Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/F1rvLzKeDSBXys_Gs2aIr-ZvLr8.roa
File: F1rvLzKeDSBXys_Gs2aIr-ZvLr8.roa (raw, json)
Hash identifier: TzjIJ/UkXckvLpAJGCGOzuibO/RDLi5GqootPOEELjQ=
Subject key identifier: 17:5A:EF:2F:32:9E:0D:20:57:CA:CF:C6:B3:66:88:AF:E6:6F:2E:BF
Certificate issuer: /CN=1716ebd40a744a0c84f2535457047808ad2f17c4
Certificate serial: 018CC5012A6621510659CD50C72A12A301DD
Authority key identifier: 17:16:EB:D4:0A:74:4A:0C:84:F2:53:54:57:04:78:08:AD:2F:17:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/F1rvLzKeDSBXys_Gs2aIr-ZvLr8.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63023
IP address blocks: 193.108.118.0/24 maxlen: 24
193.108.117.0/24 maxlen: 24
193.108.116.0/24 maxlen: 24
193.108.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Dec 2024 23:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2a:66:21:51:06:59:cd:50:c7:2a:12:a3:01:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1716ebd40a744a0c84f2535457047808ad2f17c4
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=175aef2f329e0d2057cacfc6b36688afe66f2ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dd:85:ae:7c:1a:e2:61:9f:75:ea:ba:a8:c0:
a8:2d:55:a9:ee:58:4b:a7:50:53:19:31:c9:70:4b:
7f:35:60:89:48:91:3a:1e:85:e5:d7:13:14:45:84:
07:fb:65:70:a4:25:55:97:59:8f:0b:19:ce:a8:5c:
18:a7:8b:45:55:da:81:17:10:53:c1:fe:7c:c9:8c:
1e:d8:95:86:dc:a4:d8:3e:a2:18:c1:3f:8f:14:56:
1c:f8:87:be:13:79:46:33:73:5d:91:88:c7:f2:dd:
c1:93:b4:ae:cc:e5:84:7a:83:81:db:2e:49:6d:f0:
d6:24:34:4f:1b:61:37:78:46:52:dd:0c:f4:3c:fa:
96:f6:e2:25:45:2b:3e:38:27:4b:e6:6c:d4:de:ab:
8c:90:c4:6a:91:97:6c:61:94:a7:3b:3d:22:d3:e9:
a2:47:57:58:d5:53:3b:50:1d:92:de:86:e7:56:6b:
d5:36:3b:0f:ee:96:2b:0e:3e:6f:08:d7:23:ee:e5:
1b:4c:a1:a7:99:43:05:5d:12:be:47:ec:74:f5:e2:
f7:3b:97:17:fa:2f:88:2e:fe:40:eb:7e:2e:31:d3:
d1:46:c0:74:ed:8c:08:1d:3c:3b:2b:59:29:1d:e4:
c7:79:79:5b:17:da:9b:4e:1c:16:8c:27:da:48:7f:
30:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:5A:EF:2F:32:9E:0D:20:57:CA:CF:C6:B3:66:88:AF:E6:6F:2E:BF
X509v3 Authority Key Identifier:
keyid:17:16:EB:D4:0A:74:4A:0C:84:F2:53:54:57:04:78:08:AD:2F:17:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/F1rvLzKeDSBXys_Gs2aIr-ZvLr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f5589-4c32-493f-924e-bae7aa0a18a0/1/Fxbr1Ap0SgyE8lNUVwR4CK0vF8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.116.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:c4:0e:8a:6e:e6:16:db:13:4a:23:e2:a6:03:e6:72:04:87:
