Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/fd9482-8cd1-4899-8cdb-27bb0b8875a8/1/FWZJlAdFFd_NBYx7XVqFeLeY8eQ.roa
File: FWZJlAdFFd_NBYx7XVqFeLeY8eQ.roa (raw, json)
Hash identifier: AOB0YemXCxX8wv+B0ju4cjpgZgQxVLXFuD733FJhD8c=
Subject key identifier: 15:66:49:94:07:45:15:DF:CD:05:8C:7B:5D:5A:85:78:B7:98:F1:E4
Certificate issuer: /CN=80b9cfb91309d5d91ffc32bcaf06c36b09772557
Certificate serial: 018CC94DE818D675DC924784DBBAD76A37F7
Authority key identifier: 80:B9:CF:B9:13:09:D5:D9:1F:FC:32:BC:AF:06:C3:6B:09:77:25:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gLnPuRMJ1dkf_DK8rwbDawl3JVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/fd9482-8cd1-4899-8cdb-27bb0b8875a8/1/FWZJlAdFFd_NBYx7XVqFeLeY8eQ.roa
Signing time: Tue 02 Jan 2024 08:32:55 +0000
ROA not before: Tue 02 Jan 2024 08:32:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47368
IP address blocks: 2001:67c:9fc::/48 maxlen: 48
2001:67c:9f4::/48 maxlen: 48
2001:67c:9f8::/48 maxlen: 48
2001:67c:9f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/fd9482-8cd1-4899-8cdb-27bb0b8875a8/1/gLnPuRMJ1dkf_DK8rwbDawl3JVc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/fd9482-8cd1-4899-8cdb-27bb0b8875a8/1/gLnPuRMJ1dkf_DK8rwbDawl3JVc.mft
rsync://rpki.ripe.net/repository/DEFAULT/gLnPuRMJ1dkf_DK8rwbDawl3JVc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:e8:18:d6:75:dc:92:47:84:db:ba:d7:6a:37:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80b9cfb91309d5d91ffc32bcaf06c36b09772557
Validity
Not Before: Jan 2 08:32:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15664994074515dfcd058c7b5d5a8578b798f1e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5a:55:8e:9b:cd:0d:f3:03:76:9d:cb:16:1c:
32:32:59:f2:43:e1:ab:98:0a:a8:1f:fa:d5:be:65:
29:29:5e:98:0b:76:fc:0b:14:0e:05:3f:6d:4b:bc:
39:55:f4:7b:d1:6b:b6:bc:24:94:06:4a:49:f2:2c:
2f:bd:e7:bd:8a:0a:8e:7a:cd:b0:57:ce:b0:51:1c:
54:c2:7c:17:55:78:42:e7:ed:40:4b:1c:1c:1e:d1:
eb:dd:26:a0:4a:d5:79:68:de:80:9c:16:91:07:c1:
ac:cc:3b:b6:43:b9:04:b4:91:d4:f5:94:fe:6a:79:
87:f4:fd:6b:a1:22:a8:94:da:fb:88:17:60:f3:52:
13:44:e5:64:e6:96:c8:3a:fe:a6:9b:10:6e:a6:0a:
75:18:58:2b:2f:d7:1f:30:5c:bc:45:a6:5e:72:7e:
67:2e:78:95:2f:74:3d:29:7c:33:a6:5d:b4:fb:86:
d6:f2:67:ec:17:e3:ca:a3:e4:9c:48:2f:6e:23:dc:
23:39:0a:75:69:65:08:fd:a4:1b:70:78:7c:5d:8d:
3f:9f:f5:7b:83:a3:63:18:33:26:07:ad:e1:c7:3b:
f7:80:94:74:c7:31:d4:cc:ce:3e:c3:da:41:9c:57:
dd:0f:c1:28:46:c7:33:95:c8:81:62:59:8a:18:d1:
be:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:66:49:94:07:45:15:DF:CD:05:8C:7B:5D:5A:85:78:B7:98:F1:E4
X509v3 Authority Key Identifier:
keyid:80:B9:CF:B9:13:09:D5:D9:1F:FC:32:BC:AF:06:C3:6B:09:77:25:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gLnPuRMJ1dkf_DK8rwbDawl3JVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/fd9482-8cd1-4899-8cdb-27bb0b8875a8/1/FWZJlAdFFd_NBYx7XVqFeLeY8eQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/fd9482-8cd1-4899-8cdb-27bb0b8875a8/1/gLnPuRMJ1dkf_DK8rwbDawl3JVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:9f0::/48
