Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/FwbubeZ2dFkOFpxJJZ5tjoMhw2k.roa
File: FwbubeZ2dFkOFpxJJZ5tjoMhw2k.roa (raw, json)
Hash identifier: QHVS/RZRBKIwMPs+NmlmGUk1Vt9H3Zv4SxmdWISFX5Y=
Subject key identifier: 17:06:EE:6D:E6:76:74:59:0E:16:9C:49:25:9E:6D:8E:83:21:C3:69
Certificate issuer: /CN=72b88675247ce1865a353f4cef5b2ac288a39698
Certificate serial: 018EC3247F432649B505A8FA56F2CE5AB348
Authority key identifier: 72:B8:86:75:24:7C:E1:86:5A:35:3F:4C:EF:5B:2A:C2:88:A3:96:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/criGdSR84YZaNT9M71sqwoijlpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/FwbubeZ2dFkOFpxJJZ5tjoMhw2k.roa
Signing time: Tue 09 Apr 2024 13:55:32 +0000
ROA not before: Tue 09 Apr 2024 13:55:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202302
IP address blocks: 31.42.190.0/24 maxlen: 24
91.219.60.0/24 maxlen: 24
91.219.61.0/24 maxlen: 24
194.61.52.0/24 maxlen: 24
194.61.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/criGdSR84YZaNT9M71sqwoijlpg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/criGdSR84YZaNT9M71sqwoijlpg.mft
rsync://rpki.ripe.net/repository/DEFAULT/criGdSR84YZaNT9M71sqwoijlpg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c3:24:7f:43:26:49:b5:05:a8:fa:56:f2:ce:5a:b3:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b88675247ce1865a353f4cef5b2ac288a39698
Validity
Not Before: Apr 9 13:55:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1706ee6de67674590e169c49259e6d8e8321c369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2c:7c:a3:d5:82:f3:6c:dc:4f:99:74:55:11:
cc:2e:a9:98:a2:0e:d0:d7:8e:77:c3:76:04:e8:5f:
4d:70:0e:e1:0d:54:72:df:ac:77:6f:7c:cb:48:ed:
c9:6f:c8:33:b0:54:70:b3:76:86:cc:b2:63:ca:45:
96:8a:b4:11:0f:5f:c1:13:ef:0c:c2:68:f7:85:30:
aa:d7:24:cd:a8:4e:ab:36:a4:90:30:bb:2c:9c:fc:
3d:9f:f5:a4:c6:ba:74:e0:f8:7f:0a:ca:c3:b0:8d:
37:14:f0:d4:70:8f:91:de:b5:b2:d7:b0:81:57:90:
2b:7a:d7:8e:4c:ae:79:e7:3c:ed:e4:58:dd:de:93:
e7:9e:42:0d:4f:ce:c1:f1:24:0d:55:0b:1f:b9:be:
28:8e:10:d9:ff:bd:bd:39:e1:97:94:b8:b2:18:bf:
de:7c:c4:05:d3:3f:cf:d9:25:0e:9f:f1:60:61:5e:
23:e6:5e:fe:38:df:ec:27:f1:e3:2d:1c:c3:64:83:
26:11:1a:3c:f6:d7:1a:50:bc:81:94:9c:67:9f:bd:
f5:28:8f:b0:8f:b1:9c:de:eb:75:75:13:b5:1b:12:
29:7a:51:b1:2c:bc:0c:ea:7c:17:0d:88:e4:14:5e:
4c:d0:6c:1c:2a:41:a8:22:6b:d5:e5:db:33:94:d4:
c6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:06:EE:6D:E6:76:74:59:0E:16:9C:49:25:9E:6D:8E:83:21:C3:69
X509v3 Authority Key Identifier:
keyid:72:B8:86:75:24:7C:E1:86:5A:35:3F:4C:EF:5B:2A:C2:88:A3:96:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/criGdSR84YZaNT9M71sqwoijlpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/FwbubeZ2dFkOFpxJJZ5tjoMhw2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/criGdSR84YZaNT9M71sqwoijlpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.190.0/24
