Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/pGkPGugsRjaKRH2jCS5hC3CWGZo.roa
File: pGkPGugsRjaKRH2jCS5hC3CWGZo.roa (raw, json)
Hash identifier: TuzwqO3pd5bUA1YD/Jfcf1NKyy6GJZ+AAVTV0eR8qvM=
Subject key identifier: A4:69:0F:1A:E8:2C:46:36:8A:44:7D:A3:09:2E:61:0B:70:96:19:9A
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018DFF53095AE39EA64060AD593A15DB562F
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/pGkPGugsRjaKRH2jCS5hC3CWGZo.roa
Signing time: Sat 02 Mar 2024 13:20:48 +0000
ROA not before: Sat 02 Mar 2024 13:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.21.0.0/24 maxlen: 24
81.21.12.0/24 maxlen: 24
176.57.48.0/24 maxlen: 24
176.57.54.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.57.0/24 maxlen: 24
176.57.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ff:53:09:5a:e3:9e:a6:40:60:ad:59:3a:15:db:56:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 2 13:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4690f1ae82c46368a447da3092e610b7096199a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:91:b7:0a:d2:ee:49:b4:ad:94:b9:d3:22:fc:
8b:90:c2:58:ce:f3:f6:41:2d:1b:91:6b:49:50:36:
90:fb:e8:8c:7b:26:57:73:50:f1:7e:6a:b5:36:d9:
7e:c2:e9:f1:91:4e:bc:1a:e0:93:a8:2c:90:71:5e:
a9:a4:89:e3:50:ea:01:29:f5:15:51:d0:b9:e2:4f:
4d:42:78:a5:88:78:29:d5:c2:45:0f:7c:2d:15:39:
c5:41:86:0f:9c:4b:ff:7e:1c:29:b5:ea:ca:f6:44:
5b:74:09:e5:18:aa:bd:96:47:f9:e1:de:3a:f2:6e:
8d:d1:98:e8:88:a2:69:5d:13:4b:49:c4:9c:bc:a5:
72:3c:d0:07:08:38:71:84:23:6b:49:a1:71:82:bb:
6b:3b:67:a5:b0:93:64:cb:e3:14:5e:78:00:0a:41:
42:b4:26:84:19:5a:0c:56:65:a1:e2:de:22:cb:4c:
3e:bb:06:19:8f:d0:f7:96:ea:b9:ae:28:b8:89:f6:
d8:27:5a:da:7f:56:f3:91:03:52:43:09:df:29:53:
5d:ae:a0:a8:03:c9:de:93:a3:f0:f7:a4:eb:e9:4a:
c2:94:04:21:55:b9:85:57:d3:9e:57:4a:75:5d:33:
a1:7c:91:55:39:50:4b:77:c4:b3:ec:0a:bb:78:7e:
23:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:69:0F:1A:E8:2C:46:36:8A:44:7D:A3:09:2E:61:0B:70:96:19:9A
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/pGkPGugsRjaKRH2jCS5hC3CWGZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.0.0/24
81.21.12.0/24
176.57.48.0/24
176.57.54.0/24
176.57.56.0/23
176.57.60.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:59:db:0f:2e:e3:10:5a:c4:0a:e2:2e:50:2e:75:0d:a4:c6:
a1:ff:b1:63:e3:21:fe:e0:cd:ae:ad:94:d3:2c:7b:1f:d9:2c:
11:9a:b3:20:75:96:eb:73:26:1b:ef:4d:a7:81:60:79:f6:59:
96:e0:b6:65:da:f2:9f:1f:cb:27:bb:2f:b5:5d:8d:2b:c6:97:
c7:26:66:21:f0:db:af:48:2f:48:25:69:d8:57:d6:1b:76:6d:
5f:4a:c5:4f:85:9a:17:ef:ec:ea:eb:55:c5:9e:f3:ac:5c:a2:
06:04:5d:af:73:33:6b:15:38:69:89:dd:c6:e3:40:1a:be:68:
9f:c0:1c:1f:86:18:35:ad:e0:4c:f8:86:75:92:12:9c:5a:91:
bd:ba:d6:99:ce:89:91:6a:14:b2:db:a8:3f:c6:9a:84:ee:a6:
ce:4b:e7:a7:39:29:ec:b4:5e:85:51:a0:d9:0a:a9:80:5f:ff:
4a:b0:28:f0:d4:0e:fb:9a:4b:59:f0:dc:ba:1d:da:b6:de:65:
c8:67:b4:ed:ba:d1:07:66:c1:ea:67:b0:e5:39:d1:34:9b:f3:
cf:18:04:04:98:89:1c:30:95:8c:28:d3:01:3f:73:c4:47:93:
60:5d:49:3e:87:ed:e2:52:f0:45:c4:04:da:2c:d2:50:c8:df:
93:08:e6:d3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3/Uwla456mQGCtWToV21YvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMzAyMTMyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDY5MGYxYWU4MmM0NjM2OGE0NDdkYTMwOTJlNjEwYjcwOTYxOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pG3CtLuSbStlLnTIvyLkMJYzvP2
QS0bkWtJUDaQ++iMeyZXc1Dxfmq1Ntl+wunxkU68GuCTqCyQcV6ppInjUOoBKfUV
UdC54k9NQniliHgp1cJFD3wtFTnFQYYPnEv/fhwpterK9kRbdAnlGKq9lkf54d46
8m6N0ZjoiKJpXRNLScScvKVyPNAHCDhxhCNrSaFxgrtrO2elsJNky+MUXngACkFC
tCaEGVoMVmWh4t4iy0w+uwYZj9D3luq5rii4ifbYJ1raf1bzkQNSQwnfKVNdrqCo
A8nek6Pw96Tr6UrClAQhVbmFV9OeV0p1XTOhfJFVOVBLd8Sz7Aq7eH4jkQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKRpDxroLEY2ikR9owkuYQtwlhmaMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvcEdrUEd1Z3NSamFLUkgyakNTNWhDM0NXR1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAURUAAwQA
URUMAwQAsDkwAwQAsDk2AwQBsDk4AwQAsDk8MA0GCSqGSIb3DQEBCwUAA4IBAQCe
WdsPLuMQWsQK4i5QLnUNpMah/7Fj4yH+4M2urZTTLHsf2SwRmrMgdZbrcyYb702n
gWB59lmW4LZl2vKfH8snuy+1XY0rxpfHJmYh8NuvSC9IJWnYV9Ybdm1fSsVPhZoX
7+zq61XFnvOsXKIGBF2vczNrFThpid3G40AavmifwBwfhhg1reBM+IZ1khKcWpG9
utaZzomRahSy26g/xpqE7qbOS+enOSnstF6FUaDZCqmAX/9KsCjw1A77mktZ8Ny6
Hdq23mXIZ7TtutEHZsHqZ7DlOdE0m/PPGAQEmIkcMJWMKNMBP3PER5NgXUk+h+3i
UvBFxATaLNJQyN+TCObT
-----END CERTIFICATE-----
Generated at Sat May 4 09:02:51 2024 by rpki-client on console-fra.rpki-client.org