Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/fYoZ4WhadEHlUTpuUML73ra30K0.roa
File: fYoZ4WhadEHlUTpuUML73ra30K0.roa (raw, json)
Hash identifier: G2p3r8cITDc/tRYQ3KnbyBPvkjwrYzxM/lul5LNx/T8=
Subject key identifier: 7D:8A:19:E1:68:5A:74:41:E5:51:3A:6E:50:C2:FB:DE:B6:B7:D0:AD
Certificate issuer: /CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Certificate serial: 018CC4250EE7E5BF06CB77E2B119D58AA94B
Authority key identifier: D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/fYoZ4WhadEHlUTpuUML73ra30K0.roa
Signing time: Mon 01 Jan 2024 08:30:12 +0000
ROA not before: Mon 01 Jan 2024 08:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13044
IP address blocks: 185.118.27.0/24 maxlen: 24
185.118.25.0/24 maxlen: 24
185.118.26.0/24 maxlen: 24
185.118.24.0/24 maxlen: 24
2a09:ec42::/48 maxlen: 48
2a09:ec42:2::/48 maxlen: 48
2a09:ec42:1::/48 maxlen: 48
2a09:ec42:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/1_fxawWhEjFRpnekesLY2QYd85A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/1_fxawWhEjFRpnekesLY2QYd85A.mft
rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0e:e7:e5:bf:06:cb:77:e2:b1:19:d5:8a:a9:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7f7f16b05a1123151a677a47ac2d8d9061df390
Validity
Not Before: Jan 1 08:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d8a19e1685a7441e5513a6e50c2fbdeb6b7d0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d0:2f:65:c2:88:b7:2e:84:d5:a6:02:a4:33:
07:3b:ad:72:4c:ce:5f:cf:e5:a9:c3:04:f0:54:a3:
2d:36:22:9d:b8:8d:03:35:ee:55:f0:ef:46:74:1f:
cb:35:4e:6b:72:6c:70:92:9a:bf:44:f7:fb:4f:0f:
67:b5:1b:01:fa:50:8d:60:71:ec:33:b1:10:f1:35:
41:b1:14:31:77:4e:41:96:c9:9d:93:63:b9:6e:6f:
05:e0:7b:aa:c2:22:6f:b8:11:97:8b:e4:fe:ee:3d:
9e:5d:e1:9c:ee:10:28:fb:04:08:a5:32:ce:3c:94:
3a:94:bc:de:d0:56:08:cd:db:8c:8d:19:dd:68:30:
e2:3d:98:94:08:39:0e:7a:8b:d1:3a:37:77:b9:d7:
e3:a9:53:70:5b:3d:32:66:ba:09:f8:0e:e3:d8:28:
e6:92:cf:98:1b:68:7f:03:4d:24:35:88:de:8d:2d:
74:52:65:dd:bb:4f:32:a6:89:60:f1:5b:68:20:55:
2c:80:fd:6d:58:1d:49:ba:2f:72:34:23:2c:81:50:
39:97:c1:eb:78:62:58:93:19:e1:8d:6d:b7:5c:b8:
87:46:f7:45:ae:0e:80:f6:d6:70:74:3b:ed:5c:a6:
94:65:8a:2b:5a:fc:0d:3f:48:73:f9:8f:7f:2d:32:
e4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8A:19:E1:68:5A:74:41:E5:51:3A:6E:50:C2:FB:DE:B6:B7:D0:AD
X509v3 Authority Key Identifier:
keyid:D7:F7:F1:6B:05:A1:12:31:51:A6:77:A4:7A:C2:D8:D9:06:1D:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_fxawWhEjFRpnekesLY2QYd85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/fYoZ4WhadEHlUTpuUML73ra30K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0227b7-54ca-4f56-be26-6cbe949532e4/1/1_fxawWhEjFRpnekesLY2QYd85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.24.0/22
