Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/fgyBemJn5inTZyXu2vLnOyXiXcw.roa
File: fgyBemJn5inTZyXu2vLnOyXiXcw.roa (raw, json)
Hash identifier: Jc2N/HNTTNXP9suvYyrNjEbacnSGfxWCXm+iuMag/yY=
Subject key identifier: 7E:0C:81:7A:62:67:E6:29:D3:67:25:EE:DA:F2:E7:3B:25:E2:5D:CC
Certificate issuer: /CN=fde8d1c6aaf4a93ff41bbfa1bd1dac6197d59575
Certificate serial: 018CC4939EA62649EF37E6EA561A9C85DF1E
Authority key identifier: FD:E8:D1:C6:AA:F4:A9:3F:F4:1B:BF:A1:BD:1D:AC:61:97:D5:95:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/fgyBemJn5inTZyXu2vLnOyXiXcw.roa
Signing time: Mon 01 Jan 2024 10:30:57 +0000
ROA not before: Mon 01 Jan 2024 10:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15866
IP address blocks: 185.45.88.0/22 maxlen: 22
94.232.192.0/21 maxlen: 21
217.171.240.0/20 maxlen: 20
2a00:1920::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/_ejRxqr0qT_0G7-hvR2sYZfVlXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/_ejRxqr0qT_0G7-hvR2sYZfVlXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:9e:a6:26:49:ef:37:e6:ea:56:1a:9c:85:df:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fde8d1c6aaf4a93ff41bbfa1bd1dac6197d59575
Validity
Not Before: Jan 1 10:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e0c817a6267e629d36725eedaf2e73b25e25dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cb:dd:6a:a8:5a:fe:d5:9c:a3:2c:b2:f4:9a:
8c:85:3c:a6:7b:7e:dd:30:64:86:1c:6c:ae:00:6b:
1c:82:ce:67:84:ec:60:31:ab:8e:f5:71:e0:94:45:
4d:cd:e5:02:9c:32:93:88:d0:64:d9:7f:1b:bd:8b:
00:78:4e:2c:dc:9f:79:e1:b4:27:a8:0e:84:53:c3:
c9:87:f6:ee:f8:11:05:a4:c9:ab:eb:f8:f4:85:b8:
f6:d7:78:08:b8:b2:6a:b3:07:11:80:47:12:3d:a6:
c0:7f:e6:68:fd:5d:64:e3:18:42:b7:5e:dc:fc:80:
0e:40:74:74:14:e7:d5:e7:4b:3e:d9:ef:7e:72:74:
dd:71:14:06:44:65:49:01:2f:f4:33:39:01:01:e3:
e4:23:d9:11:63:f7:45:5d:28:c3:85:27:d1:ae:93:
9d:db:df:aa:fc:13:d7:11:80:0f:12:79:6a:4d:2f:
bc:86:13:bc:57:02:8a:68:85:5c:5b:4f:65:9c:98:
1e:b2:3f:33:5f:dc:fc:30:1e:90:4c:78:92:cb:3a:
25:eb:a4:f0:31:b3:8d:6c:0e:19:a8:2d:4e:e4:64:
56:bc:25:70:c7:75:cf:92:13:f7:60:ee:81:55:a3:
9c:1f:92:a9:e4:1b:31:81:23:7f:fd:13:a7:38:de:
f9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:0C:81:7A:62:67:E6:29:D3:67:25:EE:DA:F2:E7:3B:25:E2:5D:CC
X509v3 Authority Key Identifier:
keyid:FD:E8:D1:C6:AA:F4:A9:3F:F4:1B:BF:A1:BD:1D:AC:61:97:D5:95:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/fgyBemJn5inTZyXu2vLnOyXiXcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/_ejRxqr0qT_0G7-hvR2sYZfVlXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.192.0/21
185.45.88.0/22
217.171.240.0/20
IPv6:
2a00:1920::/48
