Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/FOEel_Ug53BPy9TWRRCR6iqRfU4.roa
File: FOEel_Ug53BPy9TWRRCR6iqRfU4.roa (raw, json)
Hash identifier: albAo4f3VxMQ6/h3rLSCLYTmXgJa445vXmsJEV34B9I=
Subject key identifier: 14:E1:1E:97:F5:20:E7:70:4F:CB:D4:D6:45:10:91:EA:2A:91:7D:4E
Certificate issuer: /CN=031187bb64c87dfdd2fa02f2d85d479ec2683e57
Certificate serial: 018CC56F0481713A3EC05C6D5633D634EC03
Authority key identifier: 03:11:87:BB:64:C8:7D:FD:D2:FA:02:F2:D8:5D:47:9E:C2:68:3E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AxGHu2TIff3S-gLy2F1HnsJoPlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/FOEel_Ug53BPy9TWRRCR6iqRfU4.roa
Signing time: Mon 01 Jan 2024 14:30:36 +0000
ROA not before: Mon 01 Jan 2024 14:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41653
IP address blocks: 91.199.0.0/24 maxlen: 24
178.212.228.0/24 maxlen: 24
194.105.152.0/23 maxlen: 24
185.66.232.0/22 maxlen: 24
95.128.40.0/21 maxlen: 24
195.14.22.0/24 maxlen: 24
45.141.172.0/22 maxlen: 24
2a02:ec0::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/AxGHu2TIff3S-gLy2F1HnsJoPlc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/AxGHu2TIff3S-gLy2F1HnsJoPlc.mft
rsync://rpki.ripe.net/repository/DEFAULT/AxGHu2TIff3S-gLy2F1HnsJoPlc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:04:81:71:3a:3e:c0:5c:6d:56:33:d6:34:ec:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=031187bb64c87dfdd2fa02f2d85d479ec2683e57
Validity
Not Before: Jan 1 14:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14e11e97f520e7704fcbd4d6451091ea2a917d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:60:cc:5c:be:9e:d8:34:65:8f:41:70:08:f4:
59:15:f6:f4:23:c2:6f:0f:fa:4d:d1:4b:88:14:a1:
95:77:47:88:29:ee:b0:70:ae:7a:47:b2:6c:02:60:
13:78:c5:2d:c9:e2:4a:8c:19:12:e3:61:98:51:0f:
2d:11:88:f3:ba:a5:71:30:0c:30:dd:1c:c3:20:a2:
49:24:c0:2a:e3:38:84:02:c8:82:fd:8f:65:b2:af:
f0:ad:65:cb:40:01:5a:7b:fb:31:b3:a0:e1:0f:02:
6e:d3:89:40:2f:0a:ca:25:54:10:29:30:ce:58:df:
6a:8c:5a:c4:64:43:ee:69:4a:9e:90:c5:8d:b6:51:
fe:c8:44:4a:ae:01:4b:78:d8:49:59:4e:55:46:eb:
76:25:47:21:66:77:e4:9e:ce:89:75:53:f9:8c:4d:
e2:7c:9f:86:62:73:56:7a:ce:da:32:1f:28:5c:0e:
11:9f:91:05:59:4f:f8:b9:cf:de:67:7f:90:3d:ff:
a3:73:48:af:7d:b1:5e:87:bb:80:c7:c8:f6:53:7e:
12:02:80:cd:d3:ee:b7:cf:a7:0a:c6:95:4a:ce:3e:
84:e2:d8:2c:c2:73:96:23:11:89:e4:51:e8:01:a5:
d7:81:ac:66:ef:21:a8:88:0e:66:0c:89:4f:8b:48:
61:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E1:1E:97:F5:20:E7:70:4F:CB:D4:D6:45:10:91:EA:2A:91:7D:4E
X509v3 Authority Key Identifier:
keyid:03:11:87:BB:64:C8:7D:FD:D2:FA:02:F2:D8:5D:47:9E:C2:68:3E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AxGHu2TIff3S-gLy2F1HnsJoPlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/FOEel_Ug53BPy9TWRRCR6iqRfU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/AxGHu2TIff3S-gLy2F1HnsJoPlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.172.0/22
