Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FMUBcn_tYsULTS2sMb5wNU1QRaI.roa
File: FMUBcn_tYsULTS2sMb5wNU1QRaI.roa (raw, json)
Hash identifier: +ExyRcIKe1om3400Wl0UXVpypdss6+Qf0xpMJ7SI3BQ=
Subject key identifier: 14:C5:01:72:7F:ED:62:C5:0B:4D:2D:AC:31:BE:70:35:4D:50:45:A2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EEAAD8E91B77FD7A70FEFD52DECA4E1DA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FMUBcn_tYsULTS2sMb5wNU1QRaI.roa
Signing time: Wed 17 Apr 2024 06:10:26 +0000
ROA not before: Wed 17 Apr 2024 06:10:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216156
IP address blocks: 81.161.239.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.84.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
94.156.102.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ea:ad:8e:91:b7:7f:d7:a7:0f:ef:d5:2d:ec:a4:e1:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 17 06:10:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14c501727fed62c50b4d2dac31be70354d5045a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7a:55:e7:5a:3a:c4:ce:71:d3:78:13:7e:c8:
76:6f:64:6b:59:bb:49:3b:23:d9:2b:5b:02:e8:3d:
26:c4:56:bc:4b:4e:11:cd:4b:67:6b:bc:51:53:9c:
c6:01:95:f5:10:06:bf:33:0d:6d:3c:4a:cc:5b:e2:
ed:d2:ae:de:d3:6f:d0:7e:81:6a:81:78:f8:33:a0:
9a:85:bf:8b:11:f6:8d:b6:9f:06:9a:07:0c:36:97:
61:be:e7:0f:1a:fd:53:24:96:e1:de:5a:bc:bc:94:
14:77:7d:c9:67:91:ff:e4:ca:f7:5c:b7:cd:0c:45:
e6:8a:91:2b:7e:47:61:87:0f:e3:9f:c0:92:c5:cd:
d4:5f:01:26:35:be:94:b8:f7:94:fd:b6:df:0b:62:
37:c7:ae:31:16:69:e8:2e:07:d6:92:3b:3d:1a:43:
4c:cd:d0:ab:d6:92:ea:d2:b2:05:dc:0d:1b:0f:8b:
bc:30:63:43:25:68:a9:b4:33:6f:69:08:e8:7f:97:
e8:eb:33:bf:77:5e:37:95:62:67:ab:29:8d:8e:6e:
1c:37:12:57:d2:3f:74:48:ab:54:12:5a:5d:7b:6c:
96:98:08:97:57:20:2c:d5:fd:ea:84:25:62:01:8f:
e5:e9:bd:24:37:d6:20:54:d7:c8:c7:0f:d2:1d:b8:
2c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C5:01:72:7F:ED:62:C5:0B:4D:2D:AC:31:BE:70:35:4D:50:45:A2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FMUBcn_tYsULTS2sMb5wNU1QRaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.239.0/24
83.219.97.0/24
87.121.84.0/23
92.249.50.0/24
94.156.102.0/24
141.98.6.0/24
178.215.237.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:2a:37:fe:ee:8d:f0:d0:e5:7c:82:e6:20:ef:87:09:fb:1f:
c5:68:62:94:15:43:d1:4e:f2:2c:fb:9a:cd:dc:8a:12:45:96:
03:ce:d3:e3:86:40:ad:dd:c7:6a:c7:e1:f3:79:ce:dc:d3:72:
e8:06:80:ab:26:d3:17:fb:61:e6:a5:6b:3d:77:bd:92:bf:22:
b8:5a:52:7b:74:df:db:85:b3:1d:25:c0:49:e2:82:b8:42:d8:
34:35:77:ce:1c:56:bb:45:38:96:93:70:65:cd:9b:81:e2:6e:
ff:8a:b9:ca:5d:b2:51:db:d4:a1:17:f2:18:f0:60:29:2a:3a:
1f:01:2e:d1:5a:d9:94:50:f3:26:9a:b4:dd:5c:76:c2:a3:25:
4f:75:d5:5a:9c:91:bb:0b:79:0d:48:2c:c6:bd:cf:91:41:68:
c4:bc:a5:c6:43:d9:7a:35:a0:ca:2c:49:fd:ca:7e:8f:68:b8:
eb:7e:20:41:ed:12:c6:7b:a2:22:cf:89:ac:9b:17:91:eb:29:
63:d2:ff:f3:7b:7b:fd:83:4a:b1:cf:49:b3:f1:21:f5:c2:c2:
42:08:8c:3b:2f:32:6f:2d:11:f4:b3:a0:75:20:bb:7e:04:cf:
5c:db:38:dd:19:41:a1:e8:d2:c8:0b:cb:3c:90:11:74:73:70:
13:45:5a:60
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY7qrY6Rt3/Xpw/v1S3spOHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDE3MDYxMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGM1MDE3MjdmZWQ2MmM1MGI0ZDJkYWMzMWJlNzAzNTRkNTA0NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3pV51o6xM5x03gTfsh2b2RrWbtJ
OyPZK1sC6D0mxFa8S04RzUtna7xRU5zGAZX1EAa/Mw1tPErMW+Lt0q7e02/QfoFq
gXj4M6Cahb+LEfaNtp8GmgcMNpdhvucPGv1TJJbh3lq8vJQUd33JZ5H/5Mr3XLfN
DEXmipErfkdhhw/jn8CSxc3UXwEmNb6UuPeU/bbfC2I3x64xFmnoLgfWkjs9GkNM
zdCr1pLq0rIF3A0bD4u8MGNDJWiptDNvaQjof5fo6zO/d143lWJnqymNjm4cNxJX
0j90SKtUElpde2yWmAiXVyAs1f3qhCViAY/l6b0kN9YgVNfIxw/SHbgsHQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBTFAXJ/7WLFC00trDG+cDVNUEWiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRk1VQmNuX3RZc1VMVFMyc01iNXdOVTFRUmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUaHvAwQA
U9thAwQBV3lUAwQAXPkyAwQAXpxmAwQAjWIGAwQAstftMA0GCSqGSIb3DQEBCwUA
A4IBAQCmKjf+7o3w0OV8guYg74cJ+x/FaGKUFUPRTvIs+5rN3IoSRZYDztPjhkCt
3cdqx+Hzec7c03LoBoCrJtMX+2HmpWs9d72SvyK4WlJ7dN/bhbMdJcBJ4oK4Qtg0
NXfOHFa7RTiWk3BlzZuB4m7/irnKXbJR29ShF/IY8GApKjofAS7RWtmUUPMmmrTd
XHbCoyVPddVanJG7C3kNSCzGvc+RQWjEvKXGQ9l6NaDKLEn9yn6PaLjrfiBB7RLG
e6Iiz4msmxeR6ylj0v/ze3v9g0qxz0mz8SH1wsJCCIw7LzJvLRH0s6B1ILt+BM9c
2zjdGUGh6NLIC8s8kBF0c3ATRVpg
-----END CERTIFICATE-----
Generated at Mon May 20 04:30:46 2024 by rpki-client on console-fra.rpki-client.org