Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/f6WgRA-dfWhfj5YVrPEYIxXyifQ.roa
File: f6WgRA-dfWhfj5YVrPEYIxXyifQ.roa (raw, json)
Hash identifier: Fnl22RAXWIO/1vIIthzrpd/2vf9fefu/bXk2nVmgwbA=
Subject key identifier: 7F:A5:A0:44:0F:9D:7D:68:5F:8F:96:15:AC:F1:18:23:15:F2:89:F4
Certificate issuer: /CN=9e441e9e705ada3f9c1e827cd276dbd097487608
Certificate serial: 018CC2DB10016B282EB24D576EFADDF6D251
Authority key identifier: 9E:44:1E:9E:70:5A:DA:3F:9C:1E:82:7C:D2:76:DB:D0:97:48:76:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkQennBa2j-cHoJ80nbb0JdIdgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/f6WgRA-dfWhfj5YVrPEYIxXyifQ.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43848
IP address blocks: 193.188.16.0/22 maxlen: 24
185.135.17.0/24 maxlen: 24
185.135.16.0/24 maxlen: 24
85.255.144.0/20 maxlen: 20
85.255.157.0/24 maxlen: 24
85.255.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/nkQennBa2j-cHoJ80nbb0JdIdgg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/nkQennBa2j-cHoJ80nbb0JdIdgg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkQennBa2j-cHoJ80nbb0JdIdgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:10:01:6b:28:2e:b2:4d:57:6e:fa:dd:f6:d2:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e441e9e705ada3f9c1e827cd276dbd097487608
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fa5a0440f9d7d685f8f9615acf1182315f289f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d8:f6:d3:10:4b:28:c1:09:cc:8e:d5:d0:04:
c2:94:ee:d0:03:b6:f5:2c:24:00:45:87:8f:54:a6:
2d:0f:f7:d0:24:73:71:e0:8b:dc:17:41:92:47:04:
17:66:6a:c3:aa:c3:43:53:da:94:47:ed:0f:b3:ed:
18:a9:4a:40:8a:39:a3:8c:f0:04:cb:68:61:be:12:
df:a7:c7:b3:5a:9a:46:a2:57:04:29:3e:5e:53:64:
40:4f:86:6f:ff:ac:96:83:bf:79:4a:60:18:0d:5d:
d6:36:a0:d5:ee:4c:e3:1d:ad:0b:a9:e5:df:75:85:
d1:98:4e:42:95:f4:c0:c0:1f:a6:61:3a:35:fe:53:
fa:b6:c2:27:2d:68:28:43:6c:26:27:dd:15:2f:8f:
c7:ec:2b:ae:af:7a:08:70:3b:94:c1:98:59:be:30:
d1:bf:9a:46:cc:07:e4:8c:c5:0e:4b:72:75:59:2b:
3d:bf:66:e0:b7:0b:5d:bf:74:3a:54:b2:f8:4a:8b:
01:6e:aa:87:a5:80:ab:74:dc:47:f0:ac:4c:83:38:
b9:b0:f1:bb:1a:1a:78:db:24:b1:93:7d:03:db:39:
94:e3:e3:03:42:e3:d2:86:38:40:bb:1a:0e:6a:ad:
98:06:5f:86:1b:cd:7b:cc:38:1b:ca:8b:3c:24:70:
a5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A5:A0:44:0F:9D:7D:68:5F:8F:96:15:AC:F1:18:23:15:F2:89:F4
X509v3 Authority Key Identifier:
keyid:9E:44:1E:9E:70:5A:DA:3F:9C:1E:82:7C:D2:76:DB:D0:97:48:76:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkQennBa2j-cHoJ80nbb0JdIdgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/f6WgRA-dfWhfj5YVrPEYIxXyifQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ce16f7-b868-4b4c-9d9b-932d16b08df0/1/nkQennBa2j-cHoJ80nbb0JdIdgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.144.0/20
