Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/fRhaL588aGbUVfpiHLJUiVfi1Nc.roa
File: fRhaL588aGbUVfpiHLJUiVfi1Nc.roa (raw, json)
Hash identifier: hDFdlx5f5Y21S60sT46E61l5rNxvxeYDKF0Eak7rntI=
Subject key identifier: 7D:18:5A:2F:9F:3C:68:66:D4:55:FA:62:1C:B2:54:89:57:E2:D4:D7
Certificate issuer: /CN=5c3a1d973f9b3391e8adacaa664d1b23d778f008
Certificate serial: 018CCA2BA3582FF1DF2F0AD9746F3DA9F179
Authority key identifier: 5C:3A:1D:97:3F:9B:33:91:E8:AD:AC:AA:66:4D:1B:23:D7:78:F0:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XDodlz-bM5HorayqZk0bI9d48Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/fRhaL588aGbUVfpiHLJUiVfi1Nc.roa
Signing time: Tue 02 Jan 2024 12:35:06 +0000
ROA not before: Tue 02 Jan 2024 12:35:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13004
IP address blocks: 193.105.163.0/24 maxlen: 24
91.245.214.0/24 maxlen: 24
2001:7f8:1e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/XDodlz-bM5HorayqZk0bI9d48Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/XDodlz-bM5HorayqZk0bI9d48Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/XDodlz-bM5HorayqZk0bI9d48Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:a3:58:2f:f1:df:2f:0a:d9:74:6f:3d:a9:f1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c3a1d973f9b3391e8adacaa664d1b23d778f008
Validity
Not Before: Jan 2 12:35:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d185a2f9f3c6866d455fa621cb2548957e2d4d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4c:e7:84:a6:96:6c:af:7d:41:c1:46:8b:59:
70:93:57:49:06:20:5b:47:82:f5:48:b2:45:25:c3:
1e:95:80:6a:48:01:1c:cf:e5:55:65:3b:7d:cc:de:
39:ff:65:9e:89:de:55:c5:26:1b:6c:ab:e1:08:aa:
cf:11:bf:5b:f3:8c:32:ee:f3:f3:94:37:c4:dd:3c:
5e:ca:04:5a:f2:e4:5d:6f:b4:43:33:a0:d7:92:d0:
e2:b3:4f:98:ba:5e:67:d0:6c:50:1c:4f:a4:33:50:
0b:66:a1:7b:dd:d9:0a:af:d1:7c:74:a4:9a:cb:d3:
3a:bc:4d:a8:58:f0:08:03:25:a8:48:22:fe:55:92:
20:f0:54:e4:60:60:5d:d6:ee:a8:5e:c2:34:5b:1d:
cb:42:82:4c:51:be:bd:ab:bd:48:29:d8:77:68:86:
77:a6:8f:2d:95:cd:03:8a:d1:80:fb:e3:70:f9:37:
41:05:0f:35:fc:8b:ce:16:10:bf:ac:1d:61:6f:70:
f6:aa:33:70:52:9e:ed:ad:e2:ae:75:69:7c:ab:35:
36:b2:f4:c2:19:ec:9b:62:dd:dc:05:c6:96:d2:f2:
ac:a5:fc:38:a7:58:7d:43:bc:39:34:3d:bb:93:7a:
c8:e4:03:de:95:b4:36:26:33:62:64:37:ac:0b:16:
f7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:18:5A:2F:9F:3C:68:66:D4:55:FA:62:1C:B2:54:89:57:E2:D4:D7
X509v3 Authority Key Identifier:
keyid:5C:3A:1D:97:3F:9B:33:91:E8:AD:AC:AA:66:4D:1B:23:D7:78:F0:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDodlz-bM5HorayqZk0bI9d48Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/fRhaL588aGbUVfpiHLJUiVfi1Nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/XDodlz-bM5HorayqZk0bI9d48Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.214.0/24
