Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/FcVaAwOwAKunGAxZslzW1p_u5yg.roa
File: FcVaAwOwAKunGAxZslzW1p_u5yg.roa (raw, json)
Hash identifier: Cu1vyF3aSWAJZLtjy187i3SHQzorDdyJkT8seiIhtyY=
Subject key identifier: 15:C5:5A:03:03:B0:00:AB:A7:18:0C:59:B2:5C:D6:D6:9F:EE:E7:28
Certificate issuer: /CN=9cbe9c43ee759896003919508734723346bf7016
Certificate serial: 018CC64B2218749424462FFC64833CCFB415
Authority key identifier: 9C:BE:9C:43:EE:75:98:96:00:39:19:50:87:34:72:33:46:BF:70:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nL6cQ-51mJYAORlQhzRyM0a_cBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/FcVaAwOwAKunGAxZslzW1p_u5yg.roa
Signing time: Mon 01 Jan 2024 18:31:01 +0000
ROA not before: Mon 01 Jan 2024 18:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39244
IP address blocks: 81.21.178.0/24 maxlen: 24
81.21.176.0/23 maxlen: 23
81.21.179.0/24 maxlen: 24
81.21.180.0/22 maxlen: 22
81.21.184.0/21 maxlen: 21
188.65.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/nL6cQ-51mJYAORlQhzRyM0a_cBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/nL6cQ-51mJYAORlQhzRyM0a_cBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/nL6cQ-51mJYAORlQhzRyM0a_cBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:22:18:74:94:24:46:2f:fc:64:83:3c:cf:b4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cbe9c43ee759896003919508734723346bf7016
Validity
Not Before: Jan 1 18:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15c55a0303b000aba7180c59b25cd6d69feee728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:86:38:5f:93:73:1d:2a:c8:aa:ce:0b:c8:2e:
cc:2f:b3:8e:69:35:d1:10:48:d5:d6:90:a5:29:04:
a9:80:e3:24:9a:83:65:5a:01:5e:da:df:9b:fd:d6:
3c:ea:8d:dd:17:c9:2e:11:d9:60:26:e8:87:ee:a8:
53:c2:d7:80:fa:4c:bd:ca:43:e5:c0:65:89:45:61:
d3:41:8e:db:c8:b6:42:ea:7b:c1:3a:58:e6:f6:08:
fe:c1:9b:e6:9e:e8:02:ec:89:4d:9a:dc:cd:a8:bf:
fb:6c:15:0c:7a:07:8d:7e:17:e0:13:05:b0:a4:e9:
d4:f5:6d:cb:d3:d5:d4:96:5f:76:da:59:e9:8e:d9:
84:05:ac:21:b3:79:dc:d0:00:b9:7f:ac:61:e8:8c:
70:6d:b6:d1:35:bc:49:55:3e:31:31:5c:23:c2:30:
9e:44:3b:01:5d:a5:dc:82:5f:05:ce:cb:bf:e8:1b:
8c:cb:67:0b:07:f1:31:6c:07:73:7f:ea:14:10:4f:
25:0e:ab:bb:46:af:8f:d0:2c:f2:4f:bc:f5:12:a8:
93:06:e3:d8:18:5c:b3:f9:c3:0c:39:5c:25:6c:02:
b5:65:5a:b5:e2:f4:c1:0e:d0:30:47:13:29:0f:d0:
39:97:0f:b9:2a:90:c6:d0:7d:06:75:49:c2:54:48:
65:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C5:5A:03:03:B0:00:AB:A7:18:0C:59:B2:5C:D6:D6:9F:EE:E7:28
X509v3 Authority Key Identifier:
keyid:9C:BE:9C:43:EE:75:98:96:00:39:19:50:87:34:72:33:46:BF:70:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nL6cQ-51mJYAORlQhzRyM0a_cBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/FcVaAwOwAKunGAxZslzW1p_u5yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/nL6cQ-51mJYAORlQhzRyM0a_cBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.176.0/20
