Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a12e1c-1b10-4938-96d3-7bed26743bcc/1/iGFigVreO2ICYjtUJtEHHqPrkgA.roa
File: iGFigVreO2ICYjtUJtEHHqPrkgA.roa (raw, json)
Hash identifier: 8Gq6CK2LoCC8Gk/BJ6JhZNomLj1QWgj351PaHtxRE+0=
Subject key identifier: 88:61:62:81:5A:DE:3B:62:02:62:3B:54:26:D1:07:1E:A3:EB:92:00
Certificate issuer: /CN=fdc680ee1b27c3a6f07013c8fc25ebff0c67fb9d
Certificate serial: 018CC42552E19B6A6A29152484A1796F0090
Authority key identifier: FD:C6:80:EE:1B:27:C3:A6:F0:70:13:C8:FC:25:EB:FF:0C:67:FB:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_caA7hsnw6bwcBPI_CXr_wxn-50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/a12e1c-1b10-4938-96d3-7bed26743bcc/1/iGFigVreO2ICYjtUJtEHHqPrkgA.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 194.147.229.0/24 maxlen: 24
2001:67c:c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/a12e1c-1b10-4938-96d3-7bed26743bcc/1/_caA7hsnw6bwcBPI_CXr_wxn-50.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/a12e1c-1b10-4938-96d3-7bed26743bcc/1/_caA7hsnw6bwcBPI_CXr_wxn-50.mft
rsync://rpki.ripe.net/repository/DEFAULT/_caA7hsnw6bwcBPI_CXr_wxn-50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:52:e1:9b:6a:6a:29:15:24:84:a1:79:6f:00:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdc680ee1b27c3a6f07013c8fc25ebff0c67fb9d
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=886162815ade3b6202623b5426d1071ea3eb9200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:de:9f:0b:fb:02:5e:67:cf:4e:f1:cb:aa:92:
75:0a:97:c1:1c:a8:82:de:19:8a:25:5f:4b:2e:94:
b8:d9:de:c2:a2:b6:ac:60:7f:d7:9d:ac:2e:19:4a:
13:6d:91:a8:93:0c:67:69:9c:cf:1e:30:fa:dc:55:
0c:e5:0b:17:14:54:a5:5b:c0:3f:5d:b8:d7:b6:dd:
69:2e:f3:a5:0d:76:3a:4e:46:4c:2d:02:d6:3c:19:
b2:c6:af:08:8f:84:79:1e:06:f9:f0:6a:17:7d:97:
b9:ea:81:00:89:76:a0:70:ca:58:fd:47:b0:08:95:
a4:7d:aa:0d:70:b1:f7:e9:c4:f0:f4:5c:94:8b:14:
b3:66:55:45:af:55:4d:b4:d6:7b:3c:95:6f:1a:7d:
22:65:29:77:d2:e4:7d:f6:d1:de:68:20:d6:e8:f2:
6c:50:0c:b6:89:c5:7d:83:7c:5e:5c:18:b3:14:1e:
60:6e:44:58:72:f3:61:94:3d:9d:c4:97:a6:59:5d:
19:9d:60:ab:10:56:b2:22:bf:bc:bc:06:28:8c:29:
6d:d6:fb:51:ed:6b:a1:09:46:96:0c:97:2a:bb:27:
ca:cd:ba:f7:21:38:e8:f3:01:9c:de:a3:36:75:5a:
05:65:13:26:43:4c:87:b0:ab:2b:b5:c8:83:9e:86:
3a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:61:62:81:5A:DE:3B:62:02:62:3B:54:26:D1:07:1E:A3:EB:92:00
X509v3 Authority Key Identifier:
keyid:FD:C6:80:EE:1B:27:C3:A6:F0:70:13:C8:FC:25:EB:FF:0C:67:FB:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_caA7hsnw6bwcBPI_CXr_wxn-50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a12e1c-1b10-4938-96d3-7bed26743bcc/1/iGFigVreO2ICYjtUJtEHHqPrkgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a12e1c-1b10-4938-96d3-7bed26743bcc/1/_caA7hsnw6bwcBPI_CXr_wxn-50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.229.0/24
