Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/fsclRUUTdgcxO_lSIff8dXvPL64.roa
File: fsclRUUTdgcxO_lSIff8dXvPL64.roa (raw, json)
Hash identifier: 8SpHt+w+/s4hWbzpU1XYYRGk60JjOjuEBME9qfyGiCM=
Subject key identifier: 7E:C7:25:45:45:13:76:07:31:3B:F9:52:21:F7:FC:75:7B:CF:2F:AE
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 018CC5005DBB7F136CEDAE57DBF4C80C6EF5
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/fsclRUUTdgcxO_lSIff8dXvPL64.roa
Signing time: Mon 01 Jan 2024 12:29:44 +0000
ROA not before: Mon 01 Jan 2024 12:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 185.66.12.0/22 maxlen: 22
185.126.84.0/23 maxlen: 23
45.153.74.0/23 maxlen: 23
185.126.86.0/23 maxlen: 23
195.158.224.0/23 maxlen: 23
185.80.148.0/22 maxlen: 22
195.190.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5d:bb:7f:13:6c:ed:ae:57:db:f4:c8:0c:6e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jan 1 12:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ec7254545137607313bf95221f7fc757bcf2fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:26:02:90:8a:82:37:34:40:50:9c:09:03:
47:ea:a1:9d:e0:8a:88:6c:0c:9b:49:59:c1:49:15:
57:fc:5c:63:22:22:b3:d1:29:5f:83:4b:22:05:64:
35:8f:a8:52:eb:e4:cc:17:db:4f:f6:ed:65:56:19:
30:07:8a:44:ec:11:27:8e:cb:f4:e7:1e:78:37:d6:
73:38:95:a4:18:10:a3:c4:85:47:52:f4:d6:f4:36:
34:23:58:43:fa:d5:45:e1:32:6b:fd:7b:b5:6b:d9:
c8:94:f7:b6:18:bf:bb:25:c7:81:33:43:1f:6b:6a:
46:81:30:9e:5f:a1:52:8f:a0:d6:a0:95:34:f1:f9:
e0:b3:ba:25:23:fb:e3:45:ad:dc:e9:85:c5:a4:de:
c9:ff:c8:bd:45:5f:2c:71:ed:ad:30:79:24:6b:e9:
ea:c2:af:6e:92:90:b9:63:cd:34:50:0b:0f:24:bb:
cc:97:bd:08:dd:93:60:1f:61:7a:d5:05:02:a0:2b:
b1:2c:af:a8:46:eb:b8:4e:4d:09:bc:b6:e8:7a:82:
f4:4d:e2:05:8b:ae:bc:e3:e5:c2:8f:5b:a8:ab:9e:
d9:a9:ca:b9:79:1d:44:4b:ba:3c:fc:5c:a4:eb:2c:
f4:46:99:77:c2:d8:c2:f9:17:9f:4a:3f:a8:99:fd:
aa:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C7:25:45:45:13:76:07:31:3B:F9:52:21:F7:FC:75:7B:CF:2F:AE
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/fsclRUUTdgcxO_lSIff8dXvPL64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.74.0/23
185.66.12.0/22
185.80.148.0/22
185.126.84.0/22
195.158.224.0/23
195.190.12.0/24
Signature Algorithm: sha256WithRSAEncryption
73:6d:79:c5:c3:15:9a:bf:f6:86:66:aa:bd:ad:1b:3c:db:0e:
c3:f1:82:ef:6b:31:97:a8:1a:68:a8:28:2e:63:03:6e:bb:9d:
8a:52:40:53:04:24:04:d3:42:5a:4e:2a:15:60:52:11:3d:4c:
e4:9c:89:82:e0:a2:e2:66:af:cf:91:11:fe:dd:f0:bf:fd:ed:
ad:a2:fa:c4:57:81:6d:24:cd:5f:fd:7a:a9:44:2b:15:48:35:
00:15:f4:c4:4f:b6:e2:35:d3:94:44:d4:3f:5e:ae:a3:33:c6:
8b:be:d9:1c:28:f8:86:78:5a:40:22:6d:b7:77:0d:de:89:16:
9b:8d:ae:90:f9:8a:cf:48:b4:6f:db:68:13:e3:95:b9:6f:84:
91:7d:3c:e9:fb:f6:41:3d:90:ba:d8:1e:3d:f2:f4:cb:01:36:
d1:bc:a1:57:56:72:89:66:44:4a:75:31:da:ab:ef:56:f0:b5:
02:43:b5:7e:84:97:c5:1d:ff:8d:1b:15:45:05:4d:f2:5c:c9:
62:53:cd:39:c7:b7:82:9a:a7:6d:ba:c7:f0:ff:53:38:e4:3b:
1d:44:f6:3c:26:f6:bc:a8:69:88:d3:b0:80:fa:4d:20:ff:9b:
44:e8:63:da:58:94:26:ea:05:f4:e8:97:74:80:08:d0:41:cf:
e2:6d:68:f5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFAF27fxNs7a5X2/TIDG71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjQwMTAxMTIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWM3MjU0NTQ1MTM3NjA3MzEzYmY5NTIyMWY3ZmM3NTdiY2YyZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH8mApCKgjc0QFCcCQNH6qGd4IqI
bAybSVnBSRVX/FxjIiKz0Slfg0siBWQ1j6hS6+TMF9tP9u1lVhkwB4pE7BEnjsv0
5x54N9ZzOJWkGBCjxIVHUvTW9DY0I1hD+tVF4TJr/Xu1a9nIlPe2GL+7JceBM0Mf
a2pGgTCeX6FSj6DWoJU08fngs7olI/vjRa3c6YXFpN7J/8i9RV8sce2tMHkka+nq
wq9ukpC5Y800UAsPJLvMl70I3ZNgH2F61QUCoCuxLK+oRuu4Tk0JvLboeoL0TeIF
i6684+XCj1uoq57Zqcq5eR1ES7o8/Fyk6yz0Rpl3wtjC+RefSj+omf2qVQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH7HJUVFE3YHMTv5UiH3/HV7zy+uMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvZnNjbFJVVVRkZ2N4T19sU0lmZjhkWHZQTDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLZlKAwQC
uUIMAwQCuVCUAwQCuX5UAwQBw57gAwQAw74MMA0GCSqGSIb3DQEBCwUAA4IBAQBz
bXnFwxWav/aGZqq9rRs82w7D8YLvazGXqBpoqCguYwNuu52KUkBTBCQE00JaTioV
YFIRPUzknImC4KLiZq/PkRH+3fC//e2tovrEV4FtJM1f/XqpRCsVSDUAFfTET7bi
NdOURNQ/Xq6jM8aLvtkcKPiGeFpAIm23dw3eiRabja6Q+YrPSLRv22gT45W5b4SR
fTzp+/ZBPZC62B498vTLATbRvKFXVnKJZkRKdTHaq+9W8LUCQ7V+hJfFHf+NGxVF
BU3yXMliU805x7eCmqdtusfw/1M45DsdRPY8Jva8qGmI07CA+k0g/5tE6GPaWJQm
6gX06Jd0gAjQQc/ibWj1
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:21 2024 by rpki-client on console-fra.rpki-client.org