Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/FnFCyEge47i5URGwfSn06vpAGiY.roa
File: FnFCyEge47i5URGwfSn06vpAGiY.roa (raw, json)
Hash identifier: uYR4hph0imJGPP3MRtwVi14p9ptc8FobDdHt+RK3Ffw=
Subject key identifier: 16:71:42:C8:48:1E:E3:B8:B9:51:11:B0:7D:29:F4:EA:FA:40:1A:26
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019131828C409EEFF819CC48FD2C85C9A041
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/FnFCyEge47i5URGwfSn06vpAGiY.roa
Signing time: Thu 08 Aug 2024 10:22:04 +0000
ROA not before: Thu 08 Aug 2024 10:22:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49392
IP address blocks: 5.42.212.0/24 maxlen: 24
45.155.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:82:8c:40:9e:ef:f8:19:cc:48:fd:2c:85:c9:a0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 8 10:22:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=167142c8481ee3b8b95111b07d29f4eafa401a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0d:5c:22:58:df:e1:35:a4:c6:ca:45:af:7f:
e9:ca:6c:9b:e6:a8:1c:0c:27:b1:1f:b3:1e:c5:ef:
8b:d0:b2:d2:a4:09:09:d8:16:75:0f:74:4e:49:ac:
c7:23:80:c7:43:33:ca:d1:6b:b8:42:49:d5:b6:5b:
62:ca:41:71:99:1c:70:eb:f1:1c:02:99:34:15:8c:
b0:96:c1:8e:95:14:b6:c2:e2:cc:16:52:1a:68:54:
67:bf:09:dd:62:f5:ff:b0:57:23:79:d5:91:98:c6:
6e:b9:4f:84:d8:f9:5c:28:47:48:ce:93:a5:26:3c:
58:b1:de:38:8d:6e:70:60:20:81:b4:55:29:5c:e0:
52:15:09:1b:aa:90:63:2a:35:1e:42:a5:af:30:4a:
5c:c1:8a:29:18:99:5d:3f:0f:96:9f:8b:bd:0e:b1:
5c:e3:09:ff:a7:d0:bd:f0:19:51:5b:bb:15:4f:31:
52:81:6b:eb:6b:ab:93:17:e0:4a:d1:5e:13:42:4f:
be:d7:41:a8:21:10:a8:10:47:bb:dc:0d:62:a3:d6:
2d:64:51:23:0a:09:49:ee:31:5e:d4:c3:70:e3:2d:
60:ea:fc:55:45:eb:72:42:dc:48:d5:b3:54:76:6f:
e5:df:ff:c4:cf:bf:2d:04:04:11:7b:f8:0d:9a:3e:
cd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:71:42:C8:48:1E:E3:B8:B9:51:11:B0:7D:29:F4:EA:FA:40:1A:26
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/FnFCyEge47i5URGwfSn06vpAGiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.212.0/24
45.155.206.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:30:1f:d5:d9:1f:58:cd:df:c8:c7:e5:16:04:1f:90:ce:1e:
31:a2:db:8e:ab:58:91:c9:bc:2d:6d:85:aa:37:64:36:ac:8a:
e9:1c:65:d9:dd:11:86:80:73:82:62:85:27:6e:90:36:8b:f7:
62:c6:4d:4b:e6:f0:f7:05:ad:4f:49:f2:dd:97:6b:5d:15:70:
53:df:8d:32:f7:c5:3e:54:a5:1d:8d:a9:c5:b7:4b:25:28:82:
0f:4a:27:b2:f2:c4:f2:c9:7c:94:4c:e3:52:21:05:a1:3a:f2:
a2:23:4f:d0:3c:a1:87:1f:ba:74:6b:01:23:9c:85:3d:68:f4:
5c:6f:5c:58:fd:3a:b6:85:90:0b:a3:ad:21:68:e6:42:d7:2f:
b6:d6:6d:f8:4a:db:77:12:f1:7b:ce:65:66:d0:f7:2d:c2:f8:
24:5b:5a:2e:c5:c1:cb:b1:e5:04:53:a4:41:ab:8d:c4:d1:0a:
40:86:26:58:73:8b:61:9a:9d:75:c4:8d:15:bd:b9:87:fe:0c:
cb:21:4d:68:4d:0f:7f:56:85:ba:04:ae:02:40:c0:72:be:55:
5b:6f:f7:aa:de:1b:0e:7c:6e:08:44:7a:14:32:7d:f2:b3:dc:
e7:6a:72:01:59:b5:a8:73:fc:8a:59:9d:04:43:f2:fe:2f:83:
7e:5a:ab:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZExgoxAnu/4GcxI/SyFyaBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODA4MTAyMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjcxNDJjODQ4MWVlM2I4Yjk1MTExYjA3ZDI5ZjRlYWZhNDAxYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3A1cIljf4TWkxspFr3/pymyb5qgc
DCexH7Mexe+L0LLSpAkJ2BZ1D3ROSazHI4DHQzPK0Wu4QknVtltiykFxmRxw6/Ec
Apk0FYywlsGOlRS2wuLMFlIaaFRnvwndYvX/sFcjedWRmMZuuU+E2PlcKEdIzpOl
JjxYsd44jW5wYCCBtFUpXOBSFQkbqpBjKjUeQqWvMEpcwYopGJldPw+Wn4u9DrFc
4wn/p9C98BlRW7sVTzFSgWvra6uTF+BK0V4TQk++10GoIRCoEEe73A1io9YtZFEj
CglJ7jFe1MNw4y1g6vxVRetyQtxI1bNUdm/l3//Ez78tBAQRe/gNmj7NwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBZxQshIHuO4uVERsH0p9Or6QBomMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvRm5GQ3lFZ2U0N2k1VVJHd2ZTbjA2dnBBR2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSrUAwQA
LZvOMA0GCSqGSIb3DQEBCwUAA4IBAQCiMB/V2R9Yzd/Ix+UWBB+Qzh4xotuOq1iR
ybwtbYWqN2Q2rIrpHGXZ3RGGgHOCYoUnbpA2i/dixk1L5vD3Ba1PSfLdl2tdFXBT
340y98U+VKUdjanFt0slKIIPSiey8sTyyXyUTONSIQWhOvKiI0/QPKGHH7p0awEj
nIU9aPRcb1xY/Tq2hZALo60haOZC1y+21m34Stt3EvF7zmVm0PctwvgkW1ouxcHL
seUEU6RBq43E0QpAhiZYc4thmp11xI0VvbmH/gzLIU1oTQ9/VoW6BK4CQMByvlVb
b/eq3hsOfG4IRHoUMn3ys9znanIBWbWoc/yKWZ0EQ/L+L4N+WqvW
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:21:09 2024 by rpki-client on console-ams.rpki-client.org