Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/fMVJhbXopv8mEyCFI82TBlpDbjc.roa
File: fMVJhbXopv8mEyCFI82TBlpDbjc.roa (raw, json)
Hash identifier: ZLdIs37mbOshj8zXSmXosjit8Y0Jw2K1Kc6K0Y0zHtI=
Subject key identifier: 7C:C5:49:85:B5:E8:A6:FF:26:13:20:85:23:CD:93:06:5A:43:6E:37
Certificate issuer: /CN=f177817124f20772743bd30594a8853b2bdec6aa
Certificate serial: 018FBAA58C593624D6961EC65EF327BB384B
Authority key identifier: F1:77:81:71:24:F2:07:72:74:3B:D3:05:94:A8:85:3B:2B:DE:C6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8XeBcSTyB3J0O9MFlKiFOyvexqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/fMVJhbXopv8mEyCFI82TBlpDbjc.roa
Signing time: Mon 27 May 2024 15:22:42 +0000
ROA not before: Mon 27 May 2024 15:22:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49935
IP address blocks: 83.172.140.0/23 maxlen: 28
83.172.144.0/22 maxlen: 28
83.172.148.0/24 maxlen: 28
83.172.186.0/24 maxlen: 28
185.1.243.0/24 maxlen: 28
185.94.136.0/22 maxlen: 28
185.135.191.0/24 maxlen: 28
195.62.90.0/23 maxlen: 28
2001:678:9ac::/48 maxlen: 126
2001:7f8:12d::/48 maxlen: 126
2a10:1740::/29 maxlen: 126
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/8XeBcSTyB3J0O9MFlKiFOyvexqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/8XeBcSTyB3J0O9MFlKiFOyvexqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8XeBcSTyB3J0O9MFlKiFOyvexqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:a5:8c:59:36:24:d6:96:1e:c6:5e:f3:27:bb:38:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f177817124f20772743bd30594a8853b2bdec6aa
Validity
Not Before: May 27 15:22:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cc54985b5e8a6ff2613208523cd93065a436e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d7:e9:80:e4:ef:37:7d:47:23:58:b0:4f:f1:
10:5e:66:54:b9:ae:af:ae:27:f3:a4:84:cf:7c:54:
17:a9:4c:3c:bd:b1:c5:d5:51:e2:d2:7b:c6:0d:8b:
bb:71:73:42:9a:52:63:55:d7:12:01:3c:12:02:92:
b0:bf:43:df:21:1b:a2:72:0b:76:cf:ee:32:8c:50:
18:0d:f3:49:ac:48:c4:2d:22:2b:9b:b8:0d:e6:34:
ed:68:93:0a:91:64:b4:bf:54:91:6e:c0:8c:05:e4:
0b:b6:3a:f5:e1:12:ff:b5:a8:e3:b2:e7:4a:8c:51:
42:f2:97:75:97:37:81:dd:eb:4b:f6:ef:ce:6f:03:
ff:66:3a:4b:af:dd:62:5b:a1:bb:ea:ab:19:f1:c4:
f0:3c:4f:c0:5a:b4:62:85:bd:e6:f7:4c:ad:e6:c6:
6d:92:dd:91:b2:38:b8:89:1e:c3:61:df:c6:00:57:
58:74:e5:d3:d2:91:18:b8:18:18:6f:99:0e:e2:1b:
15:1e:8c:a9:19:ed:2f:17:ff:0c:ff:36:67:0e:21:
7a:7c:9a:bc:6d:74:b5:6c:17:d1:f5:6e:8f:85:c8:
79:bf:8d:97:13:bf:fa:ea:80:bb:81:38:7f:51:dc:
ba:71:3a:fd:07:2d:48:25:a0:26:68:2f:02:a4:7d:
2a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C5:49:85:B5:E8:A6:FF:26:13:20:85:23:CD:93:06:5A:43:6E:37
X509v3 Authority Key Identifier:
keyid:F1:77:81:71:24:F2:07:72:74:3B:D3:05:94:A8:85:3B:2B:DE:C6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8XeBcSTyB3J0O9MFlKiFOyvexqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/fMVJhbXopv8mEyCFI82TBlpDbjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/8XeBcSTyB3J0O9MFlKiFOyvexqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.140.0/23
