Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/FaTE6UIymGghHtYjc2d5JBR4gSk.roa
File: FaTE6UIymGghHtYjc2d5JBR4gSk.roa (raw, json)
Hash identifier: vy8sx0Yu9lCNzlQPi4lnBdKYMhRLF7E7c5uFi9PFXnc=
Subject key identifier: 15:A4:C4:E9:42:32:98:68:21:1E:D6:23:73:67:79:24:14:78:81:29
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018E0DAD3E4869162B81A90F24CF209AF68A
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/FaTE6UIymGghHtYjc2d5JBR4gSk.roa
Signing time: Tue 05 Mar 2024 08:14:01 +0000
ROA not before: Tue 05 Mar 2024 08:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56882
IP address blocks: 37.209.160.0/21 maxlen: 21
45.252.236.0/22 maxlen: 22
46.251.252.0/23 maxlen: 23
46.251.254.0/23 maxlen: 23
91.228.91.0/24 maxlen: 24
115.42.52.0/22 maxlen: 22
168.245.196.0/23 maxlen: 23
185.59.64.0/24 maxlen: 24
185.59.65.0/24 maxlen: 24
185.59.66.0/24 maxlen: 24
185.59.67.0/24 maxlen: 24
185.130.152.0/22 maxlen: 22
185.193.8.0/22 maxlen: 22
188.227.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:ad:3e:48:69:16:2b:81:a9:0f:24:cf:20:9a:f6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Mar 5 08:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15a4c4e942329868211ed6237367792414788129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6c:48:fc:95:51:1d:b8:e1:af:5d:b9:f8:f3:
57:19:91:e4:c8:c2:ad:c0:0e:2e:e7:49:82:8a:69:
ac:3e:d6:1f:4e:21:9a:58:4b:e9:0f:6c:51:00:51:
44:3e:c2:43:94:89:4e:d1:c0:e8:40:d3:43:03:50:
c2:00:37:92:05:54:be:bf:79:b9:37:33:8c:f9:db:
56:4b:ce:ef:7d:97:11:9e:a2:85:3a:d9:61:1b:82:
53:d3:6f:01:a7:86:92:dd:9f:ff:83:7d:83:a8:ad:
2a:67:4a:03:50:01:f3:01:bb:07:66:5d:e9:b9:4e:
99:fd:2d:f5:70:db:57:31:04:ab:e4:fb:07:2b:2a:
13:32:0c:93:b8:a8:bc:3e:34:4f:d3:f4:f8:86:75:
5b:4f:83:8a:7d:06:93:86:dd:72:57:67:31:b3:ef:
e6:b6:f8:b4:a7:c8:62:51:f9:ad:3e:72:b2:94:42:
70:a5:16:9a:ba:2c:e8:72:76:03:88:d9:9d:89:09:
92:95:f2:79:e3:82:c1:41:df:8e:b1:74:f5:87:ae:
e5:b3:33:44:84:43:01:5c:74:bf:2f:c1:75:bd:83:
7e:4e:12:9e:0d:83:35:c7:ca:9a:bd:1c:fd:82:2c:
33:61:7a:0c:d2:2f:69:aa:f1:27:2d:82:7a:d4:e5:
a3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:A4:C4:E9:42:32:98:68:21:1E:D6:23:73:67:79:24:14:78:81:29
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/FaTE6UIymGghHtYjc2d5JBR4gSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.160.0/21
45.252.236.0/22
46.251.252.0/22
91.228.91.0/24
115.42.52.0/22
168.245.196.0/23
185.59.64.0/22
185.130.152.0/22
185.193.8.0/22
188.227.128.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:c5:e9:4e:92:b5:28:fa:8a:7e:b4:99:cc:09:21:8c:95:a0:
84:77:bb:5c:02:37:4d:ab:66:34:06:10:16:3e:1d:dc:eb:6e:
70:1a:68:b9:c5:2f:bb:de:c6:e4:d1:4e:c1:f8:a1:ca:3f:e1:
04:47:7c:25:9f:fa:62:b3:30:e2:d3:69:a6:e4:a1:53:20:3a:
cd:1d:ee:c0:75:9f:df:2a:0e:4b:85:82:67:e7:01:0d:24:5a:
46:b1:0c:12:cb:6b:21:d4:4b:72:b9:b1:4f:5c:43:a3:85:0e:
b7:cb:4f:1b:17:5f:e6:fb:a6:cc:01:5b:bb:f3:b0:08:53:df:
77:2d:fb:a5:3f:6f:c0:c1:97:fe:c3:fb:26:89:02:e0:a5:7d:
85:db:09:ca:94:fd:dc:2f:41:83:30:91:b2:81:94:e0:cb:4b:
87:95:83:83:46:e9:a3:b8:b2:1e:f6:0d:fb:48:db:07:8e:78:
fe:be:a1:ee:d0:19:01:39:ca:7b:d8:fa:be:7e:33:26:be:65:
fd:f3:c3:93:4a:d8:dc:41:40:fd:31:d9:94:7e:a3:40:f2:a1:
29:68:04:8b:8b:de:f0:b7:26:87:62:92:34:aa:25:43:ac:03:
bc:3e:c6:95:95:7b:c4:a0:42:62:60:24:e5:10:52:56:4b:47:
d6:f5:f1:47
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY4NrT5IaRYrgakPJM8gmvaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMzA1MDgxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWE0YzRlOTQyMzI5ODY4MjExZWQ2MjM3MzY3NzkyNDE0Nzg4MTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGxI/JVRHbjhr125+PNXGZHkyMKt
wA4u50mCimmsPtYfTiGaWEvpD2xRAFFEPsJDlIlO0cDoQNNDA1DCADeSBVS+v3m5
NzOM+dtWS87vfZcRnqKFOtlhG4JT028Bp4aS3Z//g32DqK0qZ0oDUAHzAbsHZl3p
uU6Z/S31cNtXMQSr5PsHKyoTMgyTuKi8PjRP0/T4hnVbT4OKfQaTht1yV2cxs+/m
tvi0p8hiUfmtPnKylEJwpRaauizocnYDiNmdiQmSlfJ544LBQd+OsXT1h67lszNE
hEMBXHS/L8F1vYN+ThKeDYM1x8qavRz9giwzYXoM0i9pqvEnLYJ61OWjcwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFBWkxOlCMphoIR7WI3NneSQUeIEpMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvRmFURTZVSXltR2doSHRZamMyZDVKQlI0Z1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDJdGgAwQC
LfzsAwQCLvv8AwQAW+RbAwQCcyo0AwQBqPXEAwQCuTtAAwQCuYKYAwQCucEIAwQF
vOOAMA0GCSqGSIb3DQEBCwUAA4IBAQArxelOkrUo+op+tJnMCSGMlaCEd7tcAjdN
q2Y0BhAWPh3c625wGmi5xS+73sbk0U7B+KHKP+EER3wln/piszDi02mm5KFTIDrN
He7AdZ/fKg5LhYJn5wENJFpGsQwSy2sh1EtyubFPXEOjhQ63y08bF1/m+6bMAVu7
87AIU993LfulP2/AwZf+w/smiQLgpX2F2wnKlP3cL0GDMJGygZTgy0uHlYODRumj
uLIe9g37SNsHjnj+vqHu0BkBOcp72Pq+fjMmvmX988OTStjcQUD9MdmUfqNA8qEp
aASLi97wtyaHYpI0qiVDrAO8PsaVlXvEoEJiYCTlEFJWS0fW9fFH
-----END CERTIFICATE-----
Generated at Wed May 22 23:53:32 2024 by rpki-client on console-fra.rpki-client.org