Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/_xV_FRMPC-f9tb4epiPoXsfhrUE.roa
File: _xV_FRMPC-f9tb4epiPoXsfhrUE.roa (raw, json)
Hash identifier: NRce7z8XiWC81Uj6f3Fx6iRBnPGYQZW82LCK+OQvR60=
Subject key identifier: FF:15:7F:15:13:0F:0B:E7:FD:B5:BE:1E:A6:23:E8:5E:C7:E1:AD:41
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 018CC9BC5E555F1C3320CD9828EE050B5CD8
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/_xV_FRMPC-f9tb4epiPoXsfhrUE.roa
Signing time: Tue 02 Jan 2024 10:33:34 +0000
ROA not before: Tue 02 Jan 2024 10:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41956
IP address blocks: 185.6.148.0/24 maxlen: 24
185.6.149.0/24 maxlen: 24
185.6.150.0/24 maxlen: 24
185.6.151.0/24 maxlen: 24
212.30.53.0/24 maxlen: 24
212.30.54.0/24 maxlen: 24
212.30.55.0/24 maxlen: 24
212.30.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 07:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:5e:55:5f:1c:33:20:cd:98:28:ee:05:0b:5c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Jan 2 10:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff157f15130f0be7fdb5be1ea623e85ec7e1ad41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:be:bf:ca:b8:d3:be:08:67:f9:7f:c2:df:97:
e1:ab:c1:3f:29:9c:a2:22:0b:78:c8:03:4b:79:36:
97:57:60:e1:66:39:bd:2d:25:f4:8a:6e:a0:54:96:
4e:e5:34:80:f5:52:79:28:91:3d:67:4e:b9:a3:1a:
15:ad:8f:79:d9:53:70:82:a9:b6:24:80:3d:49:69:
d8:8a:06:1a:2b:cb:17:f3:8c:27:a5:a7:92:c4:11:
ba:e1:a1:f5:d7:e8:28:42:ee:ca:5f:07:ca:da:94:
78:49:ea:5c:4c:ed:b8:67:7f:2b:62:32:33:65:b0:
41:c8:5d:bd:e5:9c:e8:77:cf:ef:ed:23:4a:b5:a7:
02:5d:ec:2b:38:a7:34:9d:e3:6d:74:54:29:e1:51:
20:66:5e:74:92:7f:69:da:7b:8e:18:e2:ec:10:83:
1d:73:1f:bd:b2:cc:ca:23:ab:c3:de:e7:10:5e:00:
0d:ab:a7:c8:ef:38:d3:9c:cb:e8:9c:e1:84:62:66:
65:d3:71:d3:b4:2d:6d:df:e0:5c:d4:da:7a:e7:fe:
5b:a1:48:7f:68:00:bf:be:96:cc:e8:a4:11:d8:fe:
e1:59:5f:2e:a3:dc:df:92:f9:4e:db:8a:a8:63:1e:
13:ec:00:02:01:f9:57:72:9b:5c:83:63:5f:41:76:
9b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:15:7F:15:13:0F:0B:E7:FD:B5:BE:1E:A6:23:E8:5E:C7:E1:AD:41
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/_xV_FRMPC-f9tb4epiPoXsfhrUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.148.0/22
212.30.52.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:c4:27:9e:0d:f5:f7:5c:04:02:03:0f:a5:44:74:9b:f3:fe:
db:0e:c8:a2:32:44:6a:b8:ae:ca:7e:c3:46:1a:19:06:2e:83:
b0:b9:d8:34:1c:ce:eb:a0:42:49:bd:38:39:c6:81:a6:d4:2e:
cc:b1:13:3e:b6:0c:b3:95:45:7f:ea:16:63:e1:8e:ed:d0:30:
ea:c3:1c:94:4b:01:e1:31:9a:9c:74:c4:0f:2b:13:80:36:e8:
00:3f:0b:0c:c9:4e:3c:6b:aa:9d:cd:6e:fb:13:13:f8:52:45:
4a:99:20:4c:57:15:b3:4a:af:32:bc:81:b2:dd:34:91:f4:47:
a2:e8:89:c7:fa:bf:f7:8f:78:9c:45:03:69:9b:cb:8b:af:48:
7d:6e:a6:95:ec:10:12:ba:b5:af:68:a7:f2:d4:05:47:6a:73:
e4:1e:f5:2b:de:cf:86:4c:07:a6:9a:e5:73:3a:e9:ef:b3:10:
41:d6:6e:77:26:24:d0:8a:d9:2b:18:76:fd:21:ae:0c:6d:37:
1f:0a:65:b4:c3:7c:4e:a0:cc:9e:c8:4d:94:76:1b:57:ce:2c:
1d:bd:7a:0f:0b:5b:1a:d4:7e:42:ac:f5:0a:ef:8b:bc:17:e6:
50:3a:38:24:7d:87:36:ad:fd:71:87:a5:78:20:58:1d:88:79:
09:50:98:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvF5VXxwzIM2YKO4FC1zYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwMTAyMTAzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjE1N2YxNTEzMGYwYmU3ZmRiNWJlMWVhNjIzZTg1ZWM3ZTFhZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl76/yrjTvghn+X/C35fhq8E/KZyi
Igt4yANLeTaXV2DhZjm9LSX0im6gVJZO5TSA9VJ5KJE9Z065oxoVrY952VNwgqm2
JIA9SWnYigYaK8sX84wnpaeSxBG64aH11+goQu7KXwfK2pR4SepcTO24Z38rYjIz
ZbBByF295Zzod8/v7SNKtacCXewrOKc0neNtdFQp4VEgZl50kn9p2nuOGOLsEIMd
cx+9sszKI6vD3ucQXgANq6fI7zjTnMvonOGEYmZl03HTtC1t3+Bc1Np65/5boUh/
aAC/vpbM6KQR2P7hWV8uo9zfkvlO24qoYx4T7AACAflXcptcg2NfQXabewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP8VfxUTDwvn/bW+HqYj6F7H4a1BMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvX3hWX0ZSTVBDLWY5dGI0ZXBpUG9Yc2ZoclVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQaUAwQC
1B40MA0GCSqGSIb3DQEBCwUAA4IBAQC4xCeeDfX3XAQCAw+lRHSb8/7bDsiiMkRq
uK7KfsNGGhkGLoOwudg0HM7roEJJvTg5xoGm1C7MsRM+tgyzlUV/6hZj4Y7t0DDq
wxyUSwHhMZqcdMQPKxOANugAPwsMyU48a6qdzW77ExP4UkVKmSBMVxWzSq8yvIGy
3TSR9Eei6InH+r/3j3icRQNpm8uLr0h9bqaV7BASurWvaKfy1AVHanPkHvUr3s+G
TAemmuVzOunvsxBB1m53JiTQitkrGHb9Ia4MbTcfCmW0w3xOoMyeyE2UdhtXziwd
vXoPC1sa1H5CrPUK74u8F+ZQOjgkfYc2rf1xh6V4IFgdiHkJUJgk
-----END CERTIFICATE-----
Generated at Sun May 12 15:09:24 2024 by rpki-client on console-fra.rpki-client.org