Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fYMxJ3peR8YzYSn7F-_emx87cSM.roa
File: fYMxJ3peR8YzYSn7F-_emx87cSM.roa (raw, json)
Hash identifier: pgA0ocde6YXZofj1wFTeyNJ2PmS26UG3QMCljTOfYPg=
Subject key identifier: 7D:83:31:27:7A:5E:47:C6:33:61:29:FB:17:EF:DE:9B:1F:3B:71:23
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018EE3CCB4DBB2DFE14EF6E313466678E6FD
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fYMxJ3peR8YzYSn7F-_emx87cSM.roa
Signing time: Mon 15 Apr 2024 22:07:07 +0000
ROA not before: Mon 15 Apr 2024 22:07:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198361
IP address blocks: 2.56.111.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e3:cc:b4:db:b2:df:e1:4e:f6:e3:13:46:66:78:e6:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 15 22:07:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d8331277a5e47c6336129fb17efde9b1f3b7123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:dd:d6:7d:d4:94:d3:d9:b6:1e:ab:a4:ea:70:
49:8f:66:db:3f:81:53:22:4e:5d:02:33:85:08:b6:
f0:91:e8:91:35:68:0d:55:9a:14:88:3b:36:ef:ab:
77:13:82:1b:22:cd:76:c3:51:87:d5:06:f7:4d:4f:
c6:3d:43:14:19:b4:35:70:89:07:25:25:3a:e9:75:
3e:f8:31:5d:35:a6:d6:a0:44:8c:61:d4:9e:12:5c:
12:2b:06:7e:ed:45:33:90:74:eb:21:98:46:29:64:
ce:d9:02:1d:56:86:ba:5e:86:77:da:3e:89:08:0c:
19:e9:9b:f9:32:7c:0c:e9:99:fe:8e:43:6f:64:6f:
60:c1:a6:e9:31:ff:a5:1d:77:b4:04:2c:57:c9:19:
34:f2:d4:5d:2d:60:8f:81:92:36:01:4d:a5:b7:81:
ef:c7:84:3f:97:b6:f1:63:f1:f8:de:3d:63:98:72:
f8:85:69:f7:5b:ac:43:e1:94:20:04:fa:ef:e1:c2:
be:24:61:1a:6a:1a:c3:68:1e:89:4e:7f:4e:5f:49:
89:71:f3:2e:b7:16:c1:22:29:5e:56:f1:b1:dc:28:
6a:bb:36:36:69:11:ff:af:8c:40:b4:cc:35:14:09:
5a:da:4a:b5:81:5c:4d:95:70:8e:c2:04:a0:b0:fc:
a6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:83:31:27:7A:5E:47:C6:33:61:29:FB:17:EF:DE:9B:1F:3B:71:23
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fYMxJ3peR8YzYSn7F-_emx87cSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.111.0/24
45.88.138.0/24
77.83.38.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:88:58:dd:08:62:39:fa:39:b7:5f:34:53:ce:f1:a3:04:f6:
6b:9f:c7:55:b9:e1:13:19:ea:2e:1a:ec:b0:85:c7:50:7e:f5:
4a:11:ab:e3:14:f8:e4:65:5f:95:c7:5e:22:40:7c:f8:f6:5c:
9c:65:f3:aa:bf:35:2a:42:e6:da:44:9a:2c:b8:66:ba:80:27:
e0:68:4a:24:dc:60:d2:31:74:50:39:44:96:16:79:d0:ca:68:
6b:40:23:09:b8:54:aa:94:06:a9:cb:9b:a8:2c:16:e3:85:1c:
4c:45:1a:80:fb:0c:06:77:23:fc:a4:80:a6:2f:6b:b0:45:e3:
b2:38:e4:24:72:10:a3:89:f3:5d:10:f0:23:52:da:97:46:65:
74:fe:a6:ef:de:60:0d:a2:40:ed:17:43:31:82:f7:8d:0c:d9:
c7:01:48:db:29:03:e2:e3:95:c0:f6:b2:bd:fc:d1:05:6a:93:
aa:63:bc:a6:64:32:1a:b4:3a:c2:6a:77:fa:c8:6a:22:0d:57:
e2:dc:b7:ac:e9:27:f8:23:bb:4a:22:dc:e5:e7:77:5c:4f:22:
b2:3c:79:dd:c7:2a:81:d0:45:a0:cf:26:06:ad:7d:a8:3e:b5:
e9:e9:ac:8a:ef:9c:3e:aa:65:23:fb:2c:e9:cb:30:40:f0:d8:
0c:6e:56:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7jzLTbst/hTvbjE0ZmeOb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDE1MjIwNzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDgzMzEyNzdhNWU0N2M2MzM2MTI5ZmIxN2VmZGU5YjFmM2I3MTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd3WfdSU09m2Hquk6nBJj2bbP4FT
Ik5dAjOFCLbwkeiRNWgNVZoUiDs276t3E4IbIs12w1GH1Qb3TU/GPUMUGbQ1cIkH
JSU66XU++DFdNabWoESMYdSeElwSKwZ+7UUzkHTrIZhGKWTO2QIdVoa6XoZ32j6J
CAwZ6Zv5MnwM6Zn+jkNvZG9gwabpMf+lHXe0BCxXyRk08tRdLWCPgZI2AU2lt4Hv
x4Q/l7bxY/H43j1jmHL4hWn3W6xD4ZQgBPrv4cK+JGEaahrDaB6JTn9OX0mJcfMu
txbBIileVvGx3ChquzY2aRH/r4xAtMw1FAla2kq1gVxNlXCOwgSgsPymBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH2DMSd6XkfGM2Ep+xfv3psfO3EjMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZllNeEozcGVSOFl6WVNuN0YtX2VteDg3Y1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjhvAwQA
LViKAwQATVMmMA0GCSqGSIb3DQEBCwUAA4IBAQCdiFjdCGI5+jm3XzRTzvGjBPZr
n8dVueETGeouGuywhcdQfvVKEavjFPjkZV+Vx14iQHz49lycZfOqvzUqQubaRJos
uGa6gCfgaEok3GDSMXRQOUSWFnnQymhrQCMJuFSqlAapy5uoLBbjhRxMRRqA+wwG
dyP8pICmL2uwReOyOOQkchCjifNdEPAjUtqXRmV0/qbv3mANokDtF0MxgveNDNnH
AUjbKQPi45XA9rK9/NEFapOqY7ymZDIatDrCanf6yGoiDVfi3Les6Sf4I7tKItzl
53dcTyKyPHndxyqB0EWgzyYGrX2oPrXp6ayK75w+qmUj+yzpyzBA8NgMblZj
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:51:55 2024 by rpki-client on console-fra.rpki-client.org