Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FP2WYNpGy0DKqdiOFHbq1WWL84A.roa
File: FP2WYNpGy0DKqdiOFHbq1WWL84A.roa (raw, json)
Hash identifier: YE4vA4YM9IF1rdqDiS/OE7g30EZcVR6z9fjqSJWoVSU=
Subject key identifier: 14:FD:96:60:DA:46:CB:40:CA:A9:D8:8E:14:76:EA:D5:65:8B:F3:80
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F1A857F08FC8B4418E0E0E66A3B3AA214
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FP2WYNpGy0DKqdiOFHbq1WWL84A.roa
Signing time: Fri 26 Apr 2024 13:08:27 +0000
ROA not before: Fri 26 Apr 2024 13:08:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50580
IP address blocks: 2.58.95.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1a:85:7f:08:fc:8b:44:18:e0:e0:e6:6a:3b:3a:a2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 26 13:08:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14fd9660da46cb40caa9d88e1476ead5658bf380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:73:67:5a:3d:da:a6:68:8a:da:c5:b0:3a:32:
21:15:b8:b8:a7:44:cf:ee:3f:e2:12:3f:68:52:2c:
99:d2:3e:48:31:d5:8a:e2:03:53:5d:42:b6:80:47:
be:1c:73:54:44:1a:62:16:d0:f0:e0:cb:5d:6c:7c:
ab:45:fe:04:60:0d:09:0c:20:55:5e:d1:e7:ec:bd:
a8:8f:da:12:8b:b1:4c:c5:a6:db:d1:01:ef:e7:e2:
31:3d:33:a3:d0:d6:47:f6:d6:1d:29:3c:40:88:d1:
f5:82:a5:66:b8:a2:11:d5:b1:f6:fe:9e:f4:8b:83:
52:26:5a:0f:fa:8a:c9:32:92:0a:7d:0d:16:d1:ab:
19:d8:1f:40:62:69:7c:04:36:23:3b:f5:8f:04:40:
70:4a:e9:69:f8:5d:33:9f:dd:f4:10:55:18:8f:4c:
54:2b:7d:1e:a5:c5:16:a6:c3:45:e5:7a:08:3d:b3:
29:05:75:2d:01:02:de:ed:75:73:5e:14:31:0d:7e:
b9:22:ad:93:13:a1:d6:36:68:fb:9d:d3:eb:8a:b3:
d1:df:61:5f:df:87:94:83:64:90:37:86:37:b9:eb:
2c:05:fd:60:7d:cd:87:0d:98:94:4b:f0:60:e7:66:
0c:8a:9f:a7:7b:80:9d:84:18:81:85:85:3e:37:15:
f2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:FD:96:60:DA:46:CB:40:CA:A9:D8:8E:14:76:EA:D5:65:8B:F3:80
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FP2WYNpGy0DKqdiOFHbq1WWL84A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.128.96.0/24
194.55.186.0/24
Signature Algorithm: sha256WithRSAEncryption
13:7d:ab:f4:c6:19:7d:45:4d:35:fd:25:3a:4d:5d:38:39:f0:
51:95:4a:5a:a1:ef:45:68:92:34:46:85:08:a5:30:e9:82:db:
4a:83:3b:d5:2a:02:46:ff:f7:6d:ad:13:71:76:d0:29:1b:3e:
b7:67:98:bc:64:2e:45:39:b9:1e:b9:98:75:71:52:b5:18:3d:
0d:0a:b3:5d:82:9e:65:49:29:93:e8:a7:03:e3:89:0f:1b:ee:
56:9a:17:cf:3f:9c:ca:63:75:31:d3:ed:05:b7:20:3f:24:90:
03:e5:b4:d2:67:d3:de:c2:22:95:a7:3f:8c:08:5d:f1:53:f9:
17:2e:3b:50:df:19:59:b6:03:a9:92:8e:4a:e5:d1:81:6e:9a:
f0:83:84:9d:46:97:57:a9:3e:5e:ed:1f:c0:0b:ce:d1:4f:65:
f2:19:16:9c:5a:09:ce:d5:77:5c:e2:b8:f1:86:1c:30:c6:a1:
d8:8b:46:18:1b:31:ed:17:1f:9a:7a:fc:fd:d5:70:3a:d6:43:
1a:cd:de:89:02:8e:2b:42:00:4f:28:cf:1e:03:25:52:2c:ae:
4f:de:9f:e0:9b:b5:d5:56:84:de:a2:e1:af:6b:4c:b6:0b:62:
d2:64:07:47:96:79:0b:56:75:3c:b1:34:94:19:9a:de:41:ea:
bd:ec:0a:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8ahX8I/ItEGODg5mo7OqIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDI2MTMwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGZkOTY2MGRhNDZjYjQwY2FhOWQ4OGUxNDc2ZWFkNTY1OGJmMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3NnWj3apmiK2sWwOjIhFbi4p0TP
7j/iEj9oUiyZ0j5IMdWK4gNTXUK2gEe+HHNURBpiFtDw4MtdbHyrRf4EYA0JDCBV
XtHn7L2oj9oSi7FMxabb0QHv5+IxPTOj0NZH9tYdKTxAiNH1gqVmuKIR1bH2/p70
i4NSJloP+orJMpIKfQ0W0asZ2B9AYml8BDYjO/WPBEBwSulp+F0zn930EFUYj0xU
K30epcUWpsNF5XoIPbMpBXUtAQLe7XVzXhQxDX65Iq2TE6HWNmj7ndPrirPR32Ff
34eUg2SQN4Y3uessBf1gfc2HDZiUS/Bg52YMip+ne4CdhBiBhYU+NxXyDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBT9lmDaRstAyqnYjhR26tVli/OAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRlAyV1lOcEd5MERLcWRpT0ZIYnExV1dMODRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjpfAwQA
LYBgAwQAwje6MA0GCSqGSIb3DQEBCwUAA4IBAQATfav0xhl9RU01/SU6TV04OfBR
lUpaoe9FaJI0RoUIpTDpgttKgzvVKgJG//dtrRNxdtApGz63Z5i8ZC5FObkeuZh1
cVK1GD0NCrNdgp5lSSmT6KcD44kPG+5WmhfPP5zKY3Ux0+0FtyA/JJAD5bTSZ9Pe
wiKVpz+MCF3xU/kXLjtQ3xlZtgOpko5K5dGBbprwg4SdRpdXqT5e7R/AC87RT2Xy
GRacWgnO1Xdc4rjxhhwwxqHYi0YYGzHtFx+aevz91XA61kMazd6JAo4rQgBPKM8e
AyVSLK5P3p/gm7XVVoTeouGva0y2C2LSZAdHlnkLVnU8sTSUGZreQeq97AqZ
-----END CERTIFICATE-----
Generated at Mon May 20 04:30:46 2024 by rpki-client on console-fra.rpki-client.org