Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/FcbxTvYJz1PHASgHz9j57Hq4png.roa
File: FcbxTvYJz1PHASgHz9j57Hq4png.roa (raw, json)
Hash identifier: U2zrcjeK4ZWaUDXmXVHol9XyOnqrjTs6u9+bJB4Kmao=
Subject key identifier: 15:C6:F1:4E:F6:09:CF:53:C7:01:28:07:CF:D8:F9:EC:7A:B8:A6:78
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 019194BC207C0DF14AF23837F5ABB2C73A54
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/FcbxTvYJz1PHASgHz9j57Hq4png.roa
Signing time: Tue 27 Aug 2024 16:47:22 +0000
ROA not before: Tue 27 Aug 2024 16:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 5.255.57.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.62.0/24 maxlen: 24
5.255.63.0/24 maxlen: 24
23.252.66.0/24 maxlen: 24
91.92.112.0/24 maxlen: 24
91.92.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:94:bc:20:7c:0d:f1:4a:f2:38:37:f5:ab:b2:c7:3a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Aug 27 16:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15c6f14ef609cf53c7012807cfd8f9ec7ab8a678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:20:54:19:bb:fa:02:fd:ae:4e:47:9d:ac:da:
3a:41:7a:94:3f:9b:9e:b8:aa:fe:b3:63:4c:44:72:
fc:73:2a:8e:5c:a6:db:c8:35:67:ff:90:b9:fd:0f:
e9:87:3e:c3:83:d9:c5:a0:ac:35:d1:35:d6:89:f9:
67:ac:46:aa:df:0f:3f:1a:25:b2:4e:5c:fc:44:23:
55:6d:00:ea:2a:41:ba:ae:7b:16:9e:bd:41:12:81:
65:17:4f:14:96:0e:45:11:cb:e6:5a:cb:a5:eb:0a:
65:aa:22:0a:14:11:2f:03:2e:75:2b:32:39:4b:c0:
2b:61:4e:43:91:83:84:2b:c9:14:c7:22:4c:82:ba:
65:23:9c:e5:fe:3f:ff:01:ef:6a:45:1b:1e:76:e3:
21:e3:cb:5b:ef:c7:0d:75:d3:68:8c:28:df:be:dc:
e6:22:31:67:80:eb:85:86:51:95:b3:6b:09:3e:48:
10:df:43:e5:84:e5:c8:aa:a1:2b:62:ba:7b:79:1d:
a8:31:52:9b:f2:0f:dc:74:c1:bd:5a:f3:e4:b5:d1:
82:60:5a:f5:a1:58:dd:f4:c0:58:6e:9c:64:1e:ed:
6a:be:fb:df:50:13:a5:0c:8c:ac:45:ea:da:42:9f:
d5:09:f1:42:8e:ef:32:be:98:de:1f:ca:1e:cb:9a:
be:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C6:F1:4E:F6:09:CF:53:C7:01:28:07:CF:D8:F9:EC:7A:B8:A6:78
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/FcbxTvYJz1PHASgHz9j57Hq4png.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0/24
91.92.112.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:e1:82:12:26:f9:a7:27:e8:d8:2b:ba:5a:69:c5:86:c3:47:
00:54:1e:db:59:7e:3e:0d:13:20:dd:62:20:40:7f:50:fc:a5:
b3:4d:b5:0a:18:d6:29:2f:b7:34:a8:78:ac:b5:55:bb:31:d1:
65:0b:4b:90:17:5d:9c:70:4f:ac:60:0b:6b:fd:de:02:32:14:
44:d7:b8:81:bf:77:29:55:08:a7:8d:9e:e3:11:6e:6e:b2:d4:
b1:68:24:58:97:3a:81:c7:45:92:6f:7f:92:df:f5:2b:1f:c5:
d6:91:c3:26:34:1c:80:9c:32:32:f9:2f:e6:d1:30:97:47:49:
77:99:5f:6f:80:1d:a6:f8:1c:cf:cf:bc:e7:5e:85:3e:15:35:
41:42:32:a0:bc:4f:8c:10:4a:6a:5a:6f:84:9e:8e:f8:79:da:
f3:c0:ed:5c:d5:ac:74:c6:76:05:fc:ed:08:98:57:f5:5d:ac:
d2:b1:6a:8c:24:ae:a2:6f:71:97:6c:89:f4:f6:f0:12:9b:a8:
64:1c:53:c7:1d:52:e8:c3:2b:ff:6e:f7:ac:fe:1d:39:74:38:
f2:58:14:1d:0d:14:cd:c6:77:fa:c7:cc:9d:d0:f3:2d:70:1c:
70:03:de:f9:c4:9b:58:5c:2d:18:82:b5:cc:00:42:37:d8:15:
8f:7c:f8:b3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZGUvCB8DfFK8jg39auyxzpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjQwODI3MTY0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWM2ZjE0ZWY2MDljZjUzYzcwMTI4MDdjZmQ4ZjllYzdhYjhhNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SBUGbv6Av2uTkedrNo6QXqUP5ue
uKr+s2NMRHL8cyqOXKbbyDVn/5C5/Q/phz7Dg9nFoKw10TXWiflnrEaq3w8/GiWy
Tlz8RCNVbQDqKkG6rnsWnr1BEoFlF08Ulg5FEcvmWsul6wplqiIKFBEvAy51KzI5
S8ArYU5DkYOEK8kUxyJMgrplI5zl/j//Ae9qRRseduMh48tb78cNddNojCjfvtzm
IjFngOuFhlGVs2sJPkgQ30PlhOXIqqErYrp7eR2oMVKb8g/cdMG9WvPktdGCYFr1
oVjd9MBYbpxkHu1qvvvfUBOlDIysReraQp/VCfFCju8yvpjeH8oey5q+mQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBXG8U72Cc9TxwEoB8/Y+ex6uKZ4MB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvRmNieFR2WUp6MVBIQVNnSHo5ajU3SHE0cG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQABf85MAwD
BAAF/z0DBAYF/wADBAAX/EIDBAFbXHAwDQYJKoZIhvcNAQELBQADggEBAKThghIm
+acn6NgrulppxYbDRwBUHttZfj4NEyDdYiBAf1D8pbNNtQoY1ikvtzSoeKy1Vbsx
0WULS5AXXZxwT6xgC2v93gIyFETXuIG/dylVCKeNnuMRbm6y1LFoJFiXOoHHRZJv
f5Lf9SsfxdaRwyY0HICcMjL5L+bRMJdHSXeZX2+AHab4HM/PvOdehT4VNUFCMqC8
T4wQSmpab4Sejvh52vPA7VzVrHTGdgX87QiYV/VdrNKxaowkrqJvcZdsifT28BKb
qGQcU8cdUujDK/9u96z+HTl0OPJYFB0NFM3Gd/rHzJ3Q8y1wHHAD3vnEm1hcLRiC
tcwAQjfYFY98+LM=
-----END CERTIFICATE-----
Generated at Tue Oct 22 21:25:43 2024 by rpki-client on console-ams.rpki-client.org