Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/940d84-a6ba-4219-ae11-7427f541b3df/1/FgL-KOXBLD6aOYzcIdmMq2z0K8o.roa
File: FgL-KOXBLD6aOYzcIdmMq2z0K8o.roa (raw, json)
Hash identifier: pew/7t1Fwmit4cZe74ofh61E0oGoIHH6+Iiv7xgFJa8=
Subject key identifier: 16:02:FE:28:E5:C1:2C:3E:9A:39:8C:DC:21:D9:8C:AB:6C:F4:2B:CA
Certificate issuer: /CN=11836ccc1935aeb97d67cb46bdd0c6107f8610e4
Certificate serial: 018CC727370FAE8E076C50E349DDB8D5B501
Authority key identifier: 11:83:6C:CC:19:35:AE:B9:7D:67:CB:46:BD:D0:C6:10:7F:86:10:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EYNszBk1rrl9Z8tGvdDGEH-GEOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/940d84-a6ba-4219-ae11-7427f541b3df/1/FgL-KOXBLD6aOYzcIdmMq2z0K8o.roa
Signing time: Mon 01 Jan 2024 22:31:25 +0000
ROA not before: Mon 01 Jan 2024 22:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13127
IP address blocks: 193.176.208.0/24 maxlen: 24
194.53.33.0/24 maxlen: 24
194.53.36.0/24 maxlen: 24
194.53.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/940d84-a6ba-4219-ae11-7427f541b3df/1/EYNszBk1rrl9Z8tGvdDGEH-GEOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/940d84-a6ba-4219-ae11-7427f541b3df/1/EYNszBk1rrl9Z8tGvdDGEH-GEOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/EYNszBk1rrl9Z8tGvdDGEH-GEOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:37:0f:ae:8e:07:6c:50:e3:49:dd:b8:d5:b5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11836ccc1935aeb97d67cb46bdd0c6107f8610e4
Validity
Not Before: Jan 1 22:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1602fe28e5c12c3e9a398cdc21d98cab6cf42bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:24:b6:0e:55:3d:bc:08:25:ea:6f:5e:09:e4:
39:66:e8:87:e7:99:b2:91:dc:f4:e2:87:bf:ff:7e:
80:f6:34:27:af:a9:e2:d4:ab:d6:76:9d:d9:57:a7:
78:16:0d:b6:91:f2:73:86:ff:60:d8:97:bc:a7:04:
11:91:4e:21:4c:05:ac:e6:4c:29:aa:19:a6:5a:24:
2c:22:71:ad:de:d3:b6:3a:39:7d:e5:68:da:0a:46:
ea:39:5e:00:e5:b2:a4:ad:1c:c4:04:42:3f:7c:df:
36:88:1a:49:a8:9a:5d:7f:d7:a7:3b:1f:40:46:02:
f4:43:20:27:5f:c3:6b:81:2d:29:de:59:f2:1e:39:
7a:80:a2:3e:68:98:dd:4d:f4:9b:65:54:be:a9:6a:
92:8f:e4:17:15:84:55:10:8c:cf:78:d3:d6:e7:6a:
c1:53:4c:f4:3e:6a:dc:a9:9e:80:8c:4d:75:3a:58:
03:aa:15:cc:cc:5d:3d:eb:9f:34:51:5e:a9:5d:45:
81:cb:ac:72:79:3b:dd:4a:84:61:1f:64:af:36:31:
87:a8:1a:f4:31:77:8a:8e:d2:ae:0b:60:43:73:78:
64:5e:8f:60:e0:6f:96:27:21:26:47:46:f9:c9:ef:
3d:6a:bf:11:82:fe:49:a7:15:56:4c:60:be:ad:b1:
ba:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:02:FE:28:E5:C1:2C:3E:9A:39:8C:DC:21:D9:8C:AB:6C:F4:2B:CA
X509v3 Authority Key Identifier:
keyid:11:83:6C:CC:19:35:AE:B9:7D:67:CB:46:BD:D0:C6:10:7F:86:10:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EYNszBk1rrl9Z8tGvdDGEH-GEOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/940d84-a6ba-4219-ae11-7427f541b3df/1/FgL-KOXBLD6aOYzcIdmMq2z0K8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/940d84-a6ba-4219-ae11-7427f541b3df/1/EYNszBk1rrl9Z8tGvdDGEH-GEOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.208.0/24
