Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/_FVhtpW3yg7Nu064bbFxDRYhv_A.roa
File: _FVhtpW3yg7Nu064bbFxDRYhv_A.roa (raw, json)
Hash identifier: s9nRSedGfElNfa0/ThipFsfMkpisigo8mcDdKS8sHuc=
Subject key identifier: FC:55:61:B6:95:B7:CA:0E:CD:BB:4E:B8:6D:B1:71:0D:16:21:BF:F0
Certificate issuer: /CN=a9be16ce7db3be6905b1abef8be21a2319b0e43e
Certificate serial: 018CC9BC4879E0569CC0F2469559D44CBE0C
Authority key identifier: A9:BE:16:CE:7D:B3:BE:69:05:B1:AB:EF:8B:E2:1A:23:19:B0:E4:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qb4Wzn2zvmkFsavvi-IaIxmw5D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/_FVhtpW3yg7Nu064bbFxDRYhv_A.roa
Signing time: Tue 02 Jan 2024 10:33:28 +0000
ROA not before: Tue 02 Jan 2024 10:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137
IP address blocks: 192.107.51.0/24 maxlen: 24
192.107.56.0/21 maxlen: 21
192.107.52.0/22 maxlen: 22
192.107.64.0/19 maxlen: 19
192.107.96.0/22 maxlen: 22
192.107.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/qb4Wzn2zvmkFsavvi-IaIxmw5D4.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/qb4Wzn2zvmkFsavvi-IaIxmw5D4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qb4Wzn2zvmkFsavvi-IaIxmw5D4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:48:79:e0:56:9c:c0:f2:46:95:59:d4:4c:be:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9be16ce7db3be6905b1abef8be21a2319b0e43e
Validity
Not Before: Jan 2 10:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc5561b695b7ca0ecdbb4eb86db1710d1621bff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:00:98:fa:a9:77:0f:1a:f4:25:6f:fb:1b:4c:
3d:67:d8:58:b3:cc:48:b2:65:4c:2e:f3:c9:21:a3:
62:4f:ca:ee:b3:7c:48:c6:50:e3:1d:f4:f0:90:d7:
dc:00:39:2d:d1:24:47:45:0c:68:db:11:bb:0a:fb:
41:41:17:82:8a:47:27:d7:71:c6:34:f8:0e:07:93:
74:90:75:0d:85:c1:d4:23:06:31:4d:e6:31:b2:2c:
04:26:6e:fd:cb:50:ff:3c:93:42:26:f8:d2:9b:04:
0b:d8:2b:5e:7f:a1:0c:99:cf:9f:77:b0:d0:9d:a9:
e3:70:5e:40:1d:ef:2b:b9:9b:fe:69:1d:e3:6a:63:
71:ab:48:ee:57:ed:60:73:f2:d2:38:7d:dc:f5:3a:
a7:b0:0b:20:c7:c2:f2:f4:2b:bc:62:4f:13:b2:d1:
e2:76:0e:2a:25:0a:46:08:59:16:ba:3e:3b:49:bb:
06:13:2e:65:f0:66:7c:a1:4e:16:cc:18:34:3b:1f:
22:b3:2e:08:99:52:56:20:cc:eb:c2:cd:13:97:c6:
df:1b:1f:75:02:61:1a:e1:46:38:ff:62:d1:e2:52:
94:b4:b4:2d:d3:1d:9c:19:b4:a2:6c:47:49:48:63:
9b:52:1b:f9:82:78:69:bb:6e:88:61:33:e4:ca:50:
14:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:55:61:B6:95:B7:CA:0E:CD:BB:4E:B8:6D:B1:71:0D:16:21:BF:F0
X509v3 Authority Key Identifier:
keyid:A9:BE:16:CE:7D:B3:BE:69:05:B1:AB:EF:8B:E2:1A:23:19:B0:E4:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qb4Wzn2zvmkFsavvi-IaIxmw5D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/_FVhtpW3yg7Nu064bbFxDRYhv_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/16eb59-68a3-4215-809f-79b2e40e2bd8/1/qb4Wzn2zvmkFsavvi-IaIxmw5D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.107.51.0-192.107.100.255
