Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/fs2fb9vyAdTJ_9vZHP12Zvq4Myw.roa
File: fs2fb9vyAdTJ_9vZHP12Zvq4Myw.roa (raw, json)
Hash identifier: H+v0AGTX9OPRrvx0El9sPJcT+c7zAT319O7GS7lreK0=
Subject key identifier: 7E:CD:9F:6F:DB:F2:01:D4:C9:FF:DB:D9:1C:FD:76:66:FA:B8:33:2C
Certificate issuer: /CN=0859786f226cb6d490bfb54294e611a7d51a8f1e
Certificate serial: 018CCA9A0FB1F78AED19A17D0620F1D2C19C
Authority key identifier: 08:59:78:6F:22:6C:B6:D4:90:BF:B5:42:94:E6:11:A7:D5:1A:8F:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CFl4byJsttSQv7VClOYRp9Uajx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/fs2fb9vyAdTJ_9vZHP12Zvq4Myw.roa
Signing time: Tue 02 Jan 2024 14:35:43 +0000
ROA not before: Tue 02 Jan 2024 14:35:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47975
IP address blocks: 94.228.16.0/20 maxlen: 24
178.213.128.0/21 maxlen: 24
178.72.128.0/18 maxlen: 24
185.182.120.0/22 maxlen: 24
185.18.72.0/22 maxlen: 24
2a03:2300::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/CFl4byJsttSQv7VClOYRp9Uajx4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/CFl4byJsttSQv7VClOYRp9Uajx4.mft
rsync://rpki.ripe.net/repository/DEFAULT/CFl4byJsttSQv7VClOYRp9Uajx4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:0f:b1:f7:8a:ed:19:a1:7d:06:20:f1:d2:c1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0859786f226cb6d490bfb54294e611a7d51a8f1e
Validity
Not Before: Jan 2 14:35:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ecd9f6fdbf201d4c9ffdbd91cfd7666fab8332c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5e:4f:0c:b1:c0:cd:17:ba:08:19:1d:45:a9:
9c:81:d0:f6:c1:17:96:89:c7:0c:e6:d9:23:a7:fb:
cc:fa:05:31:31:3d:f0:38:ce:59:d6:b5:8f:16:0d:
e3:cd:81:34:fe:c0:cb:3a:b0:03:1b:41:34:6b:3f:
ba:c8:3a:97:81:1e:61:d5:e1:35:96:1a:3e:b9:65:
ad:ab:db:9a:65:42:eb:ac:84:f2:ce:2d:1f:9e:a9:
66:a6:4a:49:12:bd:1f:83:ae:24:f5:0a:bf:13:37:
d5:12:50:f5:b2:50:a9:5e:df:66:fc:78:f2:1d:46:
15:84:81:c5:c9:95:d9:07:a3:c2:98:1a:b5:22:33:
ed:ea:b7:4c:c8:4d:9d:6f:84:e5:2f:a1:d7:34:97:
20:ff:96:9d:79:5c:ef:7a:10:bb:b6:62:90:48:94:
76:cc:4e:3d:af:2a:83:b1:64:11:e7:97:0c:b1:7f:
8e:69:0f:e1:b7:4f:cc:df:de:2c:bd:25:3c:48:52:
94:f2:21:8f:99:57:c1:68:d3:d4:aa:13:58:f3:92:
f1:bf:5f:1b:da:c4:fe:72:a3:2f:1c:41:56:a3:15:
96:84:31:e6:14:d6:37:94:f9:68:47:9b:66:92:5b:
70:f7:ba:b3:79:7e:44:3e:df:4b:c9:a6:dd:9e:5c:
ed:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:CD:9F:6F:DB:F2:01:D4:C9:FF:DB:D9:1C:FD:76:66:FA:B8:33:2C
X509v3 Authority Key Identifier:
keyid:08:59:78:6F:22:6C:B6:D4:90:BF:B5:42:94:E6:11:A7:D5:1A:8F:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CFl4byJsttSQv7VClOYRp9Uajx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/fs2fb9vyAdTJ_9vZHP12Zvq4Myw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/CFl4byJsttSQv7VClOYRp9Uajx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.16.0/20
