Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Fci6nEfXorkjTJ0nXOlxNWnJjRU.roa
File: Fci6nEfXorkjTJ0nXOlxNWnJjRU.roa (raw, json)
Hash identifier: 6tjauhI98BLWZ/pn/xO/b8404IfmjoUeGoUns2B0sF0=
Subject key identifier: 15:C8:BA:9C:47:D7:A2:B9:23:4C:9D:27:5C:E9:71:35:69:C9:8D:15
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A6BA69ABDF736B1B09CE52F2C1359
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Fci6nEfXorkjTJ0nXOlxNWnJjRU.roa
Signing time: Tue 02 Jan 2024 12:33:46 +0000
ROA not before: Tue 02 Jan 2024 12:33:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46562
IP address blocks: 185.231.172.0/24 maxlen: 24
185.231.175.0/24 maxlen: 24
185.231.173.0/24 maxlen: 24
185.231.174.0/24 maxlen: 24
82.115.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6b:a6:9a:bd:f7:36:b1:b0:9c:e5:2f:2c:13:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15c8ba9c47d7a2b9234c9d275ce9713569c98d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f8:17:f0:4a:f8:b1:17:90:7f:10:49:15:c9:
6d:21:bf:4a:04:1e:22:36:1d:9e:e9:10:97:1f:27:
f8:0e:cc:60:8f:0d:5c:2e:5c:38:33:92:8c:54:07:
68:a7:a9:fe:f7:a5:8e:7c:fa:a4:c5:c6:13:3a:d3:
89:e6:7a:a0:b0:95:e5:66:fa:55:76:6c:05:a9:7a:
d6:25:ff:5a:0f:1c:81:3a:75:0c:01:52:4b:1d:e0:
3d:e2:0e:b7:13:56:6c:2c:b3:f9:13:38:7f:51:48:
68:3d:e9:5b:86:d9:df:f7:24:0c:ef:73:fd:df:72:
0d:75:de:85:e3:25:4d:60:06:03:32:98:f7:9b:af:
99:f0:ea:13:c2:24:d1:a1:b2:4e:4e:05:89:49:44:
69:9d:e4:bb:cb:94:18:71:da:9f:84:0d:ac:e1:17:
e4:c3:a1:c2:7b:f5:7f:51:19:86:3d:a8:1b:b3:e8:
89:75:45:88:e5:8b:7c:d4:03:d2:59:89:52:77:1d:
74:03:60:8e:e0:db:89:73:04:f3:3b:c0:33:9f:fe:
b2:c7:6e:8c:cf:c8:6a:98:a7:74:77:10:3c:35:ae:
b7:ef:14:19:ff:fe:e3:fd:57:a8:8f:1e:05:3e:ec:
93:1d:ad:ca:a3:a4:0a:61:5a:e7:6d:44:81:55:ce:
f2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C8:BA:9C:47:D7:A2:B9:23:4C:9D:27:5C:E9:71:35:69:C9:8D:15
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Fci6nEfXorkjTJ0nXOlxNWnJjRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.28.0/24
185.231.172.0/22
Signature Algorithm: sha256WithRSAEncryption
66:04:fb:99:b3:e8:c7:4f:d5:7a:63:93:2e:6f:a9:61:75:2e:
91:47:30:8a:dd:5b:77:99:a2:4c:69:d6:99:ca:89:da:80:bb:
20:6f:e9:32:37:50:a1:e2:b1:1e:6a:24:ac:4d:c0:f0:a3:e4:
63:7c:3e:41:ff:ab:4d:78:d6:6c:eb:c7:bd:6c:9c:2b:2c:26:
a4:9b:cc:cf:36:ee:17:20:22:6a:79:97:64:05:4b:63:a3:0f:
b2:14:d8:b2:2a:f5:41:b1:71:d4:e1:f9:26:59:98:6d:3e:09:
66:73:14:4c:2c:fb:72:98:6d:65:0f:d0:f6:d3:51:fd:4e:c6:
16:0d:1d:20:45:5e:7c:ca:ec:e1:73:b8:f8:92:cc:86:8c:d8:
f7:aa:00:2e:93:40:3c:9f:e6:09:6b:f0:96:e4:93:cc:a0:90:
ee:05:13:e3:76:39:b3:39:7e:dd:5d:8c:53:38:93:db:0d:0b:
26:85:e2:30:9e:7f:d8:1f:e4:c7:88:c1:03:a2:27:46:50:98:
92:97:d5:9c:40:08:21:55:87:be:03:18:40:0e:b0:28:69:2c:
86:d9:20:1d:27:e1:45:51:eb:66:6d:df:43:be:6a:7a:75:ca:
c3:97:8e:bb:41:80:b4:eb:fa:33:39:be:50:0c:49:43:5e:d7:
dc:52:02:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKmummr33NrGwnOUvLBNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWM4YmE5YzQ3ZDdhMmI5MjM0YzlkMjc1Y2U5NzEzNTY5Yzk4ZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvgX8Er4sReQfxBJFcltIb9KBB4i
Nh2e6RCXHyf4Dsxgjw1cLlw4M5KMVAdop6n+96WOfPqkxcYTOtOJ5nqgsJXlZvpV
dmwFqXrWJf9aDxyBOnUMAVJLHeA94g63E1ZsLLP5Ezh/UUhoPelbhtnf9yQM73P9
33INdd6F4yVNYAYDMpj3m6+Z8OoTwiTRobJOTgWJSURpneS7y5QYcdqfhA2s4Rfk
w6HCe/V/URmGPagbs+iJdUWI5Yt81APSWYlSdx10A2CO4NuJcwTzO8Azn/6yx26M
z8hqmKd0dxA8Na637xQZ//7j/Veojx4FPuyTHa3Ko6QKYVrnbUSBVc7yUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBXIupxH16K5I0ydJ1zpcTVpyY0VMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvRmNpNm5FZlhvcmtqVEowblhPbHhOV25KalJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUnMcAwQC
ueesMA0GCSqGSIb3DQEBCwUAA4IBAQBmBPuZs+jHT9V6Y5Mub6lhdS6RRzCK3Vt3
maJMadaZyonagLsgb+kyN1Ch4rEeaiSsTcDwo+RjfD5B/6tNeNZs68e9bJwrLCak
m8zPNu4XICJqeZdkBUtjow+yFNiyKvVBsXHU4fkmWZhtPglmcxRMLPtymG1lD9D2
01H9TsYWDR0gRV58yuzhc7j4ksyGjNj3qgAuk0A8n+YJa/CW5JPMoJDuBRPjdjmz
OX7dXYxTOJPbDQsmheIwnn/YH+THiMEDoidGUJiSl9WcQAghVYe+AxhADrAoaSyG
2SAdJ+FFUetmbd9Dvmp6dcrDl467QYC06/ozOb5QDElDXtfcUgIl
-----END CERTIFICATE-----
Generated at Sun Apr 28 01:28:45 2024 by rpki-client on console-ams.rpki-client.org