Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/f-fUogWLsVd7RAvSnP5jAGCEjxw.roa
File: f-fUogWLsVd7RAvSnP5jAGCEjxw.roa (raw, json)
Hash identifier: huThzd7nlBqCzKWtgX7WINo7pQsSApmF9I1YtlmSsV4=
Subject key identifier: 7F:E7:D4:A2:05:8B:B1:57:7B:44:0B:D2:9C:FE:63:00:60:84:8F:1C
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 018F6BE4EF7B9288164ACB2601E5797E0D81
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/f-fUogWLsVd7RAvSnP5jAGCEjxw.roa
Signing time: Sun 12 May 2024 08:21:56 +0000
ROA not before: Sun 12 May 2024 08:21:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6424
IP address blocks: 188.93.192.0/21 maxlen: 24
188.93.196.0/24 maxlen: 24
2001:b18::/32 maxlen: 48
2001:b18:1031::/48 maxlen: 48
2a0d:82c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.mft
rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6b:e4:ef:7b:92:88:16:4a:cb:26:01:e5:79:7e:0d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: May 12 08:21:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fe7d4a2058bb1577b440bd29cfe630060848f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:98:75:52:f9:4b:96:91:ce:c1:8f:51:19:
63:5e:02:5d:9b:85:a8:21:13:99:1e:f7:8a:d7:06:
c1:55:4c:1f:60:79:51:af:37:5b:6a:9b:8a:ff:43:
df:3d:fe:ce:ed:a8:ce:c4:dc:61:61:5d:c0:64:77:
92:19:4f:e0:a3:c6:ed:97:26:da:bb:fc:aa:cc:aa:
03:c4:b2:3a:8e:e1:42:6a:66:4e:bd:d6:ff:9a:ed:
f7:2e:58:3e:e7:98:a8:bf:92:7e:eb:e0:62:16:be:
e8:37:5e:bd:8a:be:03:d2:ec:d8:2d:8d:2a:96:d9:
87:14:66:2e:3c:bf:99:41:c5:0c:e4:43:0d:30:33:
f6:b9:7f:4e:64:2a:07:0d:cc:77:88:eb:68:75:c7:
81:bb:db:4c:fc:f3:d1:a6:7c:a4:8c:61:32:f5:29:
68:75:01:5e:df:eb:c2:72:f7:16:c4:5c:88:b6:51:
c4:ae:85:ad:6a:2e:0c:ca:0c:aa:66:0a:43:be:cd:
84:e2:18:92:4e:82:77:a0:4d:e5:ba:1e:b4:d2:ab:
6d:db:52:17:81:98:8c:5d:5a:b8:53:a2:e6:1a:ca:
d4:b7:99:f8:03:d0:46:35:d3:fb:d5:4a:3d:0d:f0:
5a:b5:75:e5:9b:64:4c:d1:25:76:3a:a4:14:4c:e9:
2a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E7:D4:A2:05:8B:B1:57:7B:44:0B:D2:9C:FE:63:00:60:84:8F:1C
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/f-fUogWLsVd7RAvSnP5jAGCEjxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.93.192.0/21
IPv6:
2001:b18::/32
2a0d:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:8a:f5:1b:48:00:c6:a6:00:ee:7f:bb:3b:10:0c:e6:72:89:
be:e9:f4:cb:57:95:53:0c:89:13:b1:2d:56:5b:55:b1:70:f7:
50:1d:9f:2d:4f:46:32:49:e6:be:04:87:9b:6e:16:74:ba:2f:
3b:4d:aa:48:01:94:14:09:28:64:36:18:f3:b3:7d:1c:f6:24:
09:97:c3:09:e7:40:66:54:c7:74:99:3f:ed:b5:32:49:d8:80:
d1:e2:f2:ea:65:88:67:50:d5:4a:0d:c0:d0:96:23:cb:a3:95:
f9:ee:94:1e:51:93:09:f4:34:51:9d:23:2a:47:7b:ae:e3:4f:
f3:0a:70:a5:01:63:a2:43:7b:83:76:66:c9:9c:5b:15:e2:ae:
67:e6:15:7c:0c:df:57:b2:db:4e:91:98:0e:fb:9b:8e:06:d5:
6c:e0:01:de:ce:b3:de:28:7c:e6:1d:50:16:5e:21:e2:86:f1:
cf:59:c5:5e:48:d9:ed:84:16:27:e7:c7:e9:56:98:33:ae:e7:
d8:b6:a7:03:67:4d:c0:ea:2d:6e:7e:b8:1a:cc:44:49:f7:6d:
14:10:cf:51:82:32:ce:69:b7:d6:72:6a:ba:70:90:e0:9c:b3:
6b:22:2c:25:03:cc:66:05:a6:59:15:bb:30:e4:53:58:7d:6c:
c6:d4:5f:df
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY9r5O97kogWSssmAeV5fg2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjQwNTEyMDgyMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmU3ZDRhMjA1OGJiMTU3N2I0NDBiZDI5Y2ZlNjMwMDYwODQ4ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArziYdVL5S5aRzsGPURljXgJdm4Wo
IROZHveK1wbBVUwfYHlRrzdbapuK/0PfPf7O7ajOxNxhYV3AZHeSGU/go8btlyba
u/yqzKoDxLI6juFCamZOvdb/mu33Llg+55iov5J+6+BiFr7oN169ir4D0uzYLY0q
ltmHFGYuPL+ZQcUM5EMNMDP2uX9OZCoHDcx3iOtodceBu9tM/PPRpnykjGEy9Slo
dQFe3+vCcvcWxFyItlHEroWtai4MygyqZgpDvs2E4hiSToJ3oE3luh600qtt21IX
gZiMXVq4U6LmGsrUt5n4A9BGNdP71Uo9DfBatXXlm2RM0SV2OqQUTOkqFwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFH/n1KIFi7FXe0QL0pz+YwBghI8cMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvZi1mVW9nV0xzVmQ3UkF2U25QNWpBR0NFanh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQDvF3AMBQE
AgACMA4DBQAgAQsYAwUDKg2CwDANBgkqhkiG9w0BAQsFAAOCAQEATor1G0gAxqYA
7n+7OxAM5nKJvun0y1eVUwyJE7EtVltVsXD3UB2fLU9GMknmvgSHm24WdLovO02q
SAGUFAkoZDYY87N9HPYkCZfDCedAZlTHdJk/7bUySdiA0eLy6mWIZ1DVSg3A0JYj
y6OV+e6UHlGTCfQ0UZ0jKkd7ruNP8wpwpQFjokN7g3ZmyZxbFeKuZ+YVfAzfV7Lb
TpGYDvubjgbVbOAB3s6z3ih85h1QFl4h4obxz1nFXkjZ7YQWJ+fH6VaYM67n2Lan
A2dNwOotbn64GsxESfdtFBDPUYIyzmm31nJqunCQ4JyzayIsJQPMZgWmWRW7MORT
WH1sxtRf3w==
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:07:22 2024 by rpki-client on console-fra.rpki-client.org