Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/FWpeMIIxeeMWYlMjyXuNVMliqjA.roa
File: FWpeMIIxeeMWYlMjyXuNVMliqjA.roa (raw, json)
Hash identifier: 1/qhlrwWKZAH2Gz5SZKC1CEiR4HrSEFqSeCsv0O7UgI=
Subject key identifier: 15:6A:5E:30:82:31:79:E3:16:62:53:23:C9:7B:8D:54:C9:62:AA:30
Certificate issuer: /CN=05eb8cbbaaf25a71bf2fcab6e11057ebf91f01e3
Certificate serial: 018CC64B02835CF99F1F6E06B3058495ADD7
Authority key identifier: 05:EB:8C:BB:AA:F2:5A:71:BF:2F:CA:B6:E1:10:57:EB:F9:1F:01:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BeuMu6ryWnG_L8q24RBX6_kfAeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/FWpeMIIxeeMWYlMjyXuNVMliqjA.roa
Signing time: Mon 01 Jan 2024 18:30:53 +0000
ROA not before: Mon 01 Jan 2024 18:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9201
IP address blocks: 193.241.128.0/18 maxlen: 18
193.241.32.0/19 maxlen: 19
193.241.64.0/18 maxlen: 18
193.241.192.0/18 maxlen: 18
193.241.0.0/19 maxlen: 19
2001:67c:2c74::/48 maxlen: 48
2001:67c:2c70::/48 maxlen: 48
2001:67c:2c78::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/BeuMu6ryWnG_L8q24RBX6_kfAeM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/BeuMu6ryWnG_L8q24RBX6_kfAeM.mft
rsync://rpki.ripe.net/repository/DEFAULT/BeuMu6ryWnG_L8q24RBX6_kfAeM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:02:83:5c:f9:9f:1f:6e:06:b3:05:84:95:ad:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05eb8cbbaaf25a71bf2fcab6e11057ebf91f01e3
Validity
Not Before: Jan 1 18:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=156a5e30823179e316625323c97b8d54c962aa30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:01:fd:cf:e5:62:f1:ce:ed:24:14:69:2e:01:
44:85:b5:8c:70:b5:6f:7e:1a:ba:9a:3a:04:b9:c4:
36:53:39:fd:c2:19:cb:22:49:ca:e5:ff:6b:ad:5c:
2f:93:f5:92:28:88:4a:9d:20:36:17:8e:fc:1d:12:
d5:cc:30:a1:12:8e:c8:6c:6a:2f:db:64:68:50:ee:
69:45:5f:1c:e0:72:1c:df:df:47:e1:22:ce:23:35:
00:aa:92:ff:6f:57:71:e5:cb:c0:22:de:81:71:56:
8a:7b:f7:7f:5e:22:82:ae:b7:6a:dd:3a:88:c4:d5:
e0:e8:83:87:2a:8c:11:4b:37:7f:d2:75:3a:44:f8:
ec:0a:ba:dd:f0:6d:02:04:21:cb:56:fd:49:9f:76:
4b:1d:45:dc:e9:e0:e5:e3:4c:b4:5f:58:fd:13:82:
46:b2:1c:e8:16:c9:8c:94:00:04:2a:83:43:e1:2d:
8d:70:91:bf:96:32:8a:1d:e1:c4:d0:bb:58:2b:56:
ee:77:02:1a:3c:02:89:b8:93:94:f9:86:db:09:00:
b4:9b:8f:ef:7f:6b:e2:a3:56:c6:d3:26:3e:c6:ee:
78:a7:19:15:00:fd:d4:92:2b:ed:77:90:b9:c8:35:
ce:f5:4d:04:fd:56:24:6f:a4:e3:8e:3d:80:c8:f1:
2a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:6A:5E:30:82:31:79:E3:16:62:53:23:C9:7B:8D:54:C9:62:AA:30
X509v3 Authority Key Identifier:
keyid:05:EB:8C:BB:AA:F2:5A:71:BF:2F:CA:B6:E1:10:57:EB:F9:1F:01:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BeuMu6ryWnG_L8q24RBX6_kfAeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/FWpeMIIxeeMWYlMjyXuNVMliqjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/dcc86a-5f51-4d12-963d-f27c628b8353/1/BeuMu6ryWnG_L8q24RBX6_kfAeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.241.0.0/16
