Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Fo4b5eigIlzy9-7p_CtteRImC-4.roa
File: Fo4b5eigIlzy9-7p_CtteRImC-4.roa (raw, json)
Hash identifier: rbZ7rypjcfNu0BpWDmIebrpXM+e0f2xYe6ChlIBsCEU=
Subject key identifier: 16:8E:1B:E5:E8:A0:22:5C:F2:F7:EE:E9:FC:2B:6D:79:12:26:0B:EE
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018CCA9939797120D8E2E0E09EA992A67DB1
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Fo4b5eigIlzy9-7p_CtteRImC-4.roa
Signing time: Tue 02 Jan 2024 14:34:48 +0000
ROA not before: Tue 02 Jan 2024 14:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204650
IP address blocks: 62.220.118.0/23 maxlen: 24
81.12.43.0/24 maxlen: 24
87.107.100.0/22 maxlen: 24
81.12.77.0/24 maxlen: 24
81.12.102.0/23 maxlen: 23
81.12.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:39:79:71:20:d8:e2:e0:e0:9e:a9:92:a6:7d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 2 14:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=168e1be5e8a0225cf2f7eee9fc2b6d7912260bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e8:24:4f:e2:10:29:44:2a:af:61:32:1e:86:
25:a1:1c:10:da:08:ca:94:42:a3:b6:c2:2f:3b:a3:
75:51:ff:86:ef:f9:e6:b3:5d:1e:4f:db:b1:a0:02:
21:c3:06:59:7d:3c:65:2e:59:ed:0e:a8:1f:2f:9b:
57:fc:5c:a4:31:6e:64:0b:ce:fa:cb:be:cf:8f:a9:
7b:c4:29:74:a3:c5:4e:99:a9:b2:9a:f0:d2:98:35:
98:69:a5:e8:9d:96:5c:94:8a:48:55:5c:c6:b1:8d:
98:d6:97:88:21:83:d6:37:3e:35:ae:a7:75:b7:c3:
48:ba:aa:33:95:8d:50:39:bb:59:97:98:c0:ff:3c:
bc:05:b7:ee:17:44:3d:61:be:6a:27:04:d8:f1:20:
cc:d5:40:ee:d8:d3:33:91:be:ab:c6:a7:0b:73:f2:
f0:80:bf:80:42:f3:18:d2:73:ca:4b:6a:e0:5c:61:
74:45:df:38:9d:eb:ad:94:95:90:d1:74:bf:2f:09:
fe:0b:24:20:b7:f4:1a:0f:31:d5:04:1e:87:6a:1c:
63:b5:91:ac:74:01:81:71:5a:7b:87:c6:5c:54:93:
a2:e3:6d:0d:8f:91:25:e2:c7:40:03:b7:4a:3d:d9:
fb:3b:82:d9:00:9c:5a:cf:cb:c1:c4:e1:af:ab:90:
68:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:8E:1B:E5:E8:A0:22:5C:F2:F7:EE:E9:FC:2B:6D:79:12:26:0B:EE
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Fo4b5eigIlzy9-7p_CtteRImC-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.118.0/23
81.12.43.0/24
81.12.77.0/24
81.12.100.0/24
81.12.102.0/23
87.107.100.0/22
Signature Algorithm: sha256WithRSAEncryption
01:02:37:84:90:64:13:b2:44:1e:53:af:e8:a9:c8:cc:66:e4:
06:e5:37:20:49:83:53:a0:00:d1:4f:8e:53:db:38:18:3a:0a:
3f:62:60:3e:f8:69:8f:75:87:bf:f6:a2:79:77:99:f2:fe:ab:
11:e3:a6:eb:9d:b4:4c:51:e9:18:ad:6f:47:9a:b0:e2:ea:89:
2a:97:7e:7f:6a:66:7f:46:85:45:ab:3e:69:fd:4b:fc:8c:b2:
17:a7:ad:a0:ba:1a:07:17:1e:a8:01:e9:84:08:95:23:3f:a1:
83:54:ae:64:18:ae:53:ae:81:cc:be:86:c2:d2:fc:f5:dd:76:
23:25:81:34:a5:0c:93:9f:fe:3b:3d:69:63:69:8a:be:47:4a:
7f:7b:ea:0b:c0:e7:1e:19:eb:30:69:c9:19:62:7f:ef:97:b3:
ef:e7:9c:0e:9b:db:b4:70:e5:35:7c:bb:c0:68:59:ea:a4:0e:
ba:7f:17:11:a3:82:24:b1:d0:3f:d5:d8:06:e5:4f:8a:69:8c:
f4:91:06:ea:5c:88:7d:06:99:c4:cd:3f:ab:4c:fd:cc:64:77:
92:f4:1f:12:6f:7c:f0:3d:16:1f:5f:c3:ff:d1:67:59:57:3c:
b5:00:20:76:43:9b:9d:a3:d3:db:05:b4:68:0c:c2:e1:ad:07:
25:da:2c:9f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKmTl5cSDY4uDgnqmSpn2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMTAyMTQzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjhlMWJlNWU4YTAyMjVjZjJmN2VlZTlmYzJiNmQ3OTEyMjYwYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhugkT+IQKUQqr2EyHoYloRwQ2gjK
lEKjtsIvO6N1Uf+G7/nms10eT9uxoAIhwwZZfTxlLlntDqgfL5tX/FykMW5kC876
y77Pj6l7xCl0o8VOmamymvDSmDWYaaXonZZclIpIVVzGsY2Y1peIIYPWNz41rqd1
t8NIuqozlY1QObtZl5jA/zy8BbfuF0Q9Yb5qJwTY8SDM1UDu2NMzkb6rxqcLc/Lw
gL+AQvMY0nPKS2rgXGF0Rd84neutlJWQ0XS/Lwn+CyQgt/QaDzHVBB6HahxjtZGs
dAGBcVp7h8ZcVJOi420Nj5El4sdAA7dKPdn7O4LZAJxaz8vBxOGvq5BoSwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBaOG+XooCJc8vfu6fwrbXkSJgvuMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvRm80YjVlaWdJbHp5OS03cF9DdHRlUkltQy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBPtx2AwQA
UQwrAwQAUQxNAwQAUQxkAwQBUQxmAwQCV2tkMA0GCSqGSIb3DQEBCwUAA4IBAQAB
AjeEkGQTskQeU6/oqcjMZuQG5TcgSYNToADRT45T2zgYOgo/YmA++GmPdYe/9qJ5
d5ny/qsR46brnbRMUekYrW9HmrDi6okql35/amZ/RoVFqz5p/Uv8jLIXp62guhoH
Fx6oAemECJUjP6GDVK5kGK5TroHMvobC0vz13XYjJYE0pQyTn/47PWljaYq+R0p/
e+oLwOceGeswackZYn/vl7Pv55wOm9u0cOU1fLvAaFnqpA66fxcRo4IksdA/1dgG
5U+KaYz0kQbqXIh9BpnEzT+rTP3MZHeS9B8Sb3zwPRYfX8P/0WdZVzy1ACB2Q5ud
o9PbBbRoDMLhrQcl2iyf
-----END CERTIFICATE-----
Generated at Fri May 17 15:03:40 2024 by rpki-client on console-fra.rpki-client.org