Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/FOOa3jAALIRYExFdeU07WIn07Ns.roa
File: FOOa3jAALIRYExFdeU07WIn07Ns.roa (raw, json)
Hash identifier: EA0dECGGqBSU28z8209sDHcaTqRnXNN5dW5PsP9Jztc=
Subject key identifier: 14:E3:9A:DE:30:00:2C:84:58:13:11:5D:79:4D:3B:58:89:F4:EC:DB
Certificate issuer: /CN=df2c15cf72fcdb8596b7c6489b15a6b720c14eb5
Certificate serial: 018F3D849613EC3959056429B1742A1AF8D7
Authority key identifier: DF:2C:15:CF:72:FC:DB:85:96:B7:C6:48:9B:15:A6:B7:20:C1:4E:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ywVz3L824WWt8ZImxWmtyDBTrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/FOOa3jAALIRYExFdeU07WIn07Ns.roa
Signing time: Fri 03 May 2024 08:14:10 +0000
ROA not before: Fri 03 May 2024 08:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60159
IP address blocks: 194.146.188.0/22 maxlen: 22
194.146.189.0/24 maxlen: 24
194.146.190.0/24 maxlen: 24
194.146.191.0/24 maxlen: 24
2a0c:d540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/3ywVz3L824WWt8ZImxWmtyDBTrU.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/3ywVz3L824WWt8ZImxWmtyDBTrU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ywVz3L824WWt8ZImxWmtyDBTrU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:84:96:13:ec:39:59:05:64:29:b1:74:2a:1a:f8:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df2c15cf72fcdb8596b7c6489b15a6b720c14eb5
Validity
Not Before: May 3 08:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14e39ade30002c845813115d794d3b5889f4ecdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7c:8a:70:d3:15:23:a6:29:1c:53:ff:bd:86:
15:08:8e:26:fb:23:d2:37:97:5d:62:48:c0:61:22:
cb:f7:e8:30:18:a2:13:49:11:4f:60:34:b7:71:a8:
56:79:0a:bd:b9:53:05:b1:fc:b7:f4:c3:f6:49:3b:
6d:e0:68:b7:a0:94:2c:d0:88:db:a5:84:85:23:d1:
87:0c:11:0c:75:9c:c8:67:42:81:8b:6b:60:5d:c9:
d4:25:5b:dc:be:aa:6f:ab:bc:46:79:6c:47:c5:d3:
2d:84:51:b8:46:1a:05:5b:21:86:74:ab:38:59:4d:
05:06:b6:ea:13:1c:7c:ac:c2:35:29:c8:de:c9:65:
9d:6d:f0:84:6f:fe:83:39:14:c3:93:75:53:16:81:
c9:24:81:c6:a2:8e:c2:c9:ab:ad:fa:72:aa:7a:6f:
ca:ed:e3:08:27:70:45:18:83:d5:a6:23:06:d2:c6:
39:4d:e7:f8:23:3d:33:69:b7:59:fd:d3:2b:45:ac:
1e:67:68:29:0a:de:51:cf:73:fd:76:40:ea:b6:6b:
ae:d9:b9:1b:2d:0c:01:58:d9:8f:aa:f8:d9:b4:55:
84:29:64:66:d3:c9:8a:c0:21:c2:13:5d:9c:71:ca:
ac:d4:4e:c0:51:b9:f5:cc:e2:40:2c:51:a8:fe:0f:
44:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E3:9A:DE:30:00:2C:84:58:13:11:5D:79:4D:3B:58:89:F4:EC:DB
X509v3 Authority Key Identifier:
keyid:DF:2C:15:CF:72:FC:DB:85:96:B7:C6:48:9B:15:A6:B7:20:C1:4E:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ywVz3L824WWt8ZImxWmtyDBTrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/FOOa3jAALIRYExFdeU07WIn07Ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/3ywVz3L824WWt8ZImxWmtyDBTrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.188.0/22
