Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/FI2IrSt2BCqlghLzle9-owpE88c.roa
File: FI2IrSt2BCqlghLzle9-owpE88c.roa (raw, json)
Hash identifier: JmmzIMnNlIkxQPXnMaens+tdeLfA2AdFHjeRGmgVPfs=
Subject key identifier: 14:8D:88:AD:2B:76:04:2A:A5:82:12:F3:95:EF:7E:A3:0A:44:F3:C7
Certificate issuer: /CN=0ea3c9c4497c1fa485e9dd1758af9f000e2bd4bf
Certificate serial: 018CC8DF0B83ADEA2599BDAFBF904A752F86
Authority key identifier: 0E:A3:C9:C4:49:7C:1F:A4:85:E9:DD:17:58:AF:9F:00:0E:2B:D4:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DqPJxEl8H6SF6d0XWK-fAA4r1L8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/FI2IrSt2BCqlghLzle9-owpE88c.roa
Signing time: Tue 02 Jan 2024 06:31:49 +0000
ROA not before: Tue 02 Jan 2024 06:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48943
IP address blocks: 195.88.166.0/23 maxlen: 23
193.111.87.0/24 maxlen: 24
2001:67c:2420::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/DqPJxEl8H6SF6d0XWK-fAA4r1L8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/DqPJxEl8H6SF6d0XWK-fAA4r1L8.mft
rsync://rpki.ripe.net/repository/DEFAULT/DqPJxEl8H6SF6d0XWK-fAA4r1L8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:0b:83:ad:ea:25:99:bd:af:bf:90:4a:75:2f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ea3c9c4497c1fa485e9dd1758af9f000e2bd4bf
Validity
Not Before: Jan 2 06:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=148d88ad2b76042aa58212f395ef7ea30a44f3c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1d:cf:50:51:89:2b:73:c1:49:3c:5b:ee:38:
b4:a6:65:55:e4:55:01:b8:75:ed:d7:0f:67:5f:49:
77:42:c8:3f:ea:ab:00:56:a0:39:60:3e:5d:29:e9:
94:f5:f0:51:60:f6:b0:ef:fc:61:5e:25:95:02:4f:
f6:22:3c:b9:d9:96:34:ad:08:65:ac:73:7c:0f:55:
d2:5e:a2:cb:83:20:5b:e1:23:e7:60:78:6b:f7:ab:
a7:8a:ef:57:e4:de:01:a2:2b:af:37:26:30:20:14:
77:bd:09:7d:a0:00:cc:a5:f4:24:c5:3c:76:0c:2e:
ab:e8:69:74:c4:2a:b3:df:80:c3:32:b1:a2:e5:05:
a2:86:c9:33:6e:7a:6e:fa:67:9b:26:9a:69:d5:49:
24:80:d0:4e:53:3d:24:f1:81:9e:36:d0:09:a4:3b:
1b:84:4b:ca:03:a7:51:36:2e:9e:f1:bd:0b:d2:16:
39:43:76:4c:3a:66:51:45:98:c1:ff:54:80:fd:90:
4b:a8:ad:7d:9b:6b:c4:4d:4a:8f:d7:d3:21:76:21:
d1:74:bb:3b:b0:6f:7b:c9:ad:79:06:e4:35:6f:e7:
0f:13:3d:b8:75:bc:fa:69:9c:94:c5:3e:97:1f:b6:
17:b7:9b:40:fc:66:5f:80:55:94:e9:f3:b5:23:31:
ab:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8D:88:AD:2B:76:04:2A:A5:82:12:F3:95:EF:7E:A3:0A:44:F3:C7
X509v3 Authority Key Identifier:
keyid:0E:A3:C9:C4:49:7C:1F:A4:85:E9:DD:17:58:AF:9F:00:0E:2B:D4:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DqPJxEl8H6SF6d0XWK-fAA4r1L8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/FI2IrSt2BCqlghLzle9-owpE88c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/DqPJxEl8H6SF6d0XWK-fAA4r1L8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.87.0/24
