Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/FPc5ghBUZ3MAetifa_mRejJu-sA.roa
File: FPc5ghBUZ3MAetifa_mRejJu-sA.roa (raw, json)
Hash identifier: ZHk1XUPkTJT4Gj2lbt9yzFFk3yEk8uLdYs3hvu/WFmM=
Subject key identifier: 14:F7:39:82:10:54:67:73:00:7A:D8:9F:6B:F9:91:7A:32:6E:FA:C0
Certificate issuer: /CN=ed95533ef47fd94b8c554df3d228eedcd4ca0384
Certificate serial: 018CC7934F95A9615668DD53328D5960B939
Authority key identifier: ED:95:53:3E:F4:7F:D9:4B:8C:55:4D:F3:D2:28:EE:DC:D4:CA:03:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/FPc5ghBUZ3MAetifa_mRejJu-sA.roa
Signing time: Tue 02 Jan 2024 00:29:29 +0000
ROA not before: Tue 02 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 286
IP address blocks: 193.17.185.0/24 maxlen: 24
193.17.186.0/24 maxlen: 24
195.234.152.0/24 maxlen: 24
2001:67c:1514::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:4f:95:a9:61:56:68:dd:53:32:8d:59:60:b9:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed95533ef47fd94b8c554df3d228eedcd4ca0384
Validity
Not Before: Jan 2 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14f7398210546773007ad89f6bf9917a326efac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:36:cd:da:dc:e8:c5:c1:c1:6b:79:08:44:70:
71:d0:13:60:c6:77:a4:02:f0:30:6f:e2:be:7c:9b:
cf:8a:c2:9f:28:57:71:e3:c1:ad:cb:6e:13:26:ac:
01:08:85:21:a7:87:9b:7b:d5:ab:a5:e2:29:be:55:
86:7a:ec:4e:8a:20:02:3e:17:c2:9d:85:fe:82:0d:
06:57:12:14:a6:b2:71:d5:4c:8f:be:28:e6:c3:7d:
29:29:5a:6e:b9:36:b4:39:40:3d:4f:73:77:ef:47:
05:df:ba:b4:47:c1:22:4c:43:bc:dc:c7:01:1b:b5:
f4:64:55:d3:13:54:61:be:2a:8e:a7:c7:9c:b2:8e:
e3:f1:b0:f5:51:99:d3:c7:01:07:c2:d9:0a:47:56:
9b:bd:b2:28:e4:48:ba:5c:23:3c:89:dc:f8:9e:bf:
ed:d7:dd:e0:04:bd:4b:c1:fa:ad:95:e6:43:31:70:
1c:97:48:ba:e1:df:4c:f0:88:b1:0e:e0:98:ec:84:
79:f6:51:5c:61:78:cd:96:9a:3a:85:ab:05:7d:28:
be:8b:c4:5e:fa:54:d9:d7:f8:14:82:62:47:72:49:
7a:96:e5:07:1d:f4:22:3e:37:4e:10:0a:54:f0:65:
e2:09:22:1e:79:35:da:82:1d:52:4a:71:ea:da:c4:
79:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F7:39:82:10:54:67:73:00:7A:D8:9F:6B:F9:91:7A:32:6E:FA:C0
X509v3 Authority Key Identifier:
keyid:ED:95:53:3E:F4:7F:D9:4B:8C:55:4D:F3:D2:28:EE:DC:D4:CA:03:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/FPc5ghBUZ3MAetifa_mRejJu-sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.185.0-193.17.186.255
195.234.152.0/24
IPv6:
2001:67c:1514::/48
Signature Algorithm: sha256WithRSAEncryption
2a:6b:d4:0d:ca:4b:77:ab:07:75:b7:4f:91:31:9d:f4:e1:c3:
