Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/1--ON0NgvS91en06XYK3j0uR4yAc.roa
File: 1--ON0NgvS91en06XYK3j0uR4yAc.roa (raw, json)
Hash identifier: MHmEC7CbgcDuUbdEaZi1Hc8eHYkXNTsbv6onD9TfItI=
Subject key identifier: FB:E3:8D:D0:D8:2F:4B:DD:5E:9F:4E:97:60:AD:E3:D2:E4:78:C8:07
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 0190353CC9B34F1939C8AE64C9A061860525
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/1--ON0NgvS91en06XYK3j0uR4yAc.roa
Signing time: Thu 20 Jun 2024 10:41:34 +0000
ROA not before: Thu 20 Jun 2024 10:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 86.104.227.0/24 maxlen: 24
89.47.34.0/24 maxlen: 24
162.218.157.0/24 maxlen: 24
193.200.96.0/23 maxlen: 23
194.29.70.0/24 maxlen: 24
194.29.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:3c:c9:b3:4f:19:39:c8:ae:64:c9:a0:61:86:05:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jun 20 10:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbe38dd0d82f4bdd5e9f4e9760ade3d2e478c807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ff:bf:51:66:91:a6:0e:da:7c:7d:53:e1:ed:
98:fa:8c:f5:93:1f:01:d3:d7:72:cc:2d:85:27:63:
8e:13:b1:d8:e1:e9:2b:de:f3:70:c1:5b:74:87:b6:
82:37:3d:9e:55:a8:37:0d:95:29:f4:ff:db:80:4c:
29:06:88:b4:4a:ff:03:42:31:a2:7d:de:16:54:3a:
df:6c:b6:7e:82:05:c9:fb:11:ae:e0:ec:25:c0:26:
13:6e:8f:db:bc:85:6d:18:ac:9e:8a:22:86:93:7c:
e2:e8:f9:89:84:3c:fe:06:fe:cd:2d:f2:42:cf:f6:
74:a3:aa:39:21:c7:88:bd:9f:87:53:5f:be:c7:9b:
49:52:22:5e:db:5c:46:49:84:52:0d:e3:c7:ce:fd:
e2:ab:88:52:60:79:ec:41:c5:eb:8d:ae:f8:90:a8:
a5:eb:da:13:c8:52:52:77:75:14:19:e1:c1:d8:f0:
9e:5d:46:6f:55:be:b5:3d:cf:69:08:97:3b:62:8a:
1c:9d:02:6e:4d:35:43:e1:ce:a5:d5:a6:98:b8:85:
28:f4:ea:ad:f1:27:b4:db:15:8c:71:c3:08:05:38:
63:f7:eb:33:ca:1d:12:9a:de:8e:d9:8c:bc:04:6d:
71:ff:49:a6:70:22:de:ba:16:7a:09:4f:14:ec:6a:
02:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E3:8D:D0:D8:2F:4B:DD:5E:9F:4E:97:60:AD:E3:D2:E4:78:C8:07
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/1--ON0NgvS91en06XYK3j0uR4yAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.227.0/24
89.47.34.0/24
162.218.157.0/24
193.200.96.0/23
194.29.70.0/24
194.29.80.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:f2:b6:dd:e2:a8:f6:cb:37:3d:c6:22:77:c1:6b:db:14:a1:
56:fe:27:32:36:e9:d8:9b:79:6a:80:ab:f6:f3:e0:8f:92:28:
0e:25:6c:ea:4f:02:c2:bb:0d:d2:d1:da:23:31:eb:10:3b:4e:
ac:40:c7:ab:e8:46:63:05:51:2f:64:52:90:eb:6d:2f:3a:ff:
ca:80:21:ec:1d:06:40:10:dc:fa:3b:f6:95:c9:7b:18:ae:b3:
a8:7d:0e:71:51:cf:94:53:82:8c:63:41:73:2c:75:1a:d7:ca:
fe:22:88:3e:82:9d:80:f1:eb:8b:c7:4c:44:82:37:01:3c:e4:
d1:f4:2d:0d:95:33:9b:b3:d1:c0:10:32:e6:7f:25:ad:c5:67:
3f:a2:32:ed:70:42:9c:a8:02:08:e6:c9:13:a1:55:32:bc:2d:
dd:5c:c7:4e:94:da:ea:f8:31:25:9b:b8:ee:bb:3b:8d:72:ed:
30:e5:02:eb:8b:7a:e4:7c:af:82:69:28:ff:86:b9:c3:cd:77:
98:7f:6f:e7:0c:01:9a:f2:d9:a2:d4:b7:93:20:62:64:e5:39:
85:b2:41:d9:14:13:8d:2b:9c:8c:77:8c:58:9a:59:cc:c6:4b:
e4:fb:41:3b:85:a0:25:f7:04:97:39:40:cc:72:36:30:ea:dd:
19:6d:e8:a5
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZA1PMmzTxk5yK5kyaBhhgUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjQwNjIwMTA0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmUzOGRkMGQ4MmY0YmRkNWU5ZjRlOTc2MGFkZTNkMmU0NzhjODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v+/UWaRpg7afH1T4e2Y+oz1kx8B
09dyzC2FJ2OOE7HY4ekr3vNwwVt0h7aCNz2eVag3DZUp9P/bgEwpBoi0Sv8DQjGi
fd4WVDrfbLZ+ggXJ+xGu4OwlwCYTbo/bvIVtGKyeiiKGk3zi6PmJhDz+Bv7NLfJC
z/Z0o6o5IceIvZ+HU1++x5tJUiJe21xGSYRSDePHzv3iq4hSYHnsQcXrja74kKil
69oTyFJSd3UUGeHB2PCeXUZvVb61Pc9pCJc7YoocnQJuTTVD4c6l1aaYuIUo9Oqt
8Se02xWMccMIBThj9+szyh0Smt6O2Yy8BG1x/0mmcCLeuhZ6CU8U7GoC8QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPvjjdDYL0vdXp9Ol2Ct49LkeMgHMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvMS0tT04wTmd2UzkxZW4wNlhZSzNqMHVSNHlBYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODAvZmI0MmVjLTEwYjQtNGRjZi1iZWYwLTJkMTQzZDdiODUz
Yy8xLzlmc3kwaVpySDV2T1Y4ckppOEFrZnl5UmxfSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFZo4wME
AFkvIgMEAKLanQMEAcHIYAMEAMIdRgMEAMIdUDANBgkqhkiG9w0BAQsFAAOCAQEA
uvK23eKo9ss3PcYid8Fr2xShVv4nMjbp2Jt5aoCr9vPgj5IoDiVs6k8CwrsN0tHa
IzHrEDtOrEDHq+hGYwVRL2RSkOttLzr/yoAh7B0GQBDc+jv2lcl7GK6zqH0OcVHP
lFOCjGNBcyx1GtfK/iKIPoKdgPHri8dMRII3ATzk0fQtDZUzm7PRwBAy5n8lrcVn
P6Iy7XBCnKgCCObJE6FVMrwt3VzHTpTa6vgxJZu47rs7jXLtMOUC64t65Hyvgmko
/4a5w813mH9v5wwBmvLZotS3kyBiZOU5hbJB2RQTjSucjHeMWJpZzMZL5PtBO4Wg
JfcElzlAzHI2MOrdGW3opQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:16:53 2024 by rpki-client on console-fra.rpki-client.org