Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/fjLR9knaqv39w2j5cBXJvQceWSo.roa
File: fjLR9knaqv39w2j5cBXJvQceWSo.roa (raw, json)
Hash identifier: j7n1g4yCunf69w1Id6cnRYhr9q2GoIEID8f2rhJtq7I=
Subject key identifier: 7E:32:D1:F6:49:DA:AA:FD:FD:C3:68:F9:70:15:C9:BD:07:1E:59:2A
Certificate issuer: /CN=9e34b186271ccb89c5e58b30e70bd74109cc284a
Certificate serial: 018FEF34D3BEE38C65C013B954FBD2059345
Authority key identifier: 9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/fjLR9knaqv39w2j5cBXJvQceWSo.roa
Signing time: Thu 06 Jun 2024 20:19:27 +0000
ROA not before: Thu 06 Jun 2024 20:19:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206406
IP address blocks: 185.72.216.0/24 maxlen: 24
185.72.217.0/24 maxlen: 24
185.72.218.0/24 maxlen: 24
185.72.219.0/24 maxlen: 24
185.187.92.0/24 maxlen: 24
185.187.93.0/24 maxlen: 24
185.187.94.0/24 maxlen: 24
185.187.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/njSxhiccy4nF5Ysw5wvXQQnMKEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/njSxhiccy4nF5Ysw5wvXQQnMKEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 02:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ef:34:d3:be:e3:8c:65:c0:13:b9:54:fb:d2:05:93:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e34b186271ccb89c5e58b30e70bd74109cc284a
Validity
Not Before: Jun 6 20:19:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e32d1f649daaafdfdc368f97015c9bd071e592a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:15:b3:fd:94:c2:11:1e:cd:59:86:9b:56:34:
8a:a9:b4:ff:8c:5e:ed:61:37:65:04:83:5e:28:3a:
5d:4b:a0:16:06:e0:ce:9f:16:c3:a1:28:ed:84:ca:
fc:1a:2d:24:9c:94:65:98:40:32:95:f2:47:13:5a:
84:18:56:fb:a2:b7:92:8f:ee:8a:18:42:e6:dd:50:
1d:c3:68:10:92:63:96:01:ad:56:01:b2:58:97:47:
9f:3f:3d:0f:60:53:c5:57:6a:5c:28:61:a3:90:09:
ff:f7:54:67:6f:68:af:52:58:77:d7:36:c7:b6:12:
d8:f6:21:ef:c4:a5:62:89:bb:1e:9b:9a:da:9a:3a:
ba:ec:03:66:d5:c9:fc:eb:33:87:a1:d7:11:d2:e8:
ad:01:b0:b9:3c:5d:d4:5d:b0:38:22:3d:9d:7f:ff:
e7:0a:92:b2:17:aa:a0:9c:dc:31:67:79:ef:95:62:
9f:98:e1:42:36:8b:6c:14:2f:0d:cb:00:eb:a3:65:
92:c6:97:55:cb:24:59:91:af:a3:b0:a3:1e:e6:20:
02:44:de:cf:19:bc:99:b5:62:b5:40:0a:2e:67:b2:
c4:da:2f:27:f7:2e:04:eb:a2:5e:ef:2c:57:19:d2:
c9:9e:76:65:e5:b3:22:ed:35:24:50:b5:b9:02:fa:
cc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:32:D1:F6:49:DA:AA:FD:FD:C3:68:F9:70:15:C9:BD:07:1E:59:2A
X509v3 Authority Key Identifier:
keyid:9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/fjLR9knaqv39w2j5cBXJvQceWSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/njSxhiccy4nF5Ysw5wvXQQnMKEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.216.0/22
