Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/FQkLFzbAkhYx5mqDHbY_eGuz5-s.roa
File: FQkLFzbAkhYx5mqDHbY_eGuz5-s.roa (raw, json)
Hash identifier: 9bo4qEKE96nnDuilTa0l+3wVd4786ZsMJsfKsB5F8Xo=
Subject key identifier: 15:09:0B:17:36:C0:92:16:31:E6:6A:83:1D:B6:3F:78:6B:B3:E7:EB
Certificate issuer: /CN=d914da56e1a934649da02964ac12eba34c5cb84f
Certificate serial: 019320AAE1F6317D151C1EFA9B73EC60ED03
Authority key identifier: D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/FQkLFzbAkhYx5mqDHbY_eGuz5-s.roa
Signing time: Tue 12 Nov 2024 13:58:10 +0000
ROA not before: Tue 12 Nov 2024 13:58:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212586
IP address blocks: 79.174.0.0/24 maxlen: 24
79.174.1.0/24 maxlen: 24
79.174.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:aa:e1:f6:31:7d:15:1c:1e:fa:9b:73:ec:60:ed:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d914da56e1a934649da02964ac12eba34c5cb84f
Validity
Not Before: Nov 12 13:58:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15090b1736c0921631e66a831db63f786bb3e7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2c:3a:7f:4e:27:db:8b:bc:c8:20:fa:0a:53:
28:d2:1b:56:3b:a1:84:67:65:4b:63:91:b3:ae:31:
be:9b:3c:a1:6d:3d:1b:47:47:8a:54:26:80:47:5f:
a0:c6:fd:21:6a:38:62:d5:b7:84:53:32:32:6e:de:
01:c2:4b:34:80:f7:80:23:b7:96:6a:62:8d:1f:39:
5c:60:bb:ae:99:8a:58:ff:78:0c:c1:d6:aa:49:34:
e7:a2:63:e8:54:05:39:35:8b:e2:eb:12:13:bd:9e:
d2:3d:ae:1d:54:d2:51:be:f8:53:01:17:a3:36:fc:
ea:fe:6d:cc:85:5d:32:05:4b:5c:f4:a0:ed:a2:2d:
b2:af:94:6a:6d:c7:22:c0:0b:92:b4:ff:f0:1e:f8:
44:d2:dc:16:b4:a2:28:e0:e3:3d:85:60:77:3a:48:
8b:c7:78:b3:cf:68:b1:e8:43:0c:ca:84:78:71:c9:
ad:4b:da:5d:2e:2e:a4:33:bb:78:a7:6e:21:92:ae:
23:6b:10:d0:53:fa:be:d2:42:59:05:74:7d:40:18:
a2:2e:85:d3:78:c4:74:d7:b6:74:7e:38:f4:f8:9f:
17:64:d6:a2:cc:a9:8a:95:2e:02:61:4a:34:75:18:
be:1a:7f:87:aa:77:0f:36:9d:e5:9d:fd:b1:49:62:
1a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:09:0B:17:36:C0:92:16:31:E6:6A:83:1D:B6:3F:78:6B:B3:E7:EB
X509v3 Authority Key Identifier:
keyid:D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/FQkLFzbAkhYx5mqDHbY_eGuz5-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.0.0-79.174.2.255
Signature Algorithm: sha256WithRSAEncryption
a5:83:4b:97:36:e2:43:bf:7e:70:bd:21:4a:cb:09:b8:eb:86:
db:8d:5b:3f:77:0e:da:3c:73:43:94:dd:97:1f:c6:3e:3b:9b:
17:ad:65:69:5b:ce:69:6b:2f:73:87:96:1b:8e:f6:64:0d:f3:
94:9f:80:f3:a2:8d:ec:9b:8c:fc:d6:eb:18:d1:0a:a5:1b:a7:
16:5e:37:82:2e:04:80:85:0e:27:ee:c4:49:71:6e:bb:79:c0:
d0:6c:b5:9a:71:96:ee:e8:b5:82:19:95:82:c5:7a:fb:e2:d3:
98:5d:9c:4e:1c:41:c8:f2:4d:72:0a:a7:28:15:0f:64:d3:46:
b8:83:ce:14:89:37:eb:50:0d:ac:af:04:e3:bb:9a:97:70:1e:
28:a6:5f:5b:3c:65:02:08:5e:12:aa:bd:8e:b1:21:b8:cb:09:
74:0e:19:e9:dd:82:d4:71:6f:61:e4:bd:0d:7a:98:df:b1:42:
f0:e3:6a:ff:a5:27:29:c5:ec:e2:90:d5:32:bb:68:79:a1:5d:
5b:4b:85:17:22:3e:11:35:27:93:6d:a6:b5:6d:2d:47:16:6e:
2e:b5:43:ed:ad:54:72:48:e3:00:96:19:ab:64:39:9d:dc:f5:
d3:9c:af:a0:33:d2:28:3f:0e:c9:de:61:cc:5b:88:ec:ca:83:
d1:54:10:ba
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZMgquH2MX0VHB76m3PsYO0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTRkYTU2ZTFhOTM0NjQ5ZGEwMjk2NGFjMTJlYmEzNGM1
Y2I4NGYwHhcNMjQxMTEyMTM1ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA5MGIxNzM2YzA5MjE2MzFlNjZhODMxZGI2M2Y3ODZiYjNlN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyw6f04n24u8yCD6ClMo0htWO6GE
Z2VLY5GzrjG+mzyhbT0bR0eKVCaAR1+gxv0hajhi1beEUzIybt4Bwks0gPeAI7eW
amKNHzlcYLuumYpY/3gMwdaqSTTnomPoVAU5NYvi6xITvZ7SPa4dVNJRvvhTARej
Nvzq/m3MhV0yBUtc9KDtoi2yr5RqbcciwAuStP/wHvhE0twWtKIo4OM9hWB3OkiL
x3izz2ix6EMMyoR4ccmtS9pdLi6kM7t4p24hkq4jaxDQU/q+0kJZBXR9QBiiLoXT
eMR017Z0fjj0+J8XZNaizKmKlS4CYUo0dRi+Gn+HqncPNp3lnf2xSWIaJwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFBUJCxc2wJIWMeZqgx22P3hrs+frMB8GA1UdIwQY
MBaAFNkU2lbhqTRknaApZKwS66NMXLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2It
ZjZiY2NmMWU1MzFmLzEvRlFrTEZ6YkFraFl4NW1xREhiWV9lR3V6NS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2ItZjZiY2NmMWU1MzFm
LzEvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwFPrgME
AE+uAjANBgkqhkiG9w0BAQsFAAOCAQEApYNLlzbiQ79+cL0hSssJuOuG241bP3cO
2jxzQ5Tdlx/GPjubF61laVvOaWsvc4eWG472ZA3zlJ+A86KN7JuM/NbrGNEKpRun
Fl43gi4EgIUOJ+7ESXFuu3nA0Gy1mnGW7ui1ghmVgsV6++LTmF2cThxByPJNcgqn
KBUPZNNGuIPOFIk361ANrK8E47ual3AeKKZfWzxlAgheEqq9jrEhuMsJdA4Z6d2C
1HFvYeS9DXqY37FC8ONq/6UnKcXs4pDVMrtoeaFdW0uFFyI+ETUnk22mtW0tRxZu
LrVD7a1UckjjAJYZq2Q5ndz105yvoDPSKD8Oyd5hzFuI7MqD0VQQug==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:07:25 2024 by rpki-client on console-ams.rpki-client.org