AB:A0:82:7A:D5:DF
X509v3 Authority Key Identifier:
keyid:DA:B1:C0:30:88:EB:FE:55:38:12:B3:15:47:C0:3C:90:A2:5D:87:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/fsmjJGHVGMdtbxt5zTmroIJ61d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.96.0-176.116.115.255
185.165.140.0/22
IPv6:
2001:67c:1050::/48
2a0a:1a00::/29
Signature Algorithm: sha256WithRSAEncryption
d5:f7:84:68:e8:f3:a5:76:68:7d:c5:21:48:b9:96:4f:3e:c0:
be:81:e5:0b:f8:85:82:17:44:f2:9e:0d:10:3b:ba:ab:35:81:
7e:e0:2d:bf:b9:10:92:9c:84:49:62:5d:5e:d6:a7:27:92:ce:
f9:49:53:49:2e:cb:6e:f5:93:12:0d:b5:fd:c9:f6:1d:13:eb:
a0:dd:ae:03:5a:83:2a:cd:a2:30:86:81:d8:f8:e4:6c:ce:15:
74:01:cc:a9:85:b2:c9:53:1d:dd:bf:ca:e1:26:e7:2c:c3:5b:
f0:0b:27:8d:21:cc:e8:68:17:48:a8:0a:7d:54:72:98:aa:98:
a7:f6:a5:62:e1:c2:d0:dd:a5:b5:eb:c4:ef:d4:93:25:9d:a2:
3a:cb:b2:bc:91:ca:c5:44:f7:55:f6:c2:a1:d2:48:c8:42:d2:
b3:75:e2:c0:9b:dd:0d:38:63:70:1d:5c:40:78:3f:c3:f2:d9:
d0:52:aa:31:1c:99:3d:77:c1:16:6d:1e:a4:eb:88:9f:67:53:
ff:5e:09:67:e9:37:5d:43:fa:c8:ef:88:74:87:9c:91:5c:c0:
2b:94:36:d4:f5:0c:da:33:1f:e1:c4:05:20:03:09:c8:9d:68:
8a:d1:3e:93:9e:17:c1:a8:98:c2:46:1d:df:8e:d4:e0:11:0b:
33:1d:c8:76
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZZrFNjRd6WQLs62o514Hko9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYjFjMDMwODhlYmZlNTUzODEyYjMxNTQ3YzAzYzkwYTI1
ZDg3NzEwHhcNMjUwNDI1MDM1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWM5YTMyNDYxZDUxOGM3NmQ2ZjFiNzljZDM5YWJhMDgyN2FkNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fm0+42GjgMWaz23FZmPQzuSxnLx
vNtYKNM2na9E8CgVGyaJ6eP7gFGO0hni1YIVGWPRoZlsdabKfKdepz7thTgtBAoO
okn+EAiMuQv3DSsp1VNB1n5X5BLE5ok2dJFpK+1tmZ0ND/kMqgN29c6lxdNUyxd2
u5cSQD5FT5/oYe+6LNIzs2Q5iL426MdDdbumPL0OadZQOhXZQJIPJAWX3API4fuA
vKdOk68j2dQYP9b4Ra19nSPJze1fDljpdtQPmBkL34VK5hP/HCBlDAg6iyd/l+bN
LE0Xn9R92W9AZWPWXkua/LJ9x7SpUdueUsz26MAURLlhN2uEob6FVk378wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFH7JoyRh1RjHbW8bec05q6CCetXfMB8GA1UdIwQY
MBaAFNqxwDCI6/5VOBKzFUfAPJCiXYdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnJIQU1JanJfbFU0RXJNVlI4QThrS0pkaDNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zNmMyYWEtMmUyNC00NGZiLTllMGEt
YjcyMzk4MDcwODIzLzEvZnNtakpHSFZHTWR0Ynh0NXpUbXJvSUo2MWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zNmMyYWEtMmUyNC00NGZiLTllMGEtYjcyMzk4MDcwODIz
LzEvMnJIQU1JanJfbFU0RXJNVlI4QThrS0pkaDNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBAWwdGAD
BAKwdHADBAK5pYwwFgQCAAIwEAMHACABBnwQUAMFAyoKGgAwDQYJKoZIhvcNAQEL
BQADggEBANX3hGjo86V2aH3FIUi5lk8+wL6B5Qv4hYIXRPKeDRA7uqs1gX7gLb+5
EJKchEliXV7WpyeSzvlJU0kuy271kxINtf3J9h0T66DdrgNagyrNojCGgdj45GzO
FXQBzKmFsslTHd2/yuEm5yzDW/ALJ40hzOhoF0ioCn1UcpiqmKf2pWLhwtDdpbXr
xO/UkyWdojrLsryRysVE91X2wqHSSMhC0rN14sCb3Q04Y3AdXEB4P8Py2dBSqjEc
mT13wRZtHqTriJ9nU/9eCWfpN11D+sjviHSHnJFcwCuUNtT1DNozH+HEBSADCcid
aIrRPpOeF8GomMJGHd+O1OARCzMdyHY=
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:06:22 2025 by rpki-client