Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/FZEkFuMqSBRntbImyjyZghDyuWQ.roa
File: FZEkFuMqSBRntbImyjyZghDyuWQ.roa (raw, json)
Hash identifier: /3J6RLL5TaJlsI7MAiHuaRBYdlP3F/vAuXmxyqitWLo=
Subject key identifier: 15:91:24:16:E3:2A:48:14:67:B5:B2:26:CA:3C:99:82:10:F2:B9:64
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 018CCA2A1C2BEECB12B2FB0C5B5086C2C180
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/FZEkFuMqSBRntbImyjyZghDyuWQ.roa
Signing time: Tue 02 Jan 2024 12:33:26 +0000
ROA not before: Tue 02 Jan 2024 12:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48314
IP address blocks: 45.89.140.0/22 maxlen: 24
45.85.216.0/22 maxlen: 24
2a0e:cb80::/29 maxlen: 29
2a12:3e80:400::/48 maxlen: 48
2a12:3e80:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:1c:2b:ee:cb:12:b2:fb:0c:5b:50:86:c2:c1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Jan 2 12:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15912416e32a481467b5b226ca3c998210f2b964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6e:f8:c3:7f:39:12:49:da:7d:b5:59:bb:77:
ec:0c:dd:2e:f6:ef:6b:7f:9c:b0:29:d3:5a:ef:6b:
01:01:12:8c:f8:5c:50:35:dc:3d:fa:63:51:36:ec:
6a:26:17:60:e9:69:8c:a6:8e:09:95:a5:d0:20:ac:
68:35:32:a7:db:4c:89:b6:91:d8:cb:2d:97:ef:ce:
42:68:d2:e8:94:58:0f:8c:73:42:e9:c9:23:df:0a:
56:6a:4d:2f:ad:7e:24:20:80:93:25:41:03:77:71:
76:0b:82:a7:77:7a:09:f0:5e:46:63:f8:b3:f3:92:
a8:58:2d:e1:ae:2c:56:5f:f0:5d:ad:a3:37:96:56:
2a:03:1d:fc:a4:92:22:e1:31:d2:67:cc:8a:f6:e0:
13:ac:21:ea:b3:32:e9:a2:55:d2:1b:c9:0d:7f:06:
43:54:a2:74:31:1c:f1:23:99:f9:b9:90:64:29:df:
56:8a:51:74:78:aa:be:60:ca:81:be:96:2b:2f:be:
0b:33:fa:44:c1:96:a8:5c:0b:f7:bd:17:0d:2f:65:
d6:c8:38:05:83:23:9b:e2:5f:cb:c0:0a:29:07:04:
38:88:86:49:e8:84:2d:fb:b4:6f:9d:14:a9:f2:57:
2b:d3:c4:c6:cc:8a:f5:10:4f:23:2a:7f:a9:98:cc:
50:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:91:24:16:E3:2A:48:14:67:B5:B2:26:CA:3C:99:82:10:F2:B9:64
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/FZEkFuMqSBRntbImyjyZghDyuWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.216.0/22
45.89.140.0/22
IPv6:
2a0e:cb80::/29
2a12:3e80:100::/48
2a12:3e80:400::/48
Signature Algorithm: sha256WithRSAEncryption
8e:c9:fe:31:5c:f1:f3:02:fd:55:da:80:c0:1a:b2:f6:a6:3e:
70:72:79:84:74:90:2f:0e:70:21:ec:35:33:15:14:9e:5e:6d:
6f:9b:94:b9:6b:cf:c4:53:17:d8:00:27:ff:96:60:e0:51:d6:
5b:e7:51:8c:eb:53:9a:73:cd:b7:83:1b:b7:54:63:d6:69:9a:
b0:31:05:33:1d:46:c2:0d:63:cb:49:26:7d:ec:83:c1:bc:42:
00:b1:4a:32:7e:ea:b1:65:ce:93:87:bb:f0:d6:ec:4b:8c:da:
be:80:f1:7b:3e:a8:54:9d:b8:72:ec:af:0a:4f:3a:3a:37:d6:
1a:77:23:00:78:da:14:da:43:99:3d:d7:c4:a2:da:d7:9b:67:
47:85:c4:42:b0:42:00:22:b3:d7:f4:93:75:63:2a:89:70:23:
32:83:54:6b:1d:11:d6:4e:3b:86:f1:26:a5:01:26:0d:37:b9:
0c:aa:b2:ae:b9:07:f0:df:50:a4:e0:12:29:fc:c9:6a:5d:99:
6d:89:3f:66:9a:ed:77:6a:68:82:f2:03:4d:c2:ea:ee:7f:05:
bc:14:b1:78:79:fa:fa:b4:12:17:b9:c9:26:dc:4a:b2:49:f4:
71:37:62:bd:c4:a5:4c:87:ee:84:31:63:53:9b:82:1d:51:a3:
33:24:34:e7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKKhwr7ssSsvsMW1CGwsGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1
ZjU1NGIwHhcNMjQwMTAyMTIzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTkxMjQxNmUzMmE0ODE0NjdiNWIyMjZjYTNjOTk4MjEwZjJiOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl274w385EknafbVZu3fsDN0u9u9r
f5ywKdNa72sBARKM+FxQNdw9+mNRNuxqJhdg6WmMpo4JlaXQIKxoNTKn20yJtpHY
yy2X785CaNLolFgPjHNC6ckj3wpWak0vrX4kIICTJUEDd3F2C4Knd3oJ8F5GY/iz
85KoWC3hrixWX/BdraM3llYqAx38pJIi4THSZ8yK9uATrCHqszLpolXSG8kNfwZD
VKJ0MRzxI5n5uZBkKd9WilF0eKq+YMqBvpYrL74LM/pEwZaoXAv3vRcNL2XWyDgF
gyOb4l/LwAopBwQ4iIZJ6IQt+7RvnRSp8lcr08TGzIr1EE8jKn+pmMxQ3QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBWRJBbjKkgUZ7WyJso8mYIQ8rlkMB8GA1UdIwQY
MBaAFPavQzl03zc7cKvXaxPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2It
YTI2YmM2NTNiMDZiLzEvRlpFa0Z1TXFTQlJudGJJbXlqeVpnaER5dVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZi
LzEvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTASBAIAATAMAwQCLVXYAwQC
LVmMMB8EAgACMBkDBQMqDsuAAwcAKhI+gAEAAwcAKhI+gAQAMA0GCSqGSIb3DQEB
CwUAA4IBAQCOyf4xXPHzAv1V2oDAGrL2pj5wcnmEdJAvDnAh7DUzFRSeXm1vm5S5
a8/EUxfYACf/lmDgUdZb51GM61Oac823gxu3VGPWaZqwMQUzHUbCDWPLSSZ97IPB
vEIAsUoyfuqxZc6Th7vw1uxLjNq+gPF7PqhUnbhy7K8KTzo6N9YadyMAeNoU2kOZ
PdfEotrXm2dHhcRCsEIAIrPX9JN1YyqJcCMyg1RrHRHWTjuG8SalASYNN7kMqrKu
uQfw31Ck4BIp/MlqXZltiT9mmu13amiC8gNNwurufwW8FLF4efr6tBIXuckm3Eqy
SfRxN2K9xKVMh+6EMWNTm4IdUaMzJDTn
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:08:30 2024 by rpki-client on console-fra.rpki-client.org