Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/FC3fxKgdiY9D6phK2Z2f28cri94.roa
File: FC3fxKgdiY9D6phK2Z2f28cri94.roa (raw, json)
Hash identifier: 7lmKxHWmoQEWgSeUzyRIBKOHwRim5dq+d6ytsGJUXVg=
Subject key identifier: 14:2D:DF:C4:A8:1D:89:8F:43:EA:98:4A:D9:9D:9F:DB:C7:2B:8B:DE
Certificate issuer: /CN=98901c7cffd19a4fea78f79b1004999266dcc224
Certificate serial: 0190175350719E023433A4F400BBD8147039
Authority key identifier: 98:90:1C:7C:FF:D1:9A:4F:EA:78:F7:9B:10:04:99:92:66:DC:C2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJAcfP_Rmk_qePebEASZkmbcwiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/FC3fxKgdiY9D6phK2Z2f28cri94.roa
Signing time: Fri 14 Jun 2024 15:17:34 +0000
ROA not before: Fri 14 Jun 2024 15:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39122
IP address blocks: 91.210.232.0/22 maxlen: 22
193.36.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/mJAcfP_Rmk_qePebEASZkmbcwiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/mJAcfP_Rmk_qePebEASZkmbcwiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/mJAcfP_Rmk_qePebEASZkmbcwiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:17:53:50:71:9e:02:34:33:a4:f4:00:bb:d8:14:70:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98901c7cffd19a4fea78f79b1004999266dcc224
Validity
Not Before: Jun 14 15:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=142ddfc4a81d898f43ea984ad99d9fdbc72b8bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:85:aa:99:9b:b3:4c:4d:d3:0b:45:a2:8d:c8:
67:9a:d0:af:22:ef:6c:0e:3b:c5:b2:a7:20:b2:84:
b6:46:1f:42:c8:5c:bb:16:2a:4f:c2:f8:f7:aa:06:
31:15:ff:09:01:4a:e9:a1:c4:71:14:25:6a:b8:4c:
37:b1:9e:74:f0:45:ce:27:33:7d:25:8a:70:a7:6e:
67:92:a7:98:b1:a6:6a:88:3c:fb:2c:d0:d6:e2:09:
56:f5:9c:d7:34:75:65:c9:50:67:82:5a:cc:b2:c5:
d3:e9:60:28:73:f1:5f:c1:f4:fd:93:9f:9a:e0:18:
23:03:c0:25:e5:7b:5a:e3:16:6c:3c:30:ea:4a:19:
cb:04:8c:14:14:77:57:5e:9c:2e:8d:27:3d:cc:da:
a7:37:9e:2a:66:6b:76:5b:d1:15:c5:76:ec:67:8e:
42:d2:ce:26:ff:8e:cc:b4:40:0c:3b:e2:0a:45:69:
98:f9:39:28:e2:02:8f:67:8f:29:c7:85:9f:8f:cd:
bc:ed:78:44:da:68:f8:8b:97:52:d8:f0:55:9a:42:
ce:2f:30:07:7a:b2:a9:24:26:6b:34:2f:22:d0:d7:
ca:34:12:d5:0f:a5:5e:ab:72:35:40:64:a2:78:a9:
1d:00:40:67:cf:f8:8b:b1:2d:62:c7:f4:b1:54:6e:
74:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2D:DF:C4:A8:1D:89:8F:43:EA:98:4A:D9:9D:9F:DB:C7:2B:8B:DE
X509v3 Authority Key Identifier:
keyid:98:90:1C:7C:FF:D1:9A:4F:EA:78:F7:9B:10:04:99:92:66:DC:C2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJAcfP_Rmk_qePebEASZkmbcwiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/FC3fxKgdiY9D6phK2Z2f28cri94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/e20c95-0f92-4598-96df-cbc2797c1d0a/1/mJAcfP_Rmk_qePebEASZkmbcwiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.232.0/22
