Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/Fi7SZcUGu06SKRZ19fcZSIsOmDI.roa
File: Fi7SZcUGu06SKRZ19fcZSIsOmDI.roa (raw, json)
Hash identifier: VdyN5w5MVqNkqDOVXu1lj3umjOqN33Ra5x47OFocpXA=
Subject key identifier: 16:2E:D2:65:C5:06:BB:4E:92:29:16:75:F5:F7:19:48:8B:0E:98:32
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018D5D820976BD8E85761FD113CDE41848D7
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/Fi7SZcUGu06SKRZ19fcZSIsOmDI.roa
Signing time: Wed 31 Jan 2024 03:13:39 +0000
ROA not before: Wed 31 Jan 2024 03:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.198.117.0/24 maxlen: 24
185.109.132.0/24 maxlen: 24
185.109.133.0/24 maxlen: 24
185.109.134.0/24 maxlen: 24
185.109.135.0/24 maxlen: 24
185.146.152.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
2a07:4f80:10::/44 maxlen: 44
2a07:4f80:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.mft
rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5d:82:09:76:bd:8e:85:76:1f:d1:13:cd:e4:18:48:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jan 31 03:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=162ed265c506bb4e92291675f5f719488b0e9832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cd:44:33:b9:90:04:08:29:a3:00:e8:de:da:
c4:3a:9d:83:94:60:4e:b5:6a:52:9c:84:d3:dd:a4:
84:89:5d:87:a4:09:9d:18:35:b0:03:86:0e:dd:25:
d9:46:f0:7e:50:85:71:34:6a:57:e0:7b:1b:75:7b:
7c:09:06:23:1d:99:30:cb:00:47:19:1c:50:6e:07:
4b:3e:a1:3a:27:67:25:e7:f7:13:94:d0:3d:8d:ca:
48:08:0a:1c:b0:57:6e:1e:2b:d6:1a:e4:0a:c0:f7:
58:58:10:01:04:bb:dd:fb:34:c9:d4:8f:2d:0f:d7:
08:86:6c:ed:f5:87:b7:13:4f:f6:ba:4e:c6:33:59:
ea:39:54:92:17:bd:ac:a5:b1:84:b4:80:be:88:e1:
73:ae:3f:01:c9:07:9e:b5:11:93:4d:c7:ca:2a:a1:
7d:34:e0:35:8e:a8:7f:71:b3:5f:c5:4a:3a:dd:46:
ac:40:4b:61:60:11:69:ee:48:f1:9a:97:45:9f:b9:
0d:65:74:e9:7f:82:3c:49:fb:63:f8:02:cd:c0:0a:
ed:4b:97:7d:4c:40:92:e3:21:78:9a:a3:d7:19:e3:
e3:ad:0f:ec:30:55:df:80:3d:ed:b4:f4:76:04:b2:
44:a1:59:ab:05:1d:1e:ab:95:31:d2:b7:0d:54:a1:
40:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2E:D2:65:C5:06:BB:4E:92:29:16:75:F5:F7:19:48:8B:0E:98:32
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/Fi7SZcUGu06SKRZ19fcZSIsOmDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.117.0/24
185.109.132.0/22
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::-2a07:4f80:20:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
59:f5:50:36:80:2e:f6:ab:f6:62:00:46:6a:cc:d4:fa:5e:68:
90:d2:9a:d2:e4:fa:39:f8:b3:27:61:62:ef:23:d2:36:bc:50:
35:47:d0:8a:89:ee:e4:d0:dc:76:46:fb:49:74:75:b9:f0:87:
3c:f9:43:8c:0f:48:72:61:3b:ad:dc:ce:12:63:a9:09:28:33:
25:78:ec:0b:14:b6:a4:9d:21:7f:14:2c:e8:bd:32:d0:a5:7b:
2b:e8:22:02:b9:95:6d:63:b7:f1:bc:38:5c:81:20:29:ee:83:
ec:1e:89:64:64:13:9d:ac:00:9d:9e:55:a4:cc:e2:7d:10:36:
d3:a6:87:8f:09:e1:aa:65:53:46:fe:aa:7e:a7:2a:cc:80:a6:
6a:33:b0:24:b0:35:26:7a:07:da:c0:57:e3:79:4c:f8:b5:e2:
82:46:86:d1:cb:6d:5e:96:0c:39:9f:9d:76:86:c1:ff:13:3f:
59:1d:23:31:bf:f4:70:73:0f:16:95:15:2e:a4:57:f7:c5:d0:
79:3a:27:3a:a2:27:bb:64:fb:f7:6d:8a:5e:22:d0:28:b4:df:
91:e6:3a:ed:a1:1d:e6:8e:41:b7:ed:9c:91:55:7e:a7:90:a2:
ce:d7:69:fb:6f:c3:cc:cc:ef:c9:cb:06:4f:94:03:6e:fc:e7:
09:42:35:cf
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY1dggl2vY6Fdh/RE83kGEjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjQwMTMxMDMxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjJlZDI2NWM1MDZiYjRlOTIyOTE2NzVmNWY3MTk0ODhiMGU5ODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx81EM7mQBAgpowDo3trEOp2DlGBO
tWpSnITT3aSEiV2HpAmdGDWwA4YO3SXZRvB+UIVxNGpX4HsbdXt8CQYjHZkwywBH
GRxQbgdLPqE6J2cl5/cTlNA9jcpICAocsFduHivWGuQKwPdYWBABBLvd+zTJ1I8t
D9cIhmzt9Ye3E0/2uk7GM1nqOVSSF72spbGEtIC+iOFzrj8ByQeetRGTTcfKKqF9
NOA1jqh/cbNfxUo63UasQEthYBFp7kjxmpdFn7kNZXTpf4I8Sftj+ALNwArtS5d9
TECS4yF4mqPXGePjrQ/sMFXfgD3ttPR2BLJEoVmrBR0eq5Ux0rcNVKFA/QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBYu0mXFBrtOkikWdfX3GUiLDpgyMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvRmk3U1pjVUd1MDZTS1JaMTlmY1pTSXNPbURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAW8Z1AwQC
uW2EAwQAuZKYAwQBuZKaMBgEAgACMBIwEAMFByoHT4ADBwAqB0+AACAwDQYJKoZI
hvcNAQELBQADggEBAFn1UDaALvar9mIARmrM1PpeaJDSmtLk+jn4sydhYu8j0ja8
UDVH0IqJ7uTQ3HZG+0l0dbnwhzz5Q4wPSHJhO63czhJjqQkoMyV47AsUtqSdIX8U
LOi9MtCleyvoIgK5lW1jt/G8OFyBICnug+weiWRkE52sAJ2eVaTM4n0QNtOmh48J
4aplU0b+qn6nKsyApmozsCSwNSZ6B9rAV+N5TPi14oJGhtHLbV6WDDmfnXaGwf8T
P1kdIzG/9HBzDxaVFS6kV/fF0Hk6JzqiJ7tk+/dtil4i0Ci035HmOu2hHeaOQbft
nJFVfqeQos7Xaftvw8zM78nLBk+UA2785wlCNc8=
-----END CERTIFICATE-----
Generated at Thu May 2 01:36:27 2024 by rpki-client on console-fra.rpki-client.org