Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/fqYeYmCZsuYLGhFkIjS2fI-aIu0.roa
File: fqYeYmCZsuYLGhFkIjS2fI-aIu0.roa (raw, json)
Hash identifier: N9DrsPBqloytSOZA/JPmkYGsHZ5FCFKxuOJQ0eau1JY=
Subject key identifier: 7E:A6:1E:62:60:99:B2:E6:0B:1A:11:64:22:34:B6:7C:8F:9A:22:ED
Certificate issuer: /CN=7fe33668972dffb7ec8628ae8c3c26bede1cab9a
Certificate serial: 018CE8B05A632C61088178282B452DC78B3D
Authority key identifier: 7F:E3:36:68:97:2D:FF:B7:EC:86:28:AE:8C:3C:26:BE:DE:1C:AB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-M2aJct_7fshiiujDwmvt4cq5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/fqYeYmCZsuYLGhFkIjS2fI-aIu0.roa
Signing time: Mon 08 Jan 2024 10:48:40 +0000
ROA not before: Mon 08 Jan 2024 10:48:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59460
IP address blocks: 91.241.32.0/22 maxlen: 22
91.241.32.0/24 maxlen: 24
91.241.33.0/24 maxlen: 24
91.241.34.0/24 maxlen: 24
91.241.35.0/24 maxlen: 24
194.146.4.0/24 maxlen: 24
194.146.4.0/22 maxlen: 22
194.146.5.0/24 maxlen: 24
194.146.6.0/24 maxlen: 24
185.135.192.0/22 maxlen: 22
185.135.192.0/24 maxlen: 24
185.135.193.0/24 maxlen: 24
185.135.194.0/24 maxlen: 24
185.135.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/f-M2aJct_7fshiiujDwmvt4cq5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/f-M2aJct_7fshiiujDwmvt4cq5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-M2aJct_7fshiiujDwmvt4cq5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 21:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:b0:5a:63:2c:61:08:81:78:28:2b:45:2d:c7:8b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe33668972dffb7ec8628ae8c3c26bede1cab9a
Validity
Not Before: Jan 8 10:48:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ea61e626099b2e60b1a11642234b67c8f9a22ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:33:00:d1:26:ac:1c:a2:f2:9f:16:bc:42:d8:
0f:ab:0b:3c:16:17:64:37:85:70:5c:df:ff:9a:35:
dd:7e:63:17:d1:69:ef:2f:00:12:7e:10:4d:c8:78:
0e:20:1c:63:41:b9:59:57:83:62:12:6a:d5:06:d4:
f4:b1:5f:35:ab:96:44:74:f2:d4:0d:b1:6d:2d:5e:
5e:b0:7c:75:28:6f:8c:8d:96:2c:37:da:8a:d4:54:
7c:d9:bc:22:14:e1:a0:bd:44:27:18:8c:c3:96:00:
ac:9a:56:57:41:a5:3b:ef:fa:f5:49:6a:4b:8c:48:
88:23:34:00:f5:18:1d:6c:4b:99:59:ba:85:a7:9d:
fd:39:26:5e:49:27:99:7b:be:f7:92:62:51:fe:74:
e3:60:7e:2f:6f:ea:91:48:f3:27:d5:ed:b0:8e:f8:
1b:5a:19:91:fd:5e:f1:b6:c0:c3:e3:e4:7b:cb:3d:
5f:47:1d:12:87:de:25:e0:ff:1b:df:3d:bf:df:be:
a6:d9:10:fc:c2:60:00:a8:cc:9f:2a:cb:85:09:ba:
ee:99:2c:45:89:f8:2b:67:b2:40:da:20:04:76:ee:
41:cd:b8:06:80:86:4b:71:c6:1f:51:72:55:62:69:
7e:9c:81:02:37:61:d8:dd:b9:50:08:6d:c2:c5:cf:
b3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A6:1E:62:60:99:B2:E6:0B:1A:11:64:22:34:B6:7C:8F:9A:22:ED
X509v3 Authority Key Identifier:
