Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Fc0eVXc9kcE1SdjkofDgY2HiUl8.roa
File: Fc0eVXc9kcE1SdjkofDgY2HiUl8.roa (raw, json)
Hash identifier: BLNxYZl1vmWaIMpwrxM97+fi8vLiwBB7UMgf362A3Zo=
Subject key identifier: 15:CD:1E:55:77:3D:91:C1:35:49:D8:E4:A1:F0:E0:63:61:E2:52:5F
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012C7618F5AB00F3DA5360FA620AF2
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Fc0eVXc9kcE1SdjkofDgY2HiUl8.roa
Signing time: Tue 02 Jan 2024 02:29:29 +0000
ROA not before: Tue 02 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48798
IP address blocks: 85.254.172.0/24 maxlen: 24
80.81.60.0/24 maxlen: 24
85.254.183.0/24 maxlen: 24
85.254.182.0/24 maxlen: 24
185.176.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2c:76:18:f5:ab:00:f3:da:53:60:fa:62:0a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15cd1e55773d91c13549d8e4a1f0e06361e2525f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:88:01:31:3d:ff:a2:1f:82:8e:5b:4b:7a:a3:
4b:da:66:2d:ad:92:d5:68:81:86:12:be:bf:58:e4:
76:81:af:a3:81:32:8d:48:c2:b1:ee:96:ec:7d:1e:
1b:73:31:98:70:cf:de:c5:ac:c8:df:d5:d5:84:35:
34:64:0a:bf:ec:83:a4:be:95:56:8b:2e:fa:f0:ba:
d1:2f:a7:ef:e4:e1:c8:65:21:63:f6:b6:87:ef:37:
7d:10:d4:64:3b:9b:9a:48:ec:5e:d9:fc:12:22:d7:
d8:7e:af:63:66:eb:71:66:c4:c7:eb:6f:8f:e9:58:
09:d4:5f:fa:28:db:96:3e:e7:24:a3:18:a7:4b:df:
9d:20:dc:40:63:6c:a8:8c:bc:7a:67:eb:a2:52:76:
cd:2b:ba:91:8d:3b:f2:56:66:1b:e3:2d:25:ca:91:
89:1e:97:5b:2c:69:98:cd:34:d4:83:66:15:c2:9b:
38:51:40:d2:c4:4d:29:04:d0:6c:6c:68:dc:24:a0:
87:37:da:7e:a7:4f:bb:fc:2a:cb:b2:23:d2:45:3f:
9a:ce:5a:ad:0d:2a:42:9c:9f:e4:db:55:4e:ec:32:
49:82:1c:e1:f3:ed:b1:42:51:0d:cd:b9:82:b6:85:
63:07:f3:c5:16:d4:67:8b:c3:8c:12:b4:b2:31:d6:
da:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:CD:1E:55:77:3D:91:C1:35:49:D8:E4:A1:F0:E0:63:61:E2:52:5F
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Fc0eVXc9kcE1SdjkofDgY2HiUl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.60.0/24
85.254.172.0/24
85.254.182.0/23
185.176.117.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:bb:42:d5:98:60:ee:fe:b2:b6:90:b4:b4:fb:d4:af:aa:be:
ad:8b:bc:7c:c3:06:83:8e:d3:a2:41:24:79:5c:41:d0:2f:3f:
4a:44:78:76:31:1e:e5:db:d0:2e:19:30:8d:df:23:b8:be:4d:
ed:08:4e:54:f4:47:a5:31:7f:49:a9:fb:a9:0e:99:87:4a:c3:
60:4a:35:17:03:d0:04:d3:e1:06:e7:0f:df:ec:3b:ba:73:8c:
95:74:88:d2:65:71:ac:a1:c4:3f:ff:45:c4:6f:a9:ae:ce:02:
0c:ec:fc:94:b9:56:c0:08:c2:71:e2:09:67:17:4a:9f:b3:46:
cc:aa:c9:9e:a6:0b:07:00:2d:ce:50:d4:ba:6b:b4:e8:77:9b:
b9:6e:eb:36:c3:16:72:a1:ea:93:96:a1:ed:90:f0:00:8e:2e:
ae:80:8f:dc:ac:7b:cc:a9:97:e0:1a:c6:b1:ed:d9:f6:da:1a:
89:82:1c:08:2f:96:b0:99:bb:95:1c:c9:5a:36:ca:b6:6d:e9:
7a:f5:91:0e:45:0c:b8:6f:a7:80:4f:0c:97:87:3c:b2:f7:1d:
ec:32:d0:2e:ff:a4:62:c5:26:6d:6b:64:77:7c:23:42:b7:42:
b2:e4:a4:0b:18:0a:f2:29:c7:23:ce:38:6b:84:3e:1f:53:99:
06:3a:fb:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIASx2GPWrAPPaU2D6YgryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWNkMWU1NTc3M2Q5MWMxMzU0OWQ4ZTRhMWYwZTA2MzYxZTI1MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4gBMT3/oh+CjltLeqNL2mYtrZLV
aIGGEr6/WOR2ga+jgTKNSMKx7pbsfR4bczGYcM/exazI39XVhDU0ZAq/7IOkvpVW
iy768LrRL6fv5OHIZSFj9raH7zd9ENRkO5uaSOxe2fwSItfYfq9jZutxZsTH62+P
6VgJ1F/6KNuWPuckoxinS9+dINxAY2yojLx6Z+uiUnbNK7qRjTvyVmYb4y0lypGJ
HpdbLGmYzTTUg2YVwps4UUDSxE0pBNBsbGjcJKCHN9p+p0+7/CrLsiPSRT+azlqt
DSpCnJ/k21VO7DJJghzh8+2xQlENzbmCtoVjB/PFFtRni8OMErSyMdbaHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBXNHlV3PZHBNUnY5KHw4GNh4lJfMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvRmMwZVZYYzlrY0UxU2Rqa29mRGdZMkhpVWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUFE8AwQA
Vf6sAwQBVf62AwQAubB1MA0GCSqGSIb3DQEBCwUAA4IBAQAvu0LVmGDu/rK2kLS0
+9Svqr6ti7x8wwaDjtOiQSR5XEHQLz9KRHh2MR7l29AuGTCN3yO4vk3tCE5U9Eel
MX9JqfupDpmHSsNgSjUXA9AE0+EG5w/f7Du6c4yVdIjSZXGsocQ//0XEb6muzgIM
7PyUuVbACMJx4glnF0qfs0bMqsmepgsHAC3OUNS6a7Tod5u5bus2wxZyoeqTlqHt
kPAAji6ugI/crHvMqZfgGsax7dn22hqJghwIL5awmbuVHMlaNsq2bel69ZEORQy4
b6eATwyXhzyy9x3sMtAu/6RixSZta2R3fCNCt0Ky5KQLGAryKccjzjhrhD4fU5kG
OvtM
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:23:21 2024 by rpki-client on console-fra.rpki-client.org