67:5a:9d:ac:98:95:b6:45:e5:d7:14:30:05:11:53:80:c9:c1:
52:9d:d3:06:88:f9:e9:26:71:4d:5a:12:d6:f0:91:1e:a6:5c:
e3:69:0f:e5:05:b0:8b:fd:0d:18:5f:bb:5a:16:a7:7d:89:2d:
a9:f3:bc:9a:8f:3f:1c:fd:e3:5e:6a:87:f7:31:31:4f:94:92:
ac:2c:e4:32:5f:b5:04:f7:89:12:29:29:29:63:fd:aa:2a:56:
6d:1e:c2:c9:f4:1d:27:fc:b4:46:06:c7:f4:47:80:e6:75:31:
bf:d8:2a:d4:57:65:4f:ec:f9:d8:5a:db:a6:5d:7b:67:50:87:
a8:c0:f9:c6:b7:18:f0:95:bf:0d:8d:e3:5e:24:ec:c7:06:7e:
cb:68:1e:9f:af:72:18:39:2b:e2:36:55:73:c3:01:46:12:9f:
5c:94:c7:a8:e1:75:42:e2:10:cc:20:76:c5:28:a7:3d:29:2c:
3e:f7:ff:e1:ea:18:9d:84:af:ca:04:9e:38:2b:d1:be:02:1a:
dd:d9:68:93:c8:65:2d:12:bd:cd:af:bc:54:a2:6b:5c:07:6d:
0b:2e:e8:ce:63:ea:63:f5:38:00:af:96:f8:86:32:84:9d:55:
8a:b6:56:14
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzHk0+VqWFWaN1TMo1ZYLk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkOTU1MzNlZjQ3ZmQ5NGI4YzU1NGRmM2QyMjhlZWRjZDRj
YTAzODQwHhcNMjQwMTAyMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGY3Mzk4MjEwNTQ2NzczMDA3YWQ4OWY2YmY5OTE3YTMyNmVmYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jbN2tzoxcHBa3kIRHBx0BNgxnek
AvAwb+K+fJvPisKfKFdx48Gty24TJqwBCIUhp4ebe9WrpeIpvlWGeuxOiiACPhfC
nYX+gg0GVxIUprJx1UyPvijmw30pKVpuuTa0OUA9T3N370cF37q0R8EiTEO83McB
G7X0ZFXTE1RhviqOp8ecso7j8bD1UZnTxwEHwtkKR1abvbIo5Ei6XCM8idz4nr/t
193gBL1LwfqtleZDMXAcl0i64d9M8IixDuCY7IR59lFcYXjNlpo6hasFfSi+i8Re
+lTZ1/gUgmJHckl6luUHHfQiPjdOEApU8GXiCSIeeTXagh1SSnHq2sR5wQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFBT3OYIQVGdzAHrYn2v5kXoybvrAMB8GA1UdIwQY
MBaAFO2VUz70f9lLjFVN89Io7tzUygOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1pWVFB2Ul8yVXVNVlUzejBpanUzTlRLQTRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83YTA0MjMtOWE5NS00MmMxLTgxZTUt
MTRkYTc5ZDZjM2FhLzEvRlBjNWdoQlVaM01BZXRpZmFfbVJlakp1LXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83YTA0MjMtOWE5NS00MmMxLTgxZTUtMTRkYTc5ZDZjM2Fh
LzEvN1pWVFB2Ul8yVXVNVlUzejBpanUzTlRLQTRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBADBEbkD
BADBEboDBADD6pgwDwQCAAIwCQMHACABBnwVFDANBgkqhkiG9w0BAQsFAAOCAQEA
KmvUDcpLd6sHdbdPkTGd9OHDZ1qdrJiVtkXl1xQwBRFTgMnBUp3TBoj56SZxTVoS
1vCRHqZc42kP5QWwi/0NGF+7WhanfYktqfO8mo8/HP3jXmqH9zExT5SSrCzkMl+1
BPeJEikpKWP9qipWbR7CyfQdJ/y0RgbH9EeA5nUxv9gq1FdlT+z52Frbpl17Z1CH
qMD5xrcY8JW/DY3jXiTsxwZ+y2gen69yGDkr4jZVc8MBRhKfXJTHqOF1QuIQzCB2
xSinPSksPvf/4eoYnYSvygSeOCvRvgIa3dlok8hlLRK9za+8VKJrXAdtCy7ozmPq
Y/U4AK+W+IYyhJ1VirZWFA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:02:32 2024 by rpki-client on console-ams.rpki-client.org