Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/f2xHc0b9o06NVoDz4jgvZ5YGSiA.roa
File: f2xHc0b9o06NVoDz4jgvZ5YGSiA.roa (raw, json)
Hash identifier: BSqMFxB/arLbyHAHTibEf38+jX0x9YqO8ih9phoG+Mk=
Subject key identifier: 7F:6C:47:73:46:FD:A3:4E:8D:56:80:F3:E2:38:2F:67:96:06:4A:20
Certificate issuer: /CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Certificate serial: 018CC4251DA85C3A03D6638DA3D2BF99F78E
Authority key identifier: CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/f2xHc0b9o06NVoDz4jgvZ5YGSiA.roa
Signing time: Mon 01 Jan 2024 08:30:15 +0000
ROA not before: Mon 01 Jan 2024 08:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12329
IP address blocks: 156.67.59.0/24 maxlen: 24
212.23.128.0/19 maxlen: 24
81.173.6.0/24 maxlen: 24
185.249.168.0/22 maxlen: 24
62.221.232.0/21 maxlen: 24
62.221.240.0/21 maxlen: 24
2001:7d8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/z9s9kEs0RAVGtiQdeJTZMwC8vSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/z9s9kEs0RAVGtiQdeJTZMwC8vSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:1d:a8:5c:3a:03:d6:63:8d:a3:d2:bf:99:f7:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Validity
Not Before: Jan 1 08:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f6c477346fda34e8d5680f3e2382f6796064a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ca:ba:e4:c5:62:5d:42:83:53:3a:92:45:7b:
ce:5b:72:34:a2:ec:40:76:c7:d9:68:79:70:4f:3e:
a7:6a:30:47:0c:8c:14:7f:89:c3:af:5c:eb:1d:9f:
bb:8a:b0:11:6a:cf:7b:14:54:a4:84:fc:b7:ba:1d:
97:27:83:2d:9f:92:c3:6b:9b:5e:c4:7a:cd:c1:ba:
dc:0e:96:14:47:c2:c1:c6:c6:fa:48:38:5d:c2:10:
2f:7e:56:1d:39:b9:1b:3d:47:c3:96:17:a2:c0:5b:
0e:9d:db:bb:40:53:92:3e:1c:27:ee:f6:7d:7e:aa:
6a:09:a8:7b:53:f6:d7:96:d4:17:ee:a5:89:99:dd:
5a:cf:f3:9d:e8:ad:e5:8c:b7:5e:10:b1:88:d8:db:
27:d0:7f:93:d2:56:23:d1:3a:23:1e:51:50:07:03:
bb:16:b7:2b:5c:d7:eb:43:f9:11:3a:0b:e9:a3:ea:
65:11:27:eb:38:38:e6:b3:f7:ce:f1:62:e8:31:b8:
58:0e:29:7d:ad:2d:23:ea:3c:e3:ec:cc:ee:20:bc:
2f:56:6a:90:c2:4e:40:4f:77:53:e6:2d:97:80:69:
df:e7:4d:30:af:f3:3d:f7:b0:a4:31:3b:bf:da:c9:
bb:80:92:3e:d5:6b:e5:ed:76:f1:4f:af:76:6e:83:
85:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:6C:47:73:46:FD:A3:4E:8D:56:80:F3:E2:38:2F:67:96:06:4A:20
X509v3 Authority Key Identifier:
keyid:CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/f2xHc0b9o06NVoDz4jgvZ5YGSiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/z9s9kEs0RAVGtiQdeJTZMwC8vSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.232.0-62.221.247.255
81.173.6.0/24
