Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/1-72TCVw0hhCECmszjRldanTZVK8.roa
File: 1-72TCVw0hhCECmszjRldanTZVK8.roa (raw, json)
Hash identifier: jc0Klewd3hZMGXXLfIKUeROkPr8UVCMvKo2lhSSO678=
Subject key identifier: FB:BD:93:09:5C:34:86:10:84:0A:6B:33:8D:19:5D:6A:74:D9:54:AF
Certificate issuer: /CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Certificate serial: 018DEFBC415967B61980946CE9C1DA82EE88
Authority key identifier: 56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/1-72TCVw0hhCECmszjRldanTZVK8.roa
Signing time: Wed 28 Feb 2024 12:41:48 +0000
ROA not before: Wed 28 Feb 2024 12:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 89.150.63.0/24 maxlen: 24
194.176.117.0/24 maxlen: 24
195.5.104.0/24 maxlen: 24
2a13:14c0::/32 maxlen: 48
2a13:14c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:bc:41:59:67:b6:19:80:94:6c:e9:c1:da:82:ee:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Validity
Not Before: Feb 28 12:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbbd93095c348610840a6b338d195d6a74d954af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f5:41:09:ce:4d:d8:60:b7:63:4d:2e:7e:92:
70:4f:e6:2d:67:18:d1:cb:52:06:34:4b:47:e8:56:
39:02:b6:e5:20:c2:5f:95:74:ea:00:5b:17:4b:75:
70:ca:13:35:a8:3a:56:82:1e:fe:c9:88:87:5e:37:
ed:4c:97:3e:1f:98:e4:45:2e:66:6d:53:ab:e9:5c:
d6:e8:9b:10:52:d4:94:4e:af:58:69:3c:db:41:cb:
bc:15:8d:1c:23:81:22:52:d9:2e:49:5b:e6:fb:5b:
a0:08:8f:93:35:48:1a:44:d8:2f:06:f6:53:14:cb:
47:15:4a:26:ad:31:e2:59:dd:81:bb:f1:92:76:99:
58:3c:17:c0:55:3c:ea:08:d2:c8:20:4c:a2:88:da:
a4:b9:cc:32:40:04:e1:e9:36:b4:1e:e9:c0:00:d3:
55:c4:12:f7:86:49:88:fe:72:59:d6:3f:14:b6:cf:
c0:51:48:fe:e2:60:0a:81:8d:7c:80:82:f3:be:8d:
c8:1c:ec:1c:e3:bc:ab:7c:ef:9b:d1:ad:8e:fc:01:
21:53:88:1e:b4:b2:72:26:4d:03:e6:10:22:d9:4d:
a5:44:78:b9:ed:f1:8b:de:75:07:0c:df:e1:7a:47:
8c:33:8c:4d:09:17:48:12:85:8e:df:ea:d3:a3:8a:
19:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BD:93:09:5C:34:86:10:84:0A:6B:33:8D:19:5D:6A:74:D9:54:AF
X509v3 Authority Key Identifier:
keyid:56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/1-72TCVw0hhCECmszjRldanTZVK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.63.0/24
194.176.117.0/24
195.5.104.0/24
IPv6:
2a13:14c0::/31
Signature Algorithm: sha256WithRSAEncryption
8d:31:0a:f3:87:0e:c5:fe:32:30:cd:ce:20:9d:97:8b:de:18:
a3:3d:fd:ab:38:2c:83:9d:cb:cc:13:bb:96:41:7f:0e:97:8c:
ac:9a:02:19:e5:7b:23:21:30:34:65:3d:2b:8a:39:51:b2:6e:
