Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/798745-e247-4a87-ba1d-b66d8664b09b/1/F2WEHd37tJPKXfKnNbCgfAL8xBk.roa
File: F2WEHd37tJPKXfKnNbCgfAL8xBk.roa (raw, json)
Hash identifier: Y++OIw5H6psqrbf44uHtn8kjnZcMNTHmN3OMMaBUxpo=
Subject key identifier: 17:65:84:1D:DD:FB:B4:93:CA:5D:F2:A7:35:B0:A0:7C:02:FC:C4:19
Certificate issuer: /CN=ff24b72f5f9040d4d22688f5ea511f615f15004c
Certificate serial: 018CC72755DEB4B739F69F232468D4C19289
Authority key identifier: FF:24:B7:2F:5F:90:40:D4:D2:26:88:F5:EA:51:1F:61:5F:15:00:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_yS3L1-QQNTSJoj16lEfYV8VAEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/798745-e247-4a87-ba1d-b66d8664b09b/1/F2WEHd37tJPKXfKnNbCgfAL8xBk.roa
Signing time: Mon 01 Jan 2024 22:31:33 +0000
ROA not before: Mon 01 Jan 2024 22:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25151
IP address blocks: 81.24.0.0/20 maxlen: 24
185.78.196.0/22 maxlen: 24
2a05:6cc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/798745-e247-4a87-ba1d-b66d8664b09b/1/_yS3L1-QQNTSJoj16lEfYV8VAEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/798745-e247-4a87-ba1d-b66d8664b09b/1/_yS3L1-QQNTSJoj16lEfYV8VAEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/_yS3L1-QQNTSJoj16lEfYV8VAEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:55:de:b4:b7:39:f6:9f:23:24:68:d4:c1:92:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff24b72f5f9040d4d22688f5ea511f615f15004c
Validity
Not Before: Jan 1 22:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1765841dddfbb493ca5df2a735b0a07c02fcc419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:59:55:7f:67:e7:33:87:96:76:1f:6e:a7:d1:
1e:64:74:49:db:63:24:ae:64:fc:a1:f8:7f:70:ab:
b2:08:fe:26:cc:01:f9:fb:8e:ae:ad:c7:41:10:7a:
be:95:db:88:fa:62:98:33:be:53:04:36:39:ac:7d:
e1:1e:4c:a9:4a:51:ae:c7:9c:f1:2b:16:f0:4d:9c:
e2:21:1a:a9:b5:c0:50:e2:8e:c8:33:42:69:df:e1:
4b:e4:db:ed:ae:7d:2f:2f:67:93:e6:f6:03:68:a1:
46:88:aa:b2:dc:8a:b4:df:f8:a1:53:c9:2f:b6:8b:
4b:15:a3:a7:48:11:be:74:ec:2c:f2:1b:2a:40:d4:
87:4b:7d:36:b8:98:a5:98:9c:ae:b5:3c:8c:2c:49:
31:c5:fa:24:16:6a:0a:cb:04:20:5b:ca:a6:a1:91:
0c:be:f8:48:8f:1e:de:df:4f:2a:41:5f:9b:24:37:
ac:88:bf:f9:c2:e2:1f:d8:3c:dc:2d:e4:fe:bd:1a:
45:75:17:81:de:e9:76:07:00:83:ef:9d:d1:86:b9:
66:8a:25:f4:c3:b6:06:6d:28:a3:bd:df:c5:c6:37:
53:2c:f4:80:dd:80:10:17:7a:a3:a5:46:7f:55:e5:
de:ce:2c:85:f1:e5:8b:63:1c:14:b5:a3:69:99:3c:
38:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:65:84:1D:DD:FB:B4:93:CA:5D:F2:A7:35:B0:A0:7C:02:FC:C4:19
X509v3 Authority Key Identifier:
keyid:FF:24:B7:2F:5F:90:40:D4:D2:26:88:F5:EA:51:1F:61:5F:15:00:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_yS3L1-QQNTSJoj16lEfYV8VAEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/798745-e247-4a87-ba1d-b66d8664b09b/1/F2WEHd37tJPKXfKnNbCgfAL8xBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/798745-e247-4a87-ba1d-b66d8664b09b/1/_yS3L1-QQNTSJoj16lEfYV8VAEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.0.0/20