195.88.166.0/23
IPv6:
2001:67c:2420::/48
Signature Algorithm: sha256WithRSAEncryption
2a:40:82:04:91:1c:11:ae:65:ad:49:2d:1e:81:d7:46:6f:c6:
85:20:ab:76:b0:f9:12:c1:e2:cb:d8:05:0e:74:ef:e9:46:b1:
e2:e8:cc:46:9f:44:58:28:28:5b:5d:34:70:ed:1c:87:97:cb:
9f:68:06:f0:db:58:80:ae:82:ab:6e:f0:25:2d:ee:a1:28:ed:
a8:2a:f3:5e:e6:34:05:83:48:7e:81:e8:3f:99:7d:bf:f7:93:
8a:92:7f:75:79:1f:9a:1f:ff:84:e1:f5:2b:0c:12:83:fb:c1:
38:21:85:ec:12:62:8b:8f:3f:03:de:17:3b:87:88:c5:5f:4d:
7a:a7:84:6d:2f:a3:7f:17:60:c6:55:11:74:12:49:5f:cb:c3:
d6:e2:67:2c:00:6a:b6:cd:f8:78:93:b7:65:08:c6:bc:40:a1:
67:0e:67:41:01:b3:56:af:97:1b:91:7f:7a:7f:30:25:a1:7f:
eb:0f:7c:07:1f:c9:b8:c2:fb:6d:64:4f:db:4b:06:3b:f9:96:
92:20:4b:5a:02:1f:92:3e:cd:a9:1d:2a:51:78:d1:6e:df:30:
f8:39:91:d2:21:a2:bf:2c:b2:ef:23:7d:e5:60:a0:b7:24:4a:
1b:f0:e6:89:b8:46:51:91:e4:c8:93:ff:47:29:68:ff:e1:ad:
f3:71:e3:a0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzI3wuDreolmb2vv5BKdS+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYTNjOWM0NDk3YzFmYTQ4NWU5ZGQxNzU4YWY5ZjAwMGUy
YmQ0YmYwHhcNMjQwMTAyMDYzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDhkODhhZDJiNzYwNDJhYTU4MjEyZjM5NWVmN2VhMzBhNDRmM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB3PUFGJK3PBSTxb7ji0pmVV5FUB
uHXt1w9nX0l3Qsg/6qsAVqA5YD5dKemU9fBRYPaw7/xhXiWVAk/2Ijy52ZY0rQhl
rHN8D1XSXqLLgyBb4SPnYHhr96uniu9X5N4BoiuvNyYwIBR3vQl9oADMpfQkxTx2
DC6r6Gl0xCqz34DDMrGi5QWihskzbnpu+mebJppp1UkkgNBOUz0k8YGeNtAJpDsb
hEvKA6dRNi6e8b0L0hY5Q3ZMOmZRRZjB/1SA/ZBLqK19m2vETUqP19MhdiHRdLs7
sG97ya15BuQ1b+cPEz24dbz6aZyUxT6XH7YXt5tA/GZfgFWU6fO1IzGrewIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBSNiK0rdgQqpYIS85XvfqMKRPPHMB8GA1UdIwQY
MBaAFA6jycRJfB+khendF1ivnwAOK9S/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHFQSnhFbDhINlNGNmQwWFdLLWZBQTRyMUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hYWQyN2ItNjliYS00OWVkLWJiN2Ut
YTk5MGY5MDY0YTU3LzEvRkkySXJTdDJCQ3FsZ2hMemxlOS1vd3BFODhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hYWQyN2ItNjliYS00OWVkLWJiN2UtYTk5MGY5MDY0YTU3
LzEvRHFQSnhFbDhINlNGNmQwWFdLLWZBQTRyMUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwW9XAwQB
w1imMA8EAgACMAkDBwAgAQZ8JCAwDQYJKoZIhvcNAQELBQADggEBACpAggSRHBGu
Za1JLR6B10ZvxoUgq3aw+RLB4svYBQ507+lGseLozEafRFgoKFtdNHDtHIeXy59o
BvDbWICugqtu8CUt7qEo7agq817mNAWDSH6B6D+Zfb/3k4qSf3V5H5of/4Th9SsM
EoP7wTghhewSYouPPwPeFzuHiMVfTXqnhG0vo38XYMZVEXQSSV/Lw9biZywAarbN
+HiTt2UIxrxAoWcOZ0EBs1avlxuRf3p/MCWhf+sPfAcfybjC+21kT9tLBjv5lpIg
S1oCH5I+zakdKlF40W7fMPg5kdIhor8ssu8jfeVgoLckShvw5om4RlGR5MiT/0cp
aP/hrfNx46A=
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:54:10 2024 by rpki-client on console-ams.rpki-client.org