Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/FdsqYsTnB9omMqSoel8NPQkEZEg.roa
File: FdsqYsTnB9omMqSoel8NPQkEZEg.roa (raw, json)
Hash identifier: 817fpn+5vI5kc3P8iu5s6OSbsS7jsU0+dWJ28XlX80U=
Subject key identifier: 15:DB:2A:62:C4:E7:07:DA:26:32:A4:A8:7A:5F:0D:3D:09:04:64:48
Certificate issuer: /CN=2ac3ed794adafb91cb81a969eb8a9b2905fee2ec
Certificate serial: 018CC64B158641CAEC6B252847B45BB915C4
Authority key identifier: 2A:C3:ED:79:4A:DA:FB:91:CB:81:A9:69:EB:8A:9B:29:05:FE:E2:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPteUra-5HLgalp64qbKQX-4uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/FdsqYsTnB9omMqSoel8NPQkEZEg.roa
Signing time: Mon 01 Jan 2024 18:30:58 +0000
ROA not before: Mon 01 Jan 2024 18:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24634
IP address blocks: 185.192.160.0/22 maxlen: 24
46.19.192.0/21 maxlen: 24
2a0a:2d40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/KsPteUra-5HLgalp64qbKQX-4uw.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/KsPteUra-5HLgalp64qbKQX-4uw.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPteUra-5HLgalp64qbKQX-4uw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:15:86:41:ca:ec:6b:25:28:47:b4:5b:b9:15:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3ed794adafb91cb81a969eb8a9b2905fee2ec
Validity
Not Before: Jan 1 18:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15db2a62c4e707da2632a4a87a5f0d3d09046448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f9:37:18:6b:68:aa:3b:ed:e7:fa:39:73:cb:
55:61:d8:99:1f:ed:4d:3b:af:3b:b9:77:71:b5:33:
56:9b:a7:a9:27:23:82:05:12:a0:67:90:be:7e:bb:
87:89:fd:b7:06:81:cd:c7:f3:4d:39:87:86:3e:cf:
4b:2d:82:e4:d8:a5:a5:28:c5:1a:cf:3a:b9:8c:df:
90:04:32:37:b8:02:54:71:3c:e0:4c:64:71:48:6b:
7d:1d:96:fc:b2:7c:a4:8d:f6:b9:37:44:2d:a8:16:
8a:bb:25:30:68:71:69:44:f1:08:60:e0:66:ca:4d:
6f:77:e5:95:18:f1:81:a1:6f:c3:d5:d6:be:40:84:
a5:79:85:e1:15:b1:cb:8f:cd:b3:84:da:93:8e:b3:
46:92:27:0c:56:d9:68:9e:92:df:56:5d:f8:f0:f4:
35:49:61:4b:39:4a:24:6f:82:ad:59:4c:cc:32:71:
bd:48:3b:cd:1c:b4:f8:83:18:15:44:82:e4:29:bf:
3f:b1:29:69:39:76:85:86:63:58:0e:52:26:78:91:
71:a8:b6:ee:24:59:33:07:11:57:9b:04:d0:25:3d:
f1:d1:68:f6:61:74:88:86:ff:51:fe:31:6a:fb:9e:
14:cd:27:84:ec:ea:91:62:48:d1:28:1a:f0:54:54:
a5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DB:2A:62:C4:E7:07:DA:26:32:A4:A8:7A:5F:0D:3D:09:04:64:48
X509v3 Authority Key Identifier:
keyid:2A:C3:ED:79:4A:DA:FB:91:CB:81:A9:69:EB:8A:9B:29:05:FE:E2:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPteUra-5HLgalp64qbKQX-4uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/FdsqYsTnB9omMqSoel8NPQkEZEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7b127b-44ce-4cad-ad8f-089c1c3d4357/1/KsPteUra-5HLgalp64qbKQX-4uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.192.0/21
