Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/F204NG0N1Cf-DAXLU_Bz7PGDHvU.roa
File: F204NG0N1Cf-DAXLU_Bz7PGDHvU.roa (raw, json)
Hash identifier: VTbR3TEDt8xfezAyay05MXotvFF8QGKzBRrKVx+3LIo=
Subject key identifier: 17:6D:38:34:6D:0D:D4:27:FE:0C:05:CB:53:F0:73:EC:F1:83:1E:F5
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018F76DF228B1F4425DECAD25766D162AF52
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/F204NG0N1Cf-DAXLU_Bz7PGDHvU.roa
Signing time: Tue 14 May 2024 11:31:25 +0000
ROA not before: Tue 14 May 2024 11:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44203
IP address blocks: 185.211.202.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 Nov 2024 16:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:df:22:8b:1f:44:25:de:ca:d2:57:66:d1:62:af:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: May 14 11:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=176d38346d0dd427fe0c05cb53f073ecf1831ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2b:40:e2:88:6f:2b:63:42:04:18:b6:7e:fd:
52:e7:e4:bd:cc:5d:66:50:f0:01:ad:1c:47:79:ad:
30:c0:c6:d5:02:bc:09:b0:40:17:09:78:d3:68:33:
95:cd:a8:68:7f:28:3c:5b:a9:52:c0:f4:61:16:72:
8b:da:ff:9b:04:05:76:45:d0:c1:15:6c:e8:5b:06:
e2:10:d6:2c:7b:59:6a:8f:28:d9:3a:6d:5b:63:ec:
79:03:d1:9b:89:a9:d5:0c:06:42:f5:51:c5:f9:4d:
89:45:54:57:7d:37:72:1a:d9:71:e8:24:f5:75:13:
56:fa:dc:6c:77:02:e3:3c:8d:81:ed:1a:12:ec:04:
05:46:1a:8f:27:09:fe:87:08:00:21:3b:4d:83:92:
a0:94:d6:f8:e3:5d:ce:b3:0e:08:4a:21:c4:41:34:
e2:3f:8f:12:c9:41:06:43:db:a3:79:d0:c8:92:23:
3e:05:b8:da:6d:a5:50:7e:c9:80:55:25:99:5a:1e:
2b:cf:e3:0f:64:1d:4c:59:48:fd:b9:a7:28:45:6c:
a8:bc:30:7c:d2:a1:4a:35:e3:41:66:ee:1c:6a:27:
d1:87:b0:ff:22:34:a8:7d:c2:f2:20:0f:16:cb:25:
2a:ce:79:84:16:bd:14:6b:b6:c8:d9:12:67:50:91:
9f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6D:38:34:6D:0D:D4:27:FE:0C:05:CB:53:F0:73:EC:F1:83:1E:F5
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/F204NG0N1Cf-DAXLU_Bz7PGDHvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.202.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:f5:f6:d0:21:8c:38:c4:13:d6:24:88:33:3c:46:e4:a1:3b:
92:25:0f:46:dc:36:9a:7e:7e:3c:9a:4b:f1:b7:f3:11:24:77:
cc:6a:0f:59:61:f5:2a:a3:57:8d:17:97:8e:db:2f:65:ab:a2:
84:3f:f4:b7:ff:d8:2b:bc:7c:a2:59:a2:9c:03:9c:08:e2:16:
89:70:60:0c:52:c2:f7:ef:71:bb:73:78:04:ae:6c:66:53:ab:
6c:e0:9e:3b:d2:bd:55:43:29:6b:92:64:1b:01:34:ae:68:64:
1b:85:ff:11:5a:9c:b2:35:ee:89:74:ab:4d:e8:3d:fc:b8:b7:
5c:26:ef:79:ee:d0:e0:68:8f:f2:60:b8:26:01:05:7b:75:05:
30:2a:02:60:37:a6:78:81:f0:3a:67:05:71:46:cb:43:a7:0c:
e9:7a:f1:f8:75:b0:6a:95:08:31:56:48:36:99:53:74:dd:34:
3f:43:f4:65:11:c9:f4:78:e5:b1:74:9f:2d:7d:12:1c:b1:1a:
df:e2:77:c8:31:57:5a:b2:33:62:23:3a:fd:54:ea:66:3c:2d:
29:a4:f8:30:bd:74:ff:bc:8a:20:aa:2b:2e:43:8c:15:33:81:
4a:fa:2b:b3:39:ec:95:4e:b9:80:4e:ea:d5:0a:88:e8:b6:b5:
30:56:d5:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY923yKLH0Ql3srSV2bRYq9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwNTE0MTEzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzZkMzgzNDZkMGRkNDI3ZmUwYzA1Y2I1M2YwNzNlY2YxODMxZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsStA4ohvK2NCBBi2fv1S5+S9zF1m
UPABrRxHea0wwMbVArwJsEAXCXjTaDOVzahofyg8W6lSwPRhFnKL2v+bBAV2RdDB
FWzoWwbiENYse1lqjyjZOm1bY+x5A9GbianVDAZC9VHF+U2JRVRXfTdyGtlx6CT1
dRNW+txsdwLjPI2B7RoS7AQFRhqPJwn+hwgAITtNg5KglNb4413Osw4ISiHEQTTi
P48SyUEGQ9ujedDIkiM+BbjabaVQfsmAVSWZWh4rz+MPZB1MWUj9uacoRWyovDB8
0qFKNeNBZu4caifRh7D/IjSofcLyIA8WyyUqznmEFr0Ua7bI2RJnUJGfhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBdtODRtDdQn/gwFy1Pwc+zxgx71MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvRjIwNE5HME4xQ2YtREFYTFVfQno3UEdESHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudPKMA0G
CSqGSIb3DQEBCwUAA4IBAQCx9fbQIYw4xBPWJIgzPEbkoTuSJQ9G3Daafn48mkvx
t/MRJHfMag9ZYfUqo1eNF5eO2y9lq6KEP/S3/9grvHyiWaKcA5wI4haJcGAMUsL3
73G7c3gErmxmU6ts4J470r1VQylrkmQbATSuaGQbhf8RWpyyNe6JdKtN6D38uLdc
Ju957tDgaI/yYLgmAQV7dQUwKgJgN6Z4gfA6ZwVxRstDpwzpevH4dbBqlQgxVkg2
mVN03TQ/Q/RlEcn0eOWxdJ8tfRIcsRrf4nfIMVdasjNiIzr9VOpmPC0ppPgwvXT/
vIogqisuQ4wVM4FK+iuzOeyVTrmATurVCojotrUwVtVW
-----END CERTIFICATE-----
Generated at Thu Oct 31 22:56:58 2024 by rpki-client on console-fra.rpki-client.org