Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FQrq3vQ1Fa8_SuMX39y9lwLixAw.roa
File: FQrq3vQ1Fa8_SuMX39y9lwLixAw.roa (raw, json)
Hash identifier: 8okJ/zmbjVPT+71Dkz3jc3XWB6Q0UlrcE0T6RAfxBiI=
Subject key identifier: 15:0A:EA:DE:F4:35:15:AF:3F:4A:E3:17:DF:DC:BD:97:02:E2:C4:0C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018EF64D39929BDA748F588D74F3890D8F28
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FQrq3vQ1Fa8_SuMX39y9lwLixAw.roa
Signing time: Fri 19 Apr 2024 12:20:39 +0000
ROA not before: Fri 19 Apr 2024 12:20:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60099
IP address blocks: 84.32.12.0/23 maxlen: 23
84.32.72.0/22 maxlen: 22
88.216.4.0/22 maxlen: 24
88.216.80.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 11:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:4d:39:92:9b:da:74:8f:58:8d:74:f3:89:0d:8f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 19 12:20:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=150aeadef43515af3f4ae317dfdcbd9702e2c40c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:89:ec:a7:b4:59:e5:21:da:28:ba:a6:b0:79:
91:58:bb:97:e7:2d:b6:99:cb:3c:21:97:8b:5e:03:
c0:57:5b:93:d5:ed:07:a6:39:bd:f5:6d:a4:78:ea:
08:97:8b:4a:2d:d1:68:31:90:aa:2f:50:c9:30:f4:
6e:a1:08:c9:cc:b0:e1:b6:38:c7:f5:39:1d:b1:9c:
aa:e6:cc:66:11:46:34:4a:64:5e:7a:a4:7a:18:41:
6f:ae:fc:79:40:67:02:a8:d2:6e:ad:9c:db:85:eb:
aa:d0:35:45:f9:9f:9f:45:ee:ca:45:4c:38:6d:6e:
77:a7:64:0b:32:ec:86:cb:74:05:f6:f9:6a:88:e8:
d0:9b:d0:39:37:0b:10:88:47:6f:58:29:00:9b:b3:
2c:d3:bb:19:1b:db:f3:76:c9:b8:19:0a:1a:4c:48:
d4:2c:31:46:24:b4:ba:1e:02:1c:8e:78:b7:c0:15:
9a:c1:26:bb:f6:33:60:dd:95:97:c2:a2:0a:db:82:
08:4c:c7:7f:02:2d:9b:e0:99:bd:5d:41:5c:89:53:
4e:3d:14:e6:a5:5c:b3:01:d0:d3:50:77:ee:6d:e8:
c1:28:f4:be:50:c9:1d:61:00:c0:20:0e:4a:aa:30:
2f:34:91:99:f7:ca:a1:12:d4:ac:59:fe:41:07:99:
60:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:0A:EA:DE:F4:35:15:AF:3F:4A:E3:17:DF:DC:BD:97:02:E2:C4:0C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FQrq3vQ1Fa8_SuMX39y9lwLixAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.12.0/23
84.32.72.0/22
88.216.4.0/22
88.216.80.0/23
Signature Algorithm: sha256WithRSAEncryption
63:a3:2a:47:35:53:61:7a:77:5b:c5:5b:a5:8f:99:82:75:ce:
99:9b:6a:6a:3a:36:d1:13:ea:d4:5d:b9:7c:bc:67:d6:d7:1e:
f0:24:86:74:9d:eb:56:3c:ae:56:56:06:01:32:68:73:f0:a1:
99:13:33:71:3c:9e:a9:27:19:26:0b:85:59:4e:62:58:10:10:
33:af:5f:d6:c6:38:61:5e:1c:db:82:10:3a:d6:df:2c:3a:40:
a2:17:ae:a1:69:e3:6c:d9:e9:6a:58:b2:5e:65:ce:99:75:50:
75:f1:5e:46:52:8f:42:d2:46:13:6b:35:73:15:fd:a9:10:40:
0f:73:b7:94:6e:f7:13:02:eb:23:0c:21:f1:54:6d:58:ec:be:
2c:26:14:54:a9:9e:6c:30:a7:6a:78:de:40:27:c7:88:73:c5:
cf:d0:3d:2e:be:94:f1:79:2f:84:6c:70:c2:e0:0c:e3:26:7b:
e7:8d:80:a6:72:8d:cf:d2:d5:ee:75:b0:b1:d9:69:2d:ae:6e:
fd:be:97:3a:f0:98:8d:51:35:bd:5b:39:7a:43:3e:39:e2:18:
20:38:50:4c:f2:37:63:59:9a:b2:67:40:79:14:46:f2:ee:da:
e1:b4:c7:48:0a:3e:1c:45:af:8d:c7:2c:0a:a4:d5:88:c0:6c:
8a:dd:24:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY72TTmSm9p0j1iNdPOJDY8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNDE5MTIyMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTBhZWFkZWY0MzUxNWFmM2Y0YWUzMTdkZmRjYmQ5NzAyZTJjNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiInsp7RZ5SHaKLqmsHmRWLuX5y22
mcs8IZeLXgPAV1uT1e0Hpjm99W2keOoIl4tKLdFoMZCqL1DJMPRuoQjJzLDhtjjH
9TkdsZyq5sxmEUY0SmReeqR6GEFvrvx5QGcCqNJurZzbheuq0DVF+Z+fRe7KRUw4
bW53p2QLMuyGy3QF9vlqiOjQm9A5NwsQiEdvWCkAm7Ms07sZG9vzdsm4GQoaTEjU
LDFGJLS6HgIcjni3wBWawSa79jNg3ZWXwqIK24IITMd/Ai2b4Jm9XUFciVNOPRTm
pVyzAdDTUHfubejBKPS+UMkdYQDAIA5KqjAvNJGZ98qhEtSsWf5BB5lgrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBUK6t70NRWvP0rjF9/cvZcC4sQMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRlFycTN2UTFGYThfU3VNWDM5eTlsd0xpeEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVCAMAwQC
VCBIAwQCWNgEAwQBWNhQMA0GCSqGSIb3DQEBCwUAA4IBAQBjoypHNVNhendbxVul
j5mCdc6Zm2pqOjbRE+rUXbl8vGfW1x7wJIZ0netWPK5WVgYBMmhz8KGZEzNxPJ6p
JxkmC4VZTmJYEBAzr1/WxjhhXhzbghA61t8sOkCiF66haeNs2elqWLJeZc6ZdVB1
8V5GUo9C0kYTazVzFf2pEEAPc7eUbvcTAusjDCHxVG1Y7L4sJhRUqZ5sMKdqeN5A
J8eIc8XP0D0uvpTxeS+EbHDC4AzjJnvnjYCmco3P0tXudbCx2Wktrm79vpc68JiN
UTW9Wzl6Qz454hggOFBM8jdjWZqyZ0B5FEby7trhtMdICj4cRa+NxywKpNWIwGyK
3SQq
-----END CERTIFICATE-----
Generated at Tue May 7 18:35:46 2024 by rpki-client on console-fra.rpki-client.org