Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_BiwSzlZd8LWkk0LUX_6FGkKh2g.roa
File: _BiwSzlZd8LWkk0LUX_6FGkKh2g.roa (raw, json)
Hash identifier: cV+s31GH5fgOZ3VNmDwuKhp7yZLikZVc1+hYPaf87rk=
Subject key identifier: FC:18:B0:4B:39:59:77:C2:D6:92:4D:0B:51:7F:FA:14:69:0A:87:68
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D266EAE38DF2B37FC38312E715BDB
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_BiwSzlZd8LWkk0LUX_6FGkKh2g.roa
Signing time: Mon 01 Jan 2024 00:29:42 +0000
ROA not before: Mon 01 Jan 2024 00:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51461
IP address blocks: 93.114.79.0/24 maxlen: 24
93.114.88.0/22 maxlen: 22
93.114.72.0/22 maxlen: 22
93.114.76.0/23 maxlen: 23
93.114.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 04:03:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:26:6e:ae:38:df:2b:37:fc:38:31:2e:71:5b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc18b04b395977c2d6924d0b517ffa14690a8768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ce:a7:0b:ec:73:2d:a3:50:1a:80:25:2b:50:
32:6b:13:56:b7:2d:2f:a0:1d:d2:c2:b4:93:4b:1c:
ff:5f:8f:9d:7b:6d:ba:9c:ec:8b:fe:8b:4b:d5:22:
0c:98:7e:9f:4c:ac:98:bd:83:b7:9c:5c:35:44:aa:
83:fe:3e:7d:e1:f2:38:3c:45:40:79:ee:f3:92:c0:
59:57:07:2b:8d:25:d3:f7:49:ea:15:08:75:9a:90:
ff:9d:ca:46:04:8e:57:96:b8:17:a0:99:5e:66:33:
41:50:e0:41:bb:d1:d2:ee:4c:91:60:80:d5:c6:37:
73:16:87:1d:de:3a:e6:04:c0:73:f5:ce:b5:22:04:
c9:75:94:d6:9f:f5:79:72:3b:d9:7f:b2:5b:96:48:
18:94:0f:9e:21:ec:18:fd:c1:8e:2f:e5:8b:92:5b:
95:12:0d:b8:5a:60:b9:c0:54:b0:40:9b:3b:73:4b:
d2:a2:0b:eb:83:45:61:f6:4f:a8:77:61:15:8c:b9:
34:54:87:40:ea:0c:d5:df:ef:5a:b5:a3:d7:ad:b8:
84:23:d6:7e:fd:c9:e5:ee:82:bc:b2:91:19:35:ec:
56:3f:62:97:6c:97:2f:5e:b4:12:08:81:cd:b8:f7:
24:cc:8e:c3:44:70:2c:1f:87:e1:0e:b2:0d:66:bd:
2d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:18:B0:4B:39:59:77:C2:D6:92:4D:0B:51:7F:FA:14:69:0A:87:68
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_BiwSzlZd8LWkk0LUX_6FGkKh2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.72.0/21
93.114.88.0/22
Signature Algorithm: sha256WithRSAEncryption
64:ed:be:ad:28:4d:b6:91:8b:d2:ac:31:ae:7c:0e:b8:b1:d9:
4e:0d:b5:76:d2:3a:43:2a:c9:ad:65:8f:67:32:16:e6:1d:48:
58:56:b3:18:26:68:c5:5b:46:e7:a0:60:db:37:26:34:9c:a7:
f0:e8:84:09:d1:b9:99:fa:d1:c7:f9:36:ef:da:e8:1c:f9:68:
9f:b9:8d:7d:67:53:2f:6a:a4:74:b7:dd:f8:19:9b:01:86:c7:
d0:a0:81:9d:19:bb:52:55:6d:b8:56:b4:1f:c1:85:46:c1:a8:
f9:c3:4c:fe:e4:21:da:91:52:74:95:a3:74:1d:42:27:a0:1b:
b2:e6:49:54:33:b2:7e:87:66:2a:9c:0e:24:33:bf:3a:55:88:
5c:34:c4:43:ff:4a:93:9b:37:92:c0:e2:2c:14:54:e8:a6:cb:
df:f1:4d:93:ff:48:9f:31:3f:9e:12:c6:cf:60:8b:9a:12:55:
b9:1d:50:e8:60:46:e7:a6:97:df:9d:8a:63:6a:ca:e9:bf:cb:
9e:c2:88:33:9a:3d:f6:b7:e5:a7:0d:8b:c4:02:b4:94:ba:1b:
3c:c8:3f:8a:82:9e:c6:c5:d8:c3:dd:bc:35:8d:2a:8d:78:91:
6c:8a:5c:78:0c:b3:15:3c:eb:f3:7b:c4:f1:11:a3:bf:69:5d:
6d:59:c9:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbSZurjjfKzf8ODEucVvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzE4YjA0YjM5NTk3N2MyZDY5MjRkMGI1MTdmZmExNDY5MGE4NzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM6nC+xzLaNQGoAlK1AyaxNWty0v
oB3SwrSTSxz/X4+de226nOyL/otL1SIMmH6fTKyYvYO3nFw1RKqD/j594fI4PEVA
ee7zksBZVwcrjSXT90nqFQh1mpD/ncpGBI5XlrgXoJleZjNBUOBBu9HS7kyRYIDV
xjdzFocd3jrmBMBz9c61IgTJdZTWn/V5cjvZf7JblkgYlA+eIewY/cGOL+WLkluV
Eg24WmC5wFSwQJs7c0vSogvrg0Vh9k+od2EVjLk0VIdA6gzV3+9ataPXrbiEI9Z+
/cnl7oK8spEZNexWP2KXbJcvXrQSCIHNuPckzI7DRHAsH4fhDrINZr0t6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPwYsEs5WXfC1pJNC1F/+hRpCodoMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvX0Jpd1N6bFpkOExXa2swTFVYXzZGR2tLaDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXXJIAwQC
XXJYMA0GCSqGSIb3DQEBCwUAA4IBAQBk7b6tKE22kYvSrDGufA64sdlODbV20jpD
KsmtZY9nMhbmHUhYVrMYJmjFW0bnoGDbNyY0nKfw6IQJ0bmZ+tHH+Tbv2ugc+Wif
uY19Z1MvaqR0t934GZsBhsfQoIGdGbtSVW24VrQfwYVGwaj5w0z+5CHakVJ0laN0
HUInoBuy5klUM7J+h2YqnA4kM786VYhcNMRD/0qTmzeSwOIsFFTopsvf8U2T/0if
MT+eEsbPYIuaElW5HVDoYEbnppffnYpjasrpv8uewogzmj32t+WnDYvEArSUuhs8
yD+Kgp7GxdjD3bw1jSqNeJFsilx4DLMVPOvze8TxEaO/aV1tWcll
-----END CERTIFICATE-----
Generated at Mon Jun 3 09:45:40 2024 by rpki-client on console-fra.rpki-client.org