Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/FXmuFfYkDOOpFwxXErvRBfEjs2c.roa
File: FXmuFfYkDOOpFwxXErvRBfEjs2c.roa (raw, json)
Hash identifier: XFzHcpU+4WI5/Hul8GTpMV44D1eQwrGglz0Ud/ypK24=
Subject key identifier: 15:79:AE:15:F6:24:0C:E3:A9:17:0C:57:12:BB:D1:05:F1:23:B3:67
Certificate issuer: /CN=8877da3d483027a01eddcd0e435e8285f1b1bb9e
Certificate serial: 018CC3B72FE23D8E8DB1281B05674FDA4213
Authority key identifier: 88:77:DA:3D:48:30:27:A0:1E:DD:CD:0E:43:5E:82:85:F1:B1:BB:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHfaPUgwJ6Ae3c0OQ16ChfGxu54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/FXmuFfYkDOOpFwxXErvRBfEjs2c.roa
Signing time: Mon 01 Jan 2024 06:30:11 +0000
ROA not before: Mon 01 Jan 2024 06:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62412
IP address blocks: 188.214.242.0/23 maxlen: 24
139.28.228.0/22 maxlen: 24
185.184.88.0/22 maxlen: 24
185.36.210.0/23 maxlen: 24
2a0f:5900::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/iHfaPUgwJ6Ae3c0OQ16ChfGxu54.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/iHfaPUgwJ6Ae3c0OQ16ChfGxu54.mft
rsync://rpki.ripe.net/repository/DEFAULT/iHfaPUgwJ6Ae3c0OQ16ChfGxu54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2f:e2:3d:8e:8d:b1:28:1b:05:67:4f:da:42:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8877da3d483027a01eddcd0e435e8285f1b1bb9e
Validity
Not Before: Jan 1 06:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1579ae15f6240ce3a9170c5712bbd105f123b367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ab:e8:ed:dc:b4:5f:ed:f0:b9:08:1d:d6:90:
d2:6b:3d:f9:9e:61:2f:2e:7f:37:bb:74:13:79:d8:
f6:08:60:3e:c0:c2:76:9d:1d:0e:cc:3a:44:61:2e:
43:49:f4:54:2d:fe:60:d2:7d:c6:27:49:80:63:b1:
5c:d8:8a:64:9a:c4:3a:45:92:80:41:78:fa:73:08:
8d:83:06:a9:02:a7:59:b8:78:ac:bd:42:5d:de:6c:
fa:2a:a5:23:d7:8c:a4:31:b7:c4:5e:f7:8c:99:99:
4a:08:5b:bc:2c:4a:9e:4a:cd:66:19:b3:65:9f:49:
75:7d:b9:18:19:db:aa:6c:c9:61:5f:87:b3:ea:51:
95:ba:2b:4d:83:76:e2:92:15:b6:69:2e:c4:23:2a:
14:d5:e5:87:6d:38:25:68:b7:08:7e:09:7f:66:4d:
74:fd:8c:d4:4b:32:12:61:70:09:6c:d2:82:c7:7a:
6e:58:26:c6:68:fe:9c:b4:a5:6e:e2:c7:ae:fd:d8:
fd:fd:bd:62:59:d4:38:8b:ed:bd:5f:8a:0f:db:36:
09:46:51:ac:74:fc:a2:16:5b:d4:23:e3:b5:59:c2:
23:cb:61:b4:81:f8:79:52:ea:4a:8a:26:17:33:07:
ad:39:02:5c:77:88:50:06:e6:57:32:1f:74:ba:89:
2c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:79:AE:15:F6:24:0C:E3:A9:17:0C:57:12:BB:D1:05:F1:23:B3:67
X509v3 Authority Key Identifier:
keyid:88:77:DA:3D:48:30:27:A0:1E:DD:CD:0E:43:5E:82:85:F1:B1:BB:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHfaPUgwJ6Ae3c0OQ16ChfGxu54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/FXmuFfYkDOOpFwxXErvRBfEjs2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/cb9c66-f7cc-4de1-bdc1-2f5f4c55262f/1/iHfaPUgwJ6Ae3c0OQ16ChfGxu54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.228.0/22
