Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/_fhUbCtmu2MtAVzsMdC5490S86k.roa
File: _fhUbCtmu2MtAVzsMdC5490S86k.roa (raw, json)
Hash identifier: tORKnN/8xDKZkcdqhmM+Gwfv0tIBCycIxlDkspHoZ4I=
Subject key identifier: FD:F8:54:6C:2B:66:BB:63:2D:01:5C:EC:31:D0:B9:E3:DD:12:F3:A9
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 018D7316E330BF0233F8BDC74F6348EF666D
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/_fhUbCtmu2MtAVzsMdC5490S86k.roa
Signing time: Sun 04 Feb 2024 07:48:16 +0000
ROA not before: Sun 04 Feb 2024 07:48:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8376
IP address blocks: 37.202.64.0/18 maxlen: 24
46.185.128.0/17 maxlen: 24
79.173.192.0/18 maxlen: 24
86.108.0.0/17 maxlen: 24
92.253.0.0/17 maxlen: 24
94.249.0.0/17 maxlen: 24
149.200.128.0/17 maxlen: 24
149.200.136.0/24 maxlen: 24
185.98.220.0/22 maxlen: 24
194.165.128.0/19 maxlen: 24
213.186.160.0/19 maxlen: 24
217.23.32.0/20 maxlen: 24
2a01:9700::/29 maxlen: 48
2a01:9700::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:73:16:e3:30:bf:02:33:f8:bd:c7:4f:63:48:ef:66:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Feb 4 07:48:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdf8546c2b66bb632d015cec31d0b9e3dd12f3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cb:a4:41:a4:8a:c7:f7:85:51:df:96:c5:a3:
2b:ec:65:28:b3:49:de:24:60:a2:2d:36:a3:e4:45:
43:d9:5c:6e:d3:20:30:cc:d8:94:17:6c:46:47:d7:
a3:25:9d:fd:30:c8:ba:21:9b:01:10:b4:f2:15:0f:
1c:b5:d2:f6:28:25:89:43:24:e3:51:c6:7d:22:b4:
8c:44:87:4a:09:39:94:c1:66:ef:09:39:72:59:aa:
7c:42:04:34:12:c5:72:23:2d:74:5a:58:98:8a:77:
b1:ad:40:e3:e1:08:62:82:f2:93:89:2b:c6:bc:2d:
8d:19:68:87:97:28:55:81:00:4e:33:ce:07:74:84:
67:10:e3:48:08:ce:04:0e:a9:e1:0d:2f:1c:a0:a5:
ff:e7:c6:4c:3a:a9:8a:bf:46:d0:5d:f0:32:e2:01:
67:f4:33:14:8b:1c:67:20:c5:1d:16:4a:7d:29:a0:
bf:82:e7:ee:0e:51:41:4b:ea:4e:48:58:c7:6e:4b:
ce:7f:2d:cf:98:7b:42:eb:80:67:5a:8e:29:07:2e:
41:e7:5b:12:dd:e1:f0:ec:bc:95:4c:d0:ad:65:fe:
cd:8f:0e:7b:33:12:4b:f7:a2:8b:ed:0d:5e:ea:39:
1b:1e:a9:79:25:7b:e8:e6:3b:17:63:ab:24:c6:df:
70:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F8:54:6C:2B:66:BB:63:2D:01:5C:EC:31:D0:B9:E3:DD:12:F3:A9
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/_fhUbCtmu2MtAVzsMdC5490S86k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.64.0/18
46.185.128.0/17
79.173.192.0/18
86.108.0.0/17
92.253.0.0/17
94.249.0.0/17
149.200.128.0/17
185.98.220.0/22
194.165.128.0/19
213.186.160.0/19
