Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/FJjxTA0Ovnty70NuClgBqBVGaVo.roa
File: FJjxTA0Ovnty70NuClgBqBVGaVo.roa (raw, json)
Hash identifier: l2A6+zB4jIgckf//paBwlaTGxFz5vPI6YGcFOyScRes=
Subject key identifier: 14:98:F1:4C:0D:0E:BE:7B:72:EF:43:6E:0A:58:01:A8:15:46:69:5A
Certificate issuer: /CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Certificate serial: 018CC6B779EB95CB8C868C61483D23F8558E
Authority key identifier: 8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/FJjxTA0Ovnty70NuClgBqBVGaVo.roa
Signing time: Mon 01 Jan 2024 20:29:22 +0000
ROA not before: Mon 01 Jan 2024 20:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203501
IP address blocks: 45.91.44.0/22 maxlen: 24
45.91.45.0/24 maxlen: 24
194.113.27.0/24 maxlen: 24
194.113.26.0/24 maxlen: 24
194.113.26.0/23 maxlen: 23
89.37.88.0/22 maxlen: 24
45.86.116.0/22 maxlen: 24
45.87.199.0/24 maxlen: 24
45.87.198.0/24 maxlen: 24
45.87.197.0/24 maxlen: 24
45.87.196.0/24 maxlen: 24
2a02:7040:ff00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.mft
rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:79:eb:95:cb:8c:86:8c:61:48:3d:23:f8:55:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Validity
Not Before: Jan 1 20:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1498f14c0d0ebe7b72ef436e0a5801a81546695a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:65:a1:3f:25:35:13:3e:81:07:83:fe:c0:82:
27:ea:8d:0c:b5:70:6a:96:ed:3d:8f:e6:67:6d:79:
31:e5:17:d6:21:66:eb:29:26:61:a4:a4:34:8f:a0:
ae:11:ea:a1:c0:2c:fe:87:ce:08:55:aa:56:f0:a2:
57:81:15:fa:59:e3:fb:17:e9:ce:df:75:a3:89:0a:
b2:d2:a2:6b:bc:61:af:b7:c9:13:0a:59:89:e0:06:
79:8d:d4:da:4c:6c:af:38:02:c0:3c:d0:3c:63:bb:
d7:cd:5b:8c:ed:43:dc:c0:1d:ec:76:65:fd:bc:5d:
6c:7d:a9:7b:b8:7b:32:c7:44:40:22:3e:ca:78:4d:
d4:cb:e4:ee:ed:80:97:7d:66:2e:ce:38:0d:6c:5d:
3e:56:fa:e4:32:d9:61:b0:35:a0:df:7c:b4:c1:33:
d7:32:b4:a7:8d:63:46:1d:3a:8c:e4:4b:5b:cb:d2:
94:db:c3:9a:b5:96:c7:57:df:d6:31:1d:73:4a:df:
75:5d:38:33:ad:d7:9b:40:12:fb:a3:39:53:d7:54:
2e:62:8a:86:41:b0:14:60:e4:1c:bc:5c:fc:ef:02:
d5:d9:69:1f:97:fc:be:f8:3b:fd:46:8c:03:06:52:
c8:fa:26:0b:b8:90:81:0a:0a:a1:0c:5e:d0:b2:c8:
8f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:98:F1:4C:0D:0E:BE:7B:72:EF:43:6E:0A:58:01:A8:15:46:69:5A
X509v3 Authority Key Identifier:
keyid:8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/FJjxTA0Ovnty70NuClgBqBVGaVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.116.0/22
45.87.196.0/22
45.91.44.0/22
