Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/fgNf6A7ImjWDab3mzu4P7WN4Ubk.roa
File: fgNf6A7ImjWDab3mzu4P7WN4Ubk.roa (raw, json)
Hash identifier: 7NyURISWK3j9kZPXYw9gqCZhvXCwGcdPH97cZ5KS3kc=
Subject key identifier: 7E:03:5F:E8:0E:C8:9A:35:83:69:BD:E6:CE:EE:0F:ED:63:78:51:B9
Certificate issuer: /CN=bc31247f359a6d492dc9943ae0f00fc8be216c78
Certificate serial: 018CC9BC09D51160BB0BF0B6875A5CAC4542
Authority key identifier: BC:31:24:7F:35:9A:6D:49:2D:C9:94:3A:E0:F0:0F:C8:BE:21:6C:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDEkfzWabUktyZQ64PAPyL4hbHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/fgNf6A7ImjWDab3mzu4P7WN4Ubk.roa
Signing time: Tue 02 Jan 2024 10:33:12 +0000
ROA not before: Tue 02 Jan 2024 10:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60975
IP address blocks: 185.19.185.0/24 maxlen: 24
185.19.184.0/24 maxlen: 24
185.19.187.0/24 maxlen: 24
2a00:43e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/vDEkfzWabUktyZQ64PAPyL4hbHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/vDEkfzWabUktyZQ64PAPyL4hbHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vDEkfzWabUktyZQ64PAPyL4hbHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:09:d5:11:60:bb:0b:f0:b6:87:5a:5c:ac:45:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc31247f359a6d492dc9943ae0f00fc8be216c78
Validity
Not Before: Jan 2 10:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e035fe80ec89a358369bde6ceee0fed637851b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bc:f5:68:52:f8:29:d4:60:96:09:3e:2d:a4:
cd:7d:55:2f:e3:1d:60:c6:c1:5a:a1:4a:c5:e3:81:
2a:de:1c:6c:0d:8e:71:2e:69:89:b0:ce:b7:6d:1f:
25:e2:94:7a:6f:17:b6:b6:10:d2:e7:74:63:e8:64:
f4:a1:d1:fd:e9:ab:6d:bf:d7:80:0b:5c:88:d0:a3:
60:b8:11:c2:b6:74:a1:59:47:3b:80:b2:6c:a3:83:
e9:b7:19:21:b0:a6:50:9a:d2:92:66:f2:ca:17:ee:
6f:e6:46:c3:b3:a7:c9:c5:25:60:3a:b1:66:ef:4d:
e3:a4:ff:72:fc:b6:2a:ad:02:7c:60:de:23:3c:f1:
c2:a1:81:7a:77:26:82:b0:e2:05:02:df:c1:35:f9:
0a:f9:7b:24:04:53:c2:e2:83:ff:2d:aa:77:0f:48:
55:c2:ec:85:96:36:89:59:20:c8:5b:b8:8a:14:2c:
2c:fa:b5:23:0a:ff:38:7c:ac:1e:da:07:ac:dd:d8:
08:9c:55:64:99:04:44:ea:84:0e:74:bc:c0:86:53:
19:03:d6:19:10:5c:01:53:3d:06:b4:b9:43:ff:6a:
1b:e8:8f:27:7a:c1:8a:29:98:02:a2:27:4f:9a:e6:
47:39:9a:3c:4d:5b:4a:8d:de:a6:52:b8:c4:e1:84:
c7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:03:5F:E8:0E:C8:9A:35:83:69:BD:E6:CE:EE:0F:ED:63:78:51:B9
X509v3 Authority Key Identifier:
keyid:BC:31:24:7F:35:9A:6D:49:2D:C9:94:3A:E0:F0:0F:C8:BE:21:6C:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDEkfzWabUktyZQ64PAPyL4hbHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/fgNf6A7ImjWDab3mzu4P7WN4Ubk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/346bef-0a5e-4400-9f84-56805ca11c33/1/vDEkfzWabUktyZQ64PAPyL4hbHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.184.0/23
