Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/RI4M8t2jUqXZ8LvZqdMTIAkklG4.roa
File: RI4M8t2jUqXZ8LvZqdMTIAkklG4.roa (raw, json)
Hash identifier: K0Vy9+KNYHnJMlE5Fobse5n0gZSpnWIhn3sBJsn4M+8=
Subject key identifier: 44:8E:0C:F2:DD:A3:52:A5:D9:F0:BB:D9:A9:D3:13:20:09:24:94:6E
Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Certificate serial: 018CC5013FFF37805579D0A96B9026156102
Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/RI4M8t2jUqXZ8LvZqdMTIAkklG4.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24582
IP address blocks: 5.61.80.0/21 maxlen: 24
80.87.160.0/20 maxlen: 24
185.32.32.0/22 maxlen: 24
212.237.160.0/21 maxlen: 24
2a00:5f40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.mft
rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3f:ff:37:80:55:79:d0:a9:6b:90:26:15:61:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=448e0cf2dda352a5d9f0bbd9a9d313200924946e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2d:f7:b5:dd:41:11:da:5e:23:65:71:a7:de:
bc:1b:a8:8b:b4:03:7d:36:7c:70:97:b6:82:74:32:
e8:8c:0f:72:70:2c:e3:0d:79:d4:6f:df:c6:80:fa:
77:c7:db:35:3b:a4:de:03:ae:ca:0e:7e:5a:0d:ce:
f2:2d:eb:0b:67:bd:76:e2:55:39:5e:92:33:69:83:
16:50:46:c3:8f:0c:2d:bf:95:3f:e2:93:51:18:df:
63:56:a3:4e:11:3b:a7:82:2c:b4:3a:1f:97:a8:22:
8a:fb:9f:75:7c:8e:b3:09:e3:18:45:c3:ba:ef:d5:
d1:6d:0c:5d:39:c1:0c:d3:d9:64:6c:d1:1b:11:42:
6a:5d:e5:ec:9e:a1:6e:e3:84:0a:a8:5f:46:50:07:
b0:19:3e:c9:d7:4e:a5:36:cd:ca:1c:17:50:02:4a:
6f:08:9a:21:de:90:97:43:f6:ef:36:2d:83:53:63:
da:d8:6b:8a:1c:db:5f:71:56:11:8a:ca:f6:7b:29:
b3:08:8f:ba:40:55:56:be:2b:fa:d6:de:d4:b4:04:
77:aa:74:bb:57:1b:39:7c:5b:d1:a1:71:66:ff:13:
dd:a8:b7:f6:50:10:87:3c:a7:8b:6a:56:d2:ac:e4:
29:e8:25:90:ae:33:79:24:55:d5:a3:01:67:73:f1:
05:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:8E:0C:F2:DD:A3:52:A5:D9:F0:BB:D9:A9:D3:13:20:09:24:94:6E
X509v3 Authority Key Identifier:
keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/RI4M8t2jUqXZ8LvZqdMTIAkklG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.80.0/21
80.87.160.0/20
185.32.32.0/22
212.237.160.0/21
IPv6:
2a00:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
06:bb:5f:10:7e:1d:f6:04:85:1f:97:98:1e:01:eb:f5:fa:4a:
5b:26:61:04:48:98:bb:26:db:2b:71:c7:c6:0b:a8:c9:fb:19:
64:1c:1c:20:42:15:32:2c:24:e1:58:16:c2:3c:24:94:88:4d:
b4:2b:30:e8:f7:bf:09:ee:08:a5:e0:62:87:e9:4c:1d:79:f6:
8d:37:e5:02:83:fe:eb:9c:20:23:12:a3:f7:3c:a0:9b:8c:ce:
1a:ce:e5:25:8b:76:13:7c:cf:f5:f8:08:42:f6:df:b7:40:ea:
03:11:4b:cb:3c:ee:9c:e4:25:fd:4e:91:76:0e:fa:2c:52:01:
50:44:6b:bf:46:c8:d0:58:2f:2e:8d:95:8b:99:3b:c1:43:c5:
28:40:9b:8b:46:54:43:93:88:b3:b3:1c:74:6a:d6:75:67:6e:
17:f7:66:18:3a:c9:b9:f6:20:d7:54:54:a5:39:6f:ad:04:f2:
24:77:c1:ca:fe:f6:31:bf:f0:c0:28:8b:8b:03:70:09:bd:9f:
77:e5:b3:16:03:1c:ee:9e:cb:a0:94:59:51:25:32:c2:ad:42:
e2:2f:64:67:86:13:eb:bf:6d:82:a3:67:55:cb:0c:e8:69:08:
00:00:22:87:17:43:0b:3b:5f:71:40:bc:96:56:de:82:fa:3c:
67:77:99:4d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAT//N4BVedCpa5AmFWECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTNmN2ZhMjM3Zjg5ZDAxMTIzM2JhYzczMjhjMjIxOWJh
N2Q2MmMwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDhlMGNmMmRkYTM1MmE1ZDlmMGJiZDlhOWQzMTMyMDA5MjQ5NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjS33td1BEdpeI2Vxp968G6iLtAN9
Nnxwl7aCdDLojA9ycCzjDXnUb9/GgPp3x9s1O6TeA67KDn5aDc7yLesLZ7124lU5
XpIzaYMWUEbDjwwtv5U/4pNRGN9jVqNOETungiy0Oh+XqCKK+591fI6zCeMYRcO6
79XRbQxdOcEM09lkbNEbEUJqXeXsnqFu44QKqF9GUAewGT7J106lNs3KHBdQAkpv
CJoh3pCXQ/bvNi2DU2Pa2GuKHNtfcVYRisr2eymzCI+6QFVWviv61t7UtAR3qnS7
Vxs5fFvRoXFm/xPdqLf2UBCHPKeLalbSrOQp6CWQrjN5JFXVowFnc/EFbQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFESODPLdo1Kl2fC72anTEyAJJJRuMB8GA1UdIwQY
MBaAFPwT9/ojf4nQESM7rHMowiGbp9YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQt
ZDA3NDY0YjliMzc4LzEvUkk0TTh0MmpVcVhaOEx2WnFkTVRJQWtrbEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQtZDA3NDY0YjliMzc4
LzEvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBT1QAwQE
UFegAwQCuSAgAwQD1O2gMA0EAgACMAcDBQMqAF9AMA0GCSqGSIb3DQEBCwUAA4IB
AQAGu18Qfh32BIUfl5geAev1+kpbJmEESJi7JtsrccfGC6jJ+xlkHBwgQhUyLCTh
WBbCPCSUiE20KzDo978J7gil4GKH6UwdefaNN+UCg/7rnCAjEqP3PKCbjM4azuUl
i3YTfM/1+AhC9t+3QOoDEUvLPO6c5CX9TpF2DvosUgFQRGu/RsjQWC8ujZWLmTvB
Q8UoQJuLRlRDk4izsxx0atZ1Z24X92YYOsm59iDXVFSlOW+tBPIkd8HK/vYxv/DA
KIuLA3AJvZ935bMWAxzunsuglFlRJTLCrULiL2RnhhPrv22Co2dVywzoaQgAACKH
F0MLO19xQLyWVt6C+jxnd5lN
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:52:04 2024 by rpki-client on console-fra.rpki-client.org