Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/_u3BRflzLICftITXD_e9Jl3HFEo.roa
File: _u3BRflzLICftITXD_e9Jl3HFEo.roa (raw, json)
Hash identifier: 66BjQGsXIcmriyk5izO4M84ehTuSTkDTRC87PRjzMUs=
Subject key identifier: FE:ED:C1:45:F9:73:2C:80:9F:B4:84:D7:0F:F7:BD:26:5D:C7:14:4A
Certificate issuer: /CN=f394a464728b82856dc2b955ccae9ab5ba6539c8
Certificate serial: 018CCA295BE09741E9AB35D05404AF3362D0
Authority key identifier: F3:94:A4:64:72:8B:82:85:6D:C2:B9:55:CC:AE:9A:B5:BA:65:39:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/85SkZHKLgoVtwrlVzK6atbplOcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/_u3BRflzLICftITXD_e9Jl3HFEo.roa
Signing time: Tue 02 Jan 2024 12:32:37 +0000
ROA not before: Tue 02 Jan 2024 12:32:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 188.244.110.0/24 maxlen: 24
188.244.111.0/24 maxlen: 24
188.244.108.0/24 maxlen: 24
188.244.109.0/24 maxlen: 24
164.138.240.0/24 maxlen: 24
164.138.243.0/24 maxlen: 24
164.138.244.0/24 maxlen: 24
164.138.245.0/24 maxlen: 24
164.138.241.0/24 maxlen: 24
164.138.242.0/24 maxlen: 24
164.138.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/85SkZHKLgoVtwrlVzK6atbplOcg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/85SkZHKLgoVtwrlVzK6atbplOcg.mft
rsync://rpki.ripe.net/repository/DEFAULT/85SkZHKLgoVtwrlVzK6atbplOcg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:5b:e0:97:41:e9:ab:35:d0:54:04:af:33:62:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f394a464728b82856dc2b955ccae9ab5ba6539c8
Validity
Not Before: Jan 2 12:32:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=feedc145f9732c809fb484d70ff7bd265dc7144a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:52:7d:c1:ee:fd:39:6e:43:39:1b:ab:73:4c:
29:37:6d:c4:e1:6a:ce:48:ad:80:a4:3c:a2:df:2b:
54:97:3b:c6:75:bd:ce:c5:70:11:6f:a2:73:e1:50:
b0:36:e7:bd:08:66:7e:49:9b:02:58:a0:f0:2d:a8:
ad:c1:d7:8a:64:50:7b:f2:7f:8c:aa:e7:63:b3:e1:
8d:5d:3a:eb:ef:39:f2:75:a9:7a:d2:16:72:64:73:
d6:bf:53:2d:2b:4e:0f:b0:02:59:36:7c:55:2a:11:
f4:54:ed:2d:e4:5b:c5:91:d4:24:1d:5d:ef:10:18:
df:04:b1:92:89:44:dd:0d:62:41:bf:74:4e:5a:3c:
f7:f7:a0:e0:78:aa:ec:7e:f0:d0:a9:61:83:9a:aa:
43:b9:58:f8:26:6b:75:61:75:85:ae:5b:11:8e:07:
00:d8:b4:5c:c7:d3:e0:c2:27:23:c9:ce:97:48:3f:
de:e0:f6:38:33:a4:15:f3:d1:5a:3a:8e:d9:32:46:
71:62:96:3d:4e:d6:7b:8c:42:c9:10:72:27:a0:7a:
79:90:e4:6d:e4:ae:ee:95:bb:ae:de:76:c9:dd:a1:
37:b7:68:3e:cd:6a:8e:99:b0:b0:ad:b4:94:54:ad:
5c:88:4e:88:cf:c0:3e:73:26:64:e8:2f:2b:45:ab:
08:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:ED:C1:45:F9:73:2C:80:9F:B4:84:D7:0F:F7:BD:26:5D:C7:14:4A
X509v3 Authority Key Identifier:
keyid:F3:94:A4:64:72:8B:82:85:6D:C2:B9:55:CC:AE:9A:B5:BA:65:39:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/85SkZHKLgoVtwrlVzK6atbplOcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/_u3BRflzLICftITXD_e9Jl3HFEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/85SkZHKLgoVtwrlVzK6atbplOcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.240.0-164.138.245.255