185.19.187.0/24
IPv6:
2a00:43e0::/32
Signature Algorithm: sha256WithRSAEncryption
93:2f:5b:ce:71:b0:10:be:f9:90:21:2d:04:02:da:57:ff:92:
05:14:4f:9d:2e:62:77:26:30:fd:fe:b3:b4:b8:9f:ac:2d:aa:
bd:73:b0:b6:d5:9c:c0:28:c4:c4:f4:65:6c:8e:b7:4d:40:e9:
dc:84:ff:e2:00:fc:30:19:d2:0b:08:19:55:a9:6c:74:99:76:
d9:71:e2:7e:74:cc:b9:92:16:a0:86:8d:24:1e:05:c3:1c:3b:
1a:62:37:1b:c8:5d:4c:23:be:49:4d:e5:90:30:20:9b:c9:db:
03:81:8f:62:c9:41:63:34:82:2f:ac:b3:13:9c:81:c3:31:14:
4a:3b:66:53:60:a1:43:3f:1a:95:9a:d9:3a:d7:f6:e0:ec:fe:
d2:f2:fb:52:80:90:1a:65:f0:99:24:88:90:d8:6a:c9:ec:ab:
13:b9:65:1e:89:f8:fa:64:ef:d4:b1:e5:ac:04:61:a8:c0:84:
97:4a:fd:ac:b5:54:f8:eb:9b:10:3b:96:05:ae:78:b3:64:4d:
1b:88:5d:19:f3:30:9e:ee:d5:ec:24:ca:0f:e3:b9:be:76:39:
7a:03:b8:ca:68:10:33:b5:e1:f0:06:a3:78:b6:44:af:d1:42:
35:e1:f2:b7:e6:ee:db:03:da:91:17:0c:9b:9d:61:43:d9:6b:
57:d3:23:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvAnVEWC7C/C2h1pcrEVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMzEyNDdmMzU5YTZkNDkyZGM5OTQzYWUwZjAwZmM4YmUy
MTZjNzgwHhcNMjQwMTAyMTAzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTAzNWZlODBlYzg5YTM1ODM2OWJkZTZjZWVlMGZlZDYzNzg1MWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLz1aFL4KdRglgk+LaTNfVUv4x1g
xsFaoUrF44Eq3hxsDY5xLmmJsM63bR8l4pR6bxe2thDS53Rj6GT0odH96attv9eA
C1yI0KNguBHCtnShWUc7gLJso4PptxkhsKZQmtKSZvLKF+5v5kbDs6fJxSVgOrFm
703jpP9y/LYqrQJ8YN4jPPHCoYF6dyaCsOIFAt/BNfkK+XskBFPC4oP/Lap3D0hV
wuyFljaJWSDIW7iKFCws+rUjCv84fKwe2ges3dgInFVkmQRE6oQOdLzAhlMZA9YZ
EFwBUz0GtLlD/2ob6I8nesGKKZgCoidPmuZHOZo8TVtKjd6mUrjE4YTHywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH4DX+gOyJo1g2m95s7uD+1jeFG5MB8GA1UdIwQY
MBaAFLwxJH81mm1JLcmUOuDwD8i+IWx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRFa2Z6V2FiVWt0eVpRNjRQQVB5TDRoYkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zNDZiZWYtMGE1ZS00NDAwLTlmODQt
NTY4MDVjYTExYzMzLzEvZmdOZjZBN0ltaldEYWIzbXp1NFA3V040VWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zNDZiZWYtMGE1ZS00NDAwLTlmODQtNTY4MDVjYTExYzMz
LzEvdkRFa2Z6V2FiVWt0eVpRNjRQQVB5TDRoYkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuRO4AwQA
uRO7MA0EAgACMAcDBQAqAEPgMA0GCSqGSIb3DQEBCwUAA4IBAQCTL1vOcbAQvvmQ
IS0EAtpX/5IFFE+dLmJ3JjD9/rO0uJ+sLaq9c7C21ZzAKMTE9GVsjrdNQOnchP/i
APwwGdILCBlVqWx0mXbZceJ+dMy5khagho0kHgXDHDsaYjcbyF1MI75JTeWQMCCb
ydsDgY9iyUFjNIIvrLMTnIHDMRRKO2ZTYKFDPxqVmtk61/bg7P7S8vtSgJAaZfCZ
JIiQ2GrJ7KsTuWUeifj6ZO/UseWsBGGowISXSv2stVT465sQO5YFrnizZE0biF0Z
8zCe7tXsJMoP47m+djl6A7jKaBAzteHwBqN4tkSv0UI14fK35u7bA9qRFwybnWFD
2WtX0yMX
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:52 2024 by rpki-client on console-fra.rpki-client.org