185.135.16.0/23
193.188.16.0/22
Signature Algorithm: sha256WithRSAEncryption
39:f1:c2:b8:96:78:d9:da:6c:53:54:07:50:2a:46:54:f6:1f:
88:62:77:7a:21:63:b1:f9:77:aa:ad:44:4b:7a:e2:49:bc:26:
60:84:37:2b:d8:9c:4b:ac:bd:5d:eb:35:c7:9b:09:f9:41:e7:
6d:97:8c:31:39:1b:6d:ef:f8:76:2b:ab:81:45:a3:dc:c0:c0:
8c:41:76:70:0a:1b:ec:89:e6:5f:59:0b:0d:32:dc:f4:ee:19:
67:68:e7:f1:70:70:ca:11:84:73:c4:2e:2d:8f:f9:c6:6e:32:
d9:04:56:1e:f3:fa:cd:d9:df:2c:99:28:5c:1b:38:7f:db:88:
e2:f2:2f:6b:08:9f:20:e3:9e:00:41:40:ee:4f:be:44:00:78:
a3:02:6f:d4:b0:4c:00:44:d1:84:b8:6f:0a:1c:9f:ca:cc:91:
01:53:ca:eb:c2:b6:7c:5d:77:b3:13:56:65:d8:77:d7:5a:ac:
0f:03:63:b8:41:bd:fd:6d:11:26:86:aa:ed:43:2c:75:4a:37:
c5:f5:c9:84:a1:63:3f:af:b5:4f:bf:a4:a3:c0:2d:ec:86:f2:
05:a3:00:6a:a3:8a:21:f7:cc:9c:1c:03:4e:f2:c7:cf:eb:82:
ba:53:cc:66:80:f1:0b:66:1e:c9:03:3a:65:50:ca:0b:79:a3:
47:92:1f:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2xABaygusk1Xbvrd9tJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDQxZTllNzA1YWRhM2Y5YzFlODI3Y2QyNzZkYmQwOTc0
ODc2MDgwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmE1YTA0NDBmOWQ3ZDY4NWY4Zjk2MTVhY2YxMTgyMzE1ZjI4OWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNj20xBLKMEJzI7V0ATClO7QA7b1
LCQARYePVKYtD/fQJHNx4IvcF0GSRwQXZmrDqsNDU9qUR+0Ps+0YqUpAijmjjPAE
y2hhvhLfp8ezWppGolcEKT5eU2RAT4Zv/6yWg795SmAYDV3WNqDV7kzjHa0LqeXf
dYXRmE5ClfTAwB+mYTo1/lP6tsInLWgoQ2wmJ90VL4/H7Cuur3oIcDuUwZhZvjDR
v5pGzAfkjMUOS3J1WSs9v2bgtwtdv3Q6VLL4SosBbqqHpYCrdNxH8KxMgzi5sPG7
Ghp42ySxk30D2zmU4+MDQuPShjhAuxoOaq2YBl+GG817zDgbyos8JHClawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH+loEQPnX1oX4+WFazxGCMV8on0MB8GA1UdIwQY
MBaAFJ5EHp5wWto/nB6CfNJ229CXSHYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtRZW5uQmEyai1jSG9KODBuYmIwSmRJZGdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9jZTE2ZjctYjg2OC00YjRjLTlkOWIt
OTMyZDE2YjA4ZGYwLzEvZjZXZ1JBLWRmV2hmajVZVnJQRVlJeFh5aWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9jZTE2ZjctYjg2OC00YjRjLTlkOWItOTMyZDE2YjA4ZGYw
LzEvbmtRZW5uQmEyai1jSG9KODBuYmIwSmRJZGdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEVf+QAwQB
uYcQAwQCwbwQMA0GCSqGSIb3DQEBCwUAA4IBAQA58cK4lnjZ2mxTVAdQKkZU9h+I
Ynd6IWOx+XeqrURLeuJJvCZghDcr2JxLrL1d6zXHmwn5Qedtl4wxORtt7/h2K6uB
RaPcwMCMQXZwChvsieZfWQsNMtz07hlnaOfxcHDKEYRzxC4tj/nGbjLZBFYe8/rN
2d8smShcGzh/24ji8i9rCJ8g454AQUDuT75EAHijAm/UsEwARNGEuG8KHJ/KzJEB
U8rrwrZ8XXezE1Zl2HfXWqwPA2O4Qb39bREmhqrtQyx1SjfF9cmEoWM/r7VPv6Sj
wC3shvIFowBqo4oh98ycHANO8sfP64K6U8xmgPELZh7JAzplUMoLeaNHkh82
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:03:34 2024 by rpki-client on console-fra.rpki-client.org