Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/fx1A3Ij7OKp6KBW309_39o6rgsI.roa
File: fx1A3Ij7OKp6KBW309_39o6rgsI.roa (raw, json)
Hash identifier: ynwIEJ/84fEclTZaa3+bdW1UE2pVBJi4FJ9/shG4T7k=
Subject key identifier: 7F:1D:40:DC:88:FB:38:AA:7A:28:15:B7:D3:DF:F7:F6:8E:AB:82:C2
Certificate issuer: /CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Certificate serial: 018CC5001FAE7195276076BC7503027CC107
Authority key identifier: CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/fx1A3Ij7OKp6KBW309_39o6rgsI.roa
Signing time: Mon 01 Jan 2024 12:29:28 +0000
ROA not before: Mon 01 Jan 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15774
IP address blocks: 91.105.128.0/18 maxlen: 32
188.244.128.0/17 maxlen: 32
37.49.192.0/19 maxlen: 32
109.171.0.0/17 maxlen: 32
195.238.100.0/22 maxlen: 32
46.241.0.0/17 maxlen: 32
46.50.128.0/17 maxlen: 32
188.168.0.0/16 maxlen: 32
109.197.128.0/21 maxlen: 32
37.205.48.0/21 maxlen: 32
188.44.96.0/19 maxlen: 32
37.205.64.0/19 maxlen: 32
2a02:618::/32 maxlen: 96
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1f:ae:71:95:27:60:76:bc:75:03:02:7c:c1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Validity
Not Before: Jan 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f1d40dc88fb38aa7a2815b7d3dff7f68eab82c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ca:ce:31:22:a0:4b:bb:66:13:09:6a:e7:85:
ca:52:07:50:1e:a3:8d:f3:11:37:2f:09:a2:ca:38:
1e:48:0a:3b:17:46:5e:4e:60:ff:63:03:23:19:63:
72:02:15:5e:0d:9c:10:6f:1d:9e:67:38:87:77:c5:
22:f4:7a:ad:ca:b1:ae:33:2e:a6:c4:30:68:21:11:
af:57:09:be:15:aa:d7:73:0a:f5:2f:87:89:f2:b6:
38:ec:da:f6:da:82:43:1c:c6:b5:49:f0:f5:2d:3a:
bb:7d:2f:90:fe:73:da:e7:d3:fe:51:07:1f:29:70:
44:5b:ad:06:e4:da:41:90:2f:d7:09:53:f4:c7:de:
94:db:ab:11:35:b5:5e:c9:07:f1:46:1d:f8:03:20:
21:db:5c:41:c8:c0:11:39:74:b5:d7:dd:4f:4c:dd:
9a:8f:8c:d8:35:6e:cd:29:86:d9:48:af:b1:81:5f:
aa:cc:b3:9c:bd:5e:51:6f:4e:ba:9d:48:85:e1:2b:
ef:bd:3b:9f:15:ae:53:d1:e4:b7:08:bf:f8:c3:e0:
fa:5a:8a:e7:4d:d1:e3:63:91:bf:82:84:da:47:c7:
39:7f:12:24:54:bf:46:01:0a:df:3f:39:96:d4:4e:
17:7e:22:53:11:23:b0:d1:6e:c6:93:18:63:40:e3:
49:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:1D:40:DC:88:FB:38:AA:7A:28:15:B7:D3:DF:F7:F6:8E:AB:82:C2
X509v3 Authority Key Identifier:
keyid:CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/fx1A3Ij7OKp6KBW309_39o6rgsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.192.0/19
37.205.48.0/21
37.205.64.0/19
46.50.128.0/17
46.241.0.0/17
91.105.128.0/18
109.171.0.0/17
109.197.128.0/21
188.44.96.0/19
188.168.0.0/16
