Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/fSAgx4DIZewx8vStNZ6qUUTMhF8.roa
File: fSAgx4DIZewx8vStNZ6qUUTMhF8.roa (raw, json)
Hash identifier: iNR5YsXiX3QMXJXVr7AxNMZoVgRg1L8TphBSPrDzAiY=
Subject key identifier: 7D:20:20:C7:80:C8:65:EC:31:F2:F4:AD:35:9E:AA:51:44:CC:84:5F
Certificate issuer: /CN=d2a4452602c9df977c9d5dd8dc13b6661df40136
Certificate serial: 018CC794359B62C718C27223BE00E1692A11
Authority key identifier: D2:A4:45:26:02:C9:DF:97:7C:9D:5D:D8:DC:13:B6:66:1D:F4:01:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/fSAgx4DIZewx8vStNZ6qUUTMhF8.roa
Signing time: Tue 02 Jan 2024 00:30:28 +0000
ROA not before: Tue 02 Jan 2024 00:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197898
IP address blocks: 185.110.52.0/22 maxlen: 24
217.9.192.0/20 maxlen: 24
185.98.178.0/23 maxlen: 24
185.98.179.0/24 maxlen: 24
185.98.176.0/23 maxlen: 24
2a03:37e0::/32 maxlen: 32
2a00:8007::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 15:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:35:9b:62:c7:18:c2:72:23:be:00:e1:69:2a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2a4452602c9df977c9d5dd8dc13b6661df40136
Validity
Not Before: Jan 2 00:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d2020c780c865ec31f2f4ad359eaa5144cc845f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6c:b1:2a:06:fc:f3:dc:93:6c:80:3c:4b:c9:
25:fb:c1:ab:44:f5:3a:e5:32:a7:b9:f6:cb:98:d3:
49:ce:e2:20:23:a9:07:89:51:21:17:19:8a:1a:c8:
d3:0e:7b:39:88:34:80:35:92:cf:f1:d4:67:d3:09:
29:d5:4e:f5:bb:c0:6e:59:7c:f3:8a:33:ba:ad:db:
24:5e:c3:b5:c8:3f:c9:ac:a9:ad:59:3f:93:3d:95:
0a:85:48:98:a5:f4:bb:dd:ac:2f:d7:55:a8:bd:86:
0e:2f:20:4c:4d:70:14:04:df:6e:07:8f:5b:82:f1:
5a:19:2f:ab:7e:8d:12:3c:89:df:30:9e:65:2b:b0:
b4:84:8e:15:4b:47:32:f5:4a:31:02:54:c7:b7:7e:
7a:be:84:32:c2:de:f7:9a:a8:33:22:38:d1:00:6b:
40:58:f7:2e:8e:63:c4:b3:57:d3:17:62:6d:c1:9c:
eb:2d:82:26:e3:14:f9:9e:45:04:12:c7:77:55:82:
5d:ef:a6:04:fb:6b:8e:47:03:e5:ce:b3:de:5b:a3:
e3:87:2d:5a:cc:3e:47:ef:cf:33:f1:bb:72:c1:85:
fd:91:64:96:46:2e:9f:cb:c6:75:e5:f1:32:b7:a5:
26:f3:5d:86:90:0f:75:8f:fd:ef:17:52:cd:c9:31:
27:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:20:20:C7:80:C8:65:EC:31:F2:F4:AD:35:9E:AA:51:44:CC:84:5F
X509v3 Authority Key Identifier:
keyid:D2:A4:45:26:02:C9:DF:97:7C:9D:5D:D8:DC:13:B6:66:1D:F4:01:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/fSAgx4DIZewx8vStNZ6qUUTMhF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.176.0/22
185.110.52.0/22
217.9.192.0/20
IPv6:
2a00:8007::/32
2a03:37e0::/32
Signature Algorithm: sha256WithRSAEncryption
