Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/FXTXwcoQ-Md17dfa5PWqXBuFILs.roa
File: FXTXwcoQ-Md17dfa5PWqXBuFILs.roa (raw, json)
Hash identifier: t9CkFLdGXdNdUifk8k1JFfZtYvbAdu7nB3VJYcygwmo=
Subject key identifier: 15:74:D7:C1:CA:10:F8:C7:75:ED:D7:DA:E4:F5:AA:5C:1B:85:20:BB
Certificate issuer: /CN=7976d7d0bbcc08516523d5df24e6882b72ca5693
Certificate serial: 018CC4249110ADCFB0CF70B477D80922B81A
Authority key identifier: 79:76:D7:D0:BB:CC:08:51:65:23:D5:DF:24:E6:88:2B:72:CA:56:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXbX0LvMCFFlI9XfJOaIK3LKVpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/FXTXwcoQ-Md17dfa5PWqXBuFILs.roa
Signing time: Mon 01 Jan 2024 08:29:39 +0000
ROA not before: Mon 01 Jan 2024 08:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57567
IP address blocks: 185.86.44.0/24 maxlen: 24
185.86.44.0/23 maxlen: 23
185.86.47.0/24 maxlen: 24
185.86.46.0/24 maxlen: 24
185.86.46.0/23 maxlen: 23
185.86.45.0/24 maxlen: 24
103.39.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/eXbX0LvMCFFlI9XfJOaIK3LKVpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/eXbX0LvMCFFlI9XfJOaIK3LKVpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/eXbX0LvMCFFlI9XfJOaIK3LKVpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:91:10:ad:cf:b0:cf:70:b4:77:d8:09:22:b8:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7976d7d0bbcc08516523d5df24e6882b72ca5693
Validity
Not Before: Jan 1 08:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1574d7c1ca10f8c775edd7dae4f5aa5c1b8520bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c2:38:89:fe:f5:5e:f6:fa:27:9c:76:3b:d9:
ec:b1:b1:bd:2d:b1:21:86:8a:a6:1a:05:0b:ba:6f:
20:fb:32:b6:04:60:49:df:3e:0f:d9:0b:44:66:da:
1e:95:a9:fb:38:7a:8a:84:3e:79:a0:a6:33:61:be:
d9:af:0c:6a:3d:78:d6:00:67:eb:9f:e6:8d:63:7a:
ea:70:63:87:53:0c:11:91:a1:57:23:68:a4:ea:ee:
4c:26:d6:fc:3b:2b:31:81:fa:ae:93:a2:8f:07:69:
12:15:32:59:53:8a:08:22:79:46:f7:6c:40:cb:cf:
63:a9:2a:c5:18:0b:c1:2a:34:3f:98:30:2a:fe:4a:
90:18:bf:d6:fa:b5:3d:09:b0:97:0c:97:8d:31:5d:
3d:30:97:77:ed:f9:d7:9d:7e:f0:82:86:44:9b:70:
3d:49:c0:45:c2:75:47:f7:0c:5b:06:c6:f2:67:7e:
21:42:07:ce:58:2e:ed:56:ee:1b:c7:43:e5:0a:1d:
44:20:91:75:bb:45:31:a3:a8:6b:7d:fc:db:93:ed:
aa:4c:a7:0c:77:d0:85:48:88:ee:1c:ff:51:a0:9e:
40:09:fc:e6:1c:e2:ce:f5:dd:ec:ae:93:41:b1:da:
ae:70:72:5d:26:94:48:c9:d6:ad:46:59:46:aa:71:
18:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:74:D7:C1:CA:10:F8:C7:75:ED:D7:DA:E4:F5:AA:5C:1B:85:20:BB
X509v3 Authority Key Identifier:
keyid:79:76:D7:D0:BB:CC:08:51:65:23:D5:DF:24:E6:88:2B:72:CA:56:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXbX0LvMCFFlI9XfJOaIK3LKVpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/FXTXwcoQ-Md17dfa5PWqXBuFILs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/eXbX0LvMCFFlI9XfJOaIK3LKVpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.39.41.0/24