185.36.210.0/23
185.184.88.0/22
188.214.242.0/23
IPv6:
2a0f:5900::/29
Signature Algorithm: sha256WithRSAEncryption
54:f0:b8:99:55:77:55:57:2c:00:3d:52:ea:41:55:7c:f3:13:
ed:7e:f2:06:8d:e4:6c:b8:3b:2c:85:8a:cf:3a:d0:a9:cd:44:
cd:24:e4:c0:a9:4f:1c:09:2a:e4:27:65:3c:32:a0:af:e0:44:
de:d4:be:fc:81:32:c1:69:4d:0b:27:82:c7:9a:cb:32:6a:0f:
e4:43:32:06:0a:34:be:dc:03:5d:31:cd:48:75:ab:70:8f:34:
0e:a6:ec:0a:ed:28:4e:16:f5:dd:33:10:a2:c7:56:1f:d3:0f:
25:82:8e:e4:ac:71:3a:08:3c:94:ba:7f:ce:0c:2c:ea:17:9a:
e5:1f:44:d1:cc:3c:34:ae:9c:a3:8d:79:fa:d4:13:00:42:04:
7d:50:be:3e:49:ae:6f:f2:2c:60:3d:55:26:1f:8c:52:83:58:
89:cc:9a:ad:46:58:7e:6a:42:65:a1:e0:28:40:71:92:bd:76:
90:41:7d:5d:5b:ad:d8:4f:29:97:ce:b6:95:85:02:cf:f2:c6:
e2:45:4d:34:63:90:15:0d:88:eb:69:4d:27:63:92:a3:ce:2c:
58:03:84:02:29:e7:5d:e2:c8:0b:05:d9:17:27:b1:0c:c9:3b:
c9:34:24:6c:7a:71:5d:c1:d4:8f:36:db:90:e4:5a:dd:69:0f:
20:18:dd:db
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDty/iPY6NsSgbBWdP2kITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NzdkYTNkNDgzMDI3YTAxZWRkY2QwZTQzNWU4Mjg1ZjFi
MWJiOWUwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTc5YWUxNWY2MjQwY2UzYTkxNzBjNTcxMmJiZDEwNWYxMjNiMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKvo7dy0X+3wuQgd1pDSaz35nmEv
Ln83u3QTedj2CGA+wMJ2nR0OzDpEYS5DSfRULf5g0n3GJ0mAY7Fc2IpkmsQ6RZKA
QXj6cwiNgwapAqdZuHisvUJd3mz6KqUj14ykMbfEXveMmZlKCFu8LEqeSs1mGbNl
n0l1fbkYGduqbMlhX4ez6lGVuitNg3bikhW2aS7EIyoU1eWHbTglaLcIfgl/Zk10
/YzUSzISYXAJbNKCx3puWCbGaP6ctKVu4seu/dj9/b1iWdQ4i+29X4oP2zYJRlGs
dPyiFlvUI+O1WcIjy2G0gfh5UupKiiYXMwetOQJcd4hQBuZXMh90uoks9wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBV5rhX2JAzjqRcMVxK70QXxI7NnMB8GA1UdIwQY
MBaAFIh32j1IMCegHt3NDkNegoXxsbueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUhmYVBVZ3dKNkFlM2MwT1ExNkNoZkd4dTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9jYjljNjYtZjdjYy00ZGUxLWJkYzEt
MmY1ZjRjNTUyNjJmLzEvRlhtdUZmWWtET09wRnd4WEVydlJCZkVqczJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9jYjljNjYtZjdjYy00ZGUxLWJkYzEtMmY1ZjRjNTUyNjJm
LzEvaUhmYVBVZ3dKNkFlM2MwT1ExNkNoZkd4dTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCixzkAwQB
uSTSAwQCubhYAwQBvNbyMA0EAgACMAcDBQMqD1kAMA0GCSqGSIb3DQEBCwUAA4IB
AQBU8LiZVXdVVywAPVLqQVV88xPtfvIGjeRsuDsshYrPOtCpzUTNJOTAqU8cCSrk
J2U8MqCv4ETe1L78gTLBaU0LJ4LHmssyag/kQzIGCjS+3ANdMc1IdatwjzQOpuwK
7ShOFvXdMxCix1Yf0w8lgo7krHE6CDyUun/ODCzqF5rlH0TRzDw0rpyjjXn61BMA
QgR9UL4+Sa5v8ixgPVUmH4xSg1iJzJqtRlh+akJloeAoQHGSvXaQQX1dW63YTymX
zraVhQLP8sbiRU00Y5AVDYjraU0nY5KjzixYA4QCKedd4sgLBdkXJ7EMyTvJNCRs
enFdwdSPNtuQ5FrdaQ8gGN3b
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:27:46 2024 by rpki-client on console-ams.rpki-client.org