Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/CfrA07qP_wBAEjKFtsS6fwHrIGI.roa
File: CfrA07qP_wBAEjKFtsS6fwHrIGI.roa (raw, json)
Hash identifier: NOHEU1NIHyOLrSQmCF6+XT9WH4i9LVOkv59dlQcxKnU=
Subject key identifier: 09:FA:C0:D3:BA:8F:FF:00:40:12:32:85:B6:C4:BA:7F:01:EB:20:62
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 018CC56E88BF362F01535EA7A3B698BE757C
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/CfrA07qP_wBAEjKFtsS6fwHrIGI.roa
Signing time: Mon 01 Jan 2024 14:30:04 +0000
ROA not before: Mon 01 Jan 2024 14:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34624
IP address blocks: 82.98.201.0/24 maxlen: 24
62.93.200.0/24 maxlen: 24
62.93.216.0/23 maxlen: 23
62.80.125.0/24 maxlen: 24
62.80.124.0/24 maxlen: 24
62.80.127.0/24 maxlen: 24
62.80.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:88:bf:36:2f:01:53:5e:a7:a3:b6:98:be:75:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 14:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09fac0d3ba8fff0040123285b6c4ba7f01eb2062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:04:63:34:4f:6d:70:c1:a4:12:62:18:a6:0e:
20:40:9d:76:3c:a0:4c:e0:ad:b1:73:88:50:db:54:
b6:d8:32:e8:3c:5e:77:ff:19:1c:ae:46:7e:1a:9f:
d7:0f:5b:6b:14:24:66:e3:79:7d:15:eb:e9:e4:0b:
89:7b:87:c9:84:74:46:e1:4b:9e:54:7a:17:ad:f2:
6b:3a:94:67:27:20:4f:9b:fe:30:98:59:b3:ab:89:
f4:d8:80:7d:a0:5a:6b:50:cf:a0:06:fb:a2:a0:f9:
35:76:bc:d9:a8:76:cc:17:b3:ed:da:b9:83:e6:7b:
6f:9e:eb:6c:32:a6:1b:86:68:ad:83:f3:b3:92:19:
6b:97:20:3e:7b:d2:63:4d:76:11:51:a6:40:9b:71:
b8:70:a9:14:7c:0b:ac:11:3c:f8:3c:b0:b5:7e:38:
34:7a:72:f0:c9:86:2f:b2:ee:f7:c5:7d:cc:e4:da:
55:2c:91:73:32:61:f8:a8:67:a7:ea:53:4e:bc:99:
af:a3:68:60:ed:bd:a1:45:ae:ce:cf:e0:29:ab:5e:
6e:e1:fb:20:89:bd:67:93:c7:d0:1d:7d:3a:0c:b0:
88:c2:2f:b0:e7:da:9b:0b:74:69:2d:1b:f1:0c:17:
44:e4:e1:f1:de:bb:c7:82:c5:61:b2:db:2e:f3:0c:
e6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FA:C0:D3:BA:8F:FF:00:40:12:32:85:B6:C4:BA:7F:01:EB:20:62
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/CfrA07qP_wBAEjKFtsS6fwHrIGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.80.124.0/22
62.93.200.0/24
62.93.216.0/23
82.98.201.0/24
Signature Algorithm: sha256WithRSAEncryption
44:50:54:c6:a9:1f:98:c7:04:4f:f4:b8:4b:08:bc:4a:36:b4:
de:c3:f3:ef:e2:4c:4e:7f:66:2f:7d:b2:b2:16:39:17:af:f3:
38:19:d5:d0:8f:c1:7f:58:80:37:7c:c6:ea:24:f0:02:92:a2:
e5:4c:c7:8f:74:1d:ab:6f:3c:3c:54:1f:56:e4:1e:d6:2a:b6:
32:97:09:07:aa:91:f1:35:49:8c:db:14:80:00:8b:4f:f3:ee:
e1:6b:4b:da:5c:b2:03:7b:81:0c:1e:1e:b2:6e:16:92:93:dd:
cf:ad:77:8d:de:56:49:90:59:59:be:c7:3d:25:d5:48:7d:63:
88:ff:c3:e1:1a:c2:b8:18:8e:e0:31:99:1e:ca:8e:f4:35:32:
5f:ef:73:76:26:16:73:fe:ff:90:41:07:28:68:fd:eb:d3:3c:
fb:f1:8d:f9:c4:5a:e1:b7:3e:5c:34:4d:ba:ee:32:fa:60:22:
0e:c5:23:de:ce:94:b4:eb:49:21:29:07:d2:f1:c4:b3:25:bb:
61:b6:cb:e4:82:85:c2:43:11:e6:6d:dd:4e:90:90:15:e3:cc:
45:e8:9b:34:00:d3:34:2e:d8:41:6b:f8:25:e8:20:8c:66:df:
2c:e6:2a:9e:e4:89:fa:cd:cb:d2:31:54:1b:e1:95:2e:c1:91:
a3:89:36:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFboi/Ni8BU16no7aYvnV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjQwMTAxMTQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWZhYzBkM2JhOGZmZjAwNDAxMjMyODViNmM0YmE3ZjAxZWIyMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgRjNE9tcMGkEmIYpg4gQJ12PKBM
4K2xc4hQ21S22DLoPF53/xkcrkZ+Gp/XD1trFCRm43l9Fevp5AuJe4fJhHRG4Uue
VHoXrfJrOpRnJyBPm/4wmFmzq4n02IB9oFprUM+gBvuioPk1drzZqHbMF7Pt2rmD
5ntvnutsMqYbhmitg/OzkhlrlyA+e9JjTXYRUaZAm3G4cKkUfAusETz4PLC1fjg0
enLwyYYvsu73xX3M5NpVLJFzMmH4qGen6lNOvJmvo2hg7b2hRa7Oz+Apq15u4fsg
ib1nk8fQHX06DLCIwi+w59qbC3RpLRvxDBdE5OHx3rvHgsVhstsu8wzmOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAn6wNO6j/8AQBIyhbbEun8B6yBiMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvQ2ZyQTA3cVBfd0JBRWpLRnRzUzZmd0hySUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCPlB8AwQA
Pl3IAwQBPl3YAwQAUmLJMA0GCSqGSIb3DQEBCwUAA4IBAQBEUFTGqR+YxwRP9LhL
CLxKNrTew/Pv4kxOf2YvfbKyFjkXr/M4GdXQj8F/WIA3fMbqJPACkqLlTMePdB2r
bzw8VB9W5B7WKrYylwkHqpHxNUmM2xSAAItP8+7ha0vaXLIDe4EMHh6ybhaSk93P
rXeN3lZJkFlZvsc9JdVIfWOI/8PhGsK4GI7gMZkeyo70NTJf73N2JhZz/v+QQQco
aP3r0zz78Y35xFrhtz5cNE267jL6YCIOxSPezpS060khKQfS8cSzJbthtsvkgoXC
QxHmbd1OkJAV48xF6Js0ANM0LthBa/gl6CCMZt8s5iqe5In6zcvSMVQb4ZUuwZGj
iTYX
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:04 2024 by rpki-client on console-fra.rpki-client.org