IPv6:
2001:67c:2c70::/48
2001:67c:2c74::/48
2001:67c:2c78::/48
Signature Algorithm: sha256WithRSAEncryption
10:0b:b7:8b:a6:9a:ca:e1:93:66:96:a9:63:53:a9:61:21:89:
63:90:a5:2d:a7:2c:7c:88:98:15:1c:c1:49:b5:e5:e3:e2:32:
ae:00:34:7e:3d:a4:e3:7f:bd:07:06:e1:91:c8:16:8f:10:d8:
c1:67:15:6d:a8:eb:43:27:41:3f:97:08:01:e6:0c:f3:4d:86:
b1:b3:f4:63:9f:92:3e:3d:34:b0:3b:cb:41:26:09:6b:e8:cc:
2f:cd:6e:98:11:0d:77:91:39:6a:1d:bc:65:e5:82:42:85:55:
18:ef:c6:2e:99:0b:25:26:5f:c6:aa:ec:e4:fe:96:3d:ea:72:
4c:c5:2f:d9:c9:a5:d3:f7:d9:39:1b:57:4b:01:04:fe:7e:e3:
03:d3:b2:f0:59:40:0d:ae:2c:7b:b9:ea:62:bc:b6:52:3e:e6:
97:3e:84:db:b2:e5:83:70:51:6d:90:1f:d7:1a:29:77:a2:22:
c1:1c:54:2a:df:14:6f:bb:14:8a:d8:12:54:93:3a:33:b9:68:
39:85:f3:7f:84:75:85:77:5a:36:48:d3:c9:0e:d0:34:e6:cb:
af:2d:a3:35:1c:50:24:89:28:92:38:5f:2c:db:a0:4e:6b:b4:
4f:61:fb:93:66:90:fe:16:18:68:cf:62:cb:82:50:64:9d:da:
05:c3:01:e4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzGSwKDXPmfH24GswWEla3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZWI4Y2JiYWFmMjVhNzFiZjJmY2FiNmUxMTA1N2ViZjkx
ZjAxZTMwHhcNMjQwMTAxMTgzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTZhNWUzMDgyMzE3OWUzMTY2MjUzMjNjOTdiOGQ1NGM5NjJhYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQH9z+Vi8c7tJBRpLgFEhbWMcLVv
fhq6mjoEucQ2Uzn9whnLIknK5f9rrVwvk/WSKIhKnSA2F478HRLVzDChEo7IbGov
22RoUO5pRV8c4HIc399H4SLOIzUAqpL/b1dx5cvAIt6BcVaKe/d/XiKCrrdq3TqI
xNXg6IOHKowRSzd/0nU6RPjsCrrd8G0CBCHLVv1Jn3ZLHUXc6eDl40y0X1j9E4JG
shzoFsmMlAAEKoND4S2NcJG/ljKKHeHE0LtYK1budwIaPAKJuJOU+YbbCQC0m4/v
f2vio1bG0yY+xu54pxkVAP3Ukivtd5C5yDXO9U0E/VYkb6Tjjj2AyPEqpQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBVqXjCCMXnjFmJTI8l7jVTJYqowMB8GA1UdIwQY
MBaAFAXrjLuq8lpxvy/KtuEQV+v5HwHjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmV1TXU2cnlXbkdfTDhxMjRSQlg2X2tmQWVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kY2M4NmEtNWY1MS00ZDEyLTk2M2Qt
ZjI3YzYyOGI4MzUzLzEvRldwZU1JSXhlZU1XWWxNanlYdU5WTWxpcWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kY2M4NmEtNWY1MS00ZDEyLTk2M2QtZjI3YzYyOGI4MzUz
LzEvQmV1TXU2cnlXbkdfTDhxMjRSQlg2X2tmQWVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDALBAIAATAFAwMAwfEwIQQC
AAIwGwMHACABBnwscAMHACABBnwsdAMHACABBnwseDANBgkqhkiG9w0BAQsFAAOC
AQEAEAu3i6aayuGTZpapY1OpYSGJY5ClLacsfIiYFRzBSbXl4+IyrgA0fj2k43+9
BwbhkcgWjxDYwWcVbajrQydBP5cIAeYM802GsbP0Y5+SPj00sDvLQSYJa+jML81u
mBENd5E5ah28ZeWCQoVVGO/GLpkLJSZfxqrs5P6WPepyTMUv2cml0/fZORtXSwEE
/n7jA9Oy8FlADa4se7nqYry2Uj7mlz6E27Llg3BRbZAf1xopd6IiwRxUKt8Ub7sU
itgSVJM6M7loOYXzf4R1hXdaNkjTyQ7QNObLry2jNRxQJIkokjhfLNugTmu0T2H7
k2aQ/hYYaM9iy4JQZJ3aBcMB5A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:14:23 2024 by rpki-client on console-fra.rpki-client.org