Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/fef5dd-38ee-4bc5-82ff-584d78a25f8c/1/tWfCBE2U413d4Ojw2IVpE19-YWs.roa
File: tWfCBE2U413d4Ojw2IVpE19-YWs.roa (raw, json)
Hash identifier: 7W+IpAOdWmf8tWYaSTwbeGJtCDiZos4PkOxwUnlxSLg=
Subject key identifier: B5:67:C2:04:4D:94:E3:5D:DD:E0:E8:F0:D8:85:69:13:5F:7E:61:6B
Certificate issuer: /CN=7f31360ffc1afd5f1da66d81404e4663512d4967
Certificate serial: 018CC348CDFA6FF8C5F9A30067D86FC66DCC
Authority key identifier: 7F:31:36:0F:FC:1A:FD:5F:1D:A6:6D:81:40:4E:46:63:51:2D:49:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzE2D_wa_V8dpm2BQE5GY1EtSWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/fef5dd-38ee-4bc5-82ff-584d78a25f8c/1/tWfCBE2U413d4Ojw2IVpE19-YWs.roa
Signing time: Mon 01 Jan 2024 04:29:37 +0000
ROA not before: Mon 01 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9104
IP address blocks: 212.3.160.0/19 maxlen: 24
195.60.128.0/19 maxlen: 24
185.161.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/fef5dd-38ee-4bc5-82ff-584d78a25f8c/1/fzE2D_wa_V8dpm2BQE5GY1EtSWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/fef5dd-38ee-4bc5-82ff-584d78a25f8c/1/fzE2D_wa_V8dpm2BQE5GY1EtSWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/fzE2D_wa_V8dpm2BQE5GY1EtSWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:cd:fa:6f:f8:c5:f9:a3:00:67:d8:6f:c6:6d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f31360ffc1afd5f1da66d81404e4663512d4967
Validity
Not Before: Jan 1 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b567c2044d94e35ddde0e8f0d88569135f7e616b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4d:ea:93:0a:52:83:06:16:05:4c:1e:b1:c8:
09:fa:20:53:e2:0b:68:c5:e3:9d:a4:66:c1:8c:59:
e7:ac:b7:bb:5b:6a:d0:20:5a:aa:95:9b:ef:4c:d1:
58:f2:36:59:87:fb:af:40:e2:f5:11:08:ad:f3:80:
6f:9f:cf:f6:0a:32:01:b2:92:76:97:08:80:5f:1b:
d2:b1:45:34:f9:36:32:d6:c3:bf:ce:11:22:0c:0b:
e4:45:ce:cf:b0:90:05:ec:c3:57:30:1e:e3:ef:15:
fb:64:6d:f4:d1:60:5b:d9:36:22:84:e5:41:53:1f:
f7:7c:30:db:4f:94:b1:29:32:3b:77:77:36:21:11:
c0:19:c9:01:f2:7f:37:b9:32:06:8f:0b:30:2a:2a:
62:5b:a0:65:23:f4:e2:88:f9:19:ee:4a:34:9c:08:
6a:e0:20:23:cb:fa:d0:46:17:bb:81:c0:ed:44:4e:
0a:fa:4c:60:df:2a:1d:18:66:af:57:21:b6:cd:b1:
7f:7b:84:1a:48:26:07:f7:87:fe:16:4c:17:52:db:
cd:75:82:8f:86:e7:f3:f0:3d:8b:d8:2c:3c:40:72:
f6:32:08:88:ae:84:fb:f4:65:c1:4b:3f:f5:7b:8b:
ce:93:13:a9:d6:6e:6d:e7:11:2d:0e:c8:93:cc:bc:
ec:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:67:C2:04:4D:94:E3:5D:DD:E0:E8:F0:D8:85:69:13:5F:7E:61:6B
X509v3 Authority Key Identifier:
keyid:7F:31:36:0F:FC:1A:FD:5F:1D:A6:6D:81:40:4E:46:63:51:2D:49:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzE2D_wa_V8dpm2BQE5GY1EtSWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/fef5dd-38ee-4bc5-82ff-584d78a25f8c/1/tWfCBE2U413d4Ojw2IVpE19-YWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/fef5dd-38ee-4bc5-82ff-584d78a25f8c/1/fzE2D_wa_V8dpm2BQE5GY1EtSWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.220.0/22
