Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/f0MhiJq0tWVRNE4P9AykxzWjENY.roa
File: f0MhiJq0tWVRNE4P9AykxzWjENY.roa (raw, json)
Hash identifier: YFTBrUuFEAPBazzD4yNseBHgf/rzsircPbPo5lnzCJI=
Subject key identifier: 7F:43:21:88:9A:B4:B5:65:51:34:4E:0F:F4:0C:A4:C7:35:A3:10:D6
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018EC72D351BA2FA0C275A2E538FF7D56F92
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/f0MhiJq0tWVRNE4P9AykxzWjENY.roa
Signing time: Wed 10 Apr 2024 08:43:32 +0000
ROA not before: Wed 10 Apr 2024 08:43:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31586
IP address blocks: 81.21.136.0/21 maxlen: 24
141.255.180.0/22 maxlen: 24
185.69.232.0/22 maxlen: 24
185.84.72.0/22 maxlen: 24
185.105.204.0/22 maxlen: 24
185.105.216.0/22 maxlen: 24
217.21.241.0/24 maxlen: 24
2a05:2500::/32 maxlen: 32
2a05:a282::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 20:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:2d:35:1b:a2:fa:0c:27:5a:2e:53:8f:f7:d5:6f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Apr 10 08:43:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f4321889ab4b56551344e0ff40ca4c735a310d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:00:4d:82:b9:a6:ac:72:4b:f3:8a:aa:44:49:
ac:ae:eb:26:02:ae:b3:c6:dd:6e:92:e3:72:93:d6:
81:7c:ba:90:5d:63:05:5d:6a:d6:1b:a3:97:a3:86:
39:c6:5e:ff:d6:4b:7d:cc:0a:da:fd:94:3a:fa:30:
0c:a0:40:12:4b:80:55:ea:9a:ae:80:51:7a:a4:b5:
f4:8b:97:1a:a0:c1:1f:fc:05:64:a3:d7:08:88:d1:
76:e5:2b:3b:b3:3e:d0:3d:1f:e9:7b:16:b8:10:c2:
4f:f2:73:93:60:5b:0a:5b:d2:09:ba:e2:b6:3f:9c:
1d:5c:5a:39:2a:06:49:bf:55:ad:b1:fb:23:ee:6c:
c3:c9:7e:48:ed:7d:79:bb:29:e8:97:95:ab:6d:56:
a4:1e:95:7d:07:b5:3b:63:fe:f1:a3:70:08:19:8c:
a7:41:b0:71:d5:1a:22:e3:22:35:37:5f:23:28:9c:
a6:88:1f:dd:66:02:a2:0b:fb:55:ec:57:41:f6:cb:
00:c7:78:3d:f4:0a:da:06:bb:a2:07:9a:34:0b:c7:
03:46:e7:d9:22:06:66:6e:6c:75:f8:88:24:75:4d:
e2:13:df:6f:a5:a0:b6:6b:9c:c3:62:8f:f3:9b:29:
17:37:d1:80:2b:9f:93:e7:95:0b:a9:5e:b4:f1:31:
55:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:43:21:88:9A:B4:B5:65:51:34:4E:0F:F4:0C:A4:C7:35:A3:10:D6
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/f0MhiJq0tWVRNE4P9AykxzWjENY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.136.0/21
141.255.180.0/22
185.69.232.0/22
185.84.72.0/22
185.105.204.0/22
185.105.216.0/22
