Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/FAQuSbI56L6QHIPS0vEdrFS_yDI.roa
File: FAQuSbI56L6QHIPS0vEdrFS_yDI.roa (raw, json)
Hash identifier: XWyTiXLEvtehWEtRhB9iCPOfRfYsZz2IiRsZblvUlDE=
Subject key identifier: 14:04:2E:49:B2:39:E8:BE:90:1C:83:D2:D2:F1:1D:AC:54:BF:C8:32
Certificate issuer: /CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Certificate serial: 018CC2DAEF4DA5AB62950706AFAA8ADA2190
Authority key identifier: A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/FAQuSbI56L6QHIPS0vEdrFS_yDI.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56828
IP address blocks: 185.84.36.0/22 maxlen: 22
91.186.64.0/19 maxlen: 19
31.25.216.0/21 maxlen: 21
83.118.128.0/18 maxlen: 18
2a05:ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ef:4d:a5:ab:62:95:07:06:af:aa:8a:da:21:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14042e49b239e8be901c83d2d2f11dac54bfc832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:51:5f:67:ca:73:2c:da:ab:b8:3f:62:7e:ef:
53:fe:cb:e1:51:33:61:fe:9f:86:b8:fa:c2:09:28:
92:ca:f3:b8:a4:d0:12:d2:38:97:8d:4d:ca:2d:44:
29:a1:ef:04:8b:30:1e:7c:de:45:1d:c4:ea:0b:91:
8a:35:3f:03:bc:38:43:87:51:fa:22:6c:4a:87:25:
3e:44:da:23:15:9b:23:76:a5:0d:ef:9f:7e:11:4a:
b3:9f:82:eb:ea:de:f4:6a:f4:87:1f:d2:8d:56:a1:
1f:25:1f:bd:d1:81:87:0d:97:66:b5:f5:bc:5c:61:
c1:6a:5b:c6:99:ee:d0:23:a5:08:98:85:cf:58:e8:
f4:57:5c:a1:20:1a:f3:f0:7e:50:33:24:8b:b0:5c:
e7:1e:fd:82:2e:48:9b:3d:f7:48:37:2e:2b:e7:e4:
5c:b1:e3:d2:fd:41:5d:67:5c:2b:52:00:3b:6d:48:
80:62:0c:21:dc:5f:0f:cc:a5:a6:43:3e:2d:a6:53:
76:93:7e:17:ab:f2:69:df:32:72:71:67:52:8f:03:
d6:8f:04:a3:c8:af:66:35:64:0a:34:ca:a5:10:25:
fb:af:a4:99:a2:c4:02:b0:4d:da:e6:0d:15:81:41:
9c:2e:f3:c1:47:7a:dc:96:48:e0:45:11:ef:92:90:
de:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:04:2E:49:B2:39:E8:BE:90:1C:83:D2:D2:F1:1D:AC:54:BF:C8:32
X509v3 Authority Key Identifier:
keyid:A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/FAQuSbI56L6QHIPS0vEdrFS_yDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.216.0/21
83.118.128.0/18
91.186.64.0/19
185.84.36.0/22
IPv6:
2a05:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:c1:39:d5:ea:01:b4:08:4b:cc:0b:5d:db:4d:88:44:02:4e:
7b:88:1d:00:2a:1b:17:0a:8f:8c:2e:22:5a:2f:e8:ec:3f:5b:
60:0a:c6:7d:49:e4:21:67:60:9d:91:4e:82:a7:2f:ec:6c:d6:
ec:ec:52:21:87:80:c2:ed:aa:02:18:3c:9d:6d:a8:fe:2d:28:
1e:b0:f4:83:45:f5:8c:8e:b0:72:ea:a1:b3:5c:f3:6e:12:01:
64:79:3e:c1:98:88:4a:52:b6:10:65:c2:87:0a:11:01:b9:48:
c0:ce:58:a3:4f:60:d6:08:e8:1a:8b:ea:7e:2b:62:c5:38:50:
74:d7:d8:ae:b0:ca:29:3c:65:10:00:6d:bb:ef:ac:54:77:a4:
76:df:66:8d:35:f3:2c:cc:3a:b0:a3:6f:9b:74:d3:02:d1:1a:
b5:5d:80:5c:de:a0:98:6d:89:d3:f5:85:26:52:70:0e:b4:75:
27:45:f6:24:55:ef:58:8d:bc:92:b0:69:11:79:26:66:d8:6d:
45:f4:72:cf:1a:f8:8a:5a:d7:c3:bd:79:e1:89:31:f5:a4:55:
cd:e7:23:67:a5:b2:76:4b:40:7a:04:1b:b0:ef:f1:1f:9e:7e:
46:d6:54:0a:12:9e:84:05:bd:16:85:2e:30:d3:b2:f2:3a:d9:
e7:7c:ff:b4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC2u9NpatilQcGr6qK2iGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODY0ZWRmYTQxMmQ3N2EwM2NiZjU5MTMxZTNmY2MwM2E2
MGUxODgwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDA0MmU0OWIyMzllOGJlOTAxYzgzZDJkMmYxMWRhYzU0YmZjODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVFfZ8pzLNqruD9ifu9T/svhUTNh
/p+GuPrCCSiSyvO4pNAS0jiXjU3KLUQpoe8EizAefN5FHcTqC5GKNT8DvDhDh1H6
ImxKhyU+RNojFZsjdqUN759+EUqzn4Lr6t70avSHH9KNVqEfJR+90YGHDZdmtfW8
XGHBalvGme7QI6UImIXPWOj0V1yhIBrz8H5QMySLsFznHv2CLkibPfdINy4r5+Rc
sePS/UFdZ1wrUgA7bUiAYgwh3F8PzKWmQz4tplN2k34Xq/Jp3zJycWdSjwPWjwSj
yK9mNWQKNMqlECX7r6SZosQCsE3a5g0VgUGcLvPBR3rclkjgRRHvkpDeRwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBQELkmyOei+kByD0tLxHaxUv8gyMB8GA1UdIwQY
MBaAFKGGTt+kEtd6A8v1kTHj/MA6YOGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTkt
MWE1NTc5ZThjNmMwLzEvRkFRdVNiSTU2TDZRSElQUzB2RWRyRlNfeURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTktMWE1NTc5ZThjNmMw
LzEvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHxnYAwQG
U3aAAwQFW7pAAwQCuVQkMA0EAgACMAcDBQMqBQ7AMA0GCSqGSIb3DQEBCwUAA4IB
AQBOwTnV6gG0CEvMC13bTYhEAk57iB0AKhsXCo+MLiJaL+jsP1tgCsZ9SeQhZ2Cd
kU6Cpy/sbNbs7FIhh4DC7aoCGDydbaj+LSgesPSDRfWMjrBy6qGzXPNuEgFkeT7B
mIhKUrYQZcKHChEBuUjAzlijT2DWCOgai+p+K2LFOFB019iusMopPGUQAG2776xU
d6R232aNNfMszDqwo2+bdNMC0Rq1XYBc3qCYbYnT9YUmUnAOtHUnRfYkVe9YjbyS
sGkReSZm2G1F9HLPGviKWtfDvXnhiTH1pFXN5yNnpbJ2S0B6BBuw7/Efnn5G1lQK
Ep6EBb0WhS4w07LyOtnnfP+0
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:56:11 2024 by rpki-client on console-fra.rpki-client.org