Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Fxhj6mGGKYYnw_GMI9sqhb-VqmQ.roa
File: Fxhj6mGGKYYnw_GMI9sqhb-VqmQ.roa (raw, json)
Hash identifier: /impvWVRJMFfKFt1LBGYda7WrBtAGWsFZnBGRGySfpE=
Subject key identifier: 17:18:63:EA:61:86:29:86:27:C3:F1:8C:23:DB:2A:85:BF:95:AA:64
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018CCA99391789A578FEE7857F54D90B9626
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Fxhj6mGGKYYnw_GMI9sqhb-VqmQ.roa
Signing time: Tue 02 Jan 2024 14:34:48 +0000
ROA not before: Tue 02 Jan 2024 14:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204544
IP address blocks: 87.107.152.0/23 maxlen: 24
87.107.166.0/23 maxlen: 24
62.220.126.0/23 maxlen: 24
81.12.24.0/22 maxlen: 24
81.12.30.0/23 maxlen: 24
87.107.174.0/23 maxlen: 24
87.107.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 19:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:39:17:89:a5:78:fe:e7:85:7f:54:d9:0b:96:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 2 14:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=171863ea6186298627c3f18c23db2a85bf95aa64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c2:0b:ed:ac:90:60:63:eb:05:3c:13:e2:2d:
60:80:31:e3:7d:0f:d4:9e:cd:25:c1:b5:d3:04:08:
99:54:89:45:42:7b:82:22:5d:e4:51:84:a7:c8:ff:
f5:1a:e0:2e:ce:e9:82:36:3b:8d:0a:04:a7:3d:b9:
89:88:ec:12:cd:62:ea:c6:ce:6a:11:17:0e:90:c8:
79:7b:e3:a2:75:41:c8:32:b9:a2:81:1a:4d:7c:28:
99:5a:d6:4e:6d:d7:1f:7f:84:b4:0a:ac:2a:6d:10:
76:73:c3:9d:54:ed:90:f8:e1:c9:55:35:57:7d:fc:
90:f3:b4:a4:03:1b:7e:d3:d7:83:90:8a:47:ae:c9:
a1:c0:ce:88:da:95:1f:e7:da:dc:11:1a:38:79:d7:
86:69:9c:91:4c:5a:46:bb:ab:15:f5:6a:b7:29:84:
44:20:4e:6b:f1:98:a3:3d:79:0e:5b:94:37:99:54:
36:17:a0:f5:1a:03:8d:22:75:4b:0e:bc:37:a4:d3:
21:2b:6c:cd:d6:af:94:8f:39:7a:60:7f:35:a9:ef:
6c:2b:f8:74:6a:61:45:58:34:15:35:a0:74:ad:48:
60:be:2b:19:72:8d:a7:ca:57:03:e1:fb:c0:f4:b2:
62:cb:6f:c9:17:da:c3:ef:ab:29:62:1e:41:44:90:
b6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:18:63:EA:61:86:29:86:27:C3:F1:8C:23:DB:2A:85:BF:95:AA:64
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Fxhj6mGGKYYnw_GMI9sqhb-VqmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.126.0/23
81.12.24.0/22
81.12.30.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
87:f5:32:73:43:aa:14:05:17:08:d2:f3:de:6a:46:db:8e:ee:
db:e6:5a:94:74:07:e8:35:a4:5f:76:5e:67:e9:46:5c:3c:0f:
75:97:12:82:be:45:45:d1:58:c2:77:62:9b:92:a1:ef:93:31:
7a:9b:d1:33:9b:ff:a0:82:72:a8:c2:ba:c3:26:a1:38:b0:ac:
6c:55:51:8d:ea:d7:a7:96:64:6b:71:fe:f8:9f:e2:74:a6:8f:
18:d3:30:0b:41:c7:3e:48:ea:76:14:b8:96:e0:dd:6f:35:8f:
84:f3:10:e8:7a:5c:ca:72:0c:37:24:e1:00:7f:a0:e9:5d:b9:
37:da:32:93:4e:3c:49:af:d0:5a:9c:7a:49:a1:10:d4:15:59:
15:56:0e:50:46:00:36:cc:db:31:d7:ce:d5:f9:d5:7c:aa:70:
5a:ce:0f:4d:08:ec:16:c9:8b:a7:56:f2:10:d2:6e:60:73:34:
de:92:39:83:98:66:8c:74:6b:d7:42:51:1f:ea:70:d2:41:fe:
98:f2:ba:50:de:d0:ec:ba:d3:da:a3:0f:9a:f4:a5:50:14:e8:
b4:1e:b5:27:8b:4f:cb:74:de:1c:61:e4:d3:3e:15:fe:0a:78:
38:7c:2a:c4:27:83:6e:d0:da:4c:6c:f1:4c:99:12:3d:2b:57:
81:ea:e7:92
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzKmTkXiaV4/ueFf1TZC5YmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMTAyMTQzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzE4NjNlYTYxODYyOTg2MjdjM2YxOGMyM2RiMmE4NWJmOTVhYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsIL7ayQYGPrBTwT4i1ggDHjfQ/U
ns0lwbXTBAiZVIlFQnuCIl3kUYSnyP/1GuAuzumCNjuNCgSnPbmJiOwSzWLqxs5q
ERcOkMh5e+OidUHIMrmigRpNfCiZWtZObdcff4S0CqwqbRB2c8OdVO2Q+OHJVTVX
ffyQ87SkAxt+09eDkIpHrsmhwM6I2pUf59rcERo4edeGaZyRTFpGu6sV9Wq3KYRE
IE5r8ZijPXkOW5Q3mVQ2F6D1GgONInVLDrw3pNMhK2zN1q+Ujzl6YH81qe9sK/h0
amFFWDQVNaB0rUhgvisZco2nylcD4fvA9LJiy2/JF9rD76spYh5BRJC22wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBcYY+phhimGJ8PxjCPbKoW/lapkMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvRnhoajZtR0dLWVlud19HTUk5c3FoYi1WcW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBPtx+AwQC
UQwYAwQBUQweAwQAV2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3DQEBCwUA
A4IBAQCH9TJzQ6oUBRcI0vPeakbbju7b5lqUdAfoNaRfdl5n6UZcPA91lxKCvkVF
0VjCd2KbkqHvkzF6m9Ezm/+ggnKowrrDJqE4sKxsVVGN6tenlmRrcf74n+J0po8Y
0zALQcc+SOp2FLiW4N1vNY+E8xDoelzKcgw3JOEAf6DpXbk32jKTTjxJr9BanHpJ
oRDUFVkVVg5QRgA2zNsx187V+dV8qnBazg9NCOwWyYunVvIQ0m5gczTekjmDmGaM
dGvXQlEf6nDSQf6Y8rpQ3tDsutPaow+a9KVQFOi0HrUni0/LdN4cYeTTPhX+Cng4
fCrEJ4Nu0NpMbPFMmRI9K1eB6ueS
-----END CERTIFICATE-----
Generated at Fri May 17 02:20:24 2024 by rpki-client on console-ams.rpki-client.org