Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ftdL-eatNgFHDtxcThMb4SLAI8Y.roa
File: ftdL-eatNgFHDtxcThMb4SLAI8Y.roa (raw, json)
Hash identifier: Wf5dpolK83zspMxH8pKjM6kaCBgIuxwK04WSPmyYeDg=
Subject key identifier: 7E:D7:4B:F9:E6:AD:36:01:47:0E:DC:5C:4E:13:1B:E1:22:C0:23:C6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50118B80211BAE1AE46F139E5B5584D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ftdL-eatNgFHDtxcThMb4SLAI8Y.roa
Signing time: Mon 01 Jan 2024 12:30:32 +0000
ROA not before: Mon 01 Jan 2024 12:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60064
IP address blocks: 89.40.160.0/24 maxlen: 24
89.33.14.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
45.129.132.0/24 maxlen: 24
45.129.133.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
89.46.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:18:b8:02:11:ba:e1:ae:46:f1:39:e5:b5:58:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ed74bf9e6ad3601470edc5c4e131be122c023c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5e:35:be:cb:d1:b8:37:e6:bd:ea:89:08:92:
f5:0b:a9:02:f2:77:e0:da:6b:06:2a:d3:be:e2:3a:
12:4d:1e:21:45:05:96:71:cb:42:68:ba:30:eb:31:
f6:eb:a1:de:25:f1:a0:7d:36:2c:8e:b7:ae:0f:dd:
2f:c6:8b:1a:fc:20:90:2a:a7:3c:29:70:bf:6f:18:
dd:4f:36:aa:48:a8:3d:7f:4f:b5:79:20:77:a2:47:
f2:e8:db:02:9b:f4:b9:91:2f:fd:94:5f:cf:3e:23:
00:fa:3d:4e:21:5e:ba:5f:d8:5b:b8:3c:ac:ff:b4:
c9:3b:8e:13:6d:8d:34:69:2e:44:53:43:c3:41:8c:
2a:db:97:35:a9:a9:a1:5e:2a:1f:e5:62:30:9c:85:
6a:73:35:bf:87:62:1b:83:e2:34:7b:93:68:34:01:
83:d5:4b:2a:b4:6e:a0:03:24:08:63:cf:46:69:ec:
82:55:b3:67:f7:56:e1:69:80:ef:a6:56:83:17:cf:
f3:8a:5b:ea:f4:21:0a:cb:f1:7c:c4:d3:76:34:96:
4f:7a:ee:63:8f:80:14:8c:85:ed:f2:a1:9a:31:2d:
d4:5a:6c:28:a7:85:4b:73:a3:31:32:7c:41:03:9c:
5b:31:7e:2b:c2:37:9f:da:ba:02:b9:ea:18:a9:aa:
c7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D7:4B:F9:E6:AD:36:01:47:0E:DC:5C:4E:13:1B:E1:22:C0:23:C6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ftdL-eatNgFHDtxcThMb4SLAI8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.132.0/23
89.33.14.0/24
89.40.160.0/24
89.46.92.0/24
93.114.246.0/24
188.214.27.0/24
Signature Algorithm: sha256WithRSAEncryption
86:57:f8:8b:c3:02:fc:98:8a:66:c1:1a:06:2e:ad:87:e1:a7:
07:49:d8:9b:85:20:a3:a5:c0:ef:70:36:ca:bc:f9:1b:8c:f7:
16:e2:3e:fc:db:38:ec:76:d2:9b:0f:4d:4b:96:f4:13:f5:67:
8c:7d:5a:fe:6d:a5:eb:d0:d4:dd:c9:a5:03:50:db:43:0a:6e:
6d:cc:3e:9d:19:93:d8:00:27:9b:46:a1:e3:6b:bb:f8:ab:a4:
3d:85:06:a5:c8:80:fe:8a:f6:a2:03:de:03:d7:e0:a3:ba:7c:
4c:fc:df:a5:88:da:49:4d:fc:82:de:e4:17:31:34:ed:1d:e4:
b7:cc:f4:c9:6b:b1:a0:d0:cb:76:13:c1:67:2e:2e:96:5d:25:
4c:79:8b:ea:e6:2c:ab:49:a2:ef:63:de:aa:7b:0d:e6:2b:5f:
a7:dd:f0:f8:f8:c6:62:ff:18:f5:0b:4f:b3:e4:e8:8e:83:51:
15:48:3f:fa:cc:05:f1:f9:80:a5:07:c0:0b:2b:89:bd:1f:4c:
eb:5c:9d:0c:9a:cd:57:df:1d:60:43:81:7f:67:99:6d:58:75:
f6:4d:14:ff:7c:a0:06:62:ef:3a:9a:74:c0:a8:03:c2:00:79:
b6:21:14:31:a3:31:30:52:4f:35:bc:89:d3:13:5b:c9:46:89:
69:f0:10:f5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFARi4AhG64a5G8TnltVhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWQ3NGJmOWU2YWQzNjAxNDcwZWRjNWM0ZTEzMWJlMTIyYzAyM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk141vsvRuDfmveqJCJL1C6kC8nfg
2msGKtO+4joSTR4hRQWWcctCaLow6zH266HeJfGgfTYsjreuD90vxosa/CCQKqc8
KXC/bxjdTzaqSKg9f0+1eSB3okfy6NsCm/S5kS/9lF/PPiMA+j1OIV66X9hbuDys
/7TJO44TbY00aS5EU0PDQYwq25c1qamhXiof5WIwnIVqczW/h2Ibg+I0e5NoNAGD
1UsqtG6gAyQIY89GaeyCVbNn91bhaYDvplaDF8/zilvq9CEKy/F8xNN2NJZPeu5j
j4AUjIXt8qGaMS3UWmwop4VLc6MxMnxBA5xbMX4rwjef2roCueoYqarHWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH7XS/nmrTYBRw7cXE4TG+EiwCPGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZnRkTC1lYXROZ0ZIRHR4Y1RoTWI0U0xBSThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLYGEAwQA
WSEOAwQAWSigAwQAWS5cAwQAXXL2AwQAvNYbMA0GCSqGSIb3DQEBCwUAA4IBAQCG
V/iLwwL8mIpmwRoGLq2H4acHSdibhSCjpcDvcDbKvPkbjPcW4j782zjsdtKbD01L
lvQT9WeMfVr+baXr0NTdyaUDUNtDCm5tzD6dGZPYACebRqHja7v4q6Q9hQalyID+
ivaiA94D1+CjunxM/N+liNpJTfyC3uQXMTTtHeS3zPTJa7Gg0Mt2E8FnLi6WXSVM
eYvq5iyrSaLvY96qew3mK1+n3fD4+MZi/xj1C0+z5OiOg1EVSD/6zAXx+YClB8AL
K4m9H0zrXJ0Mms1X3x1gQ4F/Z5ltWHX2TRT/fKAGYu86mnTAqAPCAHm2IRQxozEw
Uk81vInTE1vJRolp8BD1
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:02:22 2024 by rpki-client on console-ams.rpki-client.org