185.78.196.0/22
IPv6:
2a05:6cc0::/29
Signature Algorithm: sha256WithRSAEncryption
19:a1:c0:43:f1:1c:0e:05:fd:ba:ae:bf:88:f7:2c:76:00:7f:
44:d9:be:22:2f:de:d7:eb:dc:60:40:60:98:3b:eb:7a:f8:5e:
9d:9d:1c:c6:ae:00:11:6e:62:e0:95:6f:16:82:fa:9b:f3:89:
ae:3e:bd:9b:75:20:cc:33:c0:eb:09:ec:ba:aa:9c:c4:1f:d7:
dc:d8:48:4a:6b:64:b0:8f:99:8c:a6:19:a0:37:cb:a0:63:f0:
d7:1d:c1:ef:a4:4a:a6:2f:e2:17:da:1d:3f:65:a0:0e:9f:b8:
c3:26:8c:1c:53:f7:e1:82:ae:4b:44:dc:23:a2:4d:dc:75:6d:
f0:01:a6:bc:89:d9:33:22:5a:16:79:d7:a3:e1:f9:34:af:07:
b4:23:c4:8c:13:d2:a2:90:0e:3d:08:6f:11:d4:42:a7:92:85:
6d:4e:f6:b7:77:13:63:99:d5:79:e5:86:4c:2b:13:86:0e:c5:
b8:2b:7e:35:bc:05:3e:1c:44:a5:c6:a7:fe:8d:f1:34:91:8c:
92:fc:fd:8e:12:57:76:16:0d:5f:a3:10:9f:40:95:7d:cd:06:
e4:a2:db:14:f1:09:3e:aa:f2:0a:9c:72:4f:8b:9f:6a:78:cb:
28:e1:15:7d:6e:29:ab:81:b8:b3:e6:0a:58:6d:44:08:bb:2a:
1a:f2:d9:4d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJ1XetLc59p8jJGjUwZKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjRiNzJmNWY5MDQwZDRkMjI2ODhmNWVhNTExZjYxNWYx
NTAwNGMwHhcNMjQwMTAxMjIzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzY1ODQxZGRkZmJiNDkzY2E1ZGYyYTczNWIwYTA3YzAyZmNjNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1lVf2fnM4eWdh9up9EeZHRJ22Mk
rmT8ofh/cKuyCP4mzAH5+46urcdBEHq+lduI+mKYM75TBDY5rH3hHkypSlGux5zx
KxbwTZziIRqptcBQ4o7IM0Jp3+FL5Nvtrn0vL2eT5vYDaKFGiKqy3Iq03/ihU8kv
totLFaOnSBG+dOws8hsqQNSHS302uJilmJyutTyMLEkxxfokFmoKywQgW8qmoZEM
vvhIjx7e308qQV+bJDesiL/5wuIf2DzcLeT+vRpFdReB3ul2BwCD753RhrlmiiX0
w7YGbSijvd/FxjdTLPSA3YAQF3qjpUZ/VeXeziyF8eWLYxwUtaNpmTw4MQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBdlhB3d+7STyl3ypzWwoHwC/MQZMB8GA1UdIwQY
MBaAFP8kty9fkEDU0iaI9epRH2FfFQBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lTM0wxLVFRTlRTSm9qMTZsRWZZVjhWQUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83OTg3NDUtZTI0Ny00YTg3LWJhMWQt
YjY2ZDg2NjRiMDliLzEvRjJXRUhkMzd0SlBLWGZLbk5iQ2dmQUw4eEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83OTg3NDUtZTI0Ny00YTg3LWJhMWQtYjY2ZDg2NjRiMDli
LzEvX3lTM0wxLVFRTlRTSm9qMTZsRWZZVjhWQUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEURgAAwQC
uU7EMA0EAgACMAcDBQMqBWzAMA0GCSqGSIb3DQEBCwUAA4IBAQAZocBD8RwOBf26
rr+I9yx2AH9E2b4iL97X69xgQGCYO+t6+F6dnRzGrgARbmLglW8Wgvqb84muPr2b
dSDMM8DrCey6qpzEH9fc2EhKa2Swj5mMphmgN8ugY/DXHcHvpEqmL+IX2h0/ZaAO
n7jDJowcU/fhgq5LRNwjok3cdW3wAaa8idkzIloWedej4fk0rwe0I8SME9KikA49
CG8R1EKnkoVtTva3dxNjmdV55YZMKxOGDsW4K341vAU+HESlxqf+jfE0kYyS/P2O
Eld2Fg1foxCfQJV9zQbkotsU8Qk+qvIKnHJPi59qeMso4RV9bimrgbiz5gpYbUQI
uyoa8tlN
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:50 2024 by rpki-client on console-ams.rpki-client.org