91.219.60.0/23
194.61.52.0/23
Signature Algorithm: sha256WithRSAEncryption
10:5a:28:d0:93:6e:37:6e:8f:8f:4d:52:ce:c7:10:d9:25:6e:
c0:0f:65:20:9b:57:ab:11:b4:d2:0c:55:65:c0:36:cc:fd:cc:
39:7e:bf:d5:e9:51:63:3f:ab:eb:12:a0:6b:4f:0f:5a:cc:a6:
e2:6c:00:b7:79:8e:2d:95:d0:fa:10:ae:64:64:cf:47:89:ae:
c2:e7:db:b3:07:8e:e7:b4:aa:d0:66:fd:01:eb:7e:2f:8e:a3:
5d:9a:80:94:ae:33:84:fd:1c:71:90:94:bc:e0:55:93:a1:ec:
e0:3e:b9:fc:f1:d0:c5:11:7b:18:9a:2a:65:bd:45:8d:6c:2a:
a9:1a:de:1d:83:d1:04:ef:89:03:5c:a1:39:29:84:d0:6c:02:
c6:34:4c:19:60:57:ce:34:e4:ce:8b:42:b9:f7:3a:eb:4e:2b:
9b:68:ad:3b:cd:eb:7e:fe:1e:fb:9a:bc:d8:e5:41:3e:9c:1f:
94:55:4c:e8:96:56:d3:a5:7b:7d:87:2e:fb:ff:94:80:95:0f:
e2:3d:66:e7:c8:62:c1:e0:a2:ed:a7:33:ef:bf:d2:40:9b:72:
b6:de:72:ba:55:b6:a8:7f:13:0c:40:04:ff:09:c0:c5:8f:52:
ad:ce:c3:ae:66:dd:4b:a1:e9:7e:5f:49:fe:3f:b8:05:3c:29:
25:72:7c:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7DJH9DJkm1Baj6VvLOWrNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjg4Njc1MjQ3Y2UxODY1YTM1M2Y0Y2VmNWIyYWMyODhh
Mzk2OTgwHhcNMjQwNDA5MTM1NTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzA2ZWU2ZGU2NzY3NDU5MGUxNjljNDkyNTllNmQ4ZTgzMjFjMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyx8o9WC82zcT5l0VRHMLqmYog7Q
1453w3YE6F9NcA7hDVRy36x3b3zLSO3Jb8gzsFRws3aGzLJjykWWirQRD1/BE+8M
wmj3hTCq1yTNqE6rNqSQMLssnPw9n/Wkxrp04Ph/CsrDsI03FPDUcI+R3rWy17CB
V5AreteOTK555zzt5Fjd3pPnnkINT87B8SQNVQsfub4ojhDZ/729OeGXlLiyGL/e
fMQF0z/P2SUOn/FgYV4j5l7+ON/sJ/HjLRzDZIMmERo89tcaULyBlJxnn731KI+w
j7Gc3ut1dRO1GxIpelGxLLwM6nwXDYjkFF5M0GwcKkGoImvV5dszlNTGdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBcG7m3mdnRZDhacSSWebY6DIcNpMB8GA1UdIwQY
MBaAFHK4hnUkfOGGWjU/TO9bKsKIo5aYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JpR2RTUjg0WVphTlQ5TTcxc3F3b2lqbHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xNGRkNmUtNjc3My00N2ZmLThlM2It
MTEzNzA3M2ZhOGY2LzEvRndidWJlWjJkRmtPRnB4SkpaNXRqb01odzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xNGRkNmUtNjc3My00N2ZmLThlM2ItMTEzNzA3M2ZhOGY2
LzEvY3JpR2RTUjg0WVphTlQ5TTcxc3F3b2lqbHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHyq+AwQB
W9s8AwQBwj00MA0GCSqGSIb3DQEBCwUAA4IBAQAQWijQk243bo+PTVLOxxDZJW7A
D2Ugm1erEbTSDFVlwDbM/cw5fr/V6VFjP6vrEqBrTw9azKbibAC3eY4tldD6EK5k
ZM9Hia7C59uzB47ntKrQZv0B634vjqNdmoCUrjOE/RxxkJS84FWToezgPrn88dDF
EXsYmiplvUWNbCqpGt4dg9EE74kDXKE5KYTQbALGNEwZYFfONOTOi0K59zrrTiub
aK07zet+/h77mrzY5UE+nB+UVUzollbTpXt9hy77/5SAlQ/iPWbnyGLB4KLtpzPv
v9JAm3K23nK6VbaofxMMQAT/CcDFj1KtzsOuZt1Loel+X0n+P7gFPCklcnxM
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:21:03 2024 by rpki-client on console-ams.rpki-client.org