185.192.160.0/22
IPv6:
2a0a:2d40::/29
Signature Algorithm: sha256WithRSAEncryption
19:fe:1c:5d:1e:78:fa:32:6b:5c:70:76:8e:d4:8f:54:2f:ae:
77:7c:bd:4e:80:3a:53:66:a3:90:69:78:50:64:95:88:32:2c:
60:de:44:d3:f6:9a:39:d3:72:b5:9d:11:7d:76:57:de:9e:2d:
f0:e7:39:00:60:2a:1e:b8:68:5d:c1:dc:ff:5f:57:5f:c0:cd:
51:80:73:33:e8:e2:d3:04:3b:87:71:14:63:59:09:78:15:e2:
6b:7c:8a:da:8a:90:8c:a0:e0:ac:94:7c:15:d4:49:1b:cf:66:
60:45:a5:d1:2b:cd:ec:cd:37:25:e9:c1:bf:56:6a:14:e8:12:
11:9e:02:f1:09:37:e2:d3:d8:dc:bc:65:fa:65:bb:64:55:35:
11:cd:83:ee:de:d2:30:e2:5e:21:83:96:d9:8a:1d:b4:e1:c3:
3c:1c:ad:40:11:47:fd:a8:73:d3:79:1b:fb:a6:13:f6:e4:0e:
34:db:3c:a7:5e:15:6e:ab:86:f0:41:18:30:d0:d2:52:67:ec:
5f:02:f8:50:a8:a2:71:62:04:46:22:fa:70:da:ec:de:a5:e8:
39:21:c4:71:0e:8b:37:b2:db:d6:30:81:dc:7d:7b:54:2f:6d:
ce:c2:8f:3d:cf:b1:5f:ff:b6:5d:fc:2f:3c:60:ae:71:f0:5f:
22:83:42:d3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSxWGQcrsayUoR7RbuRXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNlZDc5NGFkYWZiOTFjYjgxYTk2OWViOGE5YjI5MDVm
ZWUyZWMwHhcNMjQwMTAxMTgzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWRiMmE2MmM0ZTcwN2RhMjYzMmE0YTg3YTVmMGQzZDA5MDQ2NDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvk3GGtoqjvt5/o5c8tVYdiZH+1N
O687uXdxtTNWm6epJyOCBRKgZ5C+fruHif23BoHNx/NNOYeGPs9LLYLk2KWlKMUa
zzq5jN+QBDI3uAJUcTzgTGRxSGt9HZb8snykjfa5N0QtqBaKuyUwaHFpRPEIYOBm
yk1vd+WVGPGBoW/D1da+QISleYXhFbHLj82zhNqTjrNGkicMVtlonpLfVl348PQ1
SWFLOUokb4KtWUzMMnG9SDvNHLT4gxgVRILkKb8/sSlpOXaFhmNYDlImeJFxqLbu
JFkzBxFXmwTQJT3x0Wj2YXSIhv9R/jFq+54UzSeE7OqRYkjRKBrwVFSlJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBXbKmLE5wfaJjKkqHpfDT0JBGRIMB8GA1UdIwQY
MBaAFCrD7XlK2vuRy4GpaeuKmykF/uLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQdGVVcmEtNUhMZ2FscDY0cWJLUVgtNHV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YjEyN2ItNDRjZS00Y2FkLWFkOGYt
MDg5YzFjM2Q0MzU3LzEvRmRzcVlzVG5COW9tTXFTb2VsOE5QUWtFWkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YjEyN2ItNDRjZS00Y2FkLWFkOGYtMDg5YzFjM2Q0MzU3
LzEvS3NQdGVVcmEtNUhMZ2FscDY0cWJLUVgtNHV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLhPAAwQC
ucCgMA0EAgACMAcDBQMqCi1AMA0GCSqGSIb3DQEBCwUAA4IBAQAZ/hxdHnj6Mmtc
cHaO1I9UL653fL1OgDpTZqOQaXhQZJWIMixg3kTT9po503K1nRF9dlfeni3w5zkA
YCoeuGhdwdz/X1dfwM1RgHMz6OLTBDuHcRRjWQl4FeJrfIraipCMoOCslHwV1Ekb
z2ZgRaXRK83szTcl6cG/VmoU6BIRngLxCTfi09jcvGX6ZbtkVTURzYPu3tIw4l4h
g5bZih204cM8HK1AEUf9qHPTeRv7phP25A402zynXhVuq4bwQRgw0NJSZ+xfAvhQ
qKJxYgRGIvpw2uzepeg5IcRxDos3stvWMIHcfXtUL23Owo89z7Ff/7Zd/C88YK5x
8F8ig0LT
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:54:03 2024 by rpki-client on console-fra.rpki-client.org