Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/fJVdgCn2vl_HoCAC1TkRQh1RJfc.roa
File: fJVdgCn2vl_HoCAC1TkRQh1RJfc.roa (raw, json)
Hash identifier: jT0zvm5sdQ3xUjjb3ymTthUt/9dqXS/0t9PlJYGp2Ls=
Subject key identifier: 7C:95:5D:80:29:F6:BE:5F:C7:A0:20:02:D5:39:11:42:1D:51:25:F7
Certificate issuer: /CN=d2491770ce9b663002a794542d9886d1a2ce63ab
Certificate serial: 018CC3B702905A5587ACE5C2D179643DD808
Authority key identifier: D2:49:17:70:CE:9B:66:30:02:A7:94:54:2D:98:86:D1:A2:CE:63:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kkXcM6bZjACp5RULZiG0aLOY6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/fJVdgCn2vl_HoCAC1TkRQh1RJfc.roa
Signing time: Mon 01 Jan 2024 06:29:59 +0000
ROA not before: Mon 01 Jan 2024 06:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198958
IP address blocks: 193.107.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/0kkXcM6bZjACp5RULZiG0aLOY6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/0kkXcM6bZjACp5RULZiG0aLOY6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/0kkXcM6bZjACp5RULZiG0aLOY6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:02:90:5a:55:87:ac:e5:c2:d1:79:64:3d:d8:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2491770ce9b663002a794542d9886d1a2ce63ab
Validity
Not Before: Jan 1 06:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c955d8029f6be5fc7a02002d53911421d5125f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:08:6a:ef:68:9b:87:68:72:ca:88:32:cd:f4:
27:7b:30:3c:91:d6:3a:69:84:4b:8c:de:4e:b2:67:
e0:29:b2:e7:b5:ca:33:c0:02:28:72:74:b8:76:8f:
04:22:58:ec:99:d5:82:ef:8b:73:8a:c9:79:b0:a2:
d5:50:ec:0d:63:25:73:12:3d:92:ef:92:55:c8:fa:
01:e6:d0:ff:7f:74:d3:bd:90:fc:98:a8:c4:49:08:
52:c7:c5:d6:c3:fe:ab:74:8f:58:10:37:a6:49:01:
aa:00:85:60:53:04:69:eb:57:7f:ee:11:51:20:90:
9e:4d:dd:b1:48:b8:14:51:99:f1:5f:0b:46:07:0c:
51:67:55:c0:5c:05:20:68:14:73:fd:ca:8e:2b:60:
f2:9d:8e:00:58:f3:32:90:a4:52:b3:7f:b3:e9:f4:
37:96:f7:2d:81:eb:a2:3b:46:24:25:0a:55:07:3c:
56:ba:41:62:5a:ed:20:fe:b3:6c:c5:57:ac:05:83:
58:80:2c:af:a6:cf:74:5a:55:64:e3:76:c7:80:6c:
15:4a:28:20:1d:0c:27:a6:27:0d:a9:3c:b6:38:26:
f8:e3:8a:50:13:d2:7f:06:47:4b:f0:59:f8:81:54:
59:59:7a:42:88:11:f8:d6:6a:e7:af:6b:fb:32:4a:
16:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:95:5D:80:29:F6:BE:5F:C7:A0:20:02:D5:39:11:42:1D:51:25:F7
X509v3 Authority Key Identifier:
keyid:D2:49:17:70:CE:9B:66:30:02:A7:94:54:2D:98:86:D1:A2:CE:63:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kkXcM6bZjACp5RULZiG0aLOY6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/fJVdgCn2vl_HoCAC1TkRQh1RJfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/0kkXcM6bZjACp5RULZiG0aLOY6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.111.0/24
