Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/Fn3i3MV6TMSgJn324_l7ex5Yto0.roa
File: Fn3i3MV6TMSgJn324_l7ex5Yto0.roa (raw, json)
Hash identifier: 3PSneX7oC2/IUWoQtE3XWdjYUql24sI8bXQ1dLgYwTA=
Subject key identifier: 16:7D:E2:DC:C5:7A:4C:C4:A0:26:7D:F6:E3:F9:7B:7B:1E:58:B6:8D
Certificate issuer: /CN=e31da2ba057e9a54a6170f257ff97856dc97e068
Certificate serial: 018CC64A70565664D424793830EF9972F02A
Authority key identifier: E3:1D:A2:BA:05:7E:9A:54:A6:17:0F:25:7F:F9:78:56:DC:97:E0:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4x2iugV-mlSmFw8lf_l4VtyX4Gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/Fn3i3MV6TMSgJn324_l7ex5Yto0.roa
Signing time: Mon 01 Jan 2024 18:30:16 +0000
ROA not before: Mon 01 Jan 2024 18:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58029
IP address blocks: 192.166.157.0/24 maxlen: 24
192.166.154.0/24 maxlen: 24
192.166.156.0/24 maxlen: 24
192.166.155.0/24 maxlen: 24
91.223.125.0/24 maxlen: 24
91.241.57.0/24 maxlen: 24
2a0f:9c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/4x2iugV-mlSmFw8lf_l4VtyX4Gg.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/4x2iugV-mlSmFw8lf_l4VtyX4Gg.mft
rsync://rpki.ripe.net/repository/DEFAULT/4x2iugV-mlSmFw8lf_l4VtyX4Gg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:70:56:56:64:d4:24:79:38:30:ef:99:72:f0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e31da2ba057e9a54a6170f257ff97856dc97e068
Validity
Not Before: Jan 1 18:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=167de2dcc57a4cc4a0267df6e3f97b7b1e58b68d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:29:85:69:4c:44:d6:cd:e8:91:f9:b5:c3:d0:
ac:ac:7a:5d:5f:b6:61:8d:84:70:1d:91:73:5b:dd:
c0:9b:cf:90:8b:f4:88:b7:21:07:f0:80:fc:dd:bf:
6b:7f:a1:b1:6a:91:a1:42:a5:4c:9a:2a:71:07:04:
31:da:2b:a5:bd:ba:a0:62:61:a1:f3:82:ba:89:cc:
a2:2d:7d:b7:f7:13:02:51:27:70:0e:76:55:6c:96:
bc:e0:f9:f1:60:b5:11:f5:5c:10:24:49:6e:4d:d3:
a7:2d:01:19:4c:59:33:a7:08:42:91:86:93:f7:fc:
51:ec:0b:89:e5:5b:f4:d9:d6:3d:95:af:b9:f3:1b:
56:75:93:7c:d8:67:8c:c3:cf:4a:46:60:7d:0f:e3:
ca:0f:12:4d:f6:ae:8c:fd:44:a2:f8:83:21:b2:b1:
31:1c:a4:26:30:14:fb:ea:04:bb:de:50:26:20:7a:
9f:8f:4f:ee:e1:31:fd:65:16:0d:d3:31:22:29:d3:
9a:5b:17:3c:b4:97:6d:1d:94:29:9e:80:fc:77:0d:
eb:5d:bf:ca:83:93:7f:6a:d5:5f:5f:0d:1f:8e:7f:
c3:cf:54:b8:20:d8:46:6c:cb:ba:95:9b:bb:d9:c3:
35:e6:9b:0c:61:0d:cb:3b:3c:a4:6c:ae:aa:89:98:
32:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7D:E2:DC:C5:7A:4C:C4:A0:26:7D:F6:E3:F9:7B:7B:1E:58:B6:8D
X509v3 Authority Key Identifier:
keyid:E3:1D:A2:BA:05:7E:9A:54:A6:17:0F:25:7F:F9:78:56:DC:97:E0:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4x2iugV-mlSmFw8lf_l4VtyX4Gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/Fn3i3MV6TMSgJn324_l7ex5Yto0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/4x2iugV-mlSmFw8lf_l4VtyX4Gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.125.0/24
