Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/FssjqWbFcmGghcpfkUNw14jDNzM.roa
File: FssjqWbFcmGghcpfkUNw14jDNzM.roa (raw, json)
Hash identifier: zY1rHrnNbRMhVpgMz2AVeYONhfgeu4q6bECTWSDIdfA=
Subject key identifier: 16:CB:23:A9:66:C5:72:61:A0:85:CA:5F:91:43:70:D7:88:C3:37:33
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 018CEA52C11C03DD15FC2E767FA2700D7012
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/FssjqWbFcmGghcpfkUNw14jDNzM.roa
Signing time: Mon 08 Jan 2024 18:25:41 +0000
ROA not before: Mon 08 Jan 2024 18:25:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 193.238.135.0/24 maxlen: 24
193.238.134.0/24 maxlen: 24
193.33.48.0/24 maxlen: 24
45.147.194.0/24 maxlen: 24
91.224.22.0/24 maxlen: 24
91.224.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ea:52:c1:1c:03:dd:15:fc:2e:76:7f:a2:70:0d:70:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 8 18:25:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16cb23a966c57261a085ca5f914370d788c33733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3e:8c:ec:51:0c:7a:7b:b4:27:c3:6a:f6:7b:
78:c2:56:54:06:eb:cc:4b:10:09:59:d0:95:58:e1:
7a:e6:57:7a:0d:19:3d:a2:87:0e:21:c2:97:e8:f8:
5f:79:de:c0:11:3b:98:64:21:28:d5:95:fa:2b:1d:
e3:78:86:19:fb:be:02:4a:1e:b0:27:e2:2f:66:d2:
3c:c9:53:b5:24:72:64:4d:ec:30:6b:88:ed:6f:56:
5c:c1:5b:e7:57:2b:7d:b5:e9:9f:40:14:28:e1:d4:
5d:1f:9e:5e:0f:af:61:f0:4e:15:99:74:5e:81:81:
d9:61:26:be:bf:0b:d3:2b:88:7f:43:37:0d:4a:68:
ec:79:f9:56:9c:ce:ca:82:ef:b6:5e:bf:b0:7e:75:
58:8d:a1:ec:39:8e:7b:5e:d2:92:a4:62:39:e3:c6:
2d:d2:bc:87:28:4d:08:e3:d6:b3:d6:3d:3a:f4:82:
15:14:de:fe:e1:96:9e:01:00:c5:de:ce:9f:71:88:
cc:01:80:d9:29:50:68:05:9c:52:13:72:19:dc:6c:
c2:ad:80:a2:e9:bf:23:c9:db:a3:bf:df:fa:fc:f5:
f6:f7:a8:d0:67:28:a4:b4:fe:10:7d:09:d8:5b:16:
9b:e4:4b:e5:4d:8e:98:c2:fd:3d:23:75:7e:89:e9:
69:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:CB:23:A9:66:C5:72:61:A0:85:CA:5F:91:43:70:D7:88:C3:37:33
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/FssjqWbFcmGghcpfkUNw14jDNzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.194.0/24
91.224.22.0/23
193.33.48.0/24
193.238.134.0/23
Signature Algorithm: sha256WithRSAEncryption
05:7e:fa:f7:95:2b:11:4c:32:f1:e7:73:a3:7c:14:58:c1:49:
80:a0:b6:35:da:58:25:b3:2e:f4:f8:8a:c5:30:27:9e:52:69:
28:45:b9:5c:21:8b:b8:d5:e0:82:50:3b:89:74:2b:bc:2c:b3:
3e:85:58:c4:06:45:2c:fc:ec:2b:bc:2f:0d:7a:7c:bf:32:70:
ee:55:d4:10:9a:d2:6a:82:3e:e7:29:9e:1d:b4:de:9a:46:14:
5e:ef:e1:3b:96:b2:5c:9c:e9:ac:02:3f:97:73:ae:6c:89:55:
fa:59:6c:94:35:1e:4a:76:4c:a3:1e:89:26:08:21:b5:a8:91:
23:d2:87:19:60:cc:e7:4a:ee:54:ce:c3:77:0f:29:7f:22:65:
33:e4:ac:95:00:16:fe:7b:5c:00:30:60:cd:f4:b1:93:ce:64:
26:72:c5:b1:02:0c:d9:e1:10:5a:74:0c:9b:a7:8d:e0:07:92:
87:7f:3f:40:a6:39:03:43:15:8f:3f:a6:b1:9c:00:5a:30:bf:
29:aa:20:5e:92:11:e8:42:2a:6e:80:de:48:7d:f6:ca:14:37:
b8:6d:16:a0:25:ed:f3:3c:75:3a:00:6e:91:4d:7a:90:aa:23:
73:ca:4c:8c:88:bb:97:fd:26:3b:20:29:75:5f:68:61:44:6c:
26:dc:8b:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzqUsEcA90V/C52f6JwDXASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTA4MTgyNTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmNiMjNhOTY2YzU3MjYxYTA4NWNhNWY5MTQzNzBkNzg4YzMzNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgj6M7FEMenu0J8Nq9nt4wlZUBuvM
SxAJWdCVWOF65ld6DRk9oocOIcKX6Phfed7AETuYZCEo1ZX6Kx3jeIYZ+74CSh6w
J+IvZtI8yVO1JHJkTewwa4jtb1ZcwVvnVyt9temfQBQo4dRdH55eD69h8E4VmXRe
gYHZYSa+vwvTK4h/QzcNSmjseflWnM7Kgu+2Xr+wfnVYjaHsOY57XtKSpGI548Yt
0ryHKE0I49az1j069IIVFN7+4ZaeAQDF3s6fcYjMAYDZKVBoBZxSE3IZ3GzCrYCi
6b8jydujv9/6/PX296jQZyiktP4QfQnYWxab5EvlTY6Ywv09I3V+ielpCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBbLI6lmxXJhoIXKX5FDcNeIwzczMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvRnNzanFXYkZjbUdnaGNwZmtVTncxNGpETnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZPCAwQB
W+AWAwQAwSEwAwQBwe6GMA0GCSqGSIb3DQEBCwUAA4IBAQAFfvr3lSsRTDLx53Oj
fBRYwUmAoLY12lglsy70+IrFMCeeUmkoRblcIYu41eCCUDuJdCu8LLM+hVjEBkUs
/OwrvC8Neny/MnDuVdQQmtJqgj7nKZ4dtN6aRhRe7+E7lrJcnOmsAj+Xc65siVX6
WWyUNR5KdkyjHokmCCG1qJEj0ocZYMznSu5UzsN3Dyl/ImUz5KyVABb+e1wAMGDN
9LGTzmQmcsWxAgzZ4RBadAybp43gB5KHfz9ApjkDQxWPP6axnABaML8pqiBekhHo
QipugN5IffbKFDe4bRagJe3zPHU6AG6RTXqQqiNzykyMiLuX/SY7ICl1X2hhRGwm
3Itm
-----END CERTIFICATE-----
Generated at Sat May 4 03:58:16 2024 by rpki-client on console-fra.rpki-client.org