188.244.128.0/17
195.238.100.0/22
IPv6:
2a02:618::/32
Signature Algorithm: sha256WithRSAEncryption
14:37:ea:48:1a:92:b2:64:21:6c:95:2d:6f:a6:57:35:12:34:
13:5e:b0:df:ce:7a:56:48:3b:59:1d:e2:fa:22:48:2a:aa:ed:
b3:59:d3:5a:32:75:94:66:2a:99:b0:6e:5b:97:bc:c2:c5:1f:
63:61:f4:8c:9d:6d:03:a6:5c:b1:b2:60:9c:ad:19:72:c8:ab:
36:61:a4:47:b9:1c:83:28:ea:20:0f:f6:18:2e:4d:aa:47:74:
18:a2:39:7a:c3:da:3b:56:d6:a2:70:34:ea:84:0b:f2:71:8b:
c5:44:8e:3d:c8:58:a4:6c:23:a4:f9:39:74:88:7c:59:e0:70:
ba:ea:1e:6f:87:f9:18:ae:62:a3:da:9e:29:91:f6:2c:8d:02:
ba:96:42:bd:55:16:fb:c3:f8:96:56:48:d7:63:9c:80:af:2a:
fb:53:74:8a:05:11:95:90:f2:29:a6:e3:03:c2:ef:23:80:54:
50:5d:34:27:4d:68:9e:34:41:39:3a:c3:ca:58:a7:19:d9:f8:
be:8c:30:c2:8c:f3:4e:4b:f8:67:92:bc:50:1f:26:29:99:bb:
da:d8:c3:5d:3e:dd:f7:c7:55:1e:ca:93:15:a7:08:1b:63:8a:
ce:87:7c:99:72:28:f6:1d:ae:23:33:02:82:45:fe:47:f1:bb:
92:36:63:98
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYzFAB+ucZUnYHa8dQMCfMEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNGE3MTdmOGZhMWJiMDM1OTI3NDIyM2FjZGFlMjJiNzBl
NjZiZWMwHhcNMjQwMTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjFkNDBkYzg4ZmIzOGFhN2EyODE1YjdkM2RmZjdmNjhlYWI4MmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1crOMSKgS7tmEwlq54XKUgdQHqON
8xE3LwmiyjgeSAo7F0ZeTmD/YwMjGWNyAhVeDZwQbx2eZziHd8Ui9HqtyrGuMy6m
xDBoIRGvVwm+FarXcwr1L4eJ8rY47Nr22oJDHMa1SfD1LTq7fS+Q/nPa59P+UQcf
KXBEW60G5NpBkC/XCVP0x96U26sRNbVeyQfxRh34AyAh21xByMAROXS1191PTN2a
j4zYNW7NKYbZSK+xgV+qzLOcvV5Rb066nUiF4SvvvTufFa5T0eS3CL/4w+D6Worn
TdHjY5G/goTaR8c5fxIkVL9GAQrfPzmW1E4XfiJTESOw0W7GkxhjQONJ+wIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFH8dQNyI+ziqeigVt9Pf9/aOq4LCMB8GA1UdIwQY
MBaAFM9KcX+PobsDWSdCI6za4itw5mvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTkt
NmFhYTZiMDIxNjBkLzEvZngxQTNJajdPS3A2S0JXMzA5XzM5bzZyZ3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTktNmFhYTZiMDIxNjBk
LzEvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBNBAIAATBHAwQFJTHAAwQD
Jc0wAwQFJc1AAwQHLjKAAwQHLvEAAwQGW2mAAwQHbasAAwQDbcWAAwQFvCxgAwMA
vKgDBAe89IADBALD7mQwDQQCAAIwBwMFACoCBhgwDQYJKoZIhvcNAQELBQADggEB
ABQ36kgakrJkIWyVLW+mVzUSNBNesN/OelZIO1kd4voiSCqq7bNZ01oydZRmKpmw
bluXvMLFH2Nh9IydbQOmXLGyYJytGXLIqzZhpEe5HIMo6iAP9hguTapHdBiiOXrD
2jtW1qJwNOqEC/Jxi8VEjj3IWKRsI6T5OXSIfFngcLrqHm+H+RiuYqPanimR9iyN
ArqWQr1VFvvD+JZWSNdjnICvKvtTdIoFEZWQ8imm4wPC7yOAVFBdNCdNaJ40QTk6
w8pYpxnZ+L6MMMKM805L+GeSvFAfJimZu9rYw10+3ffHVR7KkxWnCBtjis6HfJly
KPYdriMzAoJF/kfxu5I2Y5g=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:54:04 2024 by rpki-client on console-ams.rpki-client.org