Signature Algorithm: sha256WithRSAEncryption
27:8c:db:b8:90:f5:15:b8:f9:72:a6:4a:cd:e8:39:71:4f:28:
d4:65:2d:b8:9c:d1:65:be:87:93:d3:09:9f:e5:b9:d7:fc:fe:
e2:3e:40:8c:23:bf:e5:10:9a:15:a1:e0:cb:0f:5e:17:82:e7:
a0:92:b7:7b:00:1b:a7:cc:63:dd:99:c1:b8:92:90:46:4f:de:
98:fe:e7:14:0a:8e:b1:c6:ef:6b:a1:6f:c5:8a:8d:fa:f5:ee:
b7:8f:48:1a:49:2d:54:35:d3:fe:da:70:ed:cb:f0:6d:83:22:
37:92:5f:ae:7d:32:c6:7e:80:a9:6d:6f:d4:e1:b1:76:bf:a1:
62:02:5f:a2:2f:2b:5e:d5:97:f6:d7:09:03:a3:73:31:6c:dc:
b5:d6:ea:45:b2:4d:16:fb:60:d0:bf:ce:f6:b4:db:18:d9:c1:
a4:2d:d9:c6:61:87:1f:f9:31:44:66:b9:fa:e8:a5:ed:bb:f9:
fe:91:4e:8e:48:74:1b:f1:09:93:35:69:ad:47:d1:c6:53:46:
aa:4d:27:9c:a3:18:8d:33:73:59:1c:bf:e1:2d:01:19:4b:b5:
6a:e0:90:c6:11:67:1a:1d:a6:27:74:63:ff:06:0f:8c:2a:a6:
ba:b2:ce:db:9b:14:cc:da:27:97:68:d6:2d:91:6c:60:56:0f:
13:da:c3:66
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEk56mJknvN+bqVhqchd8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZThkMWM2YWFmNGE5M2ZmNDFiYmZhMWJkMWRhYzYxOTdk
NTk1NzUwHhcNMjQwMTAxMTAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTBjODE3YTYyNjdlNjI5ZDM2NzI1ZWVkYWYyZTczYjI1ZTI1ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMvdaqha/tWcoyyy9JqMhTyme37d
MGSGHGyuAGscgs5nhOxgMauO9XHglEVNzeUCnDKTiNBk2X8bvYsAeE4s3J954bQn
qA6EU8PJh/bu+BEFpMmr6/j0hbj213gIuLJqswcRgEcSPabAf+Zo/V1k4xhCt17c
/IAOQHR0FOfV50s+2e9+cnTdcRQGRGVJAS/0MzkBAePkI9kRY/dFXSjDhSfRrpOd
29+q/BPXEYAPEnlqTS+8hhO8VwKKaIVcW09lnJgesj8zX9z8MB6QTHiSyzol66Tw
MbONbA4ZqC1O5GRWvCVwx3XPkhP3YO6BVaOcH5Kp5BsxgSN//ROnON752QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFH4MgXpiZ+Yp02cl7try5zsl4l3MMB8GA1UdIwQY
MBaAFP3o0caq9Kk/9Bu/ob0drGGX1ZV1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2VqUnhxcjBxVF8wRzctaHZSMnNZWmZWbFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC80OTY4ODUtNzA5Zi00YmJiLTkzNzUt
OTU0ZDE5NTQ5YjYxLzEvZmd5QmVtSm41aW5UWnlYdTJ2TG5PeVhpWGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC80OTY4ODUtNzA5Zi00YmJiLTkzNzUtOTU0ZDE5NTQ5YjYx
LzEvX2VqUnhxcjBxVF8wRzctaHZSMnNZWmZWbFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDXujAAwQC
uS1YAwQE2avwMA8EAgACMAkDBwAqABkgAAAwDQYJKoZIhvcNAQELBQADggEBACeM
27iQ9RW4+XKmSs3oOXFPKNRlLbic0WW+h5PTCZ/ludf8/uI+QIwjv+UQmhWh4MsP
XheC56CSt3sAG6fMY92ZwbiSkEZP3pj+5xQKjrHG72uhb8WKjfr17rePSBpJLVQ1
0/7acO3L8G2DIjeSX659MsZ+gKltb9ThsXa/oWICX6IvK17Vl/bXCQOjczFs3LXW
6kWyTRb7YNC/zva02xjZwaQt2cZhhx/5MURmufrope27+f6RTo5IdBvxCZM1aa1H
0cZTRqpNJ5yjGI0zc1kcv+EtARlLtWrgkMYRZxodpid0Y/8GD4wqprqyztubFMza
J5do1i2RbGBWDxPaw2Y=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:41:07 2024 by rpki-client on console-fra.rpki-client.org