Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/Fqah9qTDOIh3eXDpDFh0xwp5BdA.roa
File: Fqah9qTDOIh3eXDpDFh0xwp5BdA.roa (raw, json)
Hash identifier: V0K5U/Hh/PDOosGfjV8gUmVbbgkNkJNP6mkezfhPwPE=
Subject key identifier: 16:A6:A1:F6:A4:C3:38:88:77:79:70:E9:0C:58:74:C7:0A:79:05:D0
Certificate issuer: /CN=0cc8128491db132ccfcd82ade700deb306b2161a
Certificate serial: 018CC3B722B81833325D2BC01E7956621EB2
Authority key identifier: 0C:C8:12:84:91:DB:13:2C:CF:CD:82:AD:E7:00:DE:B3:06:B2:16:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DMgShJHbEyzPzYKt5wDeswayFho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/Fqah9qTDOIh3eXDpDFh0xwp5BdA.roa
Signing time: Mon 01 Jan 2024 06:30:08 +0000
ROA not before: Mon 01 Jan 2024 06:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210791
IP address blocks: 92.119.96.0/22 maxlen: 24
185.32.136.0/22 maxlen: 24
185.78.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/DMgShJHbEyzPzYKt5wDeswayFho.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/DMgShJHbEyzPzYKt5wDeswayFho.mft
rsync://rpki.ripe.net/repository/DEFAULT/DMgShJHbEyzPzYKt5wDeswayFho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:22:b8:18:33:32:5d:2b:c0:1e:79:56:62:1e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cc8128491db132ccfcd82ade700deb306b2161a
Validity
Not Before: Jan 1 06:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16a6a1f6a4c33888777970e90c5874c70a7905d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:67:0e:0f:f2:91:95:15:7f:ca:74:84:d5:a0:
1b:34:71:7e:ec:3c:1e:d7:ec:e7:2b:51:ef:16:f7:
9e:b9:1e:a0:43:dd:39:69:9b:8b:63:de:c0:2e:da:
c0:03:ef:16:19:30:b5:e8:b4:e4:c3:38:4c:c5:68:
2a:55:35:37:af:c3:2b:b1:5b:e0:a4:3f:2a:00:5e:
3f:73:66:84:b0:c9:da:07:ec:85:17:40:62:09:24:
3b:6f:2e:d6:3d:a1:41:bc:70:3d:3b:a3:00:88:da:
04:e8:cd:d6:71:b6:ea:3e:ad:fd:d9:5b:dc:fb:89:
3c:ff:38:2a:aa:1c:11:3e:1e:dc:7c:f0:ba:23:37:
9f:a7:e1:e9:56:a2:18:f9:96:cf:43:dc:48:52:49:
7e:cb:81:4b:c2:c4:17:ba:d7:0f:88:34:a8:80:bc:
e1:40:1b:fa:ee:77:78:be:8d:b7:0d:9f:60:2b:03:
40:ba:5d:a4:13:4f:45:f1:5a:26:3b:c4:cb:26:e5:
34:dc:5f:83:51:ed:89:4d:da:f4:0f:32:d7:64:f7:
76:67:4e:2d:b8:0f:91:6e:a6:05:9f:a4:a8:83:a0:
46:07:a3:be:f8:b3:30:d1:43:da:25:19:79:69:48:
15:b5:2e:32:5c:e1:5f:32:7d:22:f0:2a:43:63:d8:
5e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A6:A1:F6:A4:C3:38:88:77:79:70:E9:0C:58:74:C7:0A:79:05:D0
X509v3 Authority Key Identifier:
keyid:0C:C8:12:84:91:DB:13:2C:CF:CD:82:AD:E7:00:DE:B3:06:B2:16:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DMgShJHbEyzPzYKt5wDeswayFho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/Fqah9qTDOIh3eXDpDFh0xwp5BdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2c3f53-1bab-4d32-8380-d59108b57214/1/DMgShJHbEyzPzYKt5wDeswayFho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.96.0/22