193.36.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:2a:30:d8:64:f8:d0:86:98:cd:96:20:9b:07:cf:ac:15:dc:
0a:51:a9:2f:06:f5:3c:96:5d:3c:9d:2d:e0:b9:89:ed:b5:17:
e6:81:b4:d4:c7:29:ef:dd:42:17:6e:b9:5c:37:2c:40:cf:13:
09:3e:9f:f1:31:bb:be:b4:2e:7e:c0:32:80:fd:88:d1:3c:90:
2b:9a:58:91:5d:4f:79:5b:37:63:6d:14:78:ef:82:2b:e6:e0:
9c:82:69:49:b8:8a:e8:a6:7c:52:8d:60:75:95:66:2b:31:a1:
c3:b5:02:5e:44:a6:39:4c:a7:10:fd:3e:47:f5:f3:23:f2:b6:
5a:c0:fb:97:cc:71:f0:86:35:70:9f:76:b2:c1:4e:6f:c1:04:
1f:02:0d:be:1d:5a:b8:3a:dc:fa:dc:ec:8e:56:0e:5f:6e:a1:
e3:8e:e0:3e:34:18:1a:f3:e6:65:49:28:ff:81:ca:10:a2:33:
5b:50:ef:37:83:49:5b:63:2b:6d:59:6b:67:f2:25:4f:03:5a:
c7:9e:c0:29:99:65:ff:ed:24:70:a9:a8:a5:86:05:e4:19:f3:
d7:7c:d3:19:08:0a:b8:fd:b5:06:d8:88:27:c0:f4:61:7c:62:
d8:72:9e:5f:1a:ff:b0:ce:e5:e5:39:7a:9b:01:61:58:de:6d:
22:35:49:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAXU1BxngI0M6T0ALvYFHA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTAxYzdjZmZkMTlhNGZlYTc4Zjc5YjEwMDQ5OTkyNjZk
Y2MyMjQwHhcNMjQwNjE0MTUxNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDJkZGZjNGE4MWQ4OThmNDNlYTk4NGFkOTlkOWZkYmM3MmI4YmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YWqmZuzTE3TC0WijchnmtCvIu9s
DjvFsqcgsoS2Rh9CyFy7FipPwvj3qgYxFf8JAUrpocRxFCVquEw3sZ508EXOJzN9
JYpwp25nkqeYsaZqiDz7LNDW4glW9ZzXNHVlyVBnglrMssXT6WAoc/FfwfT9k5+a
4BgjA8Al5Xta4xZsPDDqShnLBIwUFHdXXpwujSc9zNqnN54qZmt2W9EVxXbsZ45C
0s4m/47MtEAMO+IKRWmY+Tko4gKPZ48px4Wfj8287XhE2mj4i5dS2PBVmkLOLzAH
erKpJCZrNC8i0NfKNBLVD6Veq3I1QGSieKkdAEBnz/iLsS1ix/SxVG50eQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBQt38SoHYmPQ+qYStmdn9vHK4veMB8GA1UdIwQY
MBaAFJiQHHz/0ZpP6nj3mxAEmZJm3MIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpBY2ZQX1Jta19xZVBlYkVBU1prbWJjd2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9lMjBjOTUtMGY5Mi00NTk4LTk2ZGYt
Y2JjMjc5N2MxZDBhLzEvRkMzZnhLZ2RpWTlENnBoSzJaMmYyOGNyaTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9lMjBjOTUtMGY5Mi00NTk4LTk2ZGYtY2JjMjc5N2MxZDBh
LzEvbUpBY2ZQX1Jta19xZVBlYkVBU1prbWJjd2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9LoAwQA
wSQrMA0GCSqGSIb3DQEBCwUAA4IBAQBfKjDYZPjQhpjNliCbB8+sFdwKUakvBvU8
ll08nS3guYnttRfmgbTUxynv3UIXbrlcNyxAzxMJPp/xMbu+tC5+wDKA/YjRPJAr
mliRXU95WzdjbRR474Ir5uCcgmlJuIropnxSjWB1lWYrMaHDtQJeRKY5TKcQ/T5H
9fMj8rZawPuXzHHwhjVwn3aywU5vwQQfAg2+HVq4Otz63OyOVg5fbqHjjuA+NBga
8+ZlSSj/gcoQojNbUO83g0lbYyttWWtn8iVPA1rHnsApmWX/7SRwqailhgXkGfPX
fNMZCAq4/bUG2IgnwPRhfGLYcp5fGv+wzuXlOXqbAWFY3m0iNUk6
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:51 2024 by rpki-client on console-fra.rpki-client.org