Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/F6p-CRNmA3lYgQ6QARSb1o5-z84.roa
File: F6p-CRNmA3lYgQ6QARSb1o5-z84.roa (raw, json)
Hash identifier: YMxx0GGfeJxQe0PVjGe9WYaMyQUwYKIQ2OjNEhIzsrw=
Subject key identifier: 17:AA:7E:09:13:66:03:79:58:81:0E:90:01:14:9B:D6:8E:7E:CF:CE
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 018CC8DF6114C275053780F954CF70DBA9C0
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/F6p-CRNmA3lYgQ6QARSb1o5-z84.roa
Signing time: Tue 02 Jan 2024 06:32:11 +0000
ROA not before: Tue 02 Jan 2024 06:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61084
IP address blocks: 193.31.116.0/24 maxlen: 24
213.226.119.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
84.54.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.mft
rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 13:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:61:14:c2:75:05:37:80:f9:54:cf:70:db:a9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 2 06:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17aa7e091366037958810e9001149bd68e7ecfce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:8c:8d:ba:5e:d2:27:fc:a1:c6:55:2d:96:
9a:e6:35:e5:d4:8e:88:9c:bd:03:0c:a8:3c:52:b6:
89:f0:02:ee:08:fe:b4:07:6c:40:43:61:19:ae:f8:
b7:ff:cf:11:33:86:4f:73:be:2a:22:e4:f6:fd:eb:
02:01:1a:6a:60:65:9e:74:97:8d:5d:3f:07:86:6c:
62:41:1c:af:c1:58:d9:af:85:4d:ff:9f:73:d5:8d:
51:1a:7e:55:71:41:19:38:9e:56:d3:3b:46:6e:55:
84:bc:35:f5:48:89:72:1d:02:16:a0:1f:cd:08:9b:
e2:f6:c5:f0:bd:7a:ad:d5:c2:14:f5:ba:0f:46:e7:
0a:d2:d5:18:dd:79:e5:f9:95:34:4e:d6:1b:a7:79:
37:c1:ec:6c:c8:aa:ea:17:85:26:b7:25:a9:f7:26:
65:70:da:7e:e2:29:22:3d:8a:86:53:fb:3c:40:a9:
56:ed:14:b2:9b:1a:42:38:10:49:87:6e:a2:e5:79:
71:80:44:30:8d:6c:d9:81:5a:2f:7d:70:88:1e:d6:
2f:9c:01:8d:5b:ab:36:f5:6d:08:5e:8f:27:17:25:
f1:5e:7d:88:d1:66:ae:ad:85:c7:34:5e:50:49:42:
c9:78:c0:55:f0:52:fe:7b:64:59:3b:7e:ac:32:50:
ab:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AA:7E:09:13:66:03:79:58:81:0E:90:01:14:9B:D6:8E:7E:CF:CE
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/F6p-CRNmA3lYgQ6QARSb1o5-z84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.13.0/24
176.98.41.0/24
193.31.116.0/24
213.226.119.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:43:1d:19:84:8d:9e:36:e6:b6:b3:e6:8a:b5:a1:f8:1a:ca:
ec:45:af:a9:b6:32:40:95:81:f3:f2:70:f5:ab:b2:8f:a7:29:
28:ac:c1:4c:98:83:3d:c7:ac:36:2e:d9:80:8b:8e:e1:6d:d0:
60:db:79:9d:37:8b:c8:3e:e3:7b:d4:a0:97:49:d7:22:b3:3c:
f8:b0:b7:be:b8:57:2e:7e:d7:af:5f:ef:ab:d0:c3:b1:3e:70:
11:b6:ee:75:0a:f6:f1:c6:2f:12:79:0a:f3:48:21:42:ec:5e:
b9:44:1f:08:a7:f9:5d:8d:f6:be:26:2f:3a:27:e6:6c:d3:f7:
55:e5:52:c7:2d:89:cd:be:8b:fb:a8:43:e8:65:d5:be:e7:8a:
c0:ef:e9:ac:73:14:07:5c:58:cf:4f:62:51:d1:12:ea:bb:90:
5d:26:39:e0:90:78:73:dd:bd:35:e6:ef:40:08:04:f7:6f:db:
e7:a6:cb:7f:4e:97:bc:d6:83:71:17:fd:3f:2d:ff:d4:c7:79:
69:79:b0:02:31:63:28:81:36:70:8c:43:01:2f:08:22:af:31:
a3:08:64:fc:b7:98:10:cf:4a:da:64:10:18:a8:9d:c3:7a:c9:
4f:1d:3e:65:47:56:8b:28:56:36:44:c6:68:9b:a3:78:99:ae:
15:09:44:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI32EUwnUFN4D5VM9w26nAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjQwMTAyMDYzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FhN2UwOTEzNjYwMzc5NTg4MTBlOTAwMTE0OWJkNjhlN2VjZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqGMjbpe0if8ocZVLZaa5jXl1I6I
nL0DDKg8UraJ8ALuCP60B2xAQ2EZrvi3/88RM4ZPc74qIuT2/esCARpqYGWedJeN
XT8HhmxiQRyvwVjZr4VN/59z1Y1RGn5VcUEZOJ5W0ztGblWEvDX1SIlyHQIWoB/N
CJvi9sXwvXqt1cIU9boPRucK0tUY3Xnl+ZU0TtYbp3k3wexsyKrqF4UmtyWp9yZl
cNp+4ikiPYqGU/s8QKlW7RSymxpCOBBJh26i5XlxgEQwjWzZgVovfXCIHtYvnAGN
W6s29W0IXo8nFyXxXn2I0WaurYXHNF5QSULJeMBV8FL+e2RZO36sMlCrxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBeqfgkTZgN5WIEOkAEUm9aOfs/OMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvRjZwLUNSTm1BM2xZZ1E2UUFSU2IxbzUtejg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVDYNAwQA
sGIpAwQAwR90AwQA1eJ3MA0GCSqGSIb3DQEBCwUAA4IBAQBMQx0ZhI2eNua2s+aK
taH4GsrsRa+ptjJAlYHz8nD1q7KPpykorMFMmIM9x6w2LtmAi47hbdBg23mdN4vI
PuN71KCXSdciszz4sLe+uFcuftevX++r0MOxPnARtu51Cvbxxi8SeQrzSCFC7F65
RB8Ip/ldjfa+Ji86J+Zs0/dV5VLHLYnNvov7qEPoZdW+54rA7+mscxQHXFjPT2JR
0RLqu5BdJjngkHhz3b015u9ACAT3b9vnpst/Tpe81oNxF/0/Lf/Ux3lpebACMWMo
gTZwjEMBLwgirzGjCGT8t5gQz0raZBAYqJ3DeslPHT5lR1aLKFY2RMZom6N4ma4V
CURD
-----END CERTIFICATE-----
Generated at Wed May 1 22:45:36 2024 by rpki-client on console-fra.rpki-client.org