Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/fCxLHopZzZjW8U_6tyizym_GkN8.roa
File: fCxLHopZzZjW8U_6tyizym_GkN8.roa (raw, json)
Hash identifier: U9HX8zKGogWWbw7N0D5ShMBsj3CFYoN129iA6RoU0ms=
Subject key identifier: 7C:2C:4B:1E:8A:59:CD:98:D6:F1:4F:FA:B7:28:B3:CA:6F:C6:90:DF
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 018CC4251AE83B01B6ACEBF350384D25851D
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/fCxLHopZzZjW8U_6tyizym_GkN8.roa
Signing time: Mon 01 Jan 2024 08:30:15 +0000
ROA not before: Mon 01 Jan 2024 08:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203536
IP address blocks: 46.167.8.0/21 maxlen: 21
194.59.14.0/23 maxlen: 23
194.59.14.0/24 maxlen: 24
92.118.120.0/22 maxlen: 22
194.59.32.0/23 maxlen: 23
2a0f:bc0::/29 maxlen: 29
2a09:a640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft
rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:1a:e8:3b:01:b6:ac:eb:f3:50:38:4d:25:85:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: Jan 1 08:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c2c4b1e8a59cd98d6f14ffab728b3ca6fc690df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6b:f5:f4:eb:19:5d:68:29:eb:ce:73:0b:33:
76:0d:0c:c5:93:df:9e:97:4c:e3:68:b2:2c:8d:6e:
55:22:04:9e:9e:6d:f3:ae:35:5c:76:74:90:1e:cd:
6c:b9:3f:8a:c6:7f:17:c8:61:cb:bf:60:c5:82:84:
6e:63:25:eb:d3:b8:86:02:23:ee:70:f7:8f:98:6b:
ee:86:42:a9:dc:aa:70:ee:b7:11:cf:90:ab:06:6d:
29:8b:c5:72:80:32:8e:0f:b0:92:ce:65:f3:44:b1:
48:9b:3f:a8:20:38:5b:39:76:f3:2d:d0:48:64:9e:
9f:5f:5c:7f:3d:3c:31:5a:64:98:24:17:a3:ce:af:
d3:69:5f:dc:e6:3f:0d:10:fb:c9:b6:bf:4a:e7:0a:
7a:9e:38:50:34:71:91:14:f4:46:7a:23:b4:bc:d3:
00:17:30:f3:e4:86:fb:ef:57:2d:57:fd:16:15:b8:
23:73:ec:47:d4:c6:b7:a5:4b:86:7d:f2:36:20:ef:
a0:03:b6:fd:9d:b2:17:9a:60:c7:f6:ea:dd:d6:4e:
54:7d:dc:93:6d:b4:dc:d9:13:28:b4:c4:90:e3:9e:
fe:56:09:8c:e5:c2:64:fa:0a:23:c0:f3:c8:9d:28:
f6:a4:78:94:b1:e5:00:2a:45:16:fb:c3:4a:ec:0a:
7c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:2C:4B:1E:8A:59:CD:98:D6:F1:4F:FA:B7:28:B3:CA:6F:C6:90:DF
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/fCxLHopZzZjW8U_6tyizym_GkN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.8.0/21
92.118.120.0/22
194.59.14.0/23
194.59.32.0/23
IPv6:
2a09:a640::/32
2a0f:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
91:58:96:a0:4f:58:4a:52:b4:1b:c5:c1:4c:25:b9:c6:20:3f:
bf:4a:85:c1:47:31:40:03:81:2b:f7:5d:9e:35:0c:4e:a8:74:
ba:d7:6b:f9:ac:66:dc:ba:0f:02:9c:42:b7:49:2b:44:48:e6:
53:8a:ac:22:85:ec:15:87:93:a2:f1:06:c5:c5:59:97:a8:a1:
1a:e0:c3:cd:1c:e0:c1:5d:63:f3:03:a0:01:b1:d6:0a:a2:96:
1f:dd:bf:53:70:b9:2f:9e:8f:23:7d:c8:6e:9d:55:4c:ee:84:
27:d9:c0:88:58:24:7b:31:ee:d0:59:b9:3c:0a:0d:04:6e:2e:
0c:a6:2d:21:e0:1a:0a:f5:9f:40:34:6d:5a:6b:dd:75:8a:d8:
d8:c8:4e:f8:84:e1:ad:3c:6d:06:1a:b4:21:d7:ce:5f:ef:4b:
98:60:af:c8:c2:f9:a4:fa:53:f9:05:d2:a7:29:24:9e:32:01:
08:2d:30:6d:01:40:30:c8:82:44:26:2b:ff:25:b2:e6:01:ee:
e3:97:84:f7:b3:c7:c9:05:af:d8:11:84:79:fb:91:6f:7b:cc:
a9:8d:8e:64:1d:62:8c:4c:b7:ba:d5:fd:28:20:4f:83:87:b7:
6b:86:3e:3d:69:7a:fd:9d:a9:af:96:aa:8d:44:ea:c3:97:36:
4f:35:48:4d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzEJRroOwG2rOvzUDhNJYUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjQwMTAxMDgzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzJjNGIxZThhNTljZDk4ZDZmMTRmZmFiNzI4YjNjYTZmYzY5MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmv19OsZXWgp685zCzN2DQzFk9+e
l0zjaLIsjW5VIgSenm3zrjVcdnSQHs1suT+Kxn8XyGHLv2DFgoRuYyXr07iGAiPu
cPePmGvuhkKp3Kpw7rcRz5CrBm0pi8VygDKOD7CSzmXzRLFImz+oIDhbOXbzLdBI
ZJ6fX1x/PTwxWmSYJBejzq/TaV/c5j8NEPvJtr9K5wp6njhQNHGRFPRGeiO0vNMA
FzDz5Ib771ctV/0WFbgjc+xH1Ma3pUuGffI2IO+gA7b9nbIXmmDH9urd1k5UfdyT
bbTc2RMotMSQ457+VgmM5cJk+gojwPPInSj2pHiUseUAKkUW+8NK7Ap8twIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHwsSx6KWc2Y1vFP+rcos8pvxpDfMB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvZkN4TEhvcFp6WmpXOFVfNnR5aXp5bV9Ha044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLqcIAwQC
XHZ4AwQBwjsOAwQBwjsgMBQEAgACMA4DBQAqCaZAAwUDKg8LwDANBgkqhkiG9w0B
AQsFAAOCAQEAkViWoE9YSlK0G8XBTCW5xiA/v0qFwUcxQAOBK/ddnjUMTqh0utdr
+axm3LoPApxCt0krREjmU4qsIoXsFYeTovEGxcVZl6ihGuDDzRzgwV1j8wOgAbHW
CqKWH92/U3C5L56PI33Ibp1VTO6EJ9nAiFgkezHu0Fm5PAoNBG4uDKYtIeAaCvWf
QDRtWmvddYrY2MhO+IThrTxtBhq0IdfOX+9LmGCvyML5pPpT+QXSpykknjIBCC0w
bQFAMMiCRCYr/yWy5gHu45eE97PHyQWv2BGEefuRb3vMqY2OZB1ijEy3utX9KCBP
g4e3a4Y+PWl6/Z2pr5aqjUTqw5c2TzVITQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:53:11 2024 by rpki-client on console-ams.rpki-client.org