195.60.128.0/19
212.3.160.0/19
Signature Algorithm: sha256WithRSAEncryption
1f:75:36:2f:58:6e:00:7e:bb:3a:87:98:3a:c4:bd:d1:3a:a0:
39:cf:64:87:aa:d3:78:26:f7:d0:4c:1a:ca:79:d6:b2:e8:61:
ef:da:b7:40:25:fd:27:e8:a2:bf:22:98:7e:6e:d5:6a:47:f3:
c5:6b:7f:10:80:bf:f1:ad:a8:66:02:2a:9d:f8:44:45:cf:e3:
aa:99:78:57:ac:33:e2:34:3e:33:7b:6c:3c:41:bc:db:96:a0:
03:1e:94:b4:0d:2e:9b:ed:02:4f:01:ff:a0:37:4e:cb:94:a1:
06:21:2b:4c:e1:75:56:19:99:0f:f5:22:1e:54:71:4d:ae:61:
6a:86:78:34:ba:0c:7c:16:26:4a:31:1e:39:e0:b6:28:6f:33:
94:7f:06:10:ee:d8:09:18:b0:59:b9:5d:58:9b:0b:92:5c:76:
af:e8:c9:d9:fe:05:c7:97:29:8a:02:02:e4:ee:d4:a4:b2:85:
fd:43:c8:43:92:bf:13:f7:7f:d6:16:52:3e:0b:8f:ea:e6:55:
03:41:84:2e:db:f6:bd:2b:8c:44:7d:95:65:da:9f:08:ed:0c:
27:72:70:9a:28:1a:26:07:9a:39:11:0e:78:63:59:be:2f:e0:
12:3d:4b:d7:8d:b9:44:fe:f8:f0:a3:0a:39:83:d2:38:6b:1b:
2e:27:5f:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSM36b/jF+aMAZ9hvxm3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzEzNjBmZmMxYWZkNWYxZGE2NmQ4MTQwNGU0NjYzNTEy
ZDQ5NjcwHhcNMjQwMTAxMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTY3YzIwNDRkOTRlMzVkZGRlMGU4ZjBkODg1NjkxMzVmN2U2MTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE3qkwpSgwYWBUwescgJ+iBT4gto
xeOdpGbBjFnnrLe7W2rQIFqqlZvvTNFY8jZZh/uvQOL1EQit84Bvn8/2CjIBspJ2
lwiAXxvSsUU0+TYy1sO/zhEiDAvkRc7PsJAF7MNXMB7j7xX7ZG300WBb2TYihOVB
Ux/3fDDbT5SxKTI7d3c2IRHAGckB8n83uTIGjwswKipiW6BlI/TiiPkZ7ko0nAhq
4CAjy/rQRhe7gcDtRE4K+kxg3yodGGavVyG2zbF/e4QaSCYH94f+FkwXUtvNdYKP
hufz8D2L2Cw8QHL2MgiIroT79GXBSz/1e4vOkxOp1m5t5xEtDsiTzLzsXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLVnwgRNlONd3eDo8NiFaRNffmFrMB8GA1UdIwQY
MBaAFH8xNg/8Gv1fHaZtgUBORmNRLUlnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpFMkRfd2FfVjhkcG0yQlFFNUdZMUV0U1djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mZWY1ZGQtMzhlZS00YmM1LTgyZmYt
NTg0ZDc4YTI1ZjhjLzEvdFdmQ0JFMlU0MTNkNE9qdzJJVnBFMTktWVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mZWY1ZGQtMzhlZS00YmM1LTgyZmYtNTg0ZDc4YTI1Zjhj
LzEvZnpFMkRfd2FfVjhkcG0yQlFFNUdZMUV0U1djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuaHcAwQF
wzyAAwQF1AOgMA0GCSqGSIb3DQEBCwUAA4IBAQAfdTYvWG4Afrs6h5g6xL3ROqA5
z2SHqtN4JvfQTBrKeday6GHv2rdAJf0n6KK/Iph+btVqR/PFa38QgL/xrahmAiqd
+ERFz+OqmXhXrDPiND4ze2w8QbzblqADHpS0DS6b7QJPAf+gN07LlKEGIStM4XVW
GZkP9SIeVHFNrmFqhng0ugx8FiZKMR454LYobzOUfwYQ7tgJGLBZuV1YmwuSXHav
6MnZ/gXHlymKAgLk7tSksoX9Q8hDkr8T93/WFlI+C4/q5lUDQYQu2/a9K4xEfZVl
2p8I7QwncnCaKBomB5o5EQ54Y1m+L+ASPUvXjblE/vjwowo5g9I4axsuJ191
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:55:19 2024 by rpki-client on console-fra.rpki-client.org