194.53.33.0/24
194.53.35.0-194.53.36.255
Signature Algorithm: sha256WithRSAEncryption
68:7e:14:90:39:c3:f3:19:dc:39:ba:f0:d4:d5:49:bd:16:c7:
2b:b2:32:e6:5e:ec:a3:85:47:21:48:48:06:79:24:52:26:2f:
0e:bc:4b:a6:46:83:1b:98:9b:71:10:9b:c2:1e:29:b1:e0:57:
1f:63:17:22:1b:11:be:05:86:bb:c5:23:eb:87:38:d1:d5:59:
c5:c7:d3:58:e8:39:0b:d8:17:83:b0:e8:c1:6e:4d:81:ef:f8:
b1:b1:38:09:ca:1d:e2:0b:1e:49:05:02:8d:4a:f8:ef:54:91:
66:8a:e6:dd:f4:f1:91:0a:3b:2f:b4:ee:3b:88:f6:b6:74:4e:
15:86:1f:da:3d:70:43:e0:07:10:4f:ef:69:df:73:d4:6f:06:
06:a0:3f:84:44:8f:84:3e:95:e6:44:8d:c0:80:57:eb:20:b4:
3e:09:24:8e:a8:89:90:fc:bf:02:f2:10:3f:1e:fd:d1:8a:5f:
27:77:6c:73:e7:ac:0b:ce:d9:43:30:ed:f6:cd:12:75:eb:42:
d2:c7:3e:aa:b1:44:ee:cc:e9:97:d0:c7:13:83:df:e8:b5:b3:
2e:f0:b7:9f:9b:0b:6e:b7:c2:53:1d:79:b8:91:89:17:13:d2:
11:e3:2e:72:15:b4:79:20:c8:39:8d:df:aa:1a:d7:2d:96:42:
9f:e0:4b:e8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHJzcPro4HbFDjSd241bUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExODM2Y2NjMTkzNWFlYjk3ZDY3Y2I0NmJkZDBjNjEwN2Y4
NjEwZTQwHhcNMjQwMTAxMjIzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjAyZmUyOGU1YzEyYzNlOWEzOThjZGMyMWQ5OGNhYjZjZjQyYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCS2DlU9vAgl6m9eCeQ5ZuiH55my
kdz04oe//36A9jQnr6ni1KvWdp3ZV6d4Fg22kfJzhv9g2Je8pwQRkU4hTAWs5kwp
qhmmWiQsInGt3tO2Ojl95WjaCkbqOV4A5bKkrRzEBEI/fN82iBpJqJpdf9enOx9A
RgL0QyAnX8NrgS0p3lnyHjl6gKI+aJjdTfSbZVS+qWqSj+QXFYRVEIzPeNPW52rB
U0z0PmrcqZ6AjE11OlgDqhXMzF096580UV6pXUWBy6xyeTvdSoRhH2SvNjGHqBr0
MXeKjtKuC2BDc3hkXo9g4G+WJyEmR0b5ye89ar8Rgv5JpxVWTGC+rbG6owIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBYC/ijlwSw+mjmM3CHZjKts9CvKMB8GA1UdIwQY
MBaAFBGDbMwZNa65fWfLRr3QxhB/hhDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVlOc3pCazFycmw5Wjh0R3ZkREdFSC1HRU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85NDBkODQtYTZiYS00MjE5LWFlMTEt
NzQyN2Y1NDFiM2RmLzEvRmdMLUtPWEJMRDZhT1l6Y0lkbU1xMnowSzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85NDBkODQtYTZiYS00MjE5LWFlMTEtNzQyN2Y1NDFiM2Rm
LzEvRVlOc3pCazFycmw5Wjh0R3ZkREdFSC1HRU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwbDQAwQA
wjUhMAwDBADCNSMDBADCNSQwDQYJKoZIhvcNAQELBQADggEBAGh+FJA5w/MZ3Dm6
8NTVSb0WxyuyMuZe7KOFRyFISAZ5JFImLw68S6ZGgxuYm3EQm8IeKbHgVx9jFyIb
Eb4FhrvFI+uHONHVWcXH01joOQvYF4Ow6MFuTYHv+LGxOAnKHeILHkkFAo1K+O9U
kWaK5t308ZEKOy+07juI9rZ0ThWGH9o9cEPgBxBP72nfc9RvBgagP4REj4Q+leZE
jcCAV+sgtD4JJI6oiZD8vwLyED8e/dGKXyd3bHPnrAvO2UMw7fbNEnXrQtLHPqqx
RO7M6ZfQxxOD3+i1sy7wt5+bC263wlMdebiRiRcT0hHjLnIVtHkgyDmN36oa1y2W
Qp/gS+g=
-----END CERTIFICATE-----
Generated at Sat May 11 06:32:13 2024 by rpki-client on console-ams.rpki-client.org