193.105.163.0/24
IPv6:
2001:7f8:1e::/48
Signature Algorithm: sha256WithRSAEncryption
89:a7:33:83:85:de:eb:a7:ae:a2:d1:c3:5c:29:95:8c:f5:b0:
9d:f4:1b:1d:6d:e7:3b:b5:5d:27:68:2c:04:ee:aa:17:9c:e0:
84:ed:7c:3a:f0:28:c6:7e:3e:7e:63:8a:dc:db:f6:64:cd:e8:
54:4d:78:28:be:67:1b:1c:34:7d:f9:e7:6c:3b:a8:7a:d1:60:
e0:35:a2:0f:0a:06:09:72:62:20:f7:c2:9d:7f:f9:fe:17:97:
0f:fd:e9:a0:d1:d7:52:82:35:67:21:11:b1:a7:b4:f7:07:45:
e0:5b:e5:3f:6a:f5:53:42:bd:c9:cd:3a:80:30:0e:cf:61:f0:
f9:7c:38:9a:34:4b:b3:00:3f:4f:47:00:a7:93:a6:47:ed:4e:
ef:3a:10:0c:44:cc:f6:5f:dc:db:fe:5f:ba:1f:5e:dd:53:25:
15:83:84:6a:27:77:79:89:a6:b1:9d:aa:82:34:f9:7a:5e:e3:
9b:18:d5:74:2e:0b:55:5a:ef:a3:0c:85:a5:ac:88:52:37:05:
d5:fe:5f:c0:01:cd:17:ef:ac:e4:00:16:34:9e:f7:9e:d1:a7:
27:cb:55:3f:39:73:ff:39:19:ee:88:ab:6c:d5:19:c5:a7:94:
67:f1:f2:8a:0e:2f:ef:60:d8:44:e3:02:d0:a1:c5:12:49:06:
f4:fc:e7:7e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKK6NYL/HfLwrZdG89qfF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjM2ExZDk3M2Y5YjMzOTFlOGFkYWNhYTY2NGQxYjIzZDc3
OGYwMDgwHhcNMjQwMTAyMTIzNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE4NWEyZjlmM2M2ODY2ZDQ1NWZhNjIxY2IyNTQ4OTU3ZTJkNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UznhKaWbK99QcFGi1lwk1dJBiBb
R4L1SLJFJcMelYBqSAEcz+VVZTt9zN45/2Weid5VxSYbbKvhCKrPEb9b84wy7vPz
lDfE3TxeygRa8uRdb7RDM6DXktDis0+Yul5n0GxQHE+kM1ALZqF73dkKr9F8dKSa
y9M6vE2oWPAIAyWoSCL+VZIg8FTkYGBd1u6oXsI0Wx3LQoJMUb69q71IKdh3aIZ3
po8tlc0DitGA++Nw+TdBBQ81/IvOFhC/rB1hb3D2qjNwUp7treKudWl8qzU2svTC
GeybYt3cBcaW0vKspfw4p1h9Q7w5ND27k3rI5APelbQ2JjNiZDesCxb3vQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFH0YWi+fPGhm1FX6YhyyVIlX4tTXMB8GA1UdIwQY
MBaAFFw6HZc/mzOR6K2sqmZNGyPXePAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERvZGx6LWJNNUhvcmF5cVprMGJJOWQ0OEFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9hNWZjZjUtNzg2My00M2MxLWExYzEt
MTk0Y2M5OTAyYWJmLzEvZlJoYUw1ODhhR2JVVmZwaUhMSlVpVmZpMU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9hNWZjZjUtNzg2My00M2MxLWExYzEtMTk0Y2M5OTAyYWJm
LzEvWERvZGx6LWJNNUhvcmF5cVprMGJJOWQ0OEFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW/XWAwQA
wWmjMA8EAgACMAkDBwAgAQf4AB4wDQYJKoZIhvcNAQELBQADggEBAImnM4OF3uun
rqLRw1wplYz1sJ30Gx1t5zu1XSdoLATuqhec4ITtfDrwKMZ+Pn5jitzb9mTN6FRN
eCi+ZxscNH3552w7qHrRYOA1og8KBglyYiD3wp1/+f4Xlw/96aDR11KCNWchEbGn
tPcHReBb5T9q9VNCvcnNOoAwDs9h8Pl8OJo0S7MAP09HAKeTpkftTu86EAxEzPZf
3Nv+X7ofXt1TJRWDhGond3mJprGdqoI0+Xpe45sY1XQuC1Va76MMhaWsiFI3BdX+
X8ABzRfvrOQAFjSe957RpyfLVT85c/85Ge6Iq2zVGcWnlGfx8ooOL+9g2ETjAtCh
xRJJBvT8534=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:51:58 2024 by rpki-client on console-ams.rpki-client.org