Signature Algorithm: sha256WithRSAEncryption
04:40:95:60:f6:15:33:f0:1f:b2:b4:a0:46:2d:2d:e3:72:13:
74:b1:19:08:d6:a7:41:2d:db:23:70:52:61:76:34:b1:04:bd:
5b:67:8e:13:d8:7e:f1:5d:24:96:12:13:28:fc:af:b6:08:f2:
b1:12:28:61:03:54:d1:92:a6:ed:a0:de:ac:6c:14:b3:c3:c5:
60:57:07:72:76:5d:70:8f:bb:85:0e:1a:a0:9f:74:63:38:52:
40:b0:02:69:2b:1a:d1:20:c5:2c:98:52:16:21:80:b5:12:9d:
15:1d:d8:c5:a9:04:72:b4:94:3d:aa:6f:60:f4:1a:a5:21:dc:
58:2c:b2:49:b0:69:ee:1e:98:20:f1:67:d4:c4:c8:f4:2b:a1:
b0:fc:64:fb:d0:c6:46:ff:d7:41:d3:8b:f2:6a:e1:dd:83:9c:
3a:19:9d:8f:15:ac:d5:69:e5:5e:c1:e6:ce:05:e2:f6:c5:2a:
a9:32:11:fb:ef:0e:a1:b7:4a:d8:4b:ef:86:3a:7a:5f:0a:35:
84:76:59:b4:c2:ec:05:bf:2a:43:07:1d:25:6a:48:73:07:54:
9c:48:6e:ba:35:5f:af:44:83:c2:2d:41:57:32:a2:d8:0d:05:
3c:57:04:62:fa:a0:02:db:cc:d8:57:fc:4e:bf:55:d0:a5:4e:
b1:d8:49:42
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJvEh54FacwPJGlVnUTL4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YmUxNmNlN2RiM2JlNjkwNWIxYWJlZjhiZTIxYTIzMTli
MGU0M2UwHhcNMjQwMTAyMTAzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzU1NjFiNjk1YjdjYTBlY2RiYjRlYjg2ZGIxNzEwZDE2MjFiZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoACY+ql3Dxr0JW/7G0w9Z9hYs8xI
smVMLvPJIaNiT8rus3xIxlDjHfTwkNfcADkt0SRHRQxo2xG7CvtBQReCikcn13HG
NPgOB5N0kHUNhcHUIwYxTeYxsiwEJm79y1D/PJNCJvjSmwQL2Ctef6EMmc+fd7DQ
nanjcF5AHe8ruZv+aR3jamNxq0juV+1gc/LSOH3c9TqnsAsgx8Ly9Cu8Yk8TstHi
dg4qJQpGCFkWuj47SbsGEy5l8GZ8oU4WzBg0Ox8isy4ImVJWIMzrws0Tl8bfGx91
AmEa4UY4/2LR4lKUtLQt0x2cGbSibEdJSGObUhv5gnhpu26IYTPkylAUkQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPxVYbaVt8oOzbtOuG2xcQ0WIb/wMB8GA1UdIwQY
MBaAFKm+Fs59s75pBbGr74viGiMZsOQ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWI0V3puMnp2bWtGc2F2dmktSWFJeG13NUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8xNmViNTktNjhhMy00MjE1LTgwOWYt
NzliMmU0MGUyYmQ4LzEvX0ZWaHRwVzN5ZzdOdTA2NGJiRnhEUllodl9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8xNmViNTktNjhhMy00MjE1LTgwOWYtNzliMmU0MGUyYmQ4
LzEvcWI0V3puMnp2bWtGc2F2dmktSWFJeG13NUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADAazMD
BADAa2QwDQYJKoZIhvcNAQELBQADggEBAARAlWD2FTPwH7K0oEYtLeNyE3SxGQjW
p0Et2yNwUmF2NLEEvVtnjhPYfvFdJJYSEyj8r7YI8rESKGEDVNGSpu2g3qxsFLPD
xWBXB3J2XXCPu4UOGqCfdGM4UkCwAmkrGtEgxSyYUhYhgLUSnRUd2MWpBHK0lD2q
b2D0GqUh3Fgsskmwae4emCDxZ9TEyPQrobD8ZPvQxkb/10HTi/Jq4d2DnDoZnY8V
rNVp5V7B5s4F4vbFKqkyEfvvDqG3SthL74Y6el8KNYR2WbTC7AW/KkMHHSVqSHMH
VJxIbro1X69Eg8ItQVcyotgNBTxXBGL6oALbzNhX/E6/VdClTrHYSUI=
-----END CERTIFICATE-----
Generated at Fri Sep 27 21:57:51 2024 by rpki-client on console-fra.rpki-client.org