Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/F5HnYd7BI4lOJIAJ19SoywXvBTY.roa
File: F5HnYd7BI4lOJIAJ19SoywXvBTY.roa (raw, json)
Hash identifier: FSZephaIbtxAjggqjwQ0a7wIRoWLRt6pBEy50Bmp0UI=
Subject key identifier: 17:91:E7:61:DE:C1:23:89:4E:24:80:09:D7:D4:A8:CB:05:EF:05:36
Certificate issuer: /CN=f2de8ebddd084163a90b9ae50397b2db49cb17ad
Certificate serial: 018CC6B9072AB2BDB74D74AF2C5C649B0CB7
Authority key identifier: F2:DE:8E:BD:DD:08:41:63:A9:0B:9A:E5:03:97:B2:DB:49:CB:17:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8t6Ovd0IQWOpC5rlA5ey20nLF60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/F5HnYd7BI4lOJIAJ19SoywXvBTY.roa
Signing time: Mon 01 Jan 2024 20:31:03 +0000
ROA not before: Mon 01 Jan 2024 20:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57626
IP address blocks: 37.9.216.0/21 maxlen: 24
37.9.216.0/22 maxlen: 24
45.158.240.0/22 maxlen: 23
37.9.220.0/22 maxlen: 24
2a07:b700::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/8t6Ovd0IQWOpC5rlA5ey20nLF60.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/8t6Ovd0IQWOpC5rlA5ey20nLF60.mft
rsync://rpki.ripe.net/repository/DEFAULT/8t6Ovd0IQWOpC5rlA5ey20nLF60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 13:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:07:2a:b2:bd:b7:4d:74:af:2c:5c:64:9b:0c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2de8ebddd084163a90b9ae50397b2db49cb17ad
Validity
Not Before: Jan 1 20:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1791e761dec123894e248009d7d4a8cb05ef0536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:52:fc:94:94:44:a8:0a:83:f7:c8:f4:12:45:
da:a0:75:fb:7b:33:51:93:23:42:e9:64:c6:be:7b:
ab:6e:2f:8a:8e:d2:8f:51:e0:b5:90:2b:3d:60:84:
b0:03:88:bc:35:eb:c4:73:78:75:03:a0:4a:67:c9:
6b:90:f8:4c:f2:fd:a4:65:7b:39:da:59:4c:a9:61:
ee:ab:aa:48:6e:44:e1:1f:dd:c1:53:d9:21:ec:f8:
b9:26:8b:79:3f:58:f8:14:4e:c5:1d:f7:b9:d7:4a:
b0:17:d4:fc:43:3c:6e:e4:33:6a:68:e0:32:b6:22:
dd:59:66:d1:45:81:12:e2:3f:3d:86:f1:83:d6:db:
8f:f7:c0:aa:58:b2:e4:8b:af:20:f7:eb:dc:6d:fa:
64:5c:3c:de:8d:1d:23:8a:e0:c4:9f:90:05:0f:c9:
43:39:f4:ec:10:0b:21:c2:b4:3f:be:63:a2:66:5a:
c3:86:53:7a:fc:06:c4:34:4e:c6:ab:d2:78:d3:84:
18:cc:87:c1:6f:26:71:d8:55:d4:a7:a4:01:87:24:
9e:91:28:a0:ba:8e:33:8d:ec:25:25:79:69:e2:54:
aa:55:be:d7:a3:3f:04:4f:00:4f:43:06:a1:36:af:
7a:4a:2e:e8:da:ff:1e:35:6b:64:41:7e:b9:10:44:
73:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:91:E7:61:DE:C1:23:89:4E:24:80:09:D7:D4:A8:CB:05:EF:05:36
X509v3 Authority Key Identifier:
keyid:F2:DE:8E:BD:DD:08:41:63:A9:0B:9A:E5:03:97:B2:DB:49:CB:17:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8t6Ovd0IQWOpC5rlA5ey20nLF60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/F5HnYd7BI4lOJIAJ19SoywXvBTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/8t6Ovd0IQWOpC5rlA5ey20nLF60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.216.0/21