217.21.241.0/24
IPv6:
2a05:2500::/32
2a05:a282::/32
Signature Algorithm: sha256WithRSAEncryption
b7:78:0c:8f:eb:24:e6:86:be:b2:4b:2d:5f:5f:23:7d:88:b4:
58:52:13:a9:83:a4:c5:f1:d9:ed:54:ed:81:d4:fc:3f:e4:0d:
80:a6:24:cb:c2:ff:dd:5b:a2:e4:6c:aa:76:07:55:1b:ca:3e:
58:c5:a1:5a:a0:cd:7c:e2:02:ec:cd:36:43:56:97:3c:b6:3d:
5c:6d:b3:1e:9c:60:88:72:07:70:e5:84:40:9a:ce:ac:67:3a:
2e:cb:63:a2:46:64:35:41:4c:43:4b:ad:1a:ff:66:89:c4:5a:
74:f4:3e:c3:76:db:b4:f1:01:5a:0a:63:29:e9:bf:53:d1:74:
45:4d:bb:a5:67:b4:6d:ab:51:20:69:08:da:ac:c7:99:68:e4:
27:ec:2b:12:f2:5a:48:d5:12:3e:18:ab:38:11:b3:86:42:6c:
5e:8f:fa:cb:26:22:f6:d6:a7:8a:4c:f3:8f:66:fb:c1:06:3e:
4e:d8:9b:76:c6:cc:aa:ec:41:6d:6f:0b:58:6f:ca:2a:b8:2b:
b9:9a:62:52:ef:fc:6b:28:6d:a5:53:db:06:d8:be:c5:0d:5b:
78:be:03:c6:44:ce:b9:d6:6b:c6:c3:ea:cf:c5:5d:8c:24:07:
fd:8c:6d:1f:86:6a:4e:c2:a9:17:cc:5d:3a:5c:fa:47:fe:a0:
20:b9:4e:66
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY7HLTUbovoMJ1ouU4/31W+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwNDEwMDg0MzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQzMjE4ODlhYjRiNTY1NTEzNDRlMGZmNDBjYTRjNzM1YTMxMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxABNgrmmrHJL84qqREmsrusmAq6z
xt1ukuNyk9aBfLqQXWMFXWrWG6OXo4Y5xl7/1kt9zAra/ZQ6+jAMoEASS4BV6pqu
gFF6pLX0i5caoMEf/AVko9cIiNF25Ss7sz7QPR/pexa4EMJP8nOTYFsKW9IJuuK2
P5wdXFo5KgZJv1Wtsfsj7mzDyX5I7X15uynol5WrbVakHpV9B7U7Y/7xo3AIGYyn
QbBx1Roi4yI1N18jKJymiB/dZgKiC/tV7FdB9ssAx3g99AraBruiB5o0C8cDRufZ
IgZmbmx1+IgkdU3iE99vpaC2a5zDYo/zmykXN9GAK5+T55ULqV608TFV+QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFH9DIYiatLVlUTROD/QMpMc1oxDWMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvZjBNaGlKcTB0V1ZSTkU0UDlBeWt4eldqRU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQDURWIAwQC
jf+0AwQCuUXoAwQCuVRIAwQCuWnMAwQCuWnYAwQA2RXxMBQEAgACMA4DBQAqBSUA
AwUAKgWigjANBgkqhkiG9w0BAQsFAAOCAQEAt3gMj+sk5oa+skstX18jfYi0WFIT
qYOkxfHZ7VTtgdT8P+QNgKYky8L/3Vui5GyqdgdVG8o+WMWhWqDNfOIC7M02Q1aX
PLY9XG2zHpxgiHIHcOWEQJrOrGc6LstjokZkNUFMQ0utGv9micRadPQ+w3bbtPEB
WgpjKem/U9F0RU27pWe0batRIGkI2qzHmWjkJ+wrEvJaSNUSPhirOBGzhkJsXo/6
yyYi9tanikzzj2b7wQY+TtibdsbMquxBbW8LWG/KKrgruZpiUu/8ayhtpVPbBti+
xQ1beL4DxkTOudZrxsPqz8VdjCQH/YxtH4ZqTsKpF8xdOlz6R/6gILlOZg==
-----END CERTIFICATE-----
Generated at Mon Jul 1 01:17:29 2024 by rpki-client on console-ams.rpki-client.org