83.172.144.0-83.172.148.255
83.172.186.0/24
185.1.243.0/24
185.94.136.0/22
185.135.191.0/24
195.62.90.0/23
IPv6:
2001:678:9ac::/48
2001:7f8:12d::/48
2a10:1740::/29
Signature Algorithm: sha256WithRSAEncryption
7d:ef:37:30:56:4d:8e:c1:60:0d:d3:cc:ab:59:c3:67:f5:62:
fa:2c:40:20:19:77:c0:98:19:3d:ec:01:cc:f0:ea:5c:08:fd:
f9:c3:23:64:71:e6:61:3f:7f:29:c1:c2:2a:03:23:d7:49:ad:
7f:50:3d:ad:04:d3:9e:21:aa:f8:36:f6:37:be:5a:a2:45:ce:
cb:3d:d2:52:2f:af:87:22:87:38:0e:89:db:fe:74:38:bc:8c:
69:de:ee:04:53:30:f7:6a:ba:3a:e0:36:69:89:80:48:7d:ac:
cd:4f:93:11:4d:f5:bc:c8:df:88:60:62:36:d0:0a:2b:a4:7e:
66:f7:fa:ce:dd:33:f7:38:c8:79:17:33:a0:7b:f0:4b:e0:98:
e8:b7:8a:f5:de:6e:81:85:ad:bc:63:8f:31:50:b6:12:fd:e8:
06:03:f0:a8:7d:9f:0b:4d:7d:c5:13:c4:6a:10:ae:fc:ea:a7:
6f:29:ff:71:f3:b7:ea:5a:47:7d:a3:e5:6d:b0:5b:ae:4f:5b:
f3:67:50:27:ce:fb:9b:a7:34:31:7a:bf:ee:ab:3c:f5:4f:70:
20:cb:f3:b5:e9:b9:59:33:46:aa:9a:c5:49:ee:c4:7a:ab:9e:
c4:84:ac:e8:43:f6:d6:b4:02:df:55:70:83:fe:70:17:88:c3:
78:53:df:3f
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAY+6pYxZNiTWlh7GXvMnuzhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNzc4MTcxMjRmMjA3NzI3NDNiZDMwNTk0YTg4NTNiMmJk
ZWM2YWEwHhcNMjQwNTI3MTUyMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M1NDk4NWI1ZThhNmZmMjYxMzIwODUyM2NkOTMwNjVhNDM2ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NfpgOTvN31HI1iwT/EQXmZUua6v
rifzpITPfFQXqUw8vbHF1VHi0nvGDYu7cXNCmlJjVdcSATwSApKwv0PfIRuicgt2
z+4yjFAYDfNJrEjELSIrm7gN5jTtaJMKkWS0v1SRbsCMBeQLtjr14RL/tajjsudK
jFFC8pd1lzeB3etL9u/ObwP/ZjpLr91iW6G76qsZ8cTwPE/AWrRihb3m90yt5sZt
kt2Rsji4iR7DYd/GAFdYdOXT0pEYuBgYb5kO4hsVHoypGe0vF/8M/zZnDiF6fJq8
bXS1bBfR9W6Phch5v42XE7/66oC7gTh/Udy6cTr9By1IJaAmaC8CpH0qwwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFHzFSYW16Kb/JhMghSPNkwZaQ243MB8GA1UdIwQY
MBaAFPF3gXEk8gdydDvTBZSohTsr3saqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFhlQmNTVHlCM0owTzlNRmxLaUZPeXZleHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMDQ0ZTItYTg0Mi00OGFiLWJjNTQt
NjI1NDIyMjgyOTFjLzEvZk1WSmhiWG9wdjhtRXlDRkk4MlRCbHBEYmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMDQ0ZTItYTg0Mi00OGFiLWJjNTQtNjI1NDIyMjgyOTFj
LzEvOFhlQmNTVHlCM0owTzlNRmxLaUZPeXZleHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA4BAIAATAyAwQBU6yMMAwD
BARTrJADBABTrJQDBABTrLoDBAC5AfMDBAK5XogDBAC5h78DBAHDPlowHwQCAAIw
GQMHACABBngJrAMHACABB/gBLQMFAyoQF0AwDQYJKoZIhvcNAQELBQADggEBAH3v
NzBWTY7BYA3TzKtZw2f1YvosQCAZd8CYGT3sAczw6lwI/fnDI2Rx5mE/fynBwioD
I9dJrX9QPa0E054hqvg29je+WqJFzss90lIvr4cihzgOidv+dDi8jGne7gRTMPdq
ujrgNmmJgEh9rM1PkxFN9bzI34hgYjbQCiukfmb3+s7dM/c4yHkXM6B78EvgmOi3
ivXeboGFrbxjjzFQthL96AYD8Kh9nwtNfcUTxGoQrvzqp28p/3Hzt+paR32j5W2w
W65PW/NnUCfO+5unNDF6v+6rPPVPcCDL87XpuVkzRqqaxUnuxHqrnsSErOhD9ta0
At9VcIP+cBeIw3hT3z8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:02:17 2024 by rpki-client on console-fra.rpki-client.org