Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/FktfBLYkFLGrkKn-tuULHQrCE94.roa
File: FktfBLYkFLGrkKn-tuULHQrCE94.roa (raw, json)
Hash identifier: B/vVW6EnfnNYv3iKmK9MiThXaf+yMm1jCgsNtH85QVE=
Subject key identifier: 16:4B:5F:04:B6:24:14:B1:AB:90:A9:FE:B6:E5:0B:1D:0A:C2:13:DE
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 01906E8AF5C58FB2ED9E472808B4929A58CE
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/FktfBLYkFLGrkKn-tuULHQrCE94.roa
Signing time: Mon 01 Jul 2024 13:45:18 +0000
ROA not before: Mon 01 Jul 2024 13:45:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.139.30.0/24 maxlen: 24
45.141.185.0/24 maxlen: 24
45.141.196.0/24 maxlen: 24
85.209.105.0/24 maxlen: 24
85.209.106.0/24 maxlen: 24
85.209.107.0/24 maxlen: 24
91.191.186.0/24 maxlen: 24
109.196.175.0/24 maxlen: 24
195.2.248.0/24 maxlen: 24
213.139.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:8a:f5:c5:8f:b2:ed:9e:47:28:08:b4:92:9a:58:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jul 1 13:45:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=164b5f04b62414b1ab90a9feb6e50b1d0ac213de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f8:23:fd:92:dd:da:2d:e1:60:5f:f7:5e:c5:
14:db:f2:e1:d4:a0:ef:83:d1:ad:fd:72:eb:c2:a2:
0f:c6:ef:eb:18:e7:63:00:fa:a3:38:ee:c2:d6:c2:
f1:4a:7d:7c:9f:4d:0d:86:d9:1e:96:b6:eb:c5:ee:
dc:25:3b:49:f4:31:9b:db:0d:cc:dc:af:2a:da:19:
78:1a:d8:b6:d1:62:4e:3f:0a:d5:3f:20:65:4b:d0:
bb:51:6a:14:78:92:0d:66:f9:20:44:29:e2:ae:12:
71:4e:29:2a:89:b1:37:aa:c7:05:fa:31:cc:84:47:
8d:3e:03:a0:e8:a1:df:96:03:b0:12:97:d9:ff:0a:
9c:24:1e:c5:04:d3:13:1f:64:fb:f3:0a:71:57:71:
0a:28:23:fc:cc:54:12:31:b4:a9:4f:a4:55:a8:60:
54:d6:02:45:98:9e:5b:94:5f:f7:86:9b:dd:b1:58:
56:b6:73:81:2d:d4:9e:9c:d6:d4:83:b0:9d:e5:17:
81:14:1d:b7:d8:28:57:a2:58:01:d7:09:5c:df:54:
e0:55:e3:44:e1:ee:7c:60:02:36:f6:e3:06:a7:b7:
f6:55:eb:92:be:29:db:f0:3d:7f:31:e9:ff:a8:16:
32:5a:1a:76:85:24:70:ac:91:42:a5:5f:bc:34:62:
45:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4B:5F:04:B6:24:14:B1:AB:90:A9:FE:B6:E5:0B:1D:0A:C2:13:DE
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/FktfBLYkFLGrkKn-tuULHQrCE94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.30.0/24
45.141.185.0/24
45.141.196.0/24
85.209.105.0-85.209.107.255
91.191.186.0/24
109.196.175.0/24
195.2.248.0/24
213.139.228.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:ce:c8:31:d4:af:39:35:f6:3f:24:46:ed:33:83:57:f4:42:
fa:c7:0f:6b:82:32:a6:56:0f:6b:7d:ae:fe:5e:99:e5:6b:43:
b8:6a:3b:7c:4c:0e:e4:58:e6:4e:fc:ff:e0:a1:01:27:4f:c9:
4c:53:36:27:55:57:77:9d:ec:5c:d5:ab:81:60:ec:28:6b:60:
5b:5e:e7:14:28:f9:ff:66:a0:c4:4d:0f:e2:84:83:8d:da:74:
e8:d8:8d:9b:d0:41:c6:59:8c:3e:73:af:d1:20:9f:66:75:9a:
cd:fc:30:72:9d:b7:77:17:e6:05:7f:55:46:34:39:8b:1a:11:
2c:93:19:d1:72:ee:d1:24:59:7a:41:c6:95:24:ab:c8:05:fc:
8f:be:8d:cb:4e:12:7a:23:fc:98:bf:25:31:05:18:4a:03:ec:
fe:4c:2e:3c:19:37:a9:1a:cc:7d:bb:53:c3:cf:84:25:ad:5f:
5c:80:53:89:ee:44:6d:e9:40:97:87:1d:d2:17:a7:16:30:9d:
43:b2:2c:27:67:62:1c:9b:20:c5:d0:77:38:66:0d:3d:13:43:
25:2a:68:6c:a0:ac:70:45:58:ac:14:e8:74:60:c9:2e:cb:ad:
e3:03:ac:04:2f:7a:e5:d6:fe:62:e0:a3:68:94:aa:25:d3:e4:
a0:21:b9:fa
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZBuivXFj7LtnkcoCLSSmljOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNzAxMTM0NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjRiNWYwNGI2MjQxNGIxYWI5MGE5ZmViNmU1MGIxZDBhYzIxM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPgj/ZLd2i3hYF/3XsUU2/Lh1KDv
g9Gt/XLrwqIPxu/rGOdjAPqjOO7C1sLxSn18n00Nhtkelrbrxe7cJTtJ9DGb2w3M
3K8q2hl4Gti20WJOPwrVPyBlS9C7UWoUeJINZvkgRCnirhJxTikqibE3qscF+jHM
hEeNPgOg6KHflgOwEpfZ/wqcJB7FBNMTH2T78wpxV3EKKCP8zFQSMbSpT6RVqGBU
1gJFmJ5blF/3hpvdsVhWtnOBLdSenNbUg7Cd5ReBFB232ChXolgB1wlc31TgVeNE
4e58YAI29uMGp7f2VeuSvinb8D1/Men/qBYyWhp2hSRwrJFCpV+8NGJFWQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBZLXwS2JBSxq5Cp/rblCx0KwhPeMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvRmt0ZkJMWWtGTEdya0tuLXR1VUxIUXJDRTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALYseAwQA
LY25AwQALY3EMAwDBABV0WkDBAJV0WgDBABbv7oDBABtxK8DBADDAvgDBADVi+Qw
DQYJKoZIhvcNAQELBQADggEBALzOyDHUrzk19j8kRu0zg1f0QvrHD2uCMqZWD2t9
rv5emeVrQ7hqO3xMDuRY5k78/+ChASdPyUxTNidVV3ed7FzVq4Fg7ChrYFte5xQo
+f9moMRND+KEg43adOjYjZvQQcZZjD5zr9Egn2Z1ms38MHKdt3cX5gV/VUY0OYsa
ESyTGdFy7tEkWXpBxpUkq8gF/I++jctOEnoj/Ji/JTEFGEoD7P5MLjwZN6kazH27
U8PPhCWtX1yAU4nuRG3pQJeHHdIXpxYwnUOyLCdnYhybIMXQdzhmDT0TQyUqaGyg
rHBFWKwU6HRgyS7LreMDrAQveuXW/mLgo2iUqiXT5KAhufo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:14:13 2024 by rpki-client on console-ams.rpki-client.org