c1:5c:7b:d0:59:a0:d3:24:ed:aa:60:81:c7:a5:f6:30:79:56:
16:8a:1e:1e:44:6b:dc:02:a7:29:2f:32:a5:cd:20:81:c6:89:
c8:5b:05:ea:32:30:88:a4:db:9f:a7:a4:37:07:2b:dc:a7:4e:
84:0f:7f:17:dc:31:66:2d:e8:54:cc:57:f1:f9:b8:dc:91:6f:
1f:10:69:b3:10:cc:d5:7e:a6:6f:85:52:99:2d:d8:7b:76:f5:
a9:a4:91:76:08:eb:20:e2:0f:d2:fd:3d:e1:1c:78:ae:30:7b:
f2:2e:ae:0c:c8:99:c8:2d:29:bc:fe:a1:94:e0:30:02:96:c6:
d7:6d:92:dc:ba:3a:ee:3b:8b:80:73:be:68:8e:16:41:ca:ca:
fb:42:43:70:68:fe:7f:24:ac:22:78:98:ed:17:f9:a8:cd:d6:
dd:06:82:5e:b7:96:f1:e0:e2:82:e2:93:cd:84:f9:fa:cb:cd:
3b:f4:a8:27:03:13:f0:b2:ea:10:ee:30:20:1e:db:1f:95:8d:
5c:a3:f5:91:1d:93:15:b5:9a:65:06:61:bb:1e:24:af:62:57:
88:87:20:6f:f9:7f:ec:72:a3:1c:2d:6e:c3:e8:9f:a3:1f:72:
12:4e:c6:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASpmIVEGWc1QxyoSowHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MTZlYmQ0MGE3NDRhMGM4NGYyNTM1NDU3MDQ3ODA4YWQy
ZjE3YzQwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzVhZWYyZjMyOWUwZDIwNTdjYWNmYzZiMzY2ODhhZmU2NmYyZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt2Frnwa4mGfdeq6qMCoLVWp7lhL
p1BTGTHJcEt/NWCJSJE6HoXl1xMURYQH+2VwpCVVl1mPCxnOqFwYp4tFVdqBFxBT
wf58yYwe2JWG3KTYPqIYwT+PFFYc+Ie+E3lGM3NdkYjH8t3Bk7SuzOWEeoOB2y5J
bfDWJDRPG2E3eEZS3Qz0PPqW9uIlRSs+OCdL5mzU3quMkMRqkZdsYZSnOz0i0+mi
R1dY1VM7UB2S3obnVmvVNjsP7pYrDj5vCNcj7uUbTKGnmUMFXRK+R+x09eL3O5cX
+i+ILv5A634uMdPRRsB07YwIHTw7K1kpHeTHeXlbF9qbThwWjCfaSH8wEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBda7y8yng0gV8rPxrNmiK/mby6/MB8GA1UdIwQY
MBaAFBcW69QKdEoMhPJTVFcEeAitLxfEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnhicjFBcDBTZ3lFOGxOVVZ3UjRDSzB2RjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81ZjU1ODktNGMzMi00OTNmLTkyNGUt
YmFlN2FhMGExOGEwLzEvRjFydkx6S2VEU0JYeXNfR3MyYUlyLVp2THI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81ZjU1ODktNGMzMi00OTNmLTkyNGUtYmFlN2FhMGExOGEw
LzEvRnhicjFBcDBTZ3lFOGxOVVZ3UjRDSzB2RjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWx0MA0G
CSqGSIb3DQEBCwUAA4IBAQBsxA6KbuYW2xNKI+KmA+ZyBIfBXHvQWaDTJO2qYIHH
pfYweVYWih4eRGvcAqcpLzKlzSCBxonIWwXqMjCIpNufp6Q3Byvcp06ED38X3DFm
LehUzFfx+bjckW8fEGmzEMzVfqZvhVKZLdh7dvWppJF2COsg4g/S/T3hHHiuMHvy
Lq4MyJnILSm8/qGU4DAClsbXbZLcujruO4uAc75ojhZBysr7QkNwaP5/JKwieJjt
F/mozdbdBoJet5bx4OKC4pPNhPn6y8079KgnAxPwsuoQ7jAgHtsflY1co/WRHZMV
tZplBmG7HiSvYleIhyBv+X/scqMcLW7D6J+jH3ISTsYB
-----END CERTIFICATE-----
Generated at Tue Dec 10 05:17:37 2024 by rpki-client on console-fra.rpki-client.org