185.32.136.0/22
185.78.0.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:11:10:d1:b7:9c:98:46:27:c4:18:60:3e:b3:44:8c:6d:7f:
c5:b1:41:1a:32:86:b8:0a:02:42:7c:ad:c0:35:bb:51:91:47:
29:c7:53:03:99:c4:cc:99:1a:87:9f:73:07:ed:ae:ee:7a:bf:
42:62:9d:64:d3:55:03:d8:11:0a:0f:5a:c7:34:3b:02:4f:5d:
9b:9b:1b:dd:62:00:3c:1a:17:bb:12:a1:4d:34:4c:d5:fb:13:
af:b1:eb:4a:dc:b7:b3:2c:5c:4c:fd:93:f9:0c:27:a2:c0:71:
36:87:81:ed:2f:e3:49:03:1e:68:c6:1f:32:89:78:69:00:03:
f9:bd:11:01:9e:31:dc:a0:32:8c:68:59:d5:23:c4:33:eb:4c:
4b:e4:8d:55:8f:46:41:6b:87:78:aa:15:32:14:5d:2d:b9:53:
54:75:5d:73:d9:db:e7:56:41:cc:0d:c7:30:25:ed:20:57:e7:
02:9e:a5:e0:03:11:49:b7:04:a5:a0:30:04:b0:4a:db:1a:fa:
d7:72:fa:30:57:16:57:70:43:8e:7f:44:d9:70:94:da:8a:c1:
c3:39:ee:3f:ca:1f:e4:41:59:02:dc:cd:93:61:5d:65:4a:3a:
1b:c6:f5:fe:d2:ba:71:da:f0:9d:5c:69:98:aa:a4:90:04:6c:
fd:78:72:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtyK4GDMyXSvAHnlWYh6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjYzgxMjg0OTFkYjEzMmNjZmNkODJhZGU3MDBkZWIzMDZi
MjE2MWEwHhcNMjQwMTAxMDYzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmE2YTFmNmE0YzMzODg4Nzc3OTcwZTkwYzU4NzRjNzBhNzkwNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2cOD/KRlRV/ynSE1aAbNHF+7Dwe
1+znK1HvFveeuR6gQ905aZuLY97ALtrAA+8WGTC16LTkwzhMxWgqVTU3r8MrsVvg
pD8qAF4/c2aEsMnaB+yFF0BiCSQ7by7WPaFBvHA9O6MAiNoE6M3WcbbqPq392Vvc
+4k8/zgqqhwRPh7cfPC6Izefp+HpVqIY+ZbPQ9xIUkl+y4FLwsQXutcPiDSogLzh
QBv67nd4vo23DZ9gKwNAul2kE09F8VomO8TLJuU03F+DUe2JTdr0DzLXZPd2Z04t
uA+RbqYFn6Sog6BGB6O++LMw0UPaJRl5aUgVtS4yXOFfMn0i8CpDY9heLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBamofakwziId3lw6QxYdMcKeQXQMB8GA1UdIwQY
MBaAFAzIEoSR2xMsz82CrecA3rMGshYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE1nU2hKSGJFeXpQellLdDV3RGVzd2F5RmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yYzNmNTMtMWJhYi00ZDMyLTgzODAt
ZDU5MTA4YjU3MjE0LzEvRnFhaDlxVERPSWgzZVhEcERGaDB4d3A1QmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yYzNmNTMtMWJhYi00ZDMyLTgzODAtZDU5MTA4YjU3MjE0
LzEvRE1nU2hKSGJFeXpQellLdDV3RGVzd2F5RmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXHdgAwQC
uSCIAwQCuU4AMA0GCSqGSIb3DQEBCwUAA4IBAQA8ERDRt5yYRifEGGA+s0SMbX/F
sUEaMoa4CgJCfK3ANbtRkUcpx1MDmcTMmRqHn3MH7a7uer9CYp1k01UD2BEKD1rH
NDsCT12bmxvdYgA8Ghe7EqFNNEzV+xOvsetK3LezLFxM/ZP5DCeiwHE2h4HtL+NJ
Ax5oxh8yiXhpAAP5vREBnjHcoDKMaFnVI8Qz60xL5I1Vj0ZBa4d4qhUyFF0tuVNU
dV1z2dvnVkHMDccwJe0gV+cCnqXgAxFJtwSloDAEsErbGvrXcvowVxZXcEOOf0TZ
cJTaisHDOe4/yh/kQVkC3M2TYV1lSjobxvX+0rpx2vCdXGmYqqSQBGz9eHLf
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:49 2024 by rpki-client on console-ams.rpki-client.org