3e:88:8c:c5:1f:d5:90:06:34:f5:84:92:fa:5b:c4:41:3c:7c:
c3:a2:cc:61:f6:5d:ab:6b:a5:a7:71:e2:d9:f2:68:16:3d:49:
c5:0d:e7:c1:dd:3b:d1:e1:f1:10:5b:d9:25:90:89:68:8d:bd:
41:d0:a4:2e:dc:15:88:d5:ee:1c:1d:a1:fb:3f:87:7d:59:4d:
7b:e9:c5:f0:9a:12:30:b7:eb:64:5d:41:26:68:84:3b:f7:d8:
5f:72:4d:27:36:70:c4:a4:b6:f8:cf:b1:9f:61:e3:f5:91:41:
04:16:0f:38:bf:76:96:14:24:b5:f9:d4:1d:5f:c2:eb:cf:40:
a1:d9:92:7a:29:b9:f9:57:04:ca:d8:ab:bc:08:7c:33:1b:8b:
35:cf:37:71:ca:6b:3a:81:96:b0:6b:df:e1:d7:a6:fe:63:f5:
79:2d:ff:79:ca:22:79:c0:dc:98:4f:73:ef:69:1d:77:22:29:
e1:fe:c0:51:ba:4f:3e:d7:a4:68:0c:ff:0f:c0:c6:e7:78:a1:
c0:1e:e1:cd:40:54:69:96:09:1b:5b:fd:9e:b3:eb:5a:39:c2:
2d:0d:fb:08:7d:38:12:7e:65:48:cb:67:8b:6c:f9:68:1d:5d:
3b:5e:07:0e:36:8c:24:da:d2:d6:12:67:f4:fe:c7:2a:d0:91:
ed:53:14:af
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHlDWbYscYwnIjvgDhaSoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTQ0NTI2MDJjOWRmOTc3YzlkNWRkOGRjMTNiNjY2MWRm
NDAxMzYwHhcNMjQwMTAyMDAzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDIwMjBjNzgwYzg2NWVjMzFmMmY0YWQzNTllYWE1MTQ0Y2M4NDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWyxKgb889yTbIA8S8kl+8GrRPU6
5TKnufbLmNNJzuIgI6kHiVEhFxmKGsjTDns5iDSANZLP8dRn0wkp1U71u8BuWXzz
ijO6rdskXsO1yD/JrKmtWT+TPZUKhUiYpfS73awv11WovYYOLyBMTXAUBN9uB49b
gvFaGS+rfo0SPInfMJ5lK7C0hI4VS0cy9UoxAlTHt356voQywt73mqgzIjjRAGtA
WPcujmPEs1fTF2JtwZzrLYIm4xT5nkUEEsd3VYJd76YE+2uORwPlzrPeW6Pjhy1a
zD5H788z8btywYX9kWSWRi6fy8Z15fEyt6Um812GkA91j/3vF1LNyTEnGwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFH0gIMeAyGXsMfL0rTWeqlFEzIRfMB8GA1UdIwQY
MBaAFNKkRSYCyd+XfJ1d2NwTtmYd9AE2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFSRkpnTEozNWQ4blYzWTNCTzJaaDMwQVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kNWZkOTktOGFlMC00YWUwLWI2YjQt
ZmU3NGVmN2FhYzk1LzEvZlNBZ3g0RElaZXd4OHZTdE5aNnFVVVRNaEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kNWZkOTktOGFlMC00YWUwLWI2YjQtZmU3NGVmN2FhYzk1
LzEvMHFSRkpnTEozNWQ4blYzWTNCTzJaaDMwQVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuWKwAwQC
uW40AwQE2QnAMBQEAgACMA4DBQAqAIAHAwUAKgM34DANBgkqhkiG9w0BAQsFAAOC
AQEAPoiMxR/VkAY09YSS+lvEQTx8w6LMYfZdq2ulp3Hi2fJoFj1JxQ3nwd070eHx
EFvZJZCJaI29QdCkLtwViNXuHB2h+z+HfVlNe+nF8JoSMLfrZF1BJmiEO/fYX3JN
JzZwxKS2+M+xn2Hj9ZFBBBYPOL92lhQktfnUHV/C689AodmSeim5+VcEytirvAh8
MxuLNc83ccprOoGWsGvf4dem/mP1eS3/ecoiecDcmE9z72kddyIp4f7AUbpPPtek
aAz/D8DG53ihwB7hzUBUaZYJG1v9nrPrWjnCLQ37CH04En5lSMtni2z5aB1dO14H
DjaMJNrS1hJn9P7HKtCR7VMUrw==
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:10:40 2024 by rpki-client on console-fra.rpki-client.org