Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/qCtYdkPr-91zN7xQdAM1DbVObKE.roa
File: qCtYdkPr-91zN7xQdAM1DbVObKE.roa (raw, json)
Hash identifier: ANUMGWKADuGJKq2ZyUI1TEvO++fg4YAAOU1qthjNvpE=
Subject key identifier: A8:2B:58:76:43:EB:FB:DD:73:37:BC:50:74:03:35:0D:B5:4E:6C:A1
Certificate issuer: /CN=16fcf4866b6c85eb0cb7688edd43830f419d66a2
Certificate serial: 018CC500399295470C8D747CA69E80B54298
Authority key identifier: 16:FC:F4:86:6B:6C:85:EB:0C:B7:68:8E:DD:43:83:0F:41:9D:66:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fvz0hmtshesMt2iO3UODD0GdZqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/qCtYdkPr-91zN7xQdAM1DbVObKE.roa
Signing time: Mon 01 Jan 2024 12:29:35 +0000
ROA not before: Mon 01 Jan 2024 12:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212613
IP address blocks: 193.176.121.0/24 maxlen: 24
193.176.120.0/22 maxlen: 22
193.176.120.0/24 maxlen: 24
193.176.123.0/24 maxlen: 24
193.176.122.0/24 maxlen: 24
2a05:5a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/Fvz0hmtshesMt2iO3UODD0GdZqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/Fvz0hmtshesMt2iO3UODD0GdZqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fvz0hmtshesMt2iO3UODD0GdZqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 12:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:39:92:95:47:0c:8d:74:7c:a6:9e:80:b5:42:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16fcf4866b6c85eb0cb7688edd43830f419d66a2
Validity
Not Before: Jan 1 12:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a82b587643ebfbdd7337bc507403350db54e6ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ed:63:87:af:2a:af:2e:96:b4:a1:51:0a:16:
25:d4:c1:76:e4:3e:de:8f:22:a1:14:42:17:75:67:
77:09:d8:d6:c4:2c:c7:8e:14:b3:8f:7a:05:c7:97:
51:12:a7:15:e9:3a:13:3b:a0:0b:9e:aa:05:41:97:
2a:3f:cd:7b:a3:ba:4f:3c:24:a7:c9:bf:e1:11:59:
eb:15:6a:d8:30:f3:50:c1:7c:44:c8:79:29:67:4f:
2e:3c:2f:1f:97:c3:85:12:a6:6a:c4:40:cd:0a:26:
50:a8:ae:ee:8d:fe:4e:f5:be:ee:ed:98:5b:54:e8:
72:5e:7c:3c:f5:17:84:32:7a:89:42:31:cf:79:97:
2b:59:08:dd:a3:ab:f2:e9:1b:d4:34:62:94:d4:a7:
ea:f9:e4:a6:2f:83:3a:9d:bc:93:0d:f8:c6:b8:8f:
dc:09:b9:09:93:8c:32:98:40:0b:d4:5b:df:3e:0a:
76:af:2f:61:91:69:46:49:43:82:7a:d2:35:cf:7f:
ec:8d:55:b9:fd:38:10:19:f7:62:d6:12:c8:14:19:
26:3a:28:63:5f:5d:c3:6a:3e:b6:93:2d:d8:96:9f:
1d:59:55:2f:75:fb:55:8b:b0:65:e6:93:0f:51:3b:
ff:e1:e8:20:2c:97:be:75:df:f7:1f:f7:bc:ba:83:
d3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2B:58:76:43:EB:FB:DD:73:37:BC:50:74:03:35:0D:B5:4E:6C:A1
X509v3 Authority Key Identifier:
keyid:16:FC:F4:86:6B:6C:85:EB:0C:B7:68:8E:DD:43:83:0F:41:9D:66:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fvz0hmtshesMt2iO3UODD0GdZqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/qCtYdkPr-91zN7xQdAM1DbVObKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/Fvz0hmtshesMt2iO3UODD0GdZqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.120.0/22
