Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/FBaTFdfO7uXpWmZTzh5vn7Sywrk.roa
File: FBaTFdfO7uXpWmZTzh5vn7Sywrk.roa (raw, json)
Hash identifier: mRUXvTccHTkTQoYryadpPOPT6mhldqhS4sENFjuWBMc=
Subject key identifier: 14:16:93:15:D7:CE:EE:E5:E9:5A:66:53:CE:1E:6F:9F:B4:B2:C2:B9
Certificate issuer: /CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Certificate serial: 018CC94DF03C82251483B6CECD13E266CD0D
Authority key identifier: 9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/FBaTFdfO7uXpWmZTzh5vn7Sywrk.roa
Signing time: Tue 02 Jan 2024 08:32:57 +0000
ROA not before: Tue 02 Jan 2024 08:32:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47787
IP address blocks: 176.221.32.0/21 maxlen: 32
185.99.232.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/nt7fR4Iq7ifaKNNNqx_no8YKaqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/nt7fR4Iq7ifaKNNNqx_no8YKaqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:f0:3c:82:25:14:83:b6:ce:cd:13:e2:66:cd:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Validity
Not Before: Jan 2 08:32:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14169315d7ceeee5e95a6653ce1e6f9fb4b2c2b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3f:a9:0f:ce:0f:99:31:66:9b:14:d9:50:87:
58:8f:0d:4f:7b:9b:d9:dd:80:a0:4f:bd:df:f2:76:
3c:7e:0f:87:cc:f2:39:0b:fc:35:da:51:c0:6c:f1:
17:11:00:ea:34:3c:59:4c:d6:e8:b6:e9:b5:7d:c1:
15:ba:c6:5a:ef:aa:7b:1d:60:c9:04:07:85:fb:71:
7f:1a:37:7b:73:59:e0:40:e3:83:d1:71:0f:e7:99:
76:d1:1c:1e:d8:65:e2:88:d5:82:40:34:64:c6:3b:
be:7a:8f:a5:fb:09:24:15:6d:e9:d8:eb:44:be:e1:
2b:4e:09:9f:d1:b7:da:6c:60:11:c4:79:f3:c6:23:
22:44:90:4f:86:a2:98:15:f2:e6:26:17:81:47:4a:
2f:42:6f:d2:27:1e:0c:67:4c:4d:06:26:44:e8:e7:
14:58:53:78:d1:91:22:85:9b:8d:3e:11:e0:49:bd:
64:e6:aa:2f:cf:dc:25:a4:c5:90:f9:9e:0e:d6:55:
b0:af:a0:dd:07:47:e6:12:1e:fd:22:65:c0:17:60:
17:85:47:29:d9:09:ad:07:47:1b:bf:c6:19:69:23:
9b:b6:c2:02:d2:9d:ca:ee:7f:85:65:40:ed:08:f0:
1f:38:bf:7a:2f:98:30:da:3a:11:93:02:ab:a5:5f:
94:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:16:93:15:D7:CE:EE:E5:E9:5A:66:53:CE:1E:6F:9F:B4:B2:C2:B9
X509v3 Authority Key Identifier:
keyid:9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/FBaTFdfO7uXpWmZTzh5vn7Sywrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/nt7fR4Iq7ifaKNNNqx_no8YKaqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.32.0/21
185.99.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:c1:dc:b6:aa:0f:39:1c:2c:e7:16:da:6e:7b:4f:9b:44:f7:
89:d6:96:c8:97:21:0d:f6:ca:9b:ad:26:06:b7:a5:74:93:ab:
e9:bf:c5:0f:77:3d:fa:ff:5c:0b:d0:2f:44:be:9f:ae:f1:3c:
a8:85:1c:62:92:d6:b4:17:26:da:e0:72:b0:a2:50:27:76:87:
d2:d7:89:59:33:a7:44:44:fd:cb:31:73:53:db:ce:fd:25:89:
d2:2f:22:66:ac:5e:8b:e7:01:a4:02:b8:49:37:70:75:f3:b5:
f6:63:d5:4c:91:d7:b2:10:17:92:f4:c6:50:4e:cb:05:99:37:
08:6c:1e:ab:1c:f2:ff:ab:20:13:68:56:19:49:bb:68:d3:ee:
ea:56:72:a7:11:9e:ce:43:dc:27:a7:f3:3e:ea:eb:44:c2:66:
02:d6:77:76:12:e0:ca:f2:95:f7:1a:1f:6e:01:62:2a:69:34:
a5:90:69:63:d1:4c:69:1d:a7:a3:d1:f2:57:ff:9e:62:2f:71:
2c:05:ad:ea:c4:9b:5d:77:23:18:f0:f4:6a:0d:da:7b:e2:f8:
c2:ff:3b:01:ca:83:7e:37:c8:b7:b2:4c:9e:0d:c9:54:dd:63:
ae:aa:c1:9e:8b:3c:ce:71:67:e9:be:95:49:11:d8:44:64:f9:
1c:3d:67:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTfA8giUUg7bOzRPiZs0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZGVkZjQ3ODIyYWVlMjdkYTI4ZDM0ZGFiMWZlN2EzYzYw
YTZhYWEwHhcNMjQwMTAyMDgzMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDE2OTMxNWQ3Y2VlZWU1ZTk1YTY2NTNjZTFlNmY5ZmI0YjJjMmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz+pD84PmTFmmxTZUIdYjw1Pe5vZ
3YCgT73f8nY8fg+HzPI5C/w12lHAbPEXEQDqNDxZTNbotum1fcEVusZa76p7HWDJ
BAeF+3F/Gjd7c1ngQOOD0XEP55l20Rwe2GXiiNWCQDRkxju+eo+l+wkkFW3p2OtE
vuErTgmf0bfabGARxHnzxiMiRJBPhqKYFfLmJheBR0ovQm/SJx4MZ0xNBiZE6OcU
WFN40ZEihZuNPhHgSb1k5qovz9wlpMWQ+Z4O1lWwr6DdB0fmEh79ImXAF2AXhUcp
2QmtB0cbv8YZaSObtsIC0p3K7n+FZUDtCPAfOL96L5gw2joRkwKrpV+UbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBQWkxXXzu7l6VpmU84eb5+0ssK5MB8GA1UdIwQY
MBaAFJ7e30eCKu4n2ijTTasf56PGCmqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUt
ZDczOTkyOTIwMTlhLzEvRkJhVEZkZk83dVhwV21aVHpoNXZuN1N5d3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUtZDczOTkyOTIwMTlh
LzEvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsN0gAwQC
uWPoMA0GCSqGSIb3DQEBCwUAA4IBAQBKwdy2qg85HCznFtpue0+bRPeJ1pbIlyEN
9sqbrSYGt6V0k6vpv8UPdz36/1wL0C9Evp+u8TyohRxikta0Fyba4HKwolAndofS
14lZM6dERP3LMXNT2879JYnSLyJmrF6L5wGkArhJN3B187X2Y9VMkdeyEBeS9MZQ
TssFmTcIbB6rHPL/qyATaFYZSbto0+7qVnKnEZ7OQ9wnp/M+6utEwmYC1nd2EuDK
8pX3Gh9uAWIqaTSlkGlj0UxpHaej0fJX/55iL3EsBa3qxJtddyMY8PRqDdp74vjC
/zsByoN+N8i3skyeDclU3WOuqsGeizzOcWfpvpVJEdhEZPkcPWf9
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:03:57 2024 by rpki-client on console-fra.rpki-client.org