217.23.32.0/20
IPv6:
2a01:9700::/29
Signature Algorithm: sha256WithRSAEncryption
41:3e:24:64:ec:e5:cb:b5:dd:db:fd:44:eb:15:62:86:d2:d8:
4b:81:5e:17:7c:f1:8a:8c:a6:dd:c8:5c:0e:a4:73:61:d0:2a:
3a:bd:8f:e0:0a:93:61:2a:7f:91:47:fb:10:4c:67:6d:81:26:
13:ee:05:34:7f:81:ab:ca:e6:35:24:f1:6e:e8:24:06:c5:4a:
fb:ae:80:a5:b5:e0:61:f1:e5:ce:9a:53:68:bf:ec:a5:b2:ae:
3f:f9:07:42:0c:6d:f7:0a:a3:63:a9:a1:8d:1a:76:3a:5e:b5:
53:51:e6:43:23:c9:30:ae:1d:b6:c7:24:02:4f:20:19:36:5b:
af:e3:1a:ab:9f:db:ef:2a:6a:98:f3:ef:ce:4c:99:03:49:ea:
5a:d6:4b:11:30:8f:d0:41:db:15:a9:83:6b:08:88:ee:97:13:
63:25:b6:98:05:7e:58:d1:86:a4:47:d6:42:7b:63:4c:2b:a5:
ae:17:e7:ba:c7:d1:6d:42:8b:46:2b:df:fc:3a:e8:e9:64:d4:
b9:d6:4c:ac:f4:9d:10:ef:9b:e2:41:d2:a0:10:8a:59:f3:b0:
da:a7:35:5c:06:25:1b:2f:02:5d:81:91:78:e9:8f:83:4a:9e:
14:90:6f:0a:ff:f9:d5:e5:8d:7b:d0:0b:19:da:92:7d:54:cb:
ed:2a:73:ff
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY1zFuMwvwIz+L3HT2NI72ZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUz
NmNiYzYwHhcNMjQwMjA0MDc0ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGY4NTQ2YzJiNjZiYjYzMmQwMTVjZWMzMWQwYjllM2RkMTJmM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsukQaSKx/eFUd+WxaMr7GUos0ne
JGCiLTaj5EVD2Vxu0yAwzNiUF2xGR9ejJZ39MMi6IZsBELTyFQ8ctdL2KCWJQyTj
UcZ9IrSMRIdKCTmUwWbvCTlyWap8QgQ0EsVyIy10WliYinexrUDj4QhigvKTiSvG
vC2NGWiHlyhVgQBOM84HdIRnEONICM4EDqnhDS8coKX/58ZMOqmKv0bQXfAy4gFn
9DMUixxnIMUdFkp9KaC/gufuDlFBS+pOSFjHbkvOfy3PmHtC64BnWo4pBy5B51sS
3eHw7LyVTNCtZf7Njw57MxJL96KL7Q1e6jkbHql5JXvo5jsXY6skxt9wUwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFP34VGwrZrtjLQFc7DHQuePdEvOpMB8GA1UdIwQY
MBaAFFbQ47KPK+M+xanSygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMt
OGI4ZDcyMTcyMDkwLzEvX2ZoVWJDdG11Mk10QVZ6c01kQzU0OTBTODZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkw
LzEvVnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQGJcpAAwQH
LrmAAwQGT63AAwQHVmwAAwQHXP0AAwQHXvkAAwQHlciAAwQCuWLcAwQFwqWAAwQF
1bqgAwQE2RcgMA0EAgACMAcDBQMqAZcAMA0GCSqGSIb3DQEBCwUAA4IBAQBBPiRk
7OXLtd3b/UTrFWKG0thLgV4XfPGKjKbdyFwOpHNh0Co6vY/gCpNhKn+RR/sQTGdt
gSYT7gU0f4GryuY1JPFu6CQGxUr7roClteBh8eXOmlNov+ylsq4/+QdCDG33CqNj
qaGNGnY6XrVTUeZDI8kwrh22xyQCTyAZNluv4xqrn9vvKmqY8+/OTJkDSepa1ksR
MI/QQdsVqYNrCIjulxNjJbaYBX5Y0YakR9ZCe2NMK6WuF+e6x9FtQotGK9/8Oujp
ZNS51kys9J0Q75viQdKgEIpZ87DapzVcBiUbLwJdgZF46Y+DSp4UkG8K//nV5Y17
0AsZ2pJ9VMvtKnP/
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:36:59 2024 by rpki-client on console-fra.rpki-client.org