IPv6:
2a05:5a00::/29
Signature Algorithm: sha256WithRSAEncryption
39:03:ee:5a:ad:23:54:fd:fb:ee:07:87:26:c8:48:a7:5a:7b:
c3:69:ae:32:fc:af:91:63:6c:0f:b5:60:c7:ba:33:60:14:a0:
30:be:5f:fb:03:c9:b3:ba:8f:9c:09:92:78:b6:fa:a7:ec:ef:
6b:cc:4b:87:7b:1c:c2:c2:9f:00:78:98:ce:6e:e8:c6:36:a2:
57:04:3b:cb:d8:60:20:27:cc:71:cf:8f:60:35:7b:88:a8:97:
8d:90:40:7e:67:41:15:54:50:ff:55:46:a2:80:be:13:ef:17:
cf:ff:12:82:5e:58:ee:85:e8:fa:56:81:43:07:16:07:05:6e:
bf:b2:f2:f2:2c:1a:f6:0a:c5:31:96:3e:aa:36:a5:ba:bd:cd:
17:be:d8:49:a5:35:d7:66:7f:11:52:b5:1f:d3:64:04:b5:55:
68:3f:c1:80:bf:28:b1:6a:dd:c9:5b:03:5a:6c:21:d1:00:48:
1f:e4:e4:97:69:33:e7:8c:5c:85:95:ac:09:2d:9c:87:18:12:
7b:28:78:3f:aa:b6:61:97:fd:9c:7d:92:88:b2:0b:51:a4:d8:
1d:1d:d3:16:a2:00:6d:80:64:ef:27:e6:32:f9:37:1f:8f:e8:
80:d8:a9:f7:4d:10:fe:fc:96:1e:7d:dc:1e:e1:2f:4c:bb:fc:
4f:42:cb:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFADmSlUcMjXR8pp6AtUKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZmNmNDg2NmI2Yzg1ZWIwY2I3Njg4ZWRkNDM4MzBmNDE5
ZDY2YTIwHhcNMjQwMTAxMTIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODJiNTg3NjQzZWJmYmRkNzMzN2JjNTA3NDAzMzUwZGI1NGU2Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu1jh68qry6WtKFRChYl1MF25D7e
jyKhFEIXdWd3CdjWxCzHjhSzj3oFx5dREqcV6ToTO6ALnqoFQZcqP817o7pPPCSn
yb/hEVnrFWrYMPNQwXxEyHkpZ08uPC8fl8OFEqZqxEDNCiZQqK7ujf5O9b7u7Zhb
VOhyXnw89ReEMnqJQjHPeZcrWQjdo6vy6RvUNGKU1Kfq+eSmL4M6nbyTDfjGuI/c
CbkJk4wymEAL1FvfPgp2ry9hkWlGSUOCetI1z3/sjVW5/TgQGfdi1hLIFBkmOihj
X13Daj62ky3Ylp8dWVUvdftVi7Bl5pMPUTv/4eggLJe+dd/3H/e8uoPTTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKgrWHZD6/vdcze8UHQDNQ21TmyhMB8GA1UdIwQY
MBaAFBb89IZrbIXrDLdojt1Dgw9BnWaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnZ6MGhtdHNoZXNNdDJpTzNVT0REMEdkWnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mYzg4ODMtYWFkMi00MThiLTliODct
ZWEyMTZiYTI1OTRkLzEvcUN0WWRrUHItOTF6Tjd4UWRBTTFEYlZPYktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mYzg4ODMtYWFkMi00MThiLTliODctZWEyMTZiYTI1OTRk
LzEvRnZ6MGhtdHNoZXNNdDJpTzNVT0REMEdkWnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwbB4MA0E
AgACMAcDBQMqBVoAMA0GCSqGSIb3DQEBCwUAA4IBAQA5A+5arSNU/fvuB4cmyEin
WnvDaa4y/K+RY2wPtWDHujNgFKAwvl/7A8mzuo+cCZJ4tvqn7O9rzEuHexzCwp8A
eJjObujGNqJXBDvL2GAgJ8xxz49gNXuIqJeNkEB+Z0EVVFD/VUaigL4T7xfP/xKC
Xljuhej6VoFDBxYHBW6/svLyLBr2CsUxlj6qNqW6vc0XvthJpTXXZn8RUrUf02QE
tVVoP8GAvyixat3JWwNabCHRAEgf5OSXaTPnjFyFlawJLZyHGBJ7KHg/qrZhl/2c
fZKIsgtRpNgdHdMWogBtgGTvJ+Yy+Tcfj+iA2Kn3TRD+/JYefdwe4S9Mu/xPQsuf
-----END CERTIFICATE-----
Generated at Wed May 15 18:07:00 2024 by rpki-client on console-fra.rpki-client.org