45.158.240.0/22
IPv6:
2a07:b700::/29
Signature Algorithm: sha256WithRSAEncryption
1e:39:be:b0:00:4e:54:54:fc:d4:1f:46:5d:7d:b7:e4:45:fa:
6c:7d:1a:3e:3c:12:62:9b:f4:2a:97:16:dc:93:69:19:60:2b:
4d:be:2b:4e:59:04:42:15:88:16:a9:14:27:a2:05:33:36:bf:
d5:dd:55:af:c0:1c:ea:5a:3b:ef:e9:45:07:b8:2e:d1:40:cb:
90:8d:16:57:7a:a1:07:23:ae:39:0b:c6:06:62:96:83:0d:84:
da:8a:98:84:14:c4:bb:38:1f:56:44:db:7b:2c:3d:8e:96:99:
d7:96:10:62:9c:01:7b:a8:15:39:6a:ab:9c:15:ce:02:86:4e:
60:87:9c:df:4b:0b:1d:a9:c1:db:8c:0b:af:34:e9:f7:b4:3a:
fa:fe:04:89:42:ea:af:f4:7a:0f:a2:76:e2:d4:7f:6e:90:e3:
63:db:43:b6:78:6f:ef:02:44:ea:4e:07:87:9c:ff:26:53:4e:
33:f7:ab:53:8a:53:4d:34:1c:dd:f3:1e:4b:8c:6d:3d:95:e3:
af:01:57:87:61:2f:37:37:d0:18:53:46:ee:15:e8:c7:ea:fc:
a0:a7:99:8b:51:57:f8:69:8e:83:7f:28:cb:ec:3b:ec:1f:d0:
e0:44:a5:6d:d4:a0:7b:87:34:73:99:97:7a:7c:c5:34:96:ea:
74:d4:df:e6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuQcqsr23TXSvLFxkmwy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZGU4ZWJkZGQwODQxNjNhOTBiOWFlNTAzOTdiMmRiNDlj
YjE3YWQwHhcNMjQwMTAxMjAzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzkxZTc2MWRlYzEyMzg5NGUyNDgwMDlkN2Q0YThjYjA1ZWYwNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFL8lJREqAqD98j0EkXaoHX7ezNR
kyNC6WTGvnurbi+KjtKPUeC1kCs9YISwA4i8NevEc3h1A6BKZ8lrkPhM8v2kZXs5
2llMqWHuq6pIbkThH93BU9kh7Pi5Jot5P1j4FE7FHfe510qwF9T8Qzxu5DNqaOAy
tiLdWWbRRYES4j89hvGD1tuP98CqWLLki68g9+vcbfpkXDzejR0jiuDEn5AFD8lD
OfTsEAshwrQ/vmOiZlrDhlN6/AbENE7Gq9J404QYzIfBbyZx2FXUp6QBhySekSig
uo4zjewlJXlp4lSqVb7Xoz8ETwBPQwahNq96Si7o2v8eNWtkQX65EERz3QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBeR52HewSOJTiSACdfUqMsF7wU2MB8GA1UdIwQY
MBaAFPLejr3dCEFjqQua5QOXsttJyxetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHQ2T3ZkMElRV09wQzVybEE1ZXkyMG5MRjYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9jNTI2ODItN2VhMS00MmY3LTg0ZGIt
YWYxYWMwZjAwNDE3LzEvRjVIbllkN0JJNGxPSklBSjE5U295d1h2QlRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9jNTI2ODItN2VhMS00MmY3LTg0ZGItYWYxYWMwZjAwNDE3
LzEvOHQ2T3ZkMElRV09wQzVybEE1ZXkyMG5MRjYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJQnYAwQC
LZ7wMA0EAgACMAcDBQMqB7cAMA0GCSqGSIb3DQEBCwUAA4IBAQAeOb6wAE5UVPzU
H0ZdfbfkRfpsfRo+PBJim/Qqlxbck2kZYCtNvitOWQRCFYgWqRQnogUzNr/V3VWv
wBzqWjvv6UUHuC7RQMuQjRZXeqEHI645C8YGYpaDDYTaipiEFMS7OB9WRNt7LD2O
lpnXlhBinAF7qBU5aqucFc4Chk5gh5zfSwsdqcHbjAuvNOn3tDr6/gSJQuqv9HoP
onbi1H9ukONj20O2eG/vAkTqTgeHnP8mU04z96tTilNNNBzd8x5LjG09leOvAVeH
YS83N9AYU0buFejH6vygp5mLUVf4aY6DfyjL7DvsH9DgRKVt1KB7hzRzmZd6fMU0
lup01N/m
-----END CERTIFICATE-----
Generated at Mon May 13 16:44:41 2024 by rpki-client on console-fra.rpki-client.org