164.138.247.0/24
188.244.108.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:e9:cf:a6:30:d8:4d:54:dd:51:ac:69:20:1b:cd:d3:3d:13:
11:10:1e:d7:78:17:78:dd:9d:dc:22:2a:a6:c3:ea:60:fb:13:
80:b4:d6:50:c8:a5:73:e3:06:df:96:48:b2:c9:75:c6:9a:f9:
46:48:14:34:3a:74:41:78:14:de:e3:09:88:64:90:83:6a:8e:
a3:2f:3a:f3:c0:17:c7:69:72:e7:77:16:bd:91:ae:ce:d0:e4:
db:d8:9f:80:9f:16:8b:bc:4e:59:38:35:75:70:0c:f0:7c:ba:
2c:60:3d:21:8b:a7:f7:db:b4:bc:a9:eb:55:5f:0c:8f:62:de:
4c:d8:b0:6d:ff:87:62:54:f6:2c:6f:2e:ad:8e:54:54:d5:2c:
54:7c:1a:bd:80:b0:3d:94:3b:24:aa:cc:2f:d1:5c:5b:2a:ac:
27:cd:93:17:da:e9:33:68:2a:7e:a4:34:2d:8a:23:bd:f0:f1:
42:24:a0:30:1e:35:61:5c:ca:78:07:15:bb:39:89:86:82:40:
f5:94:02:0d:04:97:8a:f6:7c:d5:2f:89:b8:ab:b1:4f:e9:3f:
cf:e5:e8:c4:b9:44:87:f7:ec:1d:5b:10:6f:ff:ca:2e:81:46:
9d:2b:c8:f1:a4:50:c3:12:ef:8b:f9:cc:4e:4b:96:84:fd:5e:
78:09:28:0c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzKKVvgl0HpqzXQVASvM2LQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzOTRhNDY0NzI4YjgyODU2ZGMyYjk1NWNjYWU5YWI1YmE2
NTM5YzgwHhcNMjQwMTAyMTIzMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWVkYzE0NWY5NzMyYzgwOWZiNDg0ZDcwZmY3YmQyNjVkYzcxNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFJ9we79OW5DORurc0wpN23E4WrO
SK2ApDyi3ytUlzvGdb3OxXARb6Jz4VCwNue9CGZ+SZsCWKDwLaitwdeKZFB78n+M
qudjs+GNXTrr7znydal60hZyZHPWv1MtK04PsAJZNnxVKhH0VO0t5FvFkdQkHV3v
EBjfBLGSiUTdDWJBv3ROWjz396DgeKrsfvDQqWGDmqpDuVj4Jmt1YXWFrlsRjgcA
2LRcx9Pgwicjyc6XSD/e4PY4M6QV89FaOo7ZMkZxYpY9TtZ7jELJEHInoHp5kORt
5K7ulbuu3nbJ3aE3t2g+zWqOmbCwrbSUVK1ciE6Iz8A+cyZk6C8rRasICwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP7twUX5cyyAn7SE1w/3vSZdxxRKMB8GA1UdIwQY
MBaAFPOUpGRyi4KFbcK5VcyumrW6ZTnIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODVTa1pIS0xnb1Z0d3JsVnpLNmF0YnBsT2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi83ZGI4MGMtNTExMy00ZTgzLWIyYzgt
ZjI2NjRkMTkyMWQzLzEvX3UzQlJmbHpMSUNmdElUWERfZTlKbDNIRkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi83ZGI4MGMtNTExMy00ZTgzLWIyYzgtZjI2NjRkMTkyMWQz
LzEvODVTa1pIS0xnb1Z0d3JsVnpLNmF0YnBsT2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBASkivAD
BAGkivQDBACkivcDBAK89GwwDQYJKoZIhvcNAQELBQADggEBAE3pz6Yw2E1U3VGs
aSAbzdM9ExEQHtd4F3jdndwiKqbD6mD7E4C01lDIpXPjBt+WSLLJdcaa+UZIFDQ6
dEF4FN7jCYhkkINqjqMvOvPAF8dpcud3Fr2Rrs7Q5NvYn4CfFou8Tlk4NXVwDPB8
uixgPSGLp/fbtLyp61VfDI9i3kzYsG3/h2JU9ixvLq2OVFTVLFR8Gr2AsD2UOySq
zC/RXFsqrCfNkxfa6TNoKn6kNC2KI73w8UIkoDAeNWFcyngHFbs5iYaCQPWUAg0E
l4r2fNUvibirsU/pP8/l6MS5RIf37B1bEG//yi6BRp0ryPGkUMMS74v5zE5LloT9
XngJKAw=
-----END CERTIFICATE-----
Generated at Wed May 15 19:12:18 2024 by rpki-client on console-fra.rpki-client.org