Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/fHpiHTXBH5GQqkASt67kZinvjSI.roa
File: fHpiHTXBH5GQqkASt67kZinvjSI.roa (raw, json)
Hash identifier: BpSLI0ps4YAfeQySdFOoofg1X+F26aLv+P0IwNW8J8Q=
Subject key identifier: 7C:7A:62:1D:35:C1:1F:91:90:AA:40:12:B7:AE:E4:66:29:EF:8D:22
Certificate issuer: /CN=0e41a3968b62741b36d348be0d2c91c5d4b133a2
Certificate serial: 018CCA991CD4B87910FAA9C683B56D7BE4AA
Authority key identifier: 0E:41:A3:96:8B:62:74:1B:36:D3:48:BE:0D:2C:91:C5:D4:B1:33:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkGjlotidBs200i-DSyRxdSxM6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/fHpiHTXBH5GQqkASt67kZinvjSI.roa
Signing time: Tue 02 Jan 2024 14:34:41 +0000
ROA not before: Tue 02 Jan 2024 14:34:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45034
IP address blocks: 185.106.232.0/24 maxlen: 24
185.106.234.0/24 maxlen: 24
2a00:a700:a::/48 maxlen: 48
2a00:a700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/DkGjlotidBs200i-DSyRxdSxM6I.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/DkGjlotidBs200i-DSyRxdSxM6I.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkGjlotidBs200i-DSyRxdSxM6I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:1c:d4:b8:79:10:fa:a9:c6:83:b5:6d:7b:e4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e41a3968b62741b36d348be0d2c91c5d4b133a2
Validity
Not Before: Jan 2 14:34:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c7a621d35c11f9190aa4012b7aee46629ef8d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:12:9a:bf:e6:1c:64:33:7f:47:19:52:ca:51:
31:86:7d:29:a8:ce:d4:9d:7d:2c:18:f8:02:cd:7a:
a7:73:98:a7:2d:41:9d:05:8b:1d:e3:b9:d9:45:e5:
e1:da:04:44:e3:c3:c9:de:24:ab:e9:2a:cc:ed:3d:
32:42:5f:b0:6d:1d:3b:b3:03:37:fc:a3:f1:ca:8b:
c6:7b:d5:a3:df:a6:be:70:2a:46:d7:bf:2b:d9:cc:
b8:f8:be:de:50:3f:32:e4:25:f2:4b:e1:a3:62:23:
58:ca:98:b7:30:ff:d6:fa:38:18:67:cc:4a:05:a4:
6c:76:82:83:13:e2:d1:b1:aa:85:84:9e:02:1b:43:
2d:eb:80:ab:2d:e7:9a:1f:6b:7e:6e:c5:5d:bc:e5:
ce:29:6c:58:da:a7:1e:cc:89:45:fb:2c:9d:de:30:
15:ce:71:79:a8:b4:d6:f4:e1:95:c3:7b:2b:4e:41:
70:49:b9:6f:f8:bf:7f:1c:23:10:56:16:86:5b:42:
6e:50:f1:a8:c5:9e:22:23:b4:97:19:54:0c:30:78:
48:1d:d8:75:31:c5:76:11:58:b5:5c:cf:53:52:fa:
40:25:06:f2:3c:fb:d1:5f:3b:0d:a7:4d:bb:db:45:
c4:6f:6a:5c:b3:1e:70:4a:3a:11:9b:32:d8:8d:de:
b9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:7A:62:1D:35:C1:1F:91:90:AA:40:12:B7:AE:E4:66:29:EF:8D:22
X509v3 Authority Key Identifier:
keyid:0E:41:A3:96:8B:62:74:1B:36:D3:48:BE:0D:2C:91:C5:D4:B1:33:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkGjlotidBs200i-DSyRxdSxM6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/fHpiHTXBH5GQqkASt67kZinvjSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/DkGjlotidBs200i-DSyRxdSxM6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.232.0/24