37:6a:f2:90:5e:5e:8c:82:de:73:c3:8d:6a:c1:3e:8f:cb:23:
14:0b:c7:85:53:0b:2b:90:60:0c:7b:0b:31:b9:85:ae:bf:4d:
2e:5f:73:fd:39:8e:a7:a0:ba:22:fd:57:85:49:13:8c:87:25:
ec:ab:6c:6d:07:c4:5f:6b:98:5d:9f:55:d5:e7:1e:2d:8a:96:
30:1c:9a:60:02:8d:28:17:4d:f2:14:82:83:aa:ff:34:f6:45:
a0:0f:d2:e7:59:30:5c:10:e9:9f:f0:06:76:39:88:d3:0d:41:
cd:17:6c:be:c2:d8:78:55:07:13:e4:f3:04:b5:61:ed:16:a3:
26:b1:da:77:b0:fe:7d:ac:8b:e6:13:4f:72:f4:e7:9a:a5:37:
9a:28:2e:19:62:57:d8:a9:76:6b:f6:9c:a4:8e:0e:31:38:e3:
44:a4:3c:34:de:6f:10:58:a6:58:46:39:23:5a:9a:7c:9f:e1:
93:79:78:81:85:44:a1:31:f9:60:9d:f6:bb:bf:2e:e8:12:b4:
44:d5:d6:d6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY3vvEFZZ7YZgJRs6cHagu6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWQ5YjJjMjI3YjQxM2M1MDU4MTMyOTRmYWFkYjZkYmJj
MmRkNjYwHhcNMjQwMjI4MTI0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmJkOTMwOTVjMzQ4NjEwODQwYTZiMzM4ZDE5NWQ2YTc0ZDk1NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvVBCc5N2GC3Y00ufpJwT+YtZxjR
y1IGNEtH6FY5ArblIMJflXTqAFsXS3VwyhM1qDpWgh7+yYiHXjftTJc+H5jkRS5m
bVOr6VzW6JsQUtSUTq9YaTzbQcu8FY0cI4EiUtkuSVvm+1ugCI+TNUgaRNgvBvZT
FMtHFUomrTHiWd2Bu/GSdplYPBfAVTzqCNLIIEyiiNqkucwyQATh6Ta0HunAANNV
xBL3hkmI/nJZ1j8Uts/AUUj+4mAKgY18gILzvo3IHOwc47yrfO+b0a2O/AEhU4ge
tLJyJk0D5hAi2U2lRHi57fGL3nUHDN/hekeMM4xNCRdIEoWO3+rTo4oZuQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPu9kwlcNIYQhAprM40ZXWp02VSvMB8GA1UdIwQY
MBaAFFatmywie0E8UFgTKU+q2227wt1mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnEyYkxDSjdRVHhRV0JNcFQ2cmJiYnZDM1dZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mZGZmZTMtMDEwZi00YzZhLWJkOTYt
NzE4YjhjN2M5MzM1LzEvMS03MlRDVncwaGhDRUNtc3pqUmxkYW5UWlZLOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmQvZmRmZmUzLTAxMGYtNGM2YS1iZDk2LTcxOGI4YzdjOTMz
NS8xL1ZxMmJMQ0o3UVR4UVdCTXBUNnJiYmJ2QzNXWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAFmWPwME
AMKwdQMEAMMFaDANBAIAAjAHAwUBKhMUwDANBgkqhkiG9w0BAQsFAAOCAQEAjTEK
84cOxf4yMM3OIJ2Xi94Yoz39qzgsg53LzBO7lkF/DpeMrJoCGeV7IyEwNGU9K4o5
UbJuN2rykF5ejILec8ONasE+j8sjFAvHhVMLK5BgDHsLMbmFrr9NLl9z/TmOp6C6
Iv1XhUkTjIcl7KtsbQfEX2uYXZ9V1eceLYqWMByaYAKNKBdN8hSCg6r/NPZFoA/S
51kwXBDpn/AGdjmI0w1BzRdsvsLYeFUHE+TzBLVh7RajJrHad7D+fayL5hNPcvTn
mqU3miguGWJX2Kl2a/acpI4OMTjjRKQ8NN5vEFimWEY5I1qafJ/hk3l4gYVEoTH5
YJ32u78u6BK0RNXW1g==
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:39:46 2024 by rpki-client on console-fra.rpki-client.org