185.86.44.0/22
Signature Algorithm: sha256WithRSAEncryption
95:57:47:74:63:2c:f3:97:68:eb:86:b3:69:5f:7f:fa:79:a1:
5c:0d:b0:6d:4c:d3:65:e5:2c:92:be:2b:9b:d2:81:aa:26:b4:
b1:73:00:fc:69:01:74:00:d9:10:90:16:d9:57:79:df:e6:c2:
88:f6:8d:78:49:37:c4:4e:c2:5a:05:4b:a2:86:bd:e6:3f:0f:
80:bd:5b:cd:ac:b7:d7:78:6f:9f:66:9e:19:11:6b:50:93:5f:
ba:19:f6:65:52:1b:62:d5:de:0b:36:13:77:2f:8c:f1:3c:d8:
8b:dd:48:a6:36:92:5a:1a:20:95:07:5c:1e:07:18:a0:d7:e9:
14:43:fd:f8:5d:ef:2b:f1:1e:55:e5:0d:ad:8d:05:5b:41:8e:
89:ef:b1:99:54:29:16:ee:2f:94:c4:49:20:be:3e:37:49:6c:
ca:38:f4:e1:08:13:36:82:89:03:18:30:2c:a6:35:b3:33:fe:
9d:3c:a9:8d:52:39:15:ca:8b:48:c6:68:09:8e:95:ce:20:30:
01:88:81:f1:66:b1:ba:40:37:6c:14:79:14:d4:ec:8c:14:45:
b5:95:0b:7b:a1:b5:cc:36:5e:3d:ba:c3:d9:10:cc:30:29:6b:
41:2e:69:40:13:f3:2d:78:dc:0b:40:4a:b7:e7:d0:bc:6d:02:
fc:a6:8e:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJJEQrc+wz3C0d9gJIrgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NzZkN2QwYmJjYzA4NTE2NTIzZDVkZjI0ZTY4ODJiNzJj
YTU2OTMwHhcNMjQwMTAxMDgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTc0ZDdjMWNhMTBmOGM3NzVlZGQ3ZGFlNGY1YWE1YzFiODUyMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMI4if71Xvb6J5x2O9nssbG9LbEh
hoqmGgULum8g+zK2BGBJ3z4P2QtEZtoelan7OHqKhD55oKYzYb7ZrwxqPXjWAGfr
n+aNY3rqcGOHUwwRkaFXI2ik6u5MJtb8Oysxgfquk6KPB2kSFTJZU4oIInlG92xA
y89jqSrFGAvBKjQ/mDAq/kqQGL/W+rU9CbCXDJeNMV09MJd37fnXnX7wgoZEm3A9
ScBFwnVH9wxbBsbyZ34hQgfOWC7tVu4bx0PlCh1EIJF1u0Uxo6hrffzbk+2qTKcM
d9CFSIjuHP9RoJ5ACfzmHOLO9d3srpNBsdqucHJdJpRIydatRllGqnEYhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBV018HKEPjHde3X2uT1qlwbhSC7MB8GA1UdIwQY
MBaAFHl219C7zAhRZSPV3yTmiCtyylaTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhiWDBMdk1DRkZsSTlYZkpPYUlLM0xLVnBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kZDY5NDMtNmZjZS00MzA5LTg3MTMt
ODU0MTgyY2IwNmE2LzEvRlhUWHdjb1EtTWQxN2RmYTVQV3FYQnVGSUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kZDY5NDMtNmZjZS00MzA5LTg3MTMtODU0MTgyY2IwNmE2
LzEvZVhiWDBMdk1DRkZsSTlYZkpPYUlLM0xLVnBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZycpAwQC
uVYsMA0GCSqGSIb3DQEBCwUAA4IBAQCVV0d0Yyzzl2jrhrNpX3/6eaFcDbBtTNNl
5SySviub0oGqJrSxcwD8aQF0ANkQkBbZV3nf5sKI9o14STfETsJaBUuihr3mPw+A
vVvNrLfXeG+fZp4ZEWtQk1+6GfZlUhti1d4LNhN3L4zxPNiL3UimNpJaGiCVB1we
Bxig1+kUQ/34Xe8r8R5V5Q2tjQVbQY6J77GZVCkW7i+UxEkgvj43SWzKOPThCBM2
gokDGDAspjWzM/6dPKmNUjkVyotIxmgJjpXOIDABiIHxZrG6QDdsFHkU1OyMFEW1
lQt7obXMNl49usPZEMwwKWtBLmlAE/MteNwLQEq359C8bQL8po61
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:47:33 2024 by rpki-client on console-ams.rpki-client.org