178.72.128.0/18
178.213.128.0/21
185.18.72.0/22
185.182.120.0/22
IPv6:
2a03:2300::/29
Signature Algorithm: sha256WithRSAEncryption
3b:4c:a4:09:5a:56:34:95:a4:1b:b6:a4:f5:72:59:e2:5a:2d:
a5:65:76:eb:54:e5:b0:af:9e:0e:84:53:e0:1c:ca:85:fa:7b:
50:b6:c2:ff:a0:9e:68:6a:aa:8c:44:57:56:93:22:82:b8:7d:
b0:c4:1e:65:16:b0:b0:73:0f:75:be:5d:3e:b8:be:08:2a:36:
a3:62:de:47:a3:77:27:6a:f2:41:61:4b:a2:91:33:c9:21:07:
3a:75:82:d1:5f:bb:0e:af:f8:b2:be:43:e6:cc:55:87:ba:de:
b4:40:aa:30:cf:d8:45:6b:3c:bf:b7:2d:3c:f1:08:6e:64:92:
68:3d:c3:54:18:64:be:7e:d2:ba:f9:27:aa:28:ca:b8:88:c6:
b9:66:d5:ee:17:d7:e7:ad:5d:e2:23:3e:8a:65:18:70:12:a3:
11:cb:b9:15:48:5b:ad:1e:77:9f:f1:e8:27:9f:1c:19:01:24:
6b:de:1b:27:79:14:04:21:79:9a:0b:1c:0c:d7:50:75:64:0b:
7c:b6:5a:1c:61:d3:ad:00:85:b2:3f:54:ea:99:28:d8:68:6b:
98:3d:e6:09:96:3e:e7:64:fd:eb:1c:91:d3:a9:fd:24:6f:f6:
67:e5:f2:0f:08:b3:89:74:65:3a:e3:09:09:9d:d5:fc:1f:3c:
d9:a4:a3:e3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKmg+x94rtGaF9BiDx0sGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NTk3ODZmMjI2Y2I2ZDQ5MGJmYjU0Mjk0ZTYxMWE3ZDUx
YThmMWUwHhcNMjQwMTAyMTQzNTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWNkOWY2ZmRiZjIwMWQ0YzlmZmRiZDkxY2ZkNzY2NmZhYjgzMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil5PDLHAzRe6CBkdRamcgdD2wReW
iccM5tkjp/vM+gUxMT3wOM5Z1rWPFg3jzYE0/sDLOrADG0E0az+6yDqXgR5h1eE1
lho+uWWtq9uaZULrrITyzi0fnqlmpkpJEr0fg64k9Qq/EzfVElD1slCpXt9m/Hjy
HUYVhIHFyZXZB6PCmBq1IjPt6rdMyE2db4TlL6HXNJcg/5adeVzvehC7tmKQSJR2
zE49ryqDsWQR55cMsX+OaQ/ht0/M394svSU8SFKU8iGPmVfBaNPUqhNY85Lxv18b
2sT+cqMvHEFWoxWWhDHmFNY3lPloR5tmkltw97qzeX5EPt9Lyabdnlzt5wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFH7Nn2/b8gHUyf/b2Rz9dmb6uDMsMB8GA1UdIwQY
MBaAFAhZeG8ibLbUkL+1QpTmEafVGo8eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0ZsNGJ5SnN0dFNRdjdWQ2xPWVJwOVVhang0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC82ODRlZTMtZmJlZC00MjI2LTkxYWQt
NTJmZTQ0MzQzNTBlLzEvZnMyZmI5dnlBZFRKXzl2WkhQMTJadnE0TXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC82ODRlZTMtZmJlZC00MjI2LTkxYWQtNTJmZTQ0MzQzNTBl
LzEvQ0ZsNGJ5SnN0dFNRdjdWQ2xPWVJwOVVhang0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEXuQQAwQG
skiAAwQDstWAAwQCuRJIAwQCubZ4MA0EAgACMAcDBQMqAyMAMA0GCSqGSIb3DQEB
CwUAA4IBAQA7TKQJWlY0laQbtqT1clniWi2lZXbrVOWwr54OhFPgHMqF+ntQtsL/
oJ5oaqqMRFdWkyKCuH2wxB5lFrCwcw91vl0+uL4IKjajYt5Ho3cnavJBYUuikTPJ
IQc6dYLRX7sOr/iyvkPmzFWHut60QKowz9hFazy/ty088QhuZJJoPcNUGGS+ftK6
+SeqKMq4iMa5ZtXuF9fnrV3iIz6KZRhwEqMRy7kVSFutHnef8egnnxwZASRr3hsn
eRQEIXmaCxwM11B1ZAt8tlocYdOtAIWyP1TqmSjYaGuYPeYJlj7nZP3rHJHTqf0k
b/Zn5fIPCLOJdGU64wkJndX8HzzZpKPj
-----END CERTIFICATE-----
Generated at Mon May 20 17:50:20 2024 by rpki-client on console-ams.rpki-client.org