Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Fnh83GP0yq6CkozT9XORnvIuRhQ.roa
File: Fnh83GP0yq6CkozT9XORnvIuRhQ.roa (raw, json)
Hash identifier: fgDE+bwGAyU78EyVU85Y6lJE6LjDXTSsKFraZ6OULz4=
Subject key identifier: 16:78:7C:DC:63:F4:CA:AE:82:92:8C:D3:F5:73:91:9E:F2:2E:46:14
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018CC727706F515E11DEFD82E2F44F449895
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Fnh83GP0yq6CkozT9XORnvIuRhQ.roa
Signing time: Mon 01 Jan 2024 22:31:39 +0000
ROA not before: Mon 01 Jan 2024 22:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211985
IP address blocks: 157.25.143.0/24 maxlen: 24
157.25.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 19:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:70:6f:51:5e:11:de:fd:82:e2:f4:4f:44:98:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 22:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16787cdc63f4caae82928cd3f573919ef22e4614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:67:81:ae:ef:80:c2:52:4c:e4:b6:69:93:7f:
2f:6e:5e:d0:de:99:53:f8:d9:3a:18:eb:a0:41:ec:
27:5b:b4:4a:b5:ac:f0:46:2b:60:57:f6:45:d5:07:
15:86:c8:66:40:52:1f:c9:dd:8b:e2:67:ef:e3:a6:
bb:9e:af:54:54:42:61:c9:f4:14:52:52:9f:0c:4d:
00:51:b1:a2:11:84:7d:6e:a6:36:29:71:15:88:bc:
20:e2:ff:b2:5b:d1:35:7c:0e:f9:84:cf:50:f4:2c:
b2:2e:25:98:34:74:72:12:db:a0:40:e6:9e:a4:6c:
aa:43:d1:f8:6b:e6:d2:43:5e:2d:89:11:fc:38:54:
a6:c4:f2:6a:34:43:d2:94:db:29:da:50:83:06:9e:
b9:3f:49:47:e4:38:6b:91:b2:80:a5:1f:f9:68:c1:
e6:42:93:cb:46:7b:9f:b3:0f:02:24:ab:d5:6c:34:
98:68:eb:fa:c3:7b:2b:19:91:63:77:80:40:ca:14:
aa:96:dd:91:08:91:6d:09:80:c1:c5:a6:de:d7:38:
a5:ee:f3:0f:1a:2c:ce:16:9a:69:a2:f5:86:fa:2f:
47:25:81:3d:ab:21:f6:7e:34:11:35:be:9e:8a:c8:
e8:dd:9b:46:30:98:4c:f1:d6:e0:5b:01:f3:a8:fe:
95:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:78:7C:DC:63:F4:CA:AE:82:92:8C:D3:F5:73:91:9E:F2:2E:46:14
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Fnh83GP0yq6CkozT9XORnvIuRhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.143.0/24
157.25.172.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fa:c2:9e:61:b0:e8:e6:bd:41:34:d1:23:46:a2:3e:14:35:
2a:2a:96:de:33:46:57:d2:bd:49:a2:17:4f:30:8f:d7:19:73:
20:2a:14:04:75:2d:6f:ca:fa:41:03:99:56:db:a0:41:d8:85:
09:a7:2d:36:1e:d6:5a:a0:5c:a1:5d:85:de:51:6a:1a:f5:6f:
66:bc:17:f2:15:af:50:af:01:95:4a:b2:46:a7:df:9a:7c:fc:
26:f9:b4:28:8e:e6:39:3d:9c:83:ef:d6:18:6d:54:e2:1e:f9:
97:4b:e7:96:03:a5:de:90:90:46:ba:68:c4:6d:64:d4:62:2c:
95:38:72:0c:19:2a:42:a4:91:a3:50:84:ac:1d:16:6c:19:0c:
45:ee:5c:48:fb:76:2b:da:1a:3b:88:d1:4d:d6:da:28:8b:05:
ef:f0:52:fd:1a:05:4f:f9:3e:a6:7c:5c:84:8a:02:05:14:d0:
3d:2b:3b:37:1a:50:e7:06:1b:91:7d:2f:5f:39:41:67:eb:00:
20:c7:54:43:9a:e2:7d:02:a0:7a:ff:6e:fb:f3:90:8a:68:11:
3d:5b:1f:42:86:c9:c9:42:69:5c:72:18:89:a8:4e:9d:ae:c1:
e9:9b:12:41:ca:d9:7f:da:43:09:ec:a5:da:ec:af:20:6c:ac:
a4:67:80:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ3BvUV4R3v2C4vRPRJiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjQwMTAxMjIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjc4N2NkYzYzZjRjYWFlODI5MjhjZDNmNTczOTE5ZWYyMmU0NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2eBru+AwlJM5LZpk38vbl7Q3plT
+Nk6GOugQewnW7RKtazwRitgV/ZF1QcVhshmQFIfyd2L4mfv46a7nq9UVEJhyfQU
UlKfDE0AUbGiEYR9bqY2KXEViLwg4v+yW9E1fA75hM9Q9CyyLiWYNHRyEtugQOae
pGyqQ9H4a+bSQ14tiRH8OFSmxPJqNEPSlNsp2lCDBp65P0lH5DhrkbKApR/5aMHm
QpPLRnufsw8CJKvVbDSYaOv6w3srGZFjd4BAyhSqlt2RCJFtCYDBxabe1zil7vMP
GizOFpppovWG+i9HJYE9qyH2fjQRNb6eisjo3ZtGMJhM8dbgWwHzqP6VjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBZ4fNxj9MqugpKM0/VzkZ7yLkYUMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvRm5oODNHUDB5cTZDa296VDlYT1Judkl1UmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnRmPAwQA
nRmsMA0GCSqGSIb3DQEBCwUAA4IBAQAP+sKeYbDo5r1BNNEjRqI+FDUqKpbeM0ZX
0r1JohdPMI/XGXMgKhQEdS1vyvpBA5lW26BB2IUJpy02HtZaoFyhXYXeUWoa9W9m
vBfyFa9QrwGVSrJGp9+afPwm+bQojuY5PZyD79YYbVTiHvmXS+eWA6XekJBGumjE
bWTUYiyVOHIMGSpCpJGjUISsHRZsGQxF7lxI+3Yr2ho7iNFN1tooiwXv8FL9GgVP
+T6mfFyEigIFFNA9Kzs3GlDnBhuRfS9fOUFn6wAgx1RDmuJ9AqB6/27785CKaBE9
Wx9ChsnJQmlcchiJqE6drsHpmxJBytl/2kMJ7KXa7K8gbKykZ4B+
-----END CERTIFICATE-----
Generated at Mon May 20 01:56:05 2024 by rpki-client on console-fra.rpki-client.org