156.67.59.0/24
185.249.168.0/22
212.23.128.0/19
IPv6:
2001:7d8::/32
Signature Algorithm: sha256WithRSAEncryption
cd:d6:c2:40:bc:55:07:e7:a6:4a:5f:c7:a9:80:b5:90:0c:b2:
0f:5b:ac:44:2f:d0:37:c2:9a:3b:79:78:ff:3b:62:84:f6:12:
8e:e7:cb:63:70:99:57:ba:79:af:09:bf:d3:83:dd:dd:b0:83:
de:83:5f:ad:1b:dd:80:b6:8f:24:7a:25:af:f5:9d:59:27:82:
0c:94:27:ee:2f:48:ac:2b:42:92:38:ea:05:91:4d:9f:a2:9f:
b1:b5:f4:3f:3a:5f:e3:9e:72:ba:8a:68:cb:b0:60:7e:0a:a0:
4c:01:ca:fe:4e:2b:e2:85:70:2f:9e:87:0f:a3:0a:e5:58:dd:
67:2c:14:b5:23:73:97:8a:45:86:e5:46:2c:01:ff:0a:cd:f3:
14:da:69:2a:45:05:07:53:79:9e:03:e3:c9:33:06:81:af:5c:
29:33:78:c4:b9:38:b9:54:30:07:aa:6d:a2:5b:21:40:70:98:
cb:59:da:96:c6:75:64:5c:85:a3:e4:4d:dc:4f:ae:8e:42:39:
6b:01:37:a6:04:9a:6d:aa:4c:91:d3:9b:24:d3:10:97:93:7a:
76:f6:10:89:e5:fa:20:57:62:88:67:ba:fa:90:c8:45:eb:9d:
c7:23:d9:1e:f8:4e:1e:2b:c8:c0:f8:fb:d3:67:3f:39:64:55:
3d:36:2e:d5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzEJR2oXDoD1mONo9K/mfeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGIzZDkwNGIzNDQ0MDU0NmI2MjQxZDc4OTRkOTMzMDBi
Y2JkMjgwHhcNMjQwMTAxMDgzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjZjNDc3MzQ2ZmRhMzRlOGQ1NjgwZjNlMjM4MmY2Nzk2MDY0YTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocq65MViXUKDUzqSRXvOW3I0ouxA
dsfZaHlwTz6najBHDIwUf4nDr1zrHZ+7irARas97FFSkhPy3uh2XJ4Mtn5LDa5te
xHrNwbrcDpYUR8LBxsb6SDhdwhAvflYdObkbPUfDlheiwFsOndu7QFOSPhwn7vZ9
fqpqCah7U/bXltQX7qWJmd1az/Od6K3ljLdeELGI2Nsn0H+T0lYj0TojHlFQBwO7
FrcrXNfrQ/kROgvpo+plESfrODjms/fO8WLoMbhYDil9rS0j6jzj7MzuILwvVmqQ
wk5AT3dT5i2XgGnf500wr/M997CkMTu/2sm7gJI+1Wvl7XbxT692boOFsQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFH9sR3NG/aNOjVaA8+I4L2eWBkogMB8GA1UdIwQY
MBaAFM/bPZBLNEQFRrYkHXiU2TMAvL0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUt
NmU3NTYxNTM1YmJkLzEvZjJ4SGMwYjlvMDZOVm9EejRqZ3ZaNVlHU2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUtNmU3NTYxNTM1YmJk
LzEvejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBAM+3egD
BAM+3fADBABRrQYDBACcQzsDBAK5+agDBAXUF4AwDQQCAAIwBwMFACABB9gwDQYJ
KoZIhvcNAQELBQADggEBAM3WwkC8VQfnpkpfx6mAtZAMsg9brEQv0DfCmjt5eP87
YoT2Eo7ny2NwmVe6ea8Jv9OD3d2wg96DX60b3YC2jyR6Ja/1nVknggyUJ+4vSKwr
QpI46gWRTZ+in7G19D86X+OecrqKaMuwYH4KoEwByv5OK+KFcC+ehw+jCuVY3Wcs
FLUjc5eKRYblRiwB/wrN8xTaaSpFBQdTeZ4D48kzBoGvXCkzeMS5OLlUMAeqbaJb
IUBwmMtZ2pbGdWRchaPkTdxPro5COWsBN6YEmm2qTJHTmyTTEJeTenb2EInl+iBX
YohnuvqQyEXrnccj2R74Th4ryMD4+9NnPzlkVT02LtU=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:12:02 2024 by rpki-client on console-fra.rpki-client.org