Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/IAwAHtKYMq-bQjcq5_yrugH8Yyc.roa
File: IAwAHtKYMq-bQjcq5_yrugH8Yyc.roa (raw, json)
Hash identifier: W1f4QzwSC9iI7VTISONqL/aNocaPou9OsGNpPuGHQxs=
Subject key identifier: 20:0C:00:1E:D2:98:32:AF:9B:42:37:2A:E7:FC:AB:BA:01:FC:63:27
Certificate issuer: /CN=fc44297e9271c6edf064915f6180ae12690dda8b
Certificate serial: 018CC56E1C85A4C195E7ABE69E1F6C415D15
Authority key identifier: FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/IAwAHtKYMq-bQjcq5_yrugH8Yyc.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203206
IP address blocks: 213.169.152.0/24 maxlen: 24
213.169.150.0/24 maxlen: 24
213.169.153.0/24 maxlen: 24
213.169.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.mft
rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1c:85:a4:c1:95:e7:ab:e6:9e:1f:6c:41:5d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc44297e9271c6edf064915f6180ae12690dda8b
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=200c001ed29832af9b42372ae7fcabba01fc6327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:52:17:c1:c0:f7:8f:0e:04:8a:97:23:9c:7d:
e9:8c:8b:2b:2b:b0:f9:3e:c6:1a:7f:f0:57:21:43:
7a:8d:51:6e:1d:a9:12:25:56:cc:2b:f0:c0:f0:d3:
ad:a7:92:52:59:2e:82:a7:cb:c2:d7:39:87:9d:8f:
04:ef:a8:ed:fb:96:01:36:cb:de:e1:50:c2:f8:8d:
5a:c2:12:0d:82:70:e1:aa:5d:6e:55:cf:cd:97:37:
25:ed:68:d2:f0:94:2a:c8:32:4b:a4:69:26:c2:bd:
ea:63:dc:aa:77:ae:cc:27:3f:a4:9f:47:c6:fa:90:
25:3e:ce:e1:74:f6:74:2f:cd:21:32:b7:7a:c0:5d:
0f:9d:56:65:17:46:8a:52:23:3e:96:22:f4:02:8b:
ed:e1:c2:59:87:b2:26:d4:30:c9:49:ec:9f:c4:d2:
53:09:62:ae:19:08:9f:42:16:49:9e:01:ad:83:72:
5f:a4:0c:37:2f:bf:7d:6e:46:7b:5a:b8:79:93:03:
13:08:45:77:85:9b:a4:4d:b8:44:d0:5c:fb:61:76:
3d:15:43:25:69:57:cb:62:e2:6a:89:b6:5b:73:2c:
47:61:44:46:0d:22:a1:05:e3:3a:8c:25:1a:50:43:
59:78:f4:54:4b:61:ec:6b:14:4c:a0:6f:ab:35:53:
e6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0C:00:1E:D2:98:32:AF:9B:42:37:2A:E7:FC:AB:BA:01:FC:63:27
X509v3 Authority Key Identifier:
keyid:FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/IAwAHtKYMq-bQjcq5_yrugH8Yyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.169.150.0/24
213.169.152.0/23
213.169.155.0/24
Signature Algorithm: sha256WithRSAEncryption
19:dc:6d:a7:43:26:0d:a1:f1:6c:37:0d:3b:d4:c8:bd:63:96:
5b:b6:89:b4:e3:c4:7a:64:2d:e4:a3:e3:a5:89:9e:8e:4a:5e:
f2:e5:ed:c7:03:0b:a8:60:44:d6:27:7c:da:b6:41:84:28:64:
12:90:c2:ea:c4:21:1a:99:f6:85:0a:c2:81:a0:27:68:64:fe:
c8:b4:f4:1d:a7:c5:8b:13:77:ff:59:0f:cd:eb:78:e3:a1:42:
3f:5d:83:04:97:1b:93:cd:f7:fb:df:cf:8f:3e:0e:ab:e7:d3:
e8:9a:28:db:cf:fa:03:74:60:cf:ba:73:8b:c1:b7:9f:51:38:
5a:12:d3:cd:9c:15:be:a3:7d:59:82:c7:e5:f3:8a:c0:9c:0f:
0d:49:42:58:54:fa:d2:e3:6e:6d:03:62:df:0a:b8:9a:04:1b:
71:95:da:d6:fd:18:32:bf:1f:e3:f4:ec:c5:5e:d3:77:86:1a:
c7:2b:c4:52:f5:09:ae:c5:37:a1:36:6e:15:da:07:30:b0:04:
17:c0:7b:f8:79:03:e8:88:df:a9:e2:6f:5e:99:b5:e2:f4:83:
fe:3a:14:2d:41:83:7e:b3:c2:da:18:f1:15:f0:d7:0b:2a:e5:
55:b4:a8:8e:b8:4a:ea:41:26:a9:cd:d9:a8:24:98:34:85:27:
93:8e:97:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbhyFpMGV56vmnh9sQV0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNDQyOTdlOTI3MWM2ZWRmMDY0OTE1ZjYxODBhZTEyNjkw
ZGRhOGIwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBjMDAxZWQyOTgzMmFmOWI0MjM3MmFlN2ZjYWJiYTAxZmM2MzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVIXwcD3jw4EipcjnH3pjIsrK7D5
PsYaf/BXIUN6jVFuHakSJVbMK/DA8NOtp5JSWS6Cp8vC1zmHnY8E76jt+5YBNsve
4VDC+I1awhINgnDhql1uVc/Nlzcl7WjS8JQqyDJLpGkmwr3qY9yqd67MJz+kn0fG
+pAlPs7hdPZ0L80hMrd6wF0PnVZlF0aKUiM+liL0Aovt4cJZh7Im1DDJSeyfxNJT
CWKuGQifQhZJngGtg3JfpAw3L799bkZ7Wrh5kwMTCEV3hZukTbhE0Fz7YXY9FUMl
aVfLYuJqibZbcyxHYURGDSKhBeM6jCUaUENZePRUS2HsaxRMoG+rNVPmswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCAMAB7SmDKvm0I3Kuf8q7oB/GMnMB8GA1UdIwQY
MBaAFPxEKX6Sccbt8GSRX2GArhJpDdqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUt
YWUwN2YzMmU0MTAyLzEvSUF3QUh0S1lNcS1iUWpjcTVfeXJ1Z0g4WXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUtYWUwN2YzMmU0MTAy
LzEvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1amWAwQB
1amYAwQA1ambMA0GCSqGSIb3DQEBCwUAA4IBAQAZ3G2nQyYNofFsNw071Mi9Y5Zb
tom048R6ZC3ko+OliZ6OSl7y5e3HAwuoYETWJ3zatkGEKGQSkMLqxCEamfaFCsKB
oCdoZP7ItPQdp8WLE3f/WQ/N63jjoUI/XYMElxuTzff738+PPg6r59Pomijbz/oD
dGDPunOLwbefUThaEtPNnBW+o31Zgsfl84rAnA8NSUJYVPrS425tA2LfCriaBBtx
ldrW/Rgyvx/j9OzFXtN3hhrHK8RS9QmuxTehNm4V2gcwsAQXwHv4eQPoiN+p4m9e
mbXi9IP+OhQtQYN+s8LaGPEV8NcLKuVVtKiOuErqQSapzdmoJJg0hSeTjpfX
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:07:16 2024 by rpki-client on console-fra.rpki-client.org