Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/1FKMz9AvG63mAuIvkE7qpDnegiU.roa
File: 1FKMz9AvG63mAuIvkE7qpDnegiU.roa (raw, json)
Hash identifier: vWe6ifWzwyUsWhZf6g0aiRsEpN97G7LCHVTXXP4Sf/w=
Subject key identifier: D4:52:8C:CF:D0:2F:1B:AD:E6:02:E2:2F:90:4E:EA:A4:39:DE:82:25
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018CC4938652AE4D6CCC83B6AE47CA5C441C
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/1FKMz9AvG63mAuIvkE7qpDnegiU.roa
Signing time: Mon 01 Jan 2024 10:30:51 +0000
ROA not before: Mon 01 Jan 2024 10:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197476
IP address blocks: 5.157.176.0/21 maxlen: 21
5.157.184.0/21 maxlen: 21
37.35.56.0/21 maxlen: 21
178.157.104.0/22 maxlen: 22
188.74.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 14:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:86:52:ae:4d:6c:cc:83:b6:ae:47:ca:5c:44:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 10:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4528ccfd02f1bade602e22f904eeaa439de8225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f2:58:02:6a:93:e6:3d:d7:e5:ec:37:41:5f:
be:c3:3a:e1:61:1d:50:41:d1:fb:4f:ba:01:f5:c0:
13:d9:38:f9:06:db:14:30:38:aa:ba:5f:b3:21:0b:
73:d9:94:ea:a7:ab:86:38:ff:6d:e0:cc:e9:e3:54:
a0:02:60:d8:ae:d8:e7:57:02:7c:c8:2d:7d:f7:5a:
ae:0d:1b:56:7b:3b:c7:f2:be:c9:97:5a:bd:0b:3b:
fa:cd:5b:f8:96:2d:5b:af:a4:cd:2c:65:53:15:30:
97:af:c0:05:23:41:84:37:ab:c2:93:9d:0c:8c:af:
2c:eb:6d:73:2c:de:80:6f:a6:00:ff:d7:c7:1d:c3:
52:90:bd:df:2d:6f:e3:1c:81:93:f2:ca:32:be:33:
6c:cc:8d:a9:15:b8:50:e4:a0:af:0e:4c:86:76:ba:
f1:ff:c1:12:53:78:ef:7b:ee:4e:89:b6:6f:e3:8f:
cb:81:62:90:6c:83:12:46:0f:f9:7b:53:bd:a2:4c:
ed:ff:0a:60:7f:0a:d2:39:9e:1a:09:52:5f:05:fc:
e6:d9:93:80:df:d3:56:f1:03:7b:40:93:53:d6:af:
9e:13:90:66:3c:17:c3:bf:d2:c4:fa:a4:f0:c2:52:
06:92:22:1b:ce:0c:2d:47:57:7b:a7:9f:2b:31:8c:
e4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:52:8C:CF:D0:2F:1B:AD:E6:02:E2:2F:90:4E:EA:A4:39:DE:82:25
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/1FKMz9AvG63mAuIvkE7qpDnegiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.176.0/20
37.35.56.0/21
178.157.104.0/22
188.74.176.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:8b:ff:ae:f3:18:28:ce:7c:7a:68:f7:d1:14:3e:81:ab:06:
c5:e7:23:df:06:0b:14:fe:0b:c6:79:15:fa:6a:c3:f2:7e:b6:
14:44:bf:6c:9f:c4:2e:b2:f5:21:d4:b8:4d:54:17:a3:c7:d6:
1d:67:9f:fa:cb:cc:76:76:70:99:bf:07:d6:d2:90:2d:28:bb:
87:00:01:d0:67:07:df:49:3b:89:29:af:97:08:f3:36:e1:ab:
c8:75:16:28:04:57:d1:63:1c:cb:f1:c4:7a:1f:5b:24:0b:06:
c2:97:55:c2:46:fb:1b:b4:38:ff:d1:99:6b:22:75:18:5d:a0:
ca:95:53:22:c1:12:11:01:ef:0d:da:86:b0:f1:c9:fd:a1:c4:
f6:c5:b2:89:ae:03:55:3b:4d:da:11:bb:31:73:e1:4b:95:84:
4b:fb:68:57:fa:3c:20:bc:f0:f1:a8:94:d5:ac:11:e3:14:a9:
8a:2f:18:59:17:7f:59:46:f0:be:9e:de:ab:c5:99:aa:1e:ab:
48:c9:a9:c3:04:04:1d:3e:c7:2d:19:c5:d8:c3:76:cd:8c:43:
9b:19:5b:d8:54:fd:a0:89:3f:52:cd:d3:f7:c2:fc:86:93:4a:
e0:d4:f4:07:1c:24:14:d4:93:1c:9a:0d:74:9e:4b:09:07:5b:
a5:a8:68:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEk4ZSrk1szIO2rkfKXEQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTAxMTAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDUyOGNjZmQwMmYxYmFkZTYwMmUyMmY5MDRlZWFhNDM5ZGU4MjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/JYAmqT5j3X5ew3QV++wzrhYR1Q
QdH7T7oB9cAT2Tj5BtsUMDiqul+zIQtz2ZTqp6uGOP9t4Mzp41SgAmDYrtjnVwJ8
yC1991quDRtWezvH8r7Jl1q9Czv6zVv4li1br6TNLGVTFTCXr8AFI0GEN6vCk50M
jK8s621zLN6Ab6YA/9fHHcNSkL3fLW/jHIGT8soyvjNszI2pFbhQ5KCvDkyGdrrx
/8ESU3jve+5OibZv44/LgWKQbIMSRg/5e1O9okzt/wpgfwrSOZ4aCVJfBfzm2ZOA
39NW8QN7QJNT1q+eE5BmPBfDv9LE+qTwwlIGkiIbzgwtR1d7p58rMYzkaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNRSjM/QLxut5gLiL5BO6qQ53oIlMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvMUZLTXo5QXZHNjNtQXVJdmtFN3FwRG5lZ2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBZ2wAwQD
JSM4AwQCsp1oAwQCvEqwMA0GCSqGSIb3DQEBCwUAA4IBAQBNi/+u8xgoznx6aPfR
FD6BqwbF5yPfBgsU/gvGeRX6asPyfrYURL9sn8QusvUh1LhNVBejx9YdZ5/6y8x2
dnCZvwfW0pAtKLuHAAHQZwffSTuJKa+XCPM24avIdRYoBFfRYxzL8cR6H1skCwbC
l1XCRvsbtDj/0ZlrInUYXaDKlVMiwRIRAe8N2oaw8cn9ocT2xbKJrgNVO03aEbsx
c+FLlYRL+2hX+jwgvPDxqJTVrBHjFKmKLxhZF39ZRvC+nt6rxZmqHqtIyanDBAQd
PsctGcXYw3bNjEObGVvYVP2giT9SzdP3wvyGk0rg1PQHHCQU1JMcmg10nksJB1ul
qGiK
-----END CERTIFICATE-----
Generated at Tue Jun 4 21:14:40 2024 by rpki-client on console-fra.rpki-client.org