keyid:7F:E3:36:68:97:2D:FF:B7:EC:86:28:AE:8C:3C:26:BE:DE:1C:AB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-M2aJct_7fshiiujDwmvt4cq5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/fqYeYmCZsuYLGhFkIjS2fI-aIu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/f-M2aJct_7fshiiujDwmvt4cq5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.32.0/22
185.135.192.0/22
194.146.4.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:8d:86:51:06:33:0d:e1:45:0f:2c:d0:fd:4e:95:ac:73:59:
83:73:3f:85:25:35:79:6b:0b:32:2f:cc:0f:0b:b9:6d:89:6c:
28:68:38:6b:9c:60:e8:a5:01:69:c9:31:b2:21:d6:45:78:34:
9a:d2:36:f0:ef:de:17:f0:e9:cf:7c:24:8b:79:f4:cd:f9:98:
c2:c9:2f:0a:af:7c:8f:d2:30:b9:90:f7:32:c0:8a:a4:c9:21:
06:ea:22:88:3e:6e:3e:53:bf:16:8a:cd:7a:ee:de:35:00:25:
73:f8:25:58:3a:78:76:51:a8:bf:50:1b:0b:94:26:31:dd:20:
f2:3a:86:92:2c:1e:5d:67:a5:c0:0f:ef:cb:82:1a:90:f5:f0:
43:ac:e7:cf:29:5e:d4:41:3f:6a:e4:6e:79:28:d7:d9:93:64:
6f:96:b5:68:78:05:fe:07:f7:7d:77:e3:5c:e7:37:77:b8:53:
19:c5:4d:b3:89:d8:93:e8:06:10:cf:36:21:3f:43:ac:b1:a4:
0d:98:6d:25:15:a5:3b:45:83:12:97:03:fb:02:62:67:ab:25:
c0:c5:2f:b6:83:3b:08:b8:48:23:ac:b3:00:12:35:92:ec:3b:
91:2f:70:f8:58:5c:8b:0e:06:96:dd:b7:36:f9:34:b0:3f:f9:
50:5d:2c:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzosFpjLGEIgXgoK0Utx4s9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZTMzNjY4OTcyZGZmYjdlYzg2MjhhZThjM2MyNmJlZGUx
Y2FiOWEwHhcNMjQwMTA4MTA0ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWE2MWU2MjYwOTliMmU2MGIxYTExNjQyMjM0YjY3YzhmOWEyMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDMA0SasHKLynxa8QtgPqws8Fhdk
N4VwXN//mjXdfmMX0WnvLwASfhBNyHgOIBxjQblZV4NiEmrVBtT0sV81q5ZEdPLU
DbFtLV5esHx1KG+MjZYsN9qK1FR82bwiFOGgvUQnGIzDlgCsmlZXQaU77/r1SWpL
jEiIIzQA9RgdbEuZWbqFp539OSZeSSeZe773kmJR/nTjYH4vb+qRSPMn1e2wjvgb
WhmR/V7xtsDD4+R7yz1fRx0Sh94l4P8b3z2/376m2RD8wmAAqMyfKsuFCbrumSxF
ifgrZ7JA2iAEdu5BzbgGgIZLccYfUXJVYml+nIECN2HY3blQCG3Cxc+zUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH6mHmJgmbLmCxoRZCI0tnyPmiLtMB8GA1UdIwQY
MBaAFH/jNmiXLf+37IYorow8Jr7eHKuaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZi1NMmFKY3RfN2ZzaGlpdWpEd212dDRjcTVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85YzkyOGQtODMyNi00MmM1LThhNzEt
NzNhM2E0MGJkYzMwLzEvZnFZZVltQ1pzdVlMR2hGa0lqUzJmSS1hSXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85YzkyOGQtODMyNi00MmM1LThhNzEtNzNhM2E0MGJkYzMw
LzEvZi1NMmFKY3RfN2ZzaGlpdWpEd212dDRjcTVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW/EgAwQC
uYfAAwQCwpIEMA0GCSqGSIb3DQEBCwUAA4IBAQC5jYZRBjMN4UUPLND9TpWsc1mD
cz+FJTV5awsyL8wPC7ltiWwoaDhrnGDopQFpyTGyIdZFeDSa0jbw794X8OnPfCSL
efTN+ZjCyS8Kr3yP0jC5kPcywIqkySEG6iKIPm4+U78Wis167t41ACVz+CVYOnh2
Uai/UBsLlCYx3SDyOoaSLB5dZ6XAD+/LghqQ9fBDrOfPKV7UQT9q5G55KNfZk2Rv
lrVoeAX+B/d9d+Nc5zd3uFMZxU2zidiT6AYQzzYhP0OssaQNmG0lFaU7RYMSlwP7
AmJnqyXAxS+2gzsIuEgjrLMAEjWS7DuRL3D4WFyLDgaW3bc2+TSwP/lQXSyt
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:08:35 2024 by rpki-client on console-ams.rpki-client.org