Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/fFT5dQBO7EeNERA_Rh1_46Zh894.roa
File: fFT5dQBO7EeNERA_Rh1_46Zh894.roa (raw, json)
Hash identifier: D17YGlnVi42NUEPLCgWTFm5mK3rnOJ3mYZIJbdkkC7E=
Subject key identifier: 7C:54:F9:75:00:4E:EC:47:8D:11:10:3F:46:1D:7F:E3:A6:61:F3:DE
Certificate issuer: /CN=873726b17b01bf0b54426d1810f23dc4f58f6a7b
Certificate serial: 018FBA54FB48C14DEBDCA76855968282F62D
Authority key identifier: 87:37:26:B1:7B:01:BF:0B:54:42:6D:18:10:F2:3D:C4:F5:8F:6A:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hzcmsXsBvwtUQm0YEPI9xPWPans.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/fFT5dQBO7EeNERA_Rh1_46Zh894.roa
Signing time: Mon 27 May 2024 13:54:42 +0000
ROA not before: Mon 27 May 2024 13:54:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49824
IP address blocks: 91.225.200.0/24 maxlen: 24
91.225.201.0/24 maxlen: 24
91.225.202.0/24 maxlen: 24
91.245.72.0/21 maxlen: 21
193.93.216.0/22 maxlen: 22
2001:678:604::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/hzcmsXsBvwtUQm0YEPI9xPWPans.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/hzcmsXsBvwtUQm0YEPI9xPWPans.mft
rsync://rpki.ripe.net/repository/DEFAULT/hzcmsXsBvwtUQm0YEPI9xPWPans.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:54:fb:48:c1:4d:eb:dc:a7:68:55:96:82:82:f6:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=873726b17b01bf0b54426d1810f23dc4f58f6a7b
Validity
Not Before: May 27 13:54:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c54f975004eec478d11103f461d7fe3a661f3de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:00:b9:dc:9a:26:d6:16:6c:7f:ba:81:f4:b1:
fd:12:58:5d:e1:98:f8:65:4e:b6:bd:88:2c:53:82:
1e:8a:87:2e:b4:5d:87:c3:10:e1:b0:6f:94:4c:2b:
6d:d6:fa:86:b2:8d:86:6e:ac:38:0b:dc:46:c1:45:
c5:fa:95:0e:a4:86:9b:1a:01:47:45:54:d8:5c:e8:
00:02:f5:dd:85:8c:1d:ce:82:21:29:3f:0d:ac:f8:
39:db:6e:90:98:2e:64:98:9f:34:32:8f:1b:27:18:
73:e3:07:c1:e8:dd:cc:bf:c6:a4:70:df:e7:b0:f1:
56:60:1f:66:ca:90:e7:64:a6:37:83:13:61:f5:90:
0c:73:91:ac:c9:c2:d7:18:57:3d:8e:c8:39:a5:d5:
2a:95:76:70:64:24:4f:e6:a3:7c:6c:63:44:71:49:
84:f5:4d:96:00:cf:9f:06:5c:5e:cc:b2:56:03:ae:
65:ab:92:11:f4:e4:94:96:e0:85:eb:f9:62:94:f9:
b4:0f:84:62:5f:df:e0:97:2a:4a:70:85:04:14:af:
e6:84:80:35:c9:3d:9f:1a:94:f3:ff:34:25:fd:bf:
6c:ff:b6:18:a0:42:d1:4a:53:18:26:12:f9:54:91:
2b:83:a0:c9:f9:34:d2:63:c1:81:77:4c:5d:c7:40:
80:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:54:F9:75:00:4E:EC:47:8D:11:10:3F:46:1D:7F:E3:A6:61:F3:DE
X509v3 Authority Key Identifier:
keyid:87:37:26:B1:7B:01:BF:0B:54:42:6D:18:10:F2:3D:C4:F5:8F:6A:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzcmsXsBvwtUQm0YEPI9xPWPans.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/fFT5dQBO7EeNERA_Rh1_46Zh894.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/hzcmsXsBvwtUQm0YEPI9xPWPans.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.200.0-91.225.202.255
