Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/fMHyifof2fmDqqux8uEC3vtqbIc.roa
File: fMHyifof2fmDqqux8uEC3vtqbIc.roa (raw, json)
Hash identifier: rmIDbftbKw5+ovY5evcTpKxJpbUy0tyMt+Ud6XvLusA=
Subject key identifier: 7C:C1:F2:89:FA:1F:D9:F9:83:AA:AB:B1:F2:E1:02:DE:FB:6A:6C:87
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 01910061F2A877EC6B1E0B11809C3C6DEBA8
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/fMHyifof2fmDqqux8uEC3vtqbIc.roa
Signing time: Mon 29 Jul 2024 21:25:04 +0000
ROA not before: Mon 29 Jul 2024 21:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35163
IP address blocks: 193.17.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:00:61:f2:a8:77:ec:6b:1e:0b:11:80:9c:3c:6d:eb:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Jul 29 21:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cc1f289fa1fd9f983aaabb1f2e102defb6a6c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e8:6f:50:e7:e6:33:f8:c1:0e:d6:e7:74:97:
8a:a7:fd:c5:4b:4c:e6:c6:12:bf:a4:e1:ce:ff:d3:
1e:27:b6:79:34:41:de:0b:2a:a4:d0:4c:a5:37:06:
25:69:76:2f:b5:31:14:44:0a:4c:4f:5d:32:58:c6:
13:30:c4:cf:6a:3e:93:d1:03:77:3b:16:74:da:ed:
7d:9c:8f:dd:97:b8:21:d6:02:f5:7f:cf:bc:ed:12:
fb:d0:28:52:3b:59:aa:51:1a:b6:57:be:b3:cd:89:
71:35:44:cb:fe:97:9f:f8:41:c4:10:44:75:16:e7:
3a:1d:04:74:cc:82:a2:66:c1:4c:57:fa:95:cf:06:
dd:e2:ef:18:97:b2:71:01:b6:95:72:a7:86:b4:0b:
87:17:6f:ee:31:2e:0b:9f:f5:f8:ec:43:d8:8d:1a:
6e:3c:b4:9b:b7:3a:e7:b3:48:56:d5:32:cb:94:c7:
24:05:1a:a1:41:a9:2d:a8:8b:80:a7:c8:79:6c:c8:
ce:c2:41:b2:f1:44:80:b0:b9:84:30:95:7a:ff:22:
12:a2:86:c8:47:63:88:ff:cf:ea:37:97:05:08:54:
90:cc:e0:e4:02:58:5f:aa:97:f1:4c:e8:bc:c4:6c:
a1:b0:8f:2d:04:59:29:b1:53:0f:ec:89:1b:c6:8f:
b3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C1:F2:89:FA:1F:D9:F9:83:AA:AB:B1:F2:E1:02:DE:FB:6A:6C:87
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/fMHyifof2fmDqqux8uEC3vtqbIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.96.0/21
Signature Algorithm: sha256WithRSAEncryption
b3:90:fe:e4:e0:b0:b1:76:96:33:48:1a:f0:9a:d1:42:bd:f8:
80:78:17:f3:25:b6:ae:81:1c:58:5e:42:b6:87:3a:ec:bb:79:
7c:38:72:8c:9b:4c:c1:ae:c6:c0:8d:e2:2e:4d:78:bc:1e:e3:
c0:89:1a:7b:d4:0a:f2:17:7a:88:13:6b:f9:df:81:fe:44:fc:
87:ed:c3:d6:35:4d:74:bd:5d:0c:30:59:38:7a:b9:25:af:a2:
a5:83:cd:d1:6b:fb:1f:97:4d:61:e8:83:54:0e:81:4d:4e:da:
51:05:79:10:2d:86:02:15:09:ab:3d:5f:78:38:bb:c2:7b:e5:
fb:a9:28:ac:6d:d9:f8:d1:a8:66:2a:f3:24:fe:76:53:05:f2:
5b:cb:ce:7f:ef:2e:ff:25:25:e4:10:d5:ac:6d:95:c6:88:5d:
63:e1:eb:d1:7e:24:a2:3b:c1:d6:3d:56:37:e2:eb:50:cb:3b:
f4:3b:17:fb:f3:a5:0b:11:40:d7:49:67:1f:ad:7e:43:bd:75:
c0:6e:3d:ba:57:00:56:3c:64:b6:9b:11:0e:2e:01:7d:5e:89:
c9:2e:8f:98:52:8f:be:be:da:1d:11:4c:3a:e7:8d:7a:8c:e4:
f5:af:f9:f2:7e:33:f5:d4:bf:74:05:26:16:d8:20:67:fc:a2:
25:8b:e5:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEAYfKod+xrHgsRgJw8beuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjQwNzI5MjEyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2MxZjI4OWZhMWZkOWY5ODNhYWFiYjFmMmUxMDJkZWZiNmE2Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuhvUOfmM/jBDtbndJeKp/3FS0zm
xhK/pOHO/9MeJ7Z5NEHeCyqk0EylNwYlaXYvtTEURApMT10yWMYTMMTPaj6T0QN3
OxZ02u19nI/dl7gh1gL1f8+87RL70ChSO1mqURq2V76zzYlxNUTL/pef+EHEEER1
Fuc6HQR0zIKiZsFMV/qVzwbd4u8Yl7JxAbaVcqeGtAuHF2/uMS4Ln/X47EPYjRpu
PLSbtzrns0hW1TLLlMckBRqhQaktqIuAp8h5bMjOwkGy8USAsLmEMJV6/yISoobI
R2OI/8/qN5cFCFSQzODkAlhfqpfxTOi8xGyhsI8tBFkpsVMP7Ikbxo+zWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzB8on6H9n5g6qrsfLhAt77amyHMB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEvZk1IeWlmb2YyZm1EcXF1eDh1RUMzdnRxYkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwRFgMA0G
CSqGSIb3DQEBCwUAA4IBAQCzkP7k4LCxdpYzSBrwmtFCvfiAeBfzJbaugRxYXkK2
hzrsu3l8OHKMm0zBrsbAjeIuTXi8HuPAiRp71AryF3qIE2v534H+RPyH7cPWNU10
vV0MMFk4erklr6Klg83Ra/sfl01h6INUDoFNTtpRBXkQLYYCFQmrPV94OLvCe+X7
qSisbdn40ahmKvMk/nZTBfJby85/7y7/JSXkENWsbZXGiF1j4evRfiSiO8HWPVY3
4utQyzv0Oxf786ULEUDXSWcfrX5DvXXAbj26VwBWPGS2mxEOLgF9XonJLo+YUo++
vtodEUw65416jOT1r/nyfjP11L90BSYW2CBn/KIli+Xs
-----END CERTIFICATE-----
Generated at Sat Sep 28 09:31:01 2024 by rpki-client on console-fra.rpki-client.org