Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/fz7D6L1KIne6RiLsUvdutCtJPZM.roa
File: fz7D6L1KIne6RiLsUvdutCtJPZM.roa (raw, json)
Hash identifier: Uni4t0ZcTUNEmxY+4Nutg4tQabyhAKiEC3kVmeAUc5k=
Subject key identifier: 7F:3E:C3:E8:BD:4A:22:77:BA:46:22:EC:52:F7:6E:B4:2B:49:3D:93
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018E1CA2E4E93A57F24C06BF144428A9B28B
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/fz7D6L1KIne6RiLsUvdutCtJPZM.roa
Signing time: Fri 08 Mar 2024 05:57:01 +0000
ROA not before: Fri 08 Mar 2024 05:57:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215389
IP address blocks: 185.14.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1c:a2:e4:e9:3a:57:f2:4c:06:bf:14:44:28:a9:b2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Mar 8 05:57:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f3ec3e8bd4a2277ba4622ec52f76eb42b493d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5a:f2:68:17:3d:92:a1:7f:57:69:65:5c:a3:
9a:ea:70:9f:0c:be:af:46:2c:75:c0:f1:3c:40:98:
7a:09:95:62:de:ae:d8:19:ac:ec:8d:29:b1:45:4f:
ce:72:4a:ef:ea:fa:98:6b:a8:99:34:2b:ff:95:b2:
dd:26:98:6d:cd:d8:2c:be:fb:45:da:74:54:8f:1a:
44:1b:d1:99:84:69:c4:91:27:9e:f4:09:c9:48:1d:
4c:ba:91:fb:6a:8f:e7:2f:6a:e7:f9:69:f2:1a:f0:
b0:98:4d:84:48:72:61:4e:e6:b2:e0:b7:9b:4e:d5:
d9:52:01:1a:b0:f6:5f:6e:ae:36:e7:3c:e6:8d:6a:
5d:fc:a5:f6:9b:e8:a4:a8:dd:52:f5:16:a2:a0:79:
76:77:b5:e6:32:54:aa:4c:7c:6c:41:4d:09:90:c8:
6c:0f:6b:a2:a3:b6:f0:51:16:a1:e9:3b:d4:ce:51:
ce:02:2b:82:ad:1a:d9:a2:d1:59:d6:f9:06:a0:13:
bd:91:9e:85:1f:dd:81:79:4d:df:f4:b5:26:a7:dc:
43:27:50:fc:34:15:04:90:8a:7c:1a:09:55:6a:97:
fd:5a:cc:60:a7:f6:60:7d:fd:e5:06:a7:a9:18:88:
32:40:b8:75:31:82:ab:dc:57:77:25:9d:29:19:bb:
5f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:3E:C3:E8:BD:4A:22:77:BA:46:22:EC:52:F7:6E:B4:2B:49:3D:93
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/fz7D6L1KIne6RiLsUvdutCtJPZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.94.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:ec:17:48:be:ab:45:74:be:3f:68:75:6b:e6:77:7e:fe:28:
65:f7:27:af:13:5e:c3:79:ff:6f:9f:ab:8a:f0:78:dd:71:52:
08:e6:34:87:72:ac:c1:c4:e5:2f:cd:a4:0d:ed:66:9a:7b:07:
29:ff:8e:3d:1f:0e:ca:26:d3:1b:3c:54:03:5b:bd:b1:0f:ae:
58:a3:b4:f8:bc:5f:0a:95:61:45:e5:17:02:95:f7:7f:18:4c:
51:d5:75:a7:0c:78:2b:31:65:ed:66:63:c8:0f:f5:68:2a:a3:
2d:97:87:1a:b7:64:81:48:2d:c2:3b:ea:da:01:38:41:3d:33:
f0:f4:5e:2c:a2:2d:a1:38:7f:a0:56:f1:26:88:43:42:a2:c0:
d8:30:57:a8:d4:0e:38:ec:51:4f:24:80:e5:e0:2c:43:7e:3c:
18:c3:29:3a:80:7b:0b:48:ac:63:54:00:b3:a7:2a:21:84:2d:
df:9b:f9:84:6c:9a:97:66:a4:2a:a4:85:56:ba:ef:9f:01:3d:
98:2b:9d:b7:40:f9:da:cc:90:e7:d6:84:57:00:be:09:6d:bf:
34:8e:ee:d2:f4:c6:35:ae:37:78:c5:e9:73:fd:d0:0a:c5:22:
c2:b1:69:cf:52:60:d5:0c:b0:2e:c1:d0:b7:9a:e2:85:f5:66:
a0:05:24:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4couTpOlfyTAa/FEQoqbKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwMzA4MDU1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjNlYzNlOGJkNGEyMjc3YmE0NjIyZWM1MmY3NmViNDJiNDkzZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFryaBc9kqF/V2llXKOa6nCfDL6v
Rix1wPE8QJh6CZVi3q7YGazsjSmxRU/Ockrv6vqYa6iZNCv/lbLdJphtzdgsvvtF
2nRUjxpEG9GZhGnEkSee9AnJSB1MupH7ao/nL2rn+WnyGvCwmE2ESHJhTuay4Leb
TtXZUgEasPZfbq425zzmjWpd/KX2m+ikqN1S9RaioHl2d7XmMlSqTHxsQU0JkMhs
D2uio7bwURah6TvUzlHOAiuCrRrZotFZ1vkGoBO9kZ6FH92BeU3f9LUmp9xDJ1D8
NBUEkIp8GglVapf9Wsxgp/Zgff3lBqepGIgyQLh1MYKr3Fd3JZ0pGbtfMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH8+w+i9SiJ3ukYi7FL3brQrST2TMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvZno3RDZMMUtJbmU2UmlMc1V2ZHV0Q3RKUFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ5eMA0G
CSqGSIb3DQEBCwUAA4IBAQC67BdIvqtFdL4/aHVr5nd+/ihl9yevE17Def9vn6uK
8HjdcVII5jSHcqzBxOUvzaQN7Waaewcp/449Hw7KJtMbPFQDW72xD65Yo7T4vF8K
lWFF5RcClfd/GExR1XWnDHgrMWXtZmPID/VoKqMtl4cat2SBSC3CO+raAThBPTPw
9F4soi2hOH+gVvEmiENCosDYMFeo1A447FFPJIDl4CxDfjwYwyk6gHsLSKxjVACz
pyohhC3fm/mEbJqXZqQqpIVWuu+fAT2YK523QPnazJDn1oRXAL4Jbb80ju7S9MY1
rjd4xelz/dAKxSLCsWnPUmDVDLAuwdC3muKF9WagBSRq
-----END CERTIFICATE-----
Generated at Tue Nov 26 15:34:29 2024 by rpki-client on console-fra.rpki-client.org