Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/F7DxsFuBQ8_PHNoz9pI4zDCfhgg.roa
File: F7DxsFuBQ8_PHNoz9pI4zDCfhgg.roa (raw, json)
Hash identifier: QnDOrBmHSLNom4Q1VW/GYLdPhy7oS7ia7FpkOXVtja4=
Subject key identifier: 17:B0:F1:B0:5B:81:43:CF:CF:1C:DA:33:F6:92:38:CC:30:9F:86:08
Certificate issuer: /CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Certificate serial: 018CCA9926F96887E014241F3F82415CA356
Authority key identifier: 3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/F7DxsFuBQ8_PHNoz9pI4zDCfhgg.roa
Signing time: Tue 02 Jan 2024 14:34:43 +0000
ROA not before: Tue 02 Jan 2024 14:34:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59437
IP address blocks: 87.121.28.0/22 maxlen: 22
176.56.192.0/19 maxlen: 19
94.156.254.0/23 maxlen: 23
87.120.208.0/21 maxlen: 21
185.159.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:26:f9:68:87:e0:14:24:1f:3f:82:41:5c:a3:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Validity
Not Before: Jan 2 14:34:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17b0f1b05b8143cfcf1cda33f69238cc309f8608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e2:20:5d:ba:27:a0:ff:b3:d3:2f:f1:2c:89:
b9:bc:be:25:06:c0:2e:3e:84:a7:30:43:b1:db:75:
ab:49:db:cc:52:45:b1:3b:95:e1:67:6a:a4:b7:57:
f9:8e:0b:2a:a2:ac:46:b8:0a:c9:c6:25:8a:7a:ce:
90:a0:35:6d:e1:c7:4b:7b:9a:83:8b:80:e2:1c:de:
b7:29:53:3c:0d:97:90:9a:b9:83:9a:94:bd:89:95:
12:45:f9:65:05:b1:d0:a6:fc:e4:b1:a0:0d:30:89:
a9:1e:33:2b:81:8b:41:2c:88:9f:6e:5f:01:b9:dc:
51:03:11:44:9a:fc:83:20:5e:be:63:ba:b6:3e:5a:
cc:d1:c8:24:79:91:93:03:a9:4f:8c:47:90:c8:87:
30:6e:c3:ae:da:2c:63:5d:f5:ae:df:73:74:2b:24:
47:41:a6:c3:55:d8:e4:c8:c8:ae:8f:d0:98:2d:a8:
ea:5d:86:d5:1e:d5:77:63:7c:fe:00:2a:2a:a1:2f:
82:ac:b6:5f:c1:73:90:90:5e:5f:3e:37:15:4d:51:
74:60:70:19:47:f9:a5:18:95:d4:12:a7:64:a9:d8:
ec:d0:7a:48:ab:fb:c8:b7:5e:5f:e0:34:73:df:03:
90:0d:35:9b:65:cf:c0:f8:88:c4:e7:73:80:4a:b3:
5a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B0:F1:B0:5B:81:43:CF:CF:1C:DA:33:F6:92:38:CC:30:9F:86:08
X509v3 Authority Key Identifier:
keyid:3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/F7DxsFuBQ8_PHNoz9pI4zDCfhgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.208.0/21
87.121.28.0/22
94.156.254.0/23
176.56.192.0/19
185.159.86.0/24
Signature Algorithm: sha256WithRSAEncryption
94:cf:66:56:d6:bf:f9:26:db:46:a6:c8:91:cd:7b:6d:ec:ad:
88:14:4d:2d:4c:06:5d:25:09:c1:45:d6:b5:fd:86:fd:57:7d:
97:3b:74:a6:b9:da:bb:41:0c:3c:62:41:8c:71:76:99:1d:84:
d1:4a:59:8c:db:54:7c:2c:04:6f:56:13:ae:d5:7c:40:db:b3:
12:3c:82:0d:2b:b0:a4:49:33:5a:fe:53:49:52:6f:8c:a9:ee:
fa:17:ad:ff:43:b0:2d:73:ce:07:61:db:6d:28:65:c5:e3:6b:
05:1f:8d:56:09:4e:96:b0:70:73:ce:c3:cd:ed:ef:7b:86:6d:
3c:c6:45:75:de:1f:89:f3:0c:0c:e7:92:be:06:7f:e8:b6:bf:
7b:79:de:63:43:aa:ae:94:76:35:6a:d3:06:69:09:74:38:47:
08:15:35:c0:32:d7:0c:05:67:d4:9a:eb:8d:ea:8b:51:cf:26:
da:b9:18:91:6e:ee:eb:ab:5b:24:de:a4:d1:65:4d:47:77:4f:
35:95:be:83:07:6e:70:7a:01:d8:1b:55:7e:c0:bc:f3:7d:08:
29:48:00:14:70:c3:30:de:d2:b3:9e:df:65:99:2e:96:fe:6c:
97:ad:e1:d9:25:75:c6:00:26:cb:8b:09:cb:33:6f:fa:25:7d:
8e:16:4d:3e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKmSb5aIfgFCQfP4JBXKNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlY2Q1M2M2NjQyNGMzZjM2OWNhODhlZTdhZjc2YWRiMjVl
MTg0NTEwHhcNMjQwMTAyMTQzNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2IwZjFiMDViODE0M2NmY2YxY2RhMzNmNjkyMzhjYzMwOWY4NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOIgXbonoP+z0y/xLIm5vL4lBsAu
PoSnMEOx23WrSdvMUkWxO5XhZ2qkt1f5jgsqoqxGuArJxiWKes6QoDVt4cdLe5qD
i4DiHN63KVM8DZeQmrmDmpS9iZUSRfllBbHQpvzksaANMImpHjMrgYtBLIifbl8B
udxRAxFEmvyDIF6+Y7q2PlrM0cgkeZGTA6lPjEeQyIcwbsOu2ixjXfWu33N0KyRH
QabDVdjkyMiuj9CYLajqXYbVHtV3Y3z+ACoqoS+CrLZfwXOQkF5fPjcVTVF0YHAZ
R/mlGJXUEqdkqdjs0HpIq/vIt15f4DRz3wOQDTWbZc/A+IjE53OASrNaiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBew8bBbgUPPzxzaM/aSOMwwn4YIMB8GA1UdIwQY
MBaAFD7NU8ZkJMPzacqI7nr3atsl4YRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAt
YzIyNTY4MDRlOTIyLzEvRjdEeHNGdUJROF9QSE5vejlwSTR6RENmaGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAtYzIyNTY4MDRlOTIy
LzEvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDV3jQAwQC
V3kcAwQBXpz+AwQFsDjAAwQAuZ9WMA0GCSqGSIb3DQEBCwUAA4IBAQCUz2ZW1r/5
JttGpsiRzXtt7K2IFE0tTAZdJQnBRda1/Yb9V32XO3Smudq7QQw8YkGMcXaZHYTR
SlmM21R8LARvVhOu1XxA27MSPIINK7CkSTNa/lNJUm+Mqe76F63/Q7Atc84HYdtt
KGXF42sFH41WCU6WsHBzzsPN7e97hm08xkV13h+J8wwM55K+Bn/otr97ed5jQ6qu
lHY1atMGaQl0OEcIFTXAMtcMBWfUmuuN6otRzybauRiRbu7rq1sk3qTRZU1Hd081
lb6DB25wegHYG1V+wLzzfQgpSAAUcMMw3tKznt9lmS6W/myXreHZJXXGACbLiwnL
M2/6JX2OFk0+
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:43:19 2024 by rpki-client on console-fra.rpki-client.org