IPv6:
2a09:ec42::/46
Signature Algorithm: sha256WithRSAEncryption
5a:1b:32:da:33:18:dc:a5:dd:e2:9a:b2:3f:0b:86:69:db:40:
70:68:d0:5f:db:9d:9a:2d:ae:f2:9a:34:c5:e6:09:4e:d9:8b:
23:80:e7:7f:97:a3:d7:72:1b:5c:c0:46:34:29:40:b8:ae:66:
91:cd:25:e5:ce:bb:7c:92:71:ab:ac:84:33:13:1b:fd:7d:d3:
13:8a:b9:4d:c0:96:fc:7e:f7:09:b0:6c:79:30:3f:7b:c9:09:
16:ba:fd:13:eb:bb:26:d8:85:96:ad:1f:ee:36:39:b3:6f:2b:
48:ae:e1:ce:d1:6c:fa:7d:94:51:bb:28:da:1c:e8:37:a6:43:
f8:01:98:16:64:d2:7e:0d:9d:64:d0:08:6f:ce:1a:2c:9e:63:
e8:69:85:b4:d1:44:d1:2a:91:d2:a8:dd:9d:0c:e2:22:fc:71:
72:d3:08:f3:d3:77:50:8a:fe:26:14:1f:bf:13:86:1e:68:2e:
2d:6a:24:09:48:af:a3:d2:11:a8:c7:51:f3:37:e8:8e:d7:12:
5c:75:b2:96:c0:e1:d4:1e:bc:c7:fb:c1:05:6e:46:91:ba:07:
51:82:7b:96:ab:09:d9:c5:5d:f9:dc:4c:3b:c8:5d:98:f3:01:
6a:a8:05:95:5d:62:de:04:53:a2:02:14:5d:2f:62:a5:bc:0f:
77:3f:c0:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJQ7n5b8Gy3fisRnViqlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZjdmMTZiMDVhMTEyMzE1MWE2NzdhNDdhYzJkOGQ5MDYx
ZGYzOTAwHhcNMjQwMTAxMDgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhhMTllMTY4NWE3NDQxZTU1MTNhNmU1MGMyZmJkZWI2YjdkMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9AvZcKIty6E1aYCpDMHO61yTM5f
z+WpwwTwVKMtNiKduI0DNe5V8O9GdB/LNU5rcmxwkpq/RPf7Tw9ntRsB+lCNYHHs
M7EQ8TVBsRQxd05Blsmdk2O5bm8F4HuqwiJvuBGXi+T+7j2eXeGc7hAo+wQIpTLO
PJQ6lLze0FYIzduMjRndaDDiPZiUCDkOeovROjd3udfjqVNwWz0yZroJ+A7j2Cjm
ks+YG2h/A00kNYjejS10UmXdu08ypolg8VtoIFUsgP1tWB1Jui9yNCMsgVA5l8Hr
eGJYkxnhjW23XLiHRvdFrg6A9tZwdDvtXKaUZYorWvwNP0hz+Y9/LTLkaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH2KGeFoWnRB5VE6blDC+962t9CtMB8GA1UdIwQY
MBaAFNf38WsFoRIxUaZ3pHrC2NkGHfOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYt
NmNiZTk0OTUzMmU0LzEvZllvWjRXaGFkRUhsVVRwdVVNTDczcmEzMEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMjI3YjctNTRjYS00ZjU2LWJlMjYtNmNiZTk0OTUzMmU0
LzEvMV9meGF3V2hFakZScG5la2VzTFkyUVlkODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuXYYMA8E
AgACMAkDBwIqCexCAAAwDQYJKoZIhvcNAQELBQADggEBAFobMtozGNyl3eKasj8L
hmnbQHBo0F/bnZotrvKaNMXmCU7ZiyOA53+Xo9dyG1zARjQpQLiuZpHNJeXOu3yS
caushDMTG/190xOKuU3Alvx+9wmwbHkwP3vJCRa6/RPruybYhZatH+42ObNvK0iu
4c7RbPp9lFG7KNoc6DemQ/gBmBZk0n4NnWTQCG/OGiyeY+hphbTRRNEqkdKo3Z0M
4iL8cXLTCPPTd1CK/iYUH78Thh5oLi1qJAlIr6PSEajHUfM36I7XElx1spbA4dQe
vMf7wQVuRpG6B1GCe5arCdnFXfncTDvIXZjzAWqoBZVdYt4EU6ICFF0vYqW8D3c/
wNE=
-----END CERTIFICATE-----
Generated at Sat May 18 06:08:24 2024 by rpki-client on console-fra.rpki-client.org