Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/fMfSy_tqJcA5tykDBxP5tQAH35Y.roa
File: fMfSy_tqJcA5tykDBxP5tQAH35Y.roa (raw, json)
Hash identifier: 7sw/prIA2ujnPUSL2QgJgF6DKRwZkDkszc5SJIIkfOk=
Subject key identifier: 7C:C7:D2:CB:FB:6A:25:C0:39:B7:29:03:07:13:F9:B5:00:07:DF:96
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 0191E5CF88E180901AD283B0B943B555C121
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/fMfSy_tqJcA5tykDBxP5tQAH35Y.roa
Signing time: Thu 12 Sep 2024 10:37:48 +0000
ROA not before: Thu 12 Sep 2024 10:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47694
IP address blocks: 81.163.138.0/24 maxlen: 24
91.211.16.0/22 maxlen: 24
91.211.19.0/24 maxlen: 24
176.124.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:cf:88:e1:80:90:1a:d2:83:b0:b9:43:b5:55:c1:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Sep 12 10:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cc7d2cbfb6a25c039b729030713f9b50007df96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f4:21:73:47:21:7c:18:6b:aa:22:69:fe:40:
c4:f6:e8:ed:65:f1:46:5f:77:5f:dc:91:fb:8b:8e:
31:c7:84:94:e8:5a:34:af:3d:79:14:a5:a1:0c:c3:
9a:0d:dc:8f:df:ea:fa:98:75:be:c9:a7:9b:0d:b2:
d8:8b:89:df:18:1e:fe:7b:b3:8a:2c:62:ea:63:b4:
4d:2c:18:a7:17:4c:b8:50:d0:f1:a3:0b:90:50:5b:
a5:b7:bf:86:06:ff:af:6d:78:7d:08:ae:68:aa:76:
47:41:aa:9a:4e:7a:03:53:2a:c1:be:00:e4:26:90:
4f:5a:2a:8b:81:3e:3f:bc:9d:92:02:b0:81:f4:93:
cc:13:3b:1e:66:7a:05:3a:ac:69:06:18:67:6a:dc:
44:b8:e3:53:9e:0e:e8:eb:2d:97:7c:e6:b1:33:97:
0d:02:66:38:5d:6a:a2:8d:c4:a5:6e:55:51:79:3a:
3e:57:b4:43:dd:e9:65:44:c6:33:4a:63:41:14:a2:
a2:44:0b:42:16:50:8d:0b:51:67:72:7b:33:52:3c:
03:04:4c:20:47:b0:cc:3e:75:86:d5:52:1b:2a:db:
0f:5a:32:6a:1a:69:cc:d3:60:fe:57:1c:8c:6f:b1:
74:2f:fc:f8:e8:5a:9a:78:93:b0:1a:1b:cc:da:0c:
1d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C7:D2:CB:FB:6A:25:C0:39:B7:29:03:07:13:F9:B5:00:07:DF:96
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/fMfSy_tqJcA5tykDBxP5tQAH35Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.138.0/24
91.211.16.0/22
176.124.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:b8:dc:01:f1:2e:8e:35:eb:3e:37:9e:5a:6d:e6:96:f5:95:
8d:c3:16:0d:42:db:5b:69:0f:c6:57:04:24:ed:f1:f9:b7:03:
94:77:ad:ac:0c:26:3e:41:48:c7:1b:2e:c4:94:6c:0b:8b:ec:
ed:7e:b2:89:f2:e2:89:4c:7a:5c:4f:6c:9b:7c:86:04:74:28:
59:3f:95:79:b0:ca:d0:28:d8:e0:5d:f9:c8:1c:b1:dc:a7:9a:
7b:c2:cd:b9:c2:18:bc:14:32:0b:33:7a:a7:50:98:2a:ee:00:
7a:56:3b:54:6a:54:00:74:c9:d0:2a:b8:86:0c:a4:3b:29:74:
83:ca:c5:59:38:ee:2b:4f:23:98:08:51:b7:ad:55:3c:43:3c:
15:02:2c:a6:28:93:45:09:5b:5b:08:42:b6:74:95:65:00:d4:
44:b1:6a:45:8c:34:90:c8:f4:77:ee:17:35:7e:5a:6b:78:8a:
a4:20:a2:d2:23:22:d9:86:ca:55:6f:4d:e8:91:71:b1:95:5d:
ae:e0:57:e4:f2:9f:1c:93:66:1e:1f:38:50:d3:be:af:6c:60:
d9:94:44:3e:13:01:fc:f0:61:c6:a1:eb:8f:dc:ba:bc:10:ef:
68:2f:3b:a0:46:e8:9e:e5:8a:bc:f8:e0:bd:73:25:4a:62:2d:
81:b8:dd:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHlz4jhgJAa0oOwuUO1VcEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjQwOTEyMTAzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M3ZDJjYmZiNmEyNWMwMzliNzI5MDMwNzEzZjliNTAwMDdkZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPQhc0chfBhrqiJp/kDE9ujtZfFG
X3df3JH7i44xx4SU6Fo0rz15FKWhDMOaDdyP3+r6mHW+yaebDbLYi4nfGB7+e7OK
LGLqY7RNLBinF0y4UNDxowuQUFult7+GBv+vbXh9CK5oqnZHQaqaTnoDUyrBvgDk
JpBPWiqLgT4/vJ2SArCB9JPMEzseZnoFOqxpBhhnatxEuONTng7o6y2XfOaxM5cN
AmY4XWqijcSlblVReTo+V7RD3ellRMYzSmNBFKKiRAtCFlCNC1FncnszUjwDBEwg
R7DMPnWG1VIbKtsPWjJqGmnM02D+VxyMb7F0L/z46FqaeJOwGhvM2gwdFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHzH0sv7aiXAObcpAwcT+bUAB9+WMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvZk1mU3lfdHFKY0E1dHlrREJ4UDV0UUFIMzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUaOKAwQC
W9MQAwQFsHwAMA0GCSqGSIb3DQEBCwUAA4IBAQCouNwB8S6ONes+N55abeaW9ZWN
wxYNQttbaQ/GVwQk7fH5twOUd62sDCY+QUjHGy7ElGwLi+ztfrKJ8uKJTHpcT2yb
fIYEdChZP5V5sMrQKNjgXfnIHLHcp5p7ws25whi8FDILM3qnUJgq7gB6VjtUalQA
dMnQKriGDKQ7KXSDysVZOO4rTyOYCFG3rVU8QzwVAiymKJNFCVtbCEK2dJVlANRE
sWpFjDSQyPR37hc1flpreIqkIKLSIyLZhspVb03okXGxlV2u4Ffk8p8ck2YeHzhQ
076vbGDZlEQ+EwH88GHGoeuP3Lq8EO9oLzugRuie5Yq8+OC9cyVKYi2BuN27
-----END CERTIFICATE-----
Generated at Sat Sep 28 13:04:38 2024 by rpki-client on console-fra.rpki-client.org