Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/FwBT6fO1eZGmthsE2_v3plJbe5s.roa
File: FwBT6fO1eZGmthsE2_v3plJbe5s.roa (raw, json)
Hash identifier: 4oy6ZnuHk0wZGiw/ek0sj1a+pEq/QpwEq6a38bnoIAY=
Subject key identifier: 17:00:53:E9:F3:B5:79:91:A6:B6:1B:04:DB:FB:F7:A6:52:5B:7B:9B
Certificate issuer: /CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
Certificate serial: 018CC9BC2B98B148A07A8B3D469D94A5DE75
Authority key identifier: 6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/FwBT6fO1eZGmthsE2_v3plJbe5s.roa
Signing time: Tue 02 Jan 2024 10:33:21 +0000
ROA not before: Tue 02 Jan 2024 10:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3223
IP address blocks: 185.4.132.0/22 maxlen: 24
185.138.40.0/22 maxlen: 24
2a02:c500::/29 maxlen: 29
2a07:8c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.mft
rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:2b:98:b1:48:a0:7a:8b:3d:46:9d:94:a5:de:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
Validity
Not Before: Jan 2 10:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=170053e9f3b57991a6b61b04dbfbf7a6525b7b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:8c:ad:a4:ef:b5:15:51:25:91:0b:ce:6d:9b:
0e:38:85:0e:92:cf:3c:ad:11:12:57:dc:85:db:59:
9c:5c:1b:26:ee:85:28:2a:e4:22:1a:a6:9c:5f:dc:
8b:98:58:9a:91:61:52:79:9a:43:1f:6a:d3:a4:19:
24:ee:97:5d:3e:ff:93:a4:25:20:38:2c:5e:8d:6e:
5e:e1:89:00:38:48:71:35:c0:55:01:e2:e3:3c:25:
0d:17:e9:02:60:42:41:a4:1d:b9:99:f1:c2:1d:f5:
c7:73:ce:e7:70:ed:6a:cb:40:9c:82:8d:c9:45:f0:
51:fa:b9:88:ee:49:35:52:82:40:b7:ba:fd:75:9e:
56:59:b8:0d:d6:4a:13:ae:dd:ae:64:ec:d2:fb:91:
41:5e:8a:d0:f3:f6:0f:55:98:75:1c:3d:1e:48:7d:
53:82:c7:a9:cd:7a:b9:7f:27:61:81:cc:4a:99:a5:
4c:34:90:cb:f1:8d:5c:c5:2b:58:71:35:76:60:0b:
d6:46:71:f0:ba:70:78:bf:06:62:ed:9d:ea:f0:b5:
75:52:fe:9e:e9:03:49:3a:1e:4a:3f:92:4d:48:55:
84:17:36:89:4e:1e:c1:c7:df:a9:cb:c0:16:99:03:
f9:22:78:6f:73:a9:2c:55:14:4f:cb:f6:b7:a4:e7:
57:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:00:53:E9:F3:B5:79:91:A6:B6:1B:04:DB:FB:F7:A6:52:5B:7B:9B
X509v3 Authority Key Identifier:
keyid:6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/FwBT6fO1eZGmthsE2_v3plJbe5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.132.0/22
185.138.40.0/22
IPv6:
2a02:c500::/29
2a07:8c0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:a9:70:d7:6a:65:b6:eb:7b:ef:bb:ce:7e:d5:ec:c0:16:bb:
ea:f7:87:8c:e3:85:c7:4f:7d:f4:da:9c:a6:8a:d6:da:8f:eb:
49:1c:a7:10:a6:9c:5e:93:49:7a:89:d9:bb:68:6a:55:60:2e:
d7:62:f2:4e:6a:c5:2e:9b:19:b4:bd:90:87:ca:4f:84:ef:78:
d8:f4:53:57:c3:79:ea:e5:7e:dd:74:af:22:1c:79:4c:0e:d3:
16:d8:fe:aa:e7:67:59:e1:d0:31:03:d0:f6:cb:c6:39:d8:5f:
d9:80:50:4d:a9:c5:63:61:f7:a6:95:07:1f:67:ac:39:44:de:
b6:2c:8c:0f:17:20:c8:d2:4b:a0:be:50:ef:49:40:af:ed:85:
a9:0d:92:91:c3:8a:46:d5:6d:b5:77:54:fe:0b:31:f0:34:bf:
5f:fc:b7:22:4c:dc:78:cc:2d:fe:dc:f9:da:ad:cd:af:5b:72:
2b:a8:51:ca:2c:93:23:05:29:e2:3a:35:ee:7c:1b:7e:f6:ba:
95:c4:21:a9:0c:91:fa:1f:b6:6c:70:f5:57:80:da:0c:c1:ef:
ec:f1:93:ab:70:f7:f2:48:1a:33:3e:a7:19:b5:f8:21:5c:ca:
9c:45:eb:67:cd:fa:b2:98:3b:df:74:d0:9e:53:33:79:78:65:
56:54:89:f3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzJvCuYsUigeos9Rp2Upd51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNDYyM2Y3NmJkNWJiMmRmMGFmNjZmMzYwZmY3NGZmMWMw
MGRiMDIwHhcNMjQwMTAyMTAzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzAwNTNlOWYzYjU3OTkxYTZiNjFiMDRkYmZiZjdhNjUyNWI3YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA94ytpO+1FVElkQvObZsOOIUOks88
rRESV9yF21mcXBsm7oUoKuQiGqacX9yLmFiakWFSeZpDH2rTpBkk7pddPv+TpCUg
OCxejW5e4YkAOEhxNcBVAeLjPCUNF+kCYEJBpB25mfHCHfXHc87ncO1qy0Ccgo3J
RfBR+rmI7kk1UoJAt7r9dZ5WWbgN1koTrt2uZOzS+5FBXorQ8/YPVZh1HD0eSH1T
gsepzXq5fydhgcxKmaVMNJDL8Y1cxStYcTV2YAvWRnHwunB4vwZi7Z3q8LV1Uv6e
6QNJOh5KP5JNSFWEFzaJTh7Bx9+py8AWmQP5Inhvc6ksVRRPy/a3pOdXJQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBcAU+nztXmRprYbBNv796ZSW3ubMB8GA1UdIwQY
MBaAFGpGI/dr1bst8K9m82D/dP8cANsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgt
NmM4MzIwNTBlNzdhLzEvRndCVDZmTzFlWkdtdGhzRTJfdjNwbEpiZTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgtNmM4MzIwNTBlNzdh
LzEvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuQSEAwQC
uYooMBQEAgACMA4DBQMqAsUAAwUDKgcIwDANBgkqhkiG9w0BAQsFAAOCAQEALqlw
12pltut777vOftXswBa76veHjOOFx0999NqcporW2o/rSRynEKacXpNJeonZu2hq
VWAu12LyTmrFLpsZtL2Qh8pPhO942PRTV8N56uV+3XSvIhx5TA7TFtj+qudnWeHQ
MQPQ9svGOdhf2YBQTanFY2H3ppUHH2esOUTetiyMDxcgyNJLoL5Q70lAr+2FqQ2S
kcOKRtVttXdU/gsx8DS/X/y3IkzceMwt/tz52q3Nr1tyK6hRyiyTIwUp4jo17nwb
fva6lcQhqQyR+h+2bHD1V4DaDMHv7PGTq3D38kgaMz6nGbX4IVzKnEXrZ836spg7
33TQnlMzeXhlVlSJ8w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:19 2024 by rpki-client on console-ams.rpki-client.org