91.245.72.0/21
193.93.216.0/22
IPv6:
2001:678:604::/48
Signature Algorithm: sha256WithRSAEncryption
05:4d:3b:84:dd:26:51:ad:07:16:9f:c6:c9:dc:b2:c0:b4:bb:
07:a5:27:8f:d3:cd:fd:dd:9a:01:71:80:f5:bf:ba:5e:96:66:
03:b1:53:d6:44:88:f5:e6:d5:52:d8:c4:5c:5c:c5:61:81:da:
1a:d4:39:93:23:13:15:5c:b0:6f:dd:02:5e:6d:10:9a:cf:6e:
d8:10:28:70:4e:37:93:1d:5f:5d:bb:e8:c6:f4:dc:79:6f:d5:
93:52:06:dd:32:84:72:bf:4a:45:ee:c0:23:87:96:fd:5a:f2:
c6:22:08:11:02:bf:19:56:a6:7b:ca:41:95:7f:3c:3e:44:ff:
97:c8:ff:c2:cc:13:eb:16:da:58:75:a5:11:1d:ed:b7:5c:b7:
cc:73:62:2f:82:28:b6:94:3b:4e:56:82:ef:08:c0:7f:b3:06:
c3:64:b6:c2:36:eb:4e:9d:8c:1e:48:62:0a:5c:fe:2a:33:9f:
31:72:d9:4e:55:9c:98:24:29:eb:ca:5d:a5:16:c4:de:84:2b:
c8:41:c5:a4:73:7c:22:b7:e1:be:e0:02:6d:b1:c3:eb:a2:97:
55:1b:1d:cd:98:37:83:59:ed:90:02:eb:81:95:5d:1b:d4:c1:
2c:1e:39:3d:ce:7a:bd:68:c8:bb:30:6d:3c:18:cf:d1:03:bd:
43:66:46:de
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY+6VPtIwU3r3KdoVZaCgvYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzcyNmIxN2IwMWJmMGI1NDQyNmQxODEwZjIzZGM0ZjU4
ZjZhN2IwHhcNMjQwNTI3MTM1NDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzU0Zjk3NTAwNGVlYzQ3OGQxMTEwM2Y0NjFkN2ZlM2E2NjFmM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQC53Jom1hZsf7qB9LH9Elhd4Zj4
ZU62vYgsU4IeiocutF2HwxDhsG+UTCtt1vqGso2Gbqw4C9xGwUXF+pUOpIabGgFH
RVTYXOgAAvXdhYwdzoIhKT8NrPg5226QmC5kmJ80Mo8bJxhz4wfB6N3Mv8akcN/n
sPFWYB9mypDnZKY3gxNh9ZAMc5GsycLXGFc9jsg5pdUqlXZwZCRP5qN8bGNEcUmE
9U2WAM+fBlxezLJWA65lq5IR9OSUluCF6/lilPm0D4RiX9/glypKcIUEFK/mhIA1
yT2fGpTz/zQl/b9s/7YYoELRSlMYJhL5VJErg6DJ+TTSY8GBd0xdx0CAGwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHxU+XUATuxHjREQP0Ydf+OmYfPeMB8GA1UdIwQY
MBaAFIc3JrF7Ab8LVEJtGBDyPcT1j2p7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHpjbXNYc0J2d3RVUW0wWUVQSTl4UFdQYW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yMzgzNWEtYjJjYi00YTZlLTg5ZmQt
MmFlMzUxNzU3MTNjLzEvZkZUNWRRQk83RWVORVJBX1JoMV80NlpoODk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yMzgzNWEtYjJjYi00YTZlLTg5ZmQtMmFlMzUxNzU3MTNj
LzEvaHpjbXNYc0J2d3RVUW0wWUVQSTl4UFdQYW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBANb4cgD
BABb4coDBANb9UgDBALBXdgwDwQCAAIwCQMHACABBngGBDANBgkqhkiG9w0BAQsF
AAOCAQEABU07hN0mUa0HFp/GydyywLS7B6Unj9PN/d2aAXGA9b+6XpZmA7FT1kSI
9ebVUtjEXFzFYYHaGtQ5kyMTFVywb90CXm0Qms9u2BAocE43kx1fXbvoxvTceW/V
k1IG3TKEcr9KRe7AI4eW/VryxiIIEQK/GVame8pBlX88PkT/l8j/wswT6xbaWHWl
ER3tt1y3zHNiL4IotpQ7TlaC7wjAf7MGw2S2wjbrTp2MHkhiClz+KjOfMXLZTlWc
mCQp68pdpRbE3oQryEHFpHN8IrfhvuACbbHD66KXVRsdzZg3g1ntkALrgZVdG9TB
LB45Pc56vWjIuzBtPBjP0QO9Q2ZG3g==
-----END CERTIFICATE-----
Generated at Tue Jun 25 22:45:09 2024 by rpki-client on console-ams.rpki-client.org