91.241.57.0/24
192.166.154.0-192.166.157.255
IPv6:
2a0f:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
6b:32:27:ed:0c:9c:e2:67:63:cc:20:a5:52:e0:0e:14:91:cc:
fd:5c:cb:51:fc:a9:bc:8a:2a:f7:9a:a4:00:bd:38:60:b2:d5:
4a:2a:24:4c:2d:d0:da:06:c5:82:6c:7e:7b:e6:99:7e:89:47:
e6:ab:8b:a6:02:4a:7c:96:a9:6f:86:6c:5e:8b:0c:b3:3b:e4:
68:eb:33:6f:7c:a1:9d:40:dc:6a:b1:f9:a8:76:6c:9b:12:b3:
b1:d5:ef:c5:25:d5:0d:6d:28:d0:b7:d5:68:22:01:4f:12:f4:
76:62:07:9d:98:ee:a0:46:1a:35:a7:e9:28:74:4f:6d:5a:57:
ac:9d:ec:81:13:3b:14:0d:5a:eb:ee:c0:c4:1c:59:52:dd:f2:
70:e0:91:ed:79:de:53:72:1c:e6:67:4a:e2:14:32:31:7f:45:
9d:82:2f:cd:ac:79:7d:48:fa:be:be:98:31:38:7a:25:07:2a:
2d:ec:d1:12:25:5e:01:2c:c6:ef:3c:4e:0e:8c:c9:76:92:de:
2a:20:95:fd:40:30:ee:a4:a1:86:e1:b4:50:bd:3a:22:de:0e:
e2:e6:2b:52:50:cc:e7:29:8c:7b:2e:ef:3a:e9:35:d7:15:c9:
3a:71:be:00:fd:73:13:30:12:83:9a:1d:3f:5e:14:3a:5e:a1:
ac:6b:1a:a4
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzGSnBWVmTUJHk4MO+ZcvAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWRhMmJhMDU3ZTlhNTRhNjE3MGYyNTdmZjk3ODU2ZGM5
N2UwNjgwHhcNMjQwMTAxMTgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjdkZTJkY2M1N2E0Y2M0YTAyNjdkZjZlM2Y5N2I3YjFlNThiNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSmFaUxE1s3okfm1w9CsrHpdX7Zh
jYRwHZFzW93Am8+Qi/SItyEH8ID83b9rf6GxapGhQqVMmipxBwQx2iulvbqgYmGh
84K6icyiLX239xMCUSdwDnZVbJa84PnxYLUR9VwQJEluTdOnLQEZTFkzpwhCkYaT
9/xR7AuJ5Vv02dY9la+58xtWdZN82GeMw89KRmB9D+PKDxJN9q6M/USi+IMhsrEx
HKQmMBT76gS73lAmIHqfj0/u4TH9ZRYN0zEiKdOaWxc8tJdtHZQpnoD8dw3rXb/K
g5N/atVfXw0fjn/Dz1S4INhGbMu6lZu72cM15psMYQ3LOzykbK6qiZgyqwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBZ94tzFekzEoCZ99uP5e3seWLaNMB8GA1UdIwQY
MBaAFOMdoroFfppUphcPJX/5eFbcl+BoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHgyaXVnVi1tbFNtRnc4bGZfbDRWdHlYNEdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82OWEyMDktZmE1Ny00M2YwLWJiYzIt
NzUwN2U4MTlhNzk1LzEvRm4zaTNNVjZUTVNnSm4zMjRfbDdleDVZdG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82OWEyMDktZmE1Ny00M2YwLWJiYzItNzUwN2U4MTlhNzk1
LzEvNHgyaXVnVi1tbFNtRnc4bGZfbDRWdHlYNEdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAW999AwQA
W/E5MAwDBAHAppoDBAHAppwwDQQCAAIwBwMFAyoPnIAwDQYJKoZIhvcNAQELBQAD
ggEBAGsyJ+0MnOJnY8wgpVLgDhSRzP1cy1H8qbyKKveapAC9OGCy1UoqJEwt0NoG
xYJsfnvmmX6JR+ari6YCSnyWqW+GbF6LDLM75GjrM298oZ1A3Gqx+ah2bJsSs7HV
78Ul1Q1tKNC31WgiAU8S9HZiB52Y7qBGGjWn6Sh0T21aV6yd7IETOxQNWuvuwMQc
WVLd8nDgke153lNyHOZnSuIUMjF/RZ2CL82seX1I+r6+mDE4eiUHKi3s0RIlXgEs
xu88Tg6MyXaS3ioglf1AMO6koYbhtFC9OiLeDuLmK1JQzOcpjHsu7zrpNdcVyTpx
vgD9cxMwEoOaHT9eFDpeoaxrGqQ=
-----END CERTIFICATE-----
Generated at Sun May 19 06:19:04 2024 by rpki-client on console-ams.rpki-client.org