IPv6:
2001:67c:c0::/48
Signature Algorithm: sha256WithRSAEncryption
01:c3:2e:02:4c:a8:88:b2:8f:90:1a:7f:44:c7:7c:b0:ad:40:
99:b9:d8:5d:be:0c:ea:d3:4c:49:6b:8e:e7:dc:01:98:08:f9:
b3:cd:10:a4:c8:f7:c9:dd:c7:9e:0d:e3:a0:16:49:c9:f6:4e:
cc:a5:68:7a:f0:48:6d:8c:f7:b2:c0:10:fe:82:a5:c9:70:e1:
39:65:a6:2c:de:f4:e1:b5:ab:b9:fa:4a:2b:bd:62:bd:90:22:
e5:ae:df:08:6d:6f:8f:39:e5:0f:45:6d:8e:6a:30:a2:3c:f9:
6c:2b:72:4d:94:84:9e:84:85:e3:6e:85:f6:b5:70:bd:e2:88:
a1:54:44:cc:ae:a1:34:65:a6:dd:b2:2e:47:16:2a:b7:5b:57:
f5:6a:85:9e:08:6f:4b:8f:5b:29:4b:1a:29:f0:60:3b:40:8e:
ad:a5:d2:ea:c0:90:e0:f8:b1:ac:11:b0:f5:5e:47:ff:9a:64:
b4:05:76:e1:b3:95:6b:00:81:77:16:64:1b:14:60:90:9e:5e:
cc:ee:02:ee:0f:cd:4d:9f:fe:41:05:07:7f:9e:39:e6:30:ab:
f4:f2:ed:b8:1a:ce:b5:87:4a:43:43:5d:7b:4c:2c:71:c4:38:
21:58:40:35:00:f0:ce:85:34:af:6b:2e:2f:12:de:fe:9c:97:
ad:c0:92:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJVLhm2pqKRUkhKF5bwCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYzY4MGVlMWIyN2MzYTZmMDcwMTNjOGZjMjVlYmZmMGM2
N2ZiOWQwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODYxNjI4MTVhZGUzYjYyMDI2MjNiNTQyNmQxMDcxZWEzZWI5MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh96fC/sCXmfPTvHLqpJ1CpfBHKiC
3hmKJV9LLpS42d7CorasYH/XnawuGUoTbZGokwxnaZzPHjD63FUM5QsXFFSlW8A/
XbjXtt1pLvOlDXY6TkZMLQLWPBmyxq8Ij4R5Hgb58GoXfZe56oEAiXagcMpY/Uew
CJWkfaoNcLH36cTw9FyUixSzZlVFr1VNtNZ7PJVvGn0iZSl30uR99tHeaCDW6PJs
UAy2icV9g3xeXBizFB5gbkRYcvNhlD2dxJemWV0ZnWCrEFayIr+8vAYojClt1vtR
7WuhCUaWDJcquyfKzbr3ITjo8wGc3qM2dVoFZRMmQ0yHsKsrtciDnoY6zQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIhhYoFa3jtiAmI7VCbRBx6j65IAMB8GA1UdIwQY
MBaAFP3GgO4bJ8Om8HATyPwl6/8MZ/udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2NhQTdoc253NmJ3Y0JQSV9DWHJfd3huLTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMTJlMWMtMWIxMC00OTM4LTk2ZDMt
N2JlZDI2NzQzYmNjLzEvaUdGaWdWcmVPMklDWWp0VUp0RUhIcVBya2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMTJlMWMtMWIxMC00OTM4LTk2ZDMtN2JlZDI2NzQzYmNj
LzEvX2NhQTdoc253NmJ3Y0JQSV9DWHJfd3huLTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwpPlMA8E
AgACMAkDBwAgAQZ8AMAwDQYJKoZIhvcNAQELBQADggEBAAHDLgJMqIiyj5Aaf0TH
fLCtQJm52F2+DOrTTElrjufcAZgI+bPNEKTI98ndx54N46AWScn2TsylaHrwSG2M
97LAEP6Cpclw4Tllpize9OG1q7n6Siu9Yr2QIuWu3whtb4855Q9FbY5qMKI8+Wwr
ck2UhJ6EheNuhfa1cL3iiKFURMyuoTRlpt2yLkcWKrdbV/VqhZ4Ib0uPWylLGinw
YDtAjq2l0urAkOD4sawRsPVeR/+aZLQFduGzlWsAgXcWZBsUYJCeXszuAu4PzU2f
/kEFB3+eOeYwq/Ty7bgazrWHSkNDXXtMLHHEOCFYQDUA8M6FNK9rLi8S3v6cl63A
krU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:55:28 2024 by rpki-client on console-ams.rpki-client.org