91.199.0.0/24
95.128.40.0/21
178.212.228.0/24
185.66.232.0/22
194.105.152.0/23
195.14.22.0/24
IPv6:
2a02:ec0::/32
Signature Algorithm: sha256WithRSAEncryption
01:d7:96:60:bd:b1:93:95:72:33:3b:7e:7f:b3:97:c6:d7:ab:
c3:64:c2:c3:a0:28:cc:65:65:1f:22:4c:80:60:e7:72:70:43:
71:a8:1f:86:a1:3e:74:67:9f:42:48:bf:0b:ac:b9:4b:cf:3f:
89:c5:ea:da:16:13:11:88:10:ed:ae:e9:52:f6:d3:0e:3b:0f:
bd:1c:32:6f:ed:be:79:55:21:bb:fe:7e:12:cb:57:2e:e3:4a:
92:a9:7f:45:77:70:1f:ba:eb:b6:10:92:e2:b1:3a:57:fb:52:
98:ed:61:14:ab:28:ac:e0:ce:69:ab:99:95:e2:e1:86:e3:d5:
4b:91:7c:03:8b:d4:f3:2e:a2:b3:de:a3:00:47:0b:2a:98:2e:
68:60:ad:22:0e:3a:a4:2f:33:5e:16:1e:97:4c:52:b4:e3:ad:
0e:78:7a:6d:22:93:8d:7c:51:2e:02:25:5d:b5:91:05:fe:32:
7a:99:0a:4c:73:e8:cf:e5:dc:94:c9:f3:82:82:b2:df:87:99:
7c:f4:b6:ca:2a:b0:2a:f9:f9:89:cb:8f:d0:60:0a:ca:8f:aa:
ba:5c:66:5e:e0:95:9b:f7:d4:6e:0c:93:c7:42:a6:2e:62:67:
f5:b9:81:f2:ae:6e:45:a2:6f:4c:c2:d4:16:70:a6:77:3e:d8:
00:43:a9:39
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFbwSBcTo+wFxtVjPWNOwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMTE4N2JiNjRjODdkZmRkMmZhMDJmMmQ4NWQ0NzllYzI2
ODNlNTcwHhcNMjQwMTAxMTQzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGUxMWU5N2Y1MjBlNzcwNGZjYmQ0ZDY0NTEwOTFlYTJhOTE3ZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmDMXL6e2DRlj0FwCPRZFfb0I8Jv
D/pN0UuIFKGVd0eIKe6wcK56R7JsAmATeMUtyeJKjBkS42GYUQ8tEYjzuqVxMAww
3RzDIKJJJMAq4ziEAsiC/Y9lsq/wrWXLQAFae/sxs6DhDwJu04lALwrKJVQQKTDO
WN9qjFrEZEPuaUqekMWNtlH+yERKrgFLeNhJWU5VRut2JUchZnfkns6JdVP5jE3i
fJ+GYnNWes7aMh8oXA4Rn5EFWU/4uc/eZ3+QPf+jc0ivfbFeh7uAx8j2U34SAoDN
0+63z6cKxpVKzj6E4tgswnOWIxGJ5FHoAaXXgaxm7yGoiA5mDIlPi0hhzwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBThHpf1IOdwT8vU1kUQkeoqkX1OMB8GA1UdIwQY
MBaAFAMRh7tkyH390voC8thdR57CaD5XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXhHSHUyVElmZjNTLWdMeTJGMUhuc0pvUGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9jMWVkMmMtYjQxZS00ZWJkLWFhZmIt
ZjIxNGYwY2MyNjJiLzEvRk9FZWxfVWc1M0JQeTlUV1JSQ1I2aXFSZlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9jMWVkMmMtYjQxZS00ZWJkLWFhZmItZjIxNGYwY2MyNjJi
LzEvQXhHSHUyVElmZjNTLWdMeTJGMUhuc0pvUGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLY2sAwQA
W8cAAwQDX4AoAwQAstTkAwQCuULoAwQBwmmYAwQAww4WMA0EAgACMAcDBQAqAg7A
MA0GCSqGSIb3DQEBCwUAA4IBAQAB15ZgvbGTlXIzO35/s5fG16vDZMLDoCjMZWUf
IkyAYOdycENxqB+GoT50Z59CSL8LrLlLzz+JxeraFhMRiBDtrulS9tMOOw+9HDJv
7b55VSG7/n4Sy1cu40qSqX9Fd3Afuuu2EJLisTpX+1KY7WEUqyis4M5pq5mV4uGG
49VLkXwDi9TzLqKz3qMARwsqmC5oYK0iDjqkLzNeFh6XTFK0460OeHptIpONfFEu
AiVdtZEF/jJ6mQpMc+jP5dyUyfOCgrLfh5l89LbKKrAq+fmJy4/QYArKj6q6XGZe
4JWb99RuDJPHQqYuYmf1uYHyrm5Fom9MwtQWcKZ3PtgAQ6k5
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:21:08 2024 by rpki-client on console-fra.rpki-client.org