188.65.192.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:7d:96:30:fc:b7:f5:1d:e5:12:98:9b:c6:5e:69:cd:17:5e:
f8:ca:4f:77:b9:79:fd:63:32:2e:f0:81:72:6c:4f:32:31:44:
39:4b:16:12:d7:35:60:8d:12:c9:51:94:97:27:cf:13:b6:c1:
be:42:8b:35:a9:ea:29:17:6b:79:d7:8e:6a:2d:99:1a:3e:1a:
0d:ab:61:42:7e:4f:4f:73:99:97:a3:d1:5c:91:4b:8e:b4:9a:
1f:fe:3d:c8:5c:94:fb:41:93:42:44:14:63:40:da:8e:71:71:
00:59:eb:48:81:a9:54:0d:2b:9d:fc:0d:25:03:63:43:65:bf:
26:8d:58:fd:f9:1f:e9:65:13:c6:a7:91:f6:70:7f:fa:33:43:
74:9d:68:2b:d3:2a:c7:9e:d5:47:6a:08:f1:8a:9f:22:f6:8e:
fc:6c:0d:28:73:42:99:d6:78:02:7d:97:eb:37:a4:f1:f1:62:
f0:ed:8e:60:91:2f:36:26:7a:5f:5a:33:76:cd:d6:dd:43:23:
11:a4:2b:28:e2:8d:01:39:5a:b2:49:4b:97:31:ea:55:6c:3f:
10:27:de:32:7a:18:43:6f:ac:69:73:24:4c:a5:3a:e9:4d:05:
77:9c:83:c1:47:94:0e:d1:4d:cf:7a:f4:39:fc:f3:cf:28:1d:
04:45:d2:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSyIYdJQkRi/8ZIM8z7QVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYmU5YzQzZWU3NTk4OTYwMDM5MTk1MDg3MzQ3MjMzNDZi
ZjcwMTYwHhcNMjQwMTAxMTgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWM1NWEwMzAzYjAwMGFiYTcxODBjNTliMjVjZDZkNjlmZWVlNzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4Y4X5NzHSrIqs4LyC7ML7OOaTXR
EEjV1pClKQSpgOMkmoNlWgFe2t+b/dY86o3dF8kuEdlgJuiH7qhTwteA+ky9ykPl
wGWJRWHTQY7byLZC6nvBOljm9gj+wZvmnugC7IlNmtzNqL/7bBUMegeNfhfgEwWw
pOnU9W3L09XUll922lnpjtmEBawhs3nc0AC5f6xh6IxwbbbRNbxJVT4xMVwjwjCe
RDsBXaXcgl8Fzsu/6BuMy2cLB/ExbAdzf+oUEE8lDqu7Rq+P0CzyT7z1EqiTBuPY
GFyz+cMMOVwlbAK1ZVq14vTBDtAwRxMpD9A5lw+5KpDG0H0GdUnCVEhl8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBXFWgMDsACrpxgMWbJc1taf7ucoMB8GA1UdIwQY
MBaAFJy+nEPudZiWADkZUIc0cjNGv3AWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkw2Y1EtNTFtSllBT1JsUWh6UnlNMGFfY0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTc0ZTktNDc0My00NmRiLWEzNDgt
MWQxOTg5ZjA2NjE4LzEvRmNWYUF3T3dBS3VuR0F4WnNselcxcF91NXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTc0ZTktNDc0My00NmRiLWEzNDgtMWQxOTg5ZjA2NjE4
LzEvbkw2Y1EtNTFtSllBT1JsUWh6UnlNMGFfY0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEURWwAwQD
vEHAMA0GCSqGSIb3DQEBCwUAA4IBAQBtfZYw/Lf1HeUSmJvGXmnNF174yk93uXn9
YzIu8IFybE8yMUQ5SxYS1zVgjRLJUZSXJ88TtsG+Qos1qeopF2t5145qLZkaPhoN
q2FCfk9Pc5mXo9FckUuOtJof/j3IXJT7QZNCRBRjQNqOcXEAWetIgalUDSud/A0l
A2NDZb8mjVj9+R/pZRPGp5H2cH/6M0N0nWgr0yrHntVHagjxip8i9o78bA0oc0KZ
1ngCfZfrN6Tx8WLw7Y5gkS82JnpfWjN2zdbdQyMRpCso4o0BOVqySUuXMepVbD8Q
J94yehhDb6xpcyRMpTrpTQV3nIPBR5QO0U3PevQ5/PPPKB0ERdJU
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:51:50 2024 by rpki-client on console-ams.rpki-client.org