Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/fjPWN2Ncsp23Eb5vbu4iajC4oRU.roa
File: fjPWN2Ncsp23Eb5vbu4iajC4oRU.roa (raw, json)
Hash identifier: Hzwnk2JOWLhLcVpRDzbZJpGbj0qPSBbQP3GCzzmWZNs=
Subject key identifier: 7E:33:D6:37:63:5C:B2:9D:B7:11:BE:6F:6E:EE:22:6A:30:B8:A1:15
Certificate issuer: /CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Certificate serial: 018CC6499CA001C4EF2444BF5BAAFB4FCCBB
Authority key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/fjPWN2Ncsp23Eb5vbu4iajC4oRU.roa
Signing time: Mon 01 Jan 2024 18:29:22 +0000
ROA not before: Mon 01 Jan 2024 18:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210213
IP address blocks: 195.244.146.0/24 maxlen: 24
195.244.152.0/24 maxlen: 24
195.244.153.0/24 maxlen: 24
195.244.156.0/24 maxlen: 24
2a00:1780:dc00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:9c:a0:01:c4:ef:24:44:bf:5b:aa:fb:4f:cc:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Validity
Not Before: Jan 1 18:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e33d637635cb29db711be6f6eee226a30b8a115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2e:49:4b:c4:1e:94:2e:ec:fe:bb:8c:84:1d:
54:35:b5:ba:3c:e0:67:66:f0:46:a7:86:24:ca:da:
b4:aa:39:c2:24:d1:7d:bf:0d:cb:3a:10:c6:8b:c4:
55:ee:76:e5:ff:61:ce:c5:12:ef:c1:69:c8:71:01:
0f:18:07:29:aa:37:b7:22:fa:95:15:cc:e0:19:1c:
97:2f:b2:09:6c:34:a4:6f:e9:d4:1c:0f:50:5d:0c:
66:35:1b:0a:0a:c0:d7:76:e1:8a:8a:09:7a:f3:91:
91:2e:5f:0e:cf:75:7d:4e:64:a9:16:f7:fe:df:12:
83:d7:01:ae:4d:8f:fb:b4:13:b1:ed:cd:64:f2:da:
c3:49:e8:f0:e6:d1:25:cd:44:a4:bf:8d:a5:45:fd:
d3:8b:14:68:73:21:5c:02:5a:37:d6:89:bc:2d:e2:
c1:8c:63:c7:a3:4a:72:72:8b:56:e0:d4:a8:b9:64:
24:4f:d3:e8:fc:02:4b:7d:bd:3e:52:77:65:38:8c:
a2:31:29:c2:63:ca:48:25:77:60:d3:48:30:65:9d:
10:31:8b:57:48:98:f0:e1:be:e9:a0:7c:ba:e7:5c:
31:45:31:6b:83:c2:96:97:e1:85:68:85:bf:42:f3:
49:e6:0c:77:6e:14:8f:3c:fd:2e:95:e2:e5:be:ef:
90:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:33:D6:37:63:5C:B2:9D:B7:11:BE:6F:6E:EE:22:6A:30:B8:A1:15
X509v3 Authority Key Identifier:
keyid:FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/fjPWN2Ncsp23Eb5vbu4iajC4oRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.146.0/24
195.244.152.0/23
195.244.156.0/24
IPv6:
2a00:1780:dc00::/40
Signature Algorithm: sha256WithRSAEncryption
8c:3d:22:6b:1b:51:a9:3a:40:38:0d:f9:71:f4:d8:9b:1c:29:
35:4d:c9:bf:bb:b9:3b:0a:21:a1:05:30:64:18:e0:7a:9e:99:
30:61:dc:08:bb:63:7f:80:8c:84:11:1b:85:db:1c:09:0b:03:
cf:52:1e:32:69:db:80:6a:65:12:43:26:65:3c:9c:85:57:9d:
7c:0d:67:27:99:aa:6e:56:3f:4d:10:9d:c8:62:77:1d:85:03:
d5:82:29:07:70:21:fc:e7:9e:a9:41:d5:ed:26:18:fe:6a:95:
19:99:ed:3a:17:ec:d1:9f:5d:ce:ef:b6:e2:b1:8e:9c:4c:b4:
ce:d9:a6:d0:83:b3:27:87:5c:e3:d5:bf:09:c2:a8:fd:ef:eb:
d4:90:59:c8:0b:52:39:bf:83:6e:67:ef:c5:51:3c:bb:71:5b:
6f:36:6a:89:1b:e1:40:91:b4:b0:3e:12:04:3f:d2:15:c6:8a:
df:db:ab:56:9e:0a:38:4e:da:ab:91:26:48:20:44:06:10:57:
9b:a8:61:92:5b:94:36:63:f6:22:58:2f:fc:ad:5c:21:64:5d:
aa:5b:b7:01:b9:16:b8:8b:c8:02:12:7b:1b:f2:d9:cc:20:2a:
19:42:b8:a4:f4:85:4b:d4:90:c8:74:0c:39:aa:ce:aa:61:e7:
5f:4f:f5:a5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGSZygAcTvJES/W6r7T8y7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjk4ZWViMmU0OWZjYjVmOWM2NWE5OTg1N2FmMjljZTA2
NjQxZDkwHhcNMjQwMTAxMTgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTMzZDYzNzYzNWNiMjlkYjcxMWJlNmY2ZWVlMjI2YTMwYjhhMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi5JS8QelC7s/ruMhB1UNbW6POBn
ZvBGp4Ykytq0qjnCJNF9vw3LOhDGi8RV7nbl/2HOxRLvwWnIcQEPGAcpqje3IvqV
FczgGRyXL7IJbDSkb+nUHA9QXQxmNRsKCsDXduGKigl685GRLl8Oz3V9TmSpFvf+
3xKD1wGuTY/7tBOx7c1k8trDSejw5tElzUSkv42lRf3TixRocyFcAlo31om8LeLB
jGPHo0pycotW4NSouWQkT9Po/AJLfb0+UndlOIyiMSnCY8pIJXdg00gwZZ0QMYtX
SJjw4b7poHy651wxRTFrg8KWl+GFaIW/QvNJ5gx3bhSPPP0uleLlvu+QFwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH4z1jdjXLKdtxG+b27uImowuKEVMB8GA1UdIwQY
MBaAFP9pjusuSfy1+cZamYV68pzgZkHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4Mzkt
NTdjZDY4ZDljYjRlLzEvZmpQV04yTmNzcDIzRWI1dmJ1NGlhakM0b1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4MzktNTdjZDY4ZDljYjRl
LzEvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAw/SSAwQB
w/SYAwQAw/ScMA4EAgACMAgDBgAqABeA3DANBgkqhkiG9w0BAQsFAAOCAQEAjD0i
axtRqTpAOA35cfTYmxwpNU3Jv7u5OwohoQUwZBjgep6ZMGHcCLtjf4CMhBEbhdsc
CQsDz1IeMmnbgGplEkMmZTychVedfA1nJ5mqblY/TRCdyGJ3HYUD1YIpB3Ah/Oee
qUHV7SYY/mqVGZntOhfs0Z9dzu+24rGOnEy0ztmm0IOzJ4dc49W/CcKo/e/r1JBZ
yAtSOb+DbmfvxVE8u3FbbzZqiRvhQJG0sD4SBD/SFcaK39urVp4KOE7aq5EmSCBE
BhBXm6hhkluUNmP2Ilgv/K1cIWRdqlu3AbkWuIvIAhJ7G/LZzCAqGUK4pPSFS9SQ
yHQMOarOqmHnX0/1pQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:35:24 2024 by rpki-client on console-ams.rpki-client.org