Signature Algorithm: sha256WithRSAEncryption
20:c6:0c:0f:34:5d:4a:df:80:2f:d4:a8:e5:60:cd:0a:3a:55:
11:24:e8:33:00:57:79:19:c8:00:5f:ac:ac:1b:98:22:eb:76:
4d:b4:73:2e:48:e2:ef:42:12:89:19:fb:54:64:22:0a:4f:c6:
ad:6b:da:4a:2a:3c:d5:c7:90:12:44:c5:a3:21:ad:a3:db:a0:
aa:6b:fe:4a:cd:cd:e3:20:86:97:8e:7b:9c:9e:08:c5:00:df:
62:c0:43:fa:7c:67:e8:8b:2d:77:8a:94:70:d9:ea:5c:30:9e:
2d:10:8b:39:d6:b1:91:33:15:5a:22:6f:32:00:77:eb:71:04:
08:16:88:80:35:2b:69:0a:51:0f:55:a1:f6:fd:9f:69:b5:a8:
1a:0b:e2:ef:ab:01:55:f6:fe:6c:73:9f:47:ec:48:c6:12:8e:
30:52:f9:02:19:84:a7:1c:c6:8d:04:bb:7e:8d:36:d7:dd:b7:
53:6a:2a:6b:e5:61:a1:7d:4f:8b:b2:d8:f7:69:ef:a4:d4:bc:
f8:7e:5a:84:62:34:82:11:40:55:0a:48:15:9f:8b:16:c6:b4:
12:89:db:b3:8d:2c:21:82:18:72:1c:e2:e8:dd:2e:e3:c5:25:
7f:5a:b1:9d:20:48:d8:5a:75:c5:a4:a6:8f:ab:4c:23:19:b9:
2c:c4:4c:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtwKQWlWHrOXC0XlkPdgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDkxNzcwY2U5YjY2MzAwMmE3OTQ1NDJkOTg4NmQxYTJj
ZTYzYWIwHhcNMjQwMTAxMDYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzk1NWQ4MDI5ZjZiZTVmYzdhMDIwMDJkNTM5MTE0MjFkNTEyNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgghq72ibh2hyyogyzfQnezA8kdY6
aYRLjN5OsmfgKbLntcozwAIocnS4do8EIljsmdWC74tzisl5sKLVUOwNYyVzEj2S
75JVyPoB5tD/f3TTvZD8mKjESQhSx8XWw/6rdI9YEDemSQGqAIVgUwRp61d/7hFR
IJCeTd2xSLgUUZnxXwtGBwxRZ1XAXAUgaBRz/cqOK2DynY4AWPMykKRSs3+z6fQ3
lvctgeuiO0YkJQpVBzxWukFiWu0g/rNsxVesBYNYgCyvps90WlVk43bHgGwVSigg
HQwnpicNqTy2OCb444pQE9J/BkdL8Fn4gVRZWXpCiBH41mrnr2v7MkoWdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHyVXYAp9r5fx6AgAtU5EUIdUSX3MB8GA1UdIwQY
MBaAFNJJF3DOm2YwAqeUVC2YhtGizmOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtrWGNNNmJaakFDcDVSVUxaaUcwYUxPWTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZDIyY2UtNzcyYy00ZjFlLWI0YWEt
ODVjMGQwMWY5ZGUyLzEvZkpWZGdDbjJ2bF9Ib0NBQzFUa1JRaDFSSmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZDIyY2UtNzcyYy00ZjFlLWI0YWEtODVjMGQwMWY5ZGUy
LzEvMGtrWGNNNmJaakFDcDVSVUxaaUcwYUxPWTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWtvMA0G
CSqGSIb3DQEBCwUAA4IBAQAgxgwPNF1K34Av1KjlYM0KOlURJOgzAFd5GcgAX6ys
G5gi63ZNtHMuSOLvQhKJGftUZCIKT8ata9pKKjzVx5ASRMWjIa2j26Cqa/5Kzc3j
IIaXjnucngjFAN9iwEP6fGfoiy13ipRw2epcMJ4tEIs51rGRMxVaIm8yAHfrcQQI
FoiANStpClEPVaH2/Z9ptagaC+LvqwFV9v5sc59H7EjGEo4wUvkCGYSnHMaNBLt+
jTbX3bdTaipr5WGhfU+Lstj3ae+k1Lz4flqEYjSCEUBVCkgVn4sWxrQSiduzjSwh
ghhyHOLo3S7jxSV/WrGdIEjYWnXFpKaPq0wjGbksxEzQ
-----END CERTIFICATE-----
Generated at Mon May 20 17:50:24 2024 by rpki-client on console-fra.rpki-client.org