Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Fwqo1nrAkhQsnstZP3TQVGBMpzI.roa
File: Fwqo1nrAkhQsnstZP3TQVGBMpzI.roa (raw, json)
Hash identifier: US5MynMU5AgeLWjv9x0GGM39Zkh+D/o+s0+mlo++9q0=
Subject key identifier: 17:0A:A8:D6:7A:C0:92:14:2C:9E:CB:59:3F:74:D0:54:60:4C:A7:32
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348D83B3AB778341CD90D8E56652E6C
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Fwqo1nrAkhQsnstZP3TQVGBMpzI.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41503
IP address blocks: 194.209.23.0/24 maxlen: 24
212.243.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 20:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d8:3b:3a:b7:78:34:1c:d9:0d:8e:56:65:2e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=170aa8d67ac092142c9ecb593f74d054604ca732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:de:b3:4e:a9:45:2f:7e:ad:b1:96:14:6a:7d:
49:d2:24:e4:32:fc:ab:32:2c:9b:58:2d:e2:df:bd:
00:dc:45:89:48:35:23:33:e4:ab:13:4f:2e:68:e8:
d4:3e:59:05:44:11:74:09:f2:95:d4:45:6b:39:f1:
ac:0a:09:a4:e5:9b:93:f8:f3:c6:0b:05:37:ed:ca:
3d:7e:51:4f:77:89:08:64:e2:e4:04:8c:9f:0f:0f:
59:2b:54:c4:58:2b:9f:6a:68:2a:3b:4b:42:d4:96:
13:0e:9e:4b:02:5b:82:00:64:e8:8e:fe:4a:bc:55:
27:8a:93:a2:96:79:8b:78:3e:f2:06:88:24:53:0c:
64:c5:80:25:9a:65:31:d0:17:22:f7:80:51:a5:eb:
8d:af:bf:27:9c:9b:8e:c4:bd:15:f6:3b:de:81:94:
9c:cb:da:fc:f3:7b:4b:dd:2a:bd:fd:fa:94:3d:dd:
5d:3c:6d:0a:ca:67:b5:f3:66:bb:88:8f:f4:31:39:
18:6d:44:10:d0:b2:45:3b:0e:43:35:9a:fd:14:a2:
c0:2b:c6:56:be:a5:24:fb:43:ee:60:ff:72:fb:b6:
5b:e1:7d:94:96:79:1b:0e:5f:fd:46:d4:4b:68:48:
68:37:32:c6:12:9e:0d:c9:a8:c0:cd:73:ae:c8:d8:
e7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0A:A8:D6:7A:C0:92:14:2C:9E:CB:59:3F:74:D0:54:60:4C:A7:32
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/Fwqo1nrAkhQsnstZP3TQVGBMpzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.23.0/24
212.243.33.0/24
Signature Algorithm: sha256WithRSAEncryption
10:31:1d:3f:6b:ce:07:24:08:90:01:34:a4:f0:9f:f8:78:a1:
20:24:97:40:15:31:00:47:a0:b6:1f:70:d4:7f:57:8e:ea:ca:
32:db:fa:83:79:73:b2:a5:bb:38:a2:97:79:49:64:28:68:aa:
07:ae:ca:47:c9:e3:36:d6:f1:de:c3:1d:d7:23:d5:04:14:16:
05:6e:61:bd:66:88:7f:00:73:78:75:e8:8a:96:66:ed:52:29:
13:8e:b7:b5:fe:01:23:ce:c0:d5:4c:ce:a4:d1:3b:bc:33:7c:
11:23:4f:05:17:35:9d:89:4e:75:49:e8:9d:41:2c:d6:2e:8e:
cb:70:28:97:60:85:5f:e2:f5:53:82:bd:50:22:5d:87:53:26:
75:90:d0:1f:63:89:fe:c1:16:22:2e:d7:4a:59:eb:db:af:f1:
ed:53:52:ae:9d:dd:56:e0:8d:26:e3:62:5c:26:bd:bd:72:61:
ca:4e:ed:24:07:29:7c:a0:f8:33:af:49:b3:87:b8:a3:ef:a5:
de:fb:cd:8b:a1:33:10:d7:f1:6b:a5:02:a4:b3:31:b7:2c:35:
46:2e:78:28:c2:f8:7e:2f:39:81:4b:5d:4d:c7:9f:04:0e:da:
5b:7b:5c:af:a8:31:13:a8:c0:0d:7a:fc:b9:a6:56:db:f6:0c:
0e:ec:69:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSNg7Ord4NBzZDY5WZS5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzBhYThkNjdhYzA5MjE0MmM5ZWNiNTkzZjc0ZDA1NDYwNGNhNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh96zTqlFL36tsZYUan1J0iTkMvyr
MiybWC3i370A3EWJSDUjM+SrE08uaOjUPlkFRBF0CfKV1EVrOfGsCgmk5ZuT+PPG
CwU37co9flFPd4kIZOLkBIyfDw9ZK1TEWCufamgqO0tC1JYTDp5LAluCAGTojv5K
vFUnipOilnmLeD7yBogkUwxkxYAlmmUx0Bci94BRpeuNr78nnJuOxL0V9jvegZSc
y9r883tL3Sq9/fqUPd1dPG0Kyme182a7iI/0MTkYbUQQ0LJFOw5DNZr9FKLAK8ZW
vqUk+0PuYP9y+7Zb4X2UlnkbDl/9RtRLaEhoNzLGEp4NyajAzXOuyNjnjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBcKqNZ6wJIULJ7LWT900FRgTKcyMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvRndxbzFuckFraFFzbnN0WlAzVFFWR0JNcHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwtEXAwQA
1PMhMA0GCSqGSIb3DQEBCwUAA4IBAQAQMR0/a84HJAiQATSk8J/4eKEgJJdAFTEA
R6C2H3DUf1eO6soy2/qDeXOypbs4opd5SWQoaKoHrspHyeM21vHewx3XI9UEFBYF
bmG9Zoh/AHN4deiKlmbtUikTjre1/gEjzsDVTM6k0Tu8M3wRI08FFzWdiU51Seid
QSzWLo7LcCiXYIVf4vVTgr1QIl2HUyZ1kNAfY4n+wRYiLtdKWevbr/HtU1Kund1W
4I0m42JcJr29cmHKTu0kByl8oPgzr0mzh7ij76Xe+82LoTMQ1/FrpQKkszG3LDVG
Lngowvh+LzmBS11Nx58EDtpbe1yvqDETqMANevy5plbb9gwO7Gmq
-----END CERTIFICATE-----
Generated at Sat Jun 15 00:08:19 2024 by rpki-client on console-fra.rpki-client.org