185.106.234.0/24
IPv6:
2a00:a700::/48
2a00:a700:a::/48
Signature Algorithm: sha256WithRSAEncryption
91:42:0e:87:32:1f:b3:fe:05:47:8a:b4:9d:a1:af:1b:31:47:
3f:43:a5:15:0f:05:54:c8:ec:11:2e:33:fa:e8:b1:bc:e5:32:
10:b4:77:6b:66:d8:7c:34:95:44:1e:be:c2:13:7f:54:b8:c1:
fe:ce:86:e6:5b:94:60:75:a2:c0:f5:cd:f3:df:1d:a3:1b:1c:
3c:49:b7:2d:9e:96:9a:40:91:5b:0e:80:95:d2:10:3c:e5:ca:
2f:da:6d:b5:42:c2:f1:15:24:b2:72:cc:38:10:27:08:71:28:
4e:c2:de:4a:0d:d5:69:ba:73:79:18:e0:42:0a:a0:da:d5:d2:
c4:c5:a8:68:42:f2:58:30:70:23:ee:da:c1:74:41:6d:a1:75:
a0:bc:ae:e0:f2:d7:21:bb:b0:d4:d5:41:78:8f:4a:2d:ea:3e:
88:a4:05:16:39:22:f3:fe:50:5a:b7:6d:41:b8:a9:56:03:d7:
e4:ec:e0:b0:7a:4a:3c:6e:38:ab:5b:26:3e:81:6a:ee:46:c2:
80:05:76:13:24:94:31:58:01:78:ef:04:40:e6:29:1f:ad:79:
6a:9f:ba:0f:6e:8a:45:df:6c:17:4b:43:99:c0:08:0a:27:ba:
14:8c:31:9e:65:66:66:5c:3f:91:ae:0e:35:77:8f:62:e7:da:
4a:ed:b5:50
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzKmRzUuHkQ+qnGg7Vte+SqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDFhMzk2OGI2Mjc0MWIzNmQzNDhiZTBkMmM5MWM1ZDRi
MTMzYTIwHhcNMjQwMTAyMTQzNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzdhNjIxZDM1YzExZjkxOTBhYTQwMTJiN2FlZTQ2NjI5ZWY4ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBKav+YcZDN/RxlSylExhn0pqM7U
nX0sGPgCzXqnc5inLUGdBYsd47nZReXh2gRE48PJ3iSr6SrM7T0yQl+wbR07swM3
/KPxyovGe9Wj36a+cCpG178r2cy4+L7eUD8y5CXyS+GjYiNYypi3MP/W+jgYZ8xK
BaRsdoKDE+LRsaqFhJ4CG0Mt64CrLeeaH2t+bsVdvOXOKWxY2qcezIlF+yyd3jAV
znF5qLTW9OGVw3srTkFwSblv+L9/HCMQVhaGW0JuUPGoxZ4iI7SXGVQMMHhIHdh1
McV2EVi1XM9TUvpAJQbyPPvRXzsNp02720XEb2pcsx5wSjoRmzLYjd65swIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHx6Yh01wR+RkKpAEreu5GYp740iMB8GA1UdIwQY
MBaAFA5Bo5aLYnQbNtNIvg0skcXUsTOiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtHamxvdGlkQnMyMDBpLURTeVJ4ZFN4TTZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8wNWIxZjgtNGIzNS00MGJiLWEwMzQt
NzQ3NTIzMTkyMzYzLzEvZkhwaUhUWEJINUdRcWtBU3Q2N2taaW52alNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8wNWIxZjgtNGIzNS00MGJiLWEwMzQtNzQ3NTIzMTkyMzYz
LzEvRGtHamxvdGlkQnMyMDBpLURTeVJ4ZFN4TTZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuWroAwQA
uWrqMBgEAgACMBIDBwAqAKcAAAADBwAqAKcAAAowDQYJKoZIhvcNAQELBQADggEB
AJFCDocyH7P+BUeKtJ2hrxsxRz9DpRUPBVTI7BEuM/rosbzlMhC0d2tm2Hw0lUQe
vsITf1S4wf7OhuZblGB1osD1zfPfHaMbHDxJty2elppAkVsOgJXSEDzlyi/abbVC
wvEVJLJyzDgQJwhxKE7C3koN1Wm6c3kY4EIKoNrV0sTFqGhC8lgwcCPu2sF0QW2h
daC8ruDy1yG7sNTVQXiPSi3qPoikBRY5IvP+UFq3bUG4qVYD1+Ts4LB6SjxuOKtb
Jj6Bau5GwoAFdhMklDFYAXjvBEDmKR+teWqfug9uikXfbBdLQ5nACAonuhSMMZ5l
ZmZcP5GuDjV3j2Ln2krttVA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:05:37 2024 by rpki-client on console-ams.rpki-client.org