IPv6:
2a0c:d540::/32
Signature Algorithm: sha256WithRSAEncryption
c1:b6:8a:6a:fc:cc:64:84:df:04:bb:7f:ad:c2:c4:43:ae:01:
65:1e:d6:63:6b:60:33:53:72:dc:c8:ed:7f:8f:93:4b:58:f5:
2d:fb:1c:0f:19:07:2a:cb:f1:b5:b0:49:d9:b3:e8:78:e1:0b:
3a:4f:28:b5:ef:94:7a:ff:61:a5:a1:6c:b2:82:19:38:3f:07:
11:6d:11:e0:06:db:ea:0a:0d:e6:41:ca:23:6f:eb:bc:9a:42:
07:df:87:f4:1d:f9:53:1a:7f:92:68:40:17:e4:4f:58:d6:b1:
4a:29:40:82:2f:cc:7c:50:50:95:d5:5f:c9:ba:0e:d2:da:5f:
60:7d:27:d8:2a:19:f0:f7:7e:0c:14:94:51:5a:8d:6d:f1:74:
84:aa:83:6d:6b:a9:52:c1:3d:0b:d6:ae:67:1a:9a:12:41:90:
85:ae:da:27:fc:34:10:46:b0:db:98:cb:8a:37:3d:35:f6:af:
c8:d9:8a:b1:04:c8:ec:29:5d:1d:af:df:5a:d2:b5:a4:af:a2:
a6:c9:83:1d:59:db:b2:d7:e6:90:a4:51:67:d8:de:81:37:c4:
b2:1d:92:ec:a9:0c:54:eb:a2:91:81:af:ff:85:ad:fa:20:76:
b2:6b:95:d6:ed:3f:7d:99:57:e0:6e:51:d1:ee:72:44:82:41:
e5:76:0b:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY89hJYT7DlZBWQpsXQqGvjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMmMxNWNmNzJmY2RiODU5NmI3YzY0ODliMTVhNmI3MjBj
MTRlYjUwHhcNMjQwNTAzMDgxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGUzOWFkZTMwMDAyYzg0NTgxMzExNWQ3OTRkM2I1ODg5ZjRlY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXyKcNMVI6YpHFP/vYYVCI4m+yPS
N5ddYkjAYSLL9+gwGKITSRFPYDS3cahWeQq9uVMFsfy39MP2STtt4Gi3oJQs0Ijb
pYSFI9GHDBEMdZzIZ0KBi2tgXcnUJVvcvqpvq7xGeWxHxdMthFG4RhoFWyGGdKs4
WU0FBrbqExx8rMI1KcjeyWWdbfCEb/6DORTDk3VTFoHJJIHGoo7Cyaut+nKqem/K
7eMIJ3BFGIPVpiMG0sY5Tef4Iz0zabdZ/dMrRaweZ2gpCt5Rz3P9dkDqtmuu2bkb
LQwBWNmPqvjZtFWEKWRm08mKwCHCE12cccqs1E7AUbn1zOJALFGo/g9EZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBTjmt4wACyEWBMRXXlNO1iJ9OzbMB8GA1UdIwQY
MBaAFN8sFc9y/NuFlrfGSJsVprcgwU61MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3l3VnozTDgyNFdXdDhaSW14V210eURCVHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2ZlYTEtZDgyYS00NzU1LTgxMGUt
ZjE4NTNkMTBlNjEwLzEvRk9PYTNqQUFMSVJZRXhGZGVVMDdXSW4wN05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85Y2ZlYTEtZDgyYS00NzU1LTgxMGUtZjE4NTNkMTBlNjEw
LzEvM3l3VnozTDgyNFdXdDhaSW14V210eURCVHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwpK8MA0E
AgACMAcDBQAqDNVAMA0GCSqGSIb3DQEBCwUAA4IBAQDBtopq/MxkhN8Eu3+twsRD
rgFlHtZja2AzU3LcyO1/j5NLWPUt+xwPGQcqy/G1sEnZs+h44Qs6Tyi175R6/2Gl
oWyyghk4PwcRbRHgBtvqCg3mQcojb+u8mkIH34f0HflTGn+SaEAX5E9Y1rFKKUCC
L8x8UFCV1V/Jug7S2l9gfSfYKhnw934MFJRRWo1t8XSEqoNta6lSwT0L1q5nGpoS
QZCFrton/DQQRrDbmMuKNz019q/I2YqxBMjsKV0dr99a0rWkr6KmyYMdWduy1+aQ
pFFn2N6BN8SyHZLsqQxU66KRga//ha36IHaya5XW7T99mVfgblHR7nJEgkHldguF
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:19:18 2024 by rpki-client on console-ams.rpki-client.org