185.187.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:99:64:d9:8c:35:a2:9f:8e:33:22:bb:78:7c:bd:38:fa:42:
74:23:a8:4a:7a:8d:72:5b:be:b5:c8:19:4f:12:16:34:2b:1a:
e6:e0:cf:a0:23:15:09:51:a7:1c:ce:2d:fc:dd:4b:36:59:41:
12:4a:7c:93:d5:7b:c2:7d:2a:07:c2:ee:11:52:6a:67:17:72:
ff:bb:d4:18:60:6e:96:1f:69:71:ee:f0:81:ce:56:5f:78:8e:
b4:e7:ed:29:8a:01:17:20:40:c3:9f:3e:23:51:ea:33:3c:1c:
df:37:e9:19:9f:50:3a:5f:e4:31:95:d2:ed:b8:62:20:0f:e6:
1b:bb:f7:01:e3:62:ec:35:43:5a:09:d5:c1:92:53:77:d9:16:
8a:eb:0e:c2:4e:67:3c:22:6d:f9:3a:f1:ac:34:6e:e4:eb:0d:
67:2a:38:89:66:0d:40:15:eb:da:53:57:47:85:58:72:20:a6:
a6:46:2a:8c:47:45:b0:88:ac:15:45:e8:99:46:0a:4c:dd:9a:
4a:8b:5c:17:f3:fb:ee:27:78:cc:6d:eb:3b:1a:32:4d:86:07:
66:f6:dc:78:cc:03:43:0b:b1:65:b9:85:a6:b8:a4:41:2a:a0:
ee:7f:43:ff:85:b8:4a:86:8f:bc:40:0d:c8:4e:df:47:c7:85:
b4:b5:4d:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/vNNO+44xlwBO5VPvSBZNFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzRiMTg2MjcxY2NiODljNWU1OGIzMGU3MGJkNzQxMDlj
YzI4NGEwHhcNMjQwNjA2MjAxOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTMyZDFmNjQ5ZGFhYWZkZmRjMzY4Zjk3MDE1YzliZDA3MWU1OTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxWz/ZTCER7NWYabVjSKqbT/jF7t
YTdlBINeKDpdS6AWBuDOnxbDoSjthMr8Gi0knJRlmEAylfJHE1qEGFb7oreSj+6K
GELm3VAdw2gQkmOWAa1WAbJYl0efPz0PYFPFV2pcKGGjkAn/91Rnb2ivUlh31zbH
thLY9iHvxKViibsem5ramjq67ANm1cn86zOHodcR0uitAbC5PF3UXbA4Ij2df//n
CpKyF6qgnNwxZ3nvlWKfmOFCNotsFC8NywDro2WSxpdVyyRZka+jsKMe5iACRN7P
GbyZtWK1QAouZ7LE2i8n9y4E66Je7yxXGdLJnnZl5bMi7TUkULW5AvrM2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH4y0fZJ2qr9/cNo+XAVyb0HHlkqMB8GA1UdIwQY
MBaAFJ40sYYnHMuJxeWLMOcL10EJzChKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTkt
ZGQ1ZmZkNTMxNTcxLzEvZmpMUjlrbmFxdjM5dzJqNWNCWEp2UWNlV1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTktZGQ1ZmZkNTMxNTcx
LzEvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUjYAwQC
ubtcMA0GCSqGSIb3DQEBCwUAA4IBAQBfmWTZjDWin44zIrt4fL04+kJ0I6hKeo1y
W761yBlPEhY0Kxrm4M+gIxUJUacczi383Us2WUESSnyT1XvCfSoHwu4RUmpnF3L/
u9QYYG6WH2lx7vCBzlZfeI605+0pigEXIEDDnz4jUeozPBzfN+kZn1A6X+QxldLt
uGIgD+Ybu/cB42LsNUNaCdXBklN32RaK6w7CTmc8Im35OvGsNG7k6w1nKjiJZg1A
FevaU1dHhVhyIKamRiqMR0WwiKwVReiZRgpM3ZpKi1wX8/vuJ3jMbes7GjJNhgdm
9tx4zANDC7FluYWmuKRBKqDuf0P/hbhKho+8QA3ITt9Hx4W0tU3p
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:44:27 2024 by rpki-client on console-fra.rpki-client.org