89.37.88.0/22
194.113.26.0/23
IPv6:
2a02:7040:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
86:d4:5b:0d:ba:d4:b2:8b:9d:20:0e:2a:48:01:14:91:47:da:
6e:92:ea:9c:ec:33:ec:c1:cc:82:4e:f8:d7:27:35:33:bd:4b:
5e:74:a6:68:cb:bb:9d:2a:76:58:26:75:44:b9:e8:ba:13:58:
d2:97:fe:c6:4d:2e:2b:80:5b:d9:2d:ab:f6:a3:54:f7:14:59:
69:3a:22:d4:ed:38:85:fe:05:c4:60:5e:4c:05:4f:e2:ef:da:
d8:f5:94:d1:cd:44:fa:e5:0e:d3:4d:fc:b5:60:1d:a3:26:fb:
f3:d2:1f:86:0e:35:aa:13:5f:76:9e:a3:e1:ce:05:9f:2d:4b:
0c:07:f5:a2:f2:83:59:0a:8c:1b:12:1f:ad:93:30:d5:f2:a3:
b2:9e:f6:f7:a1:92:40:a6:8d:76:88:ad:60:89:9f:79:41:f2:
ef:e0:2c:af:df:ec:ce:57:e3:9e:49:1b:83:3b:1e:61:1d:70:
d2:9c:9b:61:20:af:9e:3a:3a:91:72:ec:f5:4d:c0:91:c6:f5:
19:d6:06:6b:fd:31:96:34:09:43:0b:65:ad:89:12:41:d1:ad:
d6:4d:b7:85:97:b3:5c:25:46:4b:33:d5:f9:5d:b5:ec:7a:41:
72:64:3d:87:d6:12:0d:a0:43:09:a9:41:78:0c:b0:a4:ed:d8:
44:43:49:ba
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzGt3nrlcuMhoxhSD0j+FWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2Y4MWE2ZTc4MmUyMTExODljNGYzNGU0NTliNDIyNmM3
NWY0YTYwHhcNMjQwMTAxMjAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDk4ZjE0YzBkMGViZTdiNzJlZjQzNmUwYTU4MDFhODE1NDY2OTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWWhPyU1Ez6BB4P+wIIn6o0MtXBq
lu09j+ZnbXkx5RfWIWbrKSZhpKQ0j6CuEeqhwCz+h84IVapW8KJXgRX6WeP7F+nO
33WjiQqy0qJrvGGvt8kTClmJ4AZ5jdTaTGyvOALAPNA8Y7vXzVuM7UPcwB3sdmX9
vF1sfal7uHsyx0RAIj7KeE3Uy+Tu7YCXfWYuzjgNbF0+VvrkMtlhsDWg33y0wTPX
MrSnjWNGHTqM5Etby9KU28OatZbHV9/WMR1zSt91XTgzrdebQBL7ozlT11QuYoqG
QbAUYOQcvFz87wLV2Wkfl/y++Dv9RowDBlLI+iYLuJCBCgqhDF7QssiP1QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBSY8UwNDr57cu9DbgpYAagVRmlaMB8GA1UdIwQY
MBaAFIt/gabnguIRGJxPNORZtCJsdfSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUt
ZjJmNDI2ZWZlMDM5LzEvRkpqeFRBME92bnR5NzBOdUNsZ0JxQlZHYVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUtZjJmNDI2ZWZlMDM5
LzEvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCLVZ0AwQC
LVfEAwQCLVssAwQCWSVYAwQBwnEaMA4EAgACMAgDBgAqAnBA/zANBgkqhkiG9w0B
AQsFAAOCAQEAhtRbDbrUsoudIA4qSAEUkUfabpLqnOwz7MHMgk741yc1M71LXnSm
aMu7nSp2WCZ1RLnouhNY0pf+xk0uK4Bb2S2r9qNU9xRZaToi1O04hf4FxGBeTAVP
4u/a2PWU0c1E+uUO0038tWAdoyb789Ifhg41qhNfdp6j4c4Fny1LDAf1ovKDWQqM
GxIfrZMw1fKjsp7296GSQKaNdoitYImfeUHy7+Asr9/szlfjnkkbgzseYR1w0pyb
YSCvnjo6kXLs9U3Akcb1GdYGa/0xljQJQwtlrYkSQdGt1k23hZezXCVGSzPV+V21
7HpBcmQ9h9YSDaBDCalBeAywpO3YRENJug==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:54 2024 by rpki-client on console-fra.rpki-client.org