2001:67c:9f4::/48
2001:67c:9f8::/48
2001:67c:9fc::/48
Signature Algorithm: sha256WithRSAEncryption
26:17:1f:7a:e0:cc:2b:77:9e:b5:d0:10:00:7b:07:09:67:a6:
2a:f7:a0:e0:8c:2e:2b:c8:42:4c:4e:70:94:96:11:a7:17:48:
7e:f1:72:a2:03:46:1b:b6:29:6f:72:30:64:9e:80:97:9c:56:
f8:09:7e:65:75:16:5b:b0:06:97:0f:94:e9:61:6f:85:81:92:
35:64:80:07:d4:be:99:2e:7d:54:55:55:2e:a3:25:81:2f:1d:
c8:17:6a:92:bf:fb:4d:2a:30:3d:24:8b:cb:95:2e:ba:35:d3:
4c:62:c1:40:8f:4f:ee:01:0a:41:f7:55:79:fb:03:ff:dd:47:
3f:71:77:82:71:00:8e:25:cc:9d:60:44:42:dc:85:1a:a8:0a:
29:6b:f7:b2:1c:28:ca:96:9b:8e:d0:6e:a8:08:4c:30:38:eb:
d8:5f:4e:77:54:f8:74:75:f9:1a:90:df:a9:c6:cd:56:5d:23:
98:62:d8:ad:7d:53:a3:05:1c:b9:4a:b6:46:49:4f:71:f4:91:
a0:19:d4:20:86:4f:43:bd:9d:90:17:6b:43:4e:fc:ae:fe:8a:
4c:05:16:fe:4e:69:37:7b:7e:1d:8b:7f:be:bd:d8:25:e5:c4:
95:e8:6d:c8:d9:af:4c:fb:9a:34:53:8c:c7:25:c9:8a:41:cc:
7b:fc:9d:bd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJTegY1nXckkeE27rXajf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYjljZmI5MTMwOWQ1ZDkxZmZjMzJiY2FmMDZjMzZiMDk3
NzI1NTcwHhcNMjQwMTAyMDgzMjU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTY2NDk5NDA3NDUxNWRmY2QwNThjN2I1ZDVhODU3OGI3OThmMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVpVjpvNDfMDdp3LFhwyMlnyQ+Gr
mAqoH/rVvmUpKV6YC3b8CxQOBT9tS7w5VfR70Wu2vCSUBkpJ8iwvvee9igqOes2w
V86wURxUwnwXVXhC5+1ASxwcHtHr3SagStV5aN6AnBaRB8GszDu2Q7kEtJHU9ZT+
anmH9P1roSKolNr7iBdg81ITROVk5pbIOv6mmxBupgp1GFgrL9cfMFy8RaZecn5n
LniVL3Q9KXwzpl20+4bW8mfsF+PKo+ScSC9uI9wjOQp1aWUI/aQbcHh8XY0/n/V7
g6NjGDMmB63hxzv3gJR0xzHUzM4+w9pBnFfdD8EoRsczlciBYlmKGNG+CwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBVmSZQHRRXfzQWMe11ahXi3mPHkMB8GA1UdIwQY
MBaAFIC5z7kTCdXZH/wyvK8Gw2sJdyVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0xuUHVSTUoxZGtmX0RLOHJ3YkRhd2wzSlZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9mZDk0ODItOGNkMS00ODk5LThjZGIt
MjdiYjBiODg3NWE4LzEvRldaSmxBZEZGZF9OQll4N1hWcUZlTGVZOGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9mZDk0ODItOGNkMS00ODk5LThjZGItMjdiYjBiODg3NWE4
LzEvZ0xuUHVSTUoxZGtmX0RLOHJ3YkRhd2wzSlZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGfAnw
AwcAIAEGfAn0AwcAIAEGfAn4AwcAIAEGfAn8MA0GCSqGSIb3DQEBCwUAA4IBAQAm
Fx964Mwrd5610BAAewcJZ6Yq96DgjC4ryEJMTnCUlhGnF0h+8XKiA0YbtilvcjBk
noCXnFb4CX5ldRZbsAaXD5TpYW+FgZI1ZIAH1L6ZLn1UVVUuoyWBLx3IF2qSv/tN
KjA9JIvLlS66NdNMYsFAj0/uAQpB91V5+wP/3Uc/cXeCcQCOJcydYERC3IUaqAop
a/eyHCjKlpuO0G6oCEwwOOvYX053VPh0dfkakN+pxs1WXSOYYtitfVOjBRy5SrZG
SU9x9JGgGdQghk9DvZ2QF2tDTvyu/opMBRb+Tmk3e34di3++vdgl5cSV6G3I2a9M
+5o0U4zHJcmKQcx7/J29
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:12 2024 by rpki-client on console-fra.rpki-client.org