Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/FIeAkk8nDb6C63Fm9PRccca1alk.roa
File: FIeAkk8nDb6C63Fm9PRccca1alk.roa (raw, json)
Hash identifier: 0y5QYOr6FFiQHMiCvDmKMQXQCQVVpjCwkhAgvtHE7N8=
Subject key identifier: 14:87:80:92:4F:27:0D:BE:82:EB:71:66:F4:F4:5C:71:C6:B5:6A:59
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018CC6B93A693C461605C95063346B59E4CC
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/FIeAkk8nDb6C63Fm9PRccca1alk.roa
Signing time: Mon 01 Jan 2024 20:31:17 +0000
ROA not before: Mon 01 Jan 2024 20:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60168
IP address blocks: 151.237.136.0/23 maxlen: 23
5.32.130.0/24 maxlen: 24
5.32.131.0/24 maxlen: 24
5.32.129.0/24 maxlen: 24
5.32.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3a:69:3c:46:16:05:c9:50:63:34:6b:59:e4:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 20:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=148780924f270dbe82eb7166f4f45c71c6b56a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:87:e8:94:d5:4e:44:e1:64:5d:98:8e:31:00:
d2:ed:f9:48:4a:46:95:c6:bd:26:6a:1a:76:aa:d5:
0a:de:79:b4:1a:5a:45:9d:81:4f:a1:04:50:3a:f0:
f4:bd:a9:61:26:42:ca:2b:0c:9c:57:38:f7:5f:01:
34:69:54:e1:21:9a:0c:8e:bb:da:48:33:f8:58:07:
2a:18:0a:c3:3c:2e:d9:09:f3:79:01:a1:a5:2f:02:
56:7d:fa:7b:54:fd:24:be:65:0b:94:e3:a1:17:a8:
58:e6:56:de:77:e2:24:9c:61:37:40:ce:dd:8c:f1:
d7:72:95:a4:bb:ba:d6:91:16:5e:a1:19:d5:71:48:
e6:bb:40:0e:6e:31:19:2d:ef:4f:d1:74:c6:7a:8e:
1a:a0:f2:fa:0a:6e:64:3e:f3:a1:d7:f8:e4:06:4e:
f1:95:57:52:fa:a7:e6:cc:ae:61:f2:fa:a4:b1:43:
a4:0d:9c:26:60:bb:20:a3:db:f2:bc:df:f3:d5:85:
3f:c6:0b:85:73:61:70:b4:69:53:36:7e:00:d0:04:
1e:a7:47:0f:45:fe:8b:2a:63:b1:88:21:3f:fe:13:
b4:e0:e8:17:6e:f3:4f:13:be:c7:43:4b:dd:54:e7:
04:e7:43:4d:b3:36:c0:d3:34:35:9e:e2:3d:d1:0d:
74:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:87:80:92:4F:27:0D:BE:82:EB:71:66:F4:F4:5C:71:C6:B5:6A:59
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/FIeAkk8nDb6C63Fm9PRccca1alk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.128.0/22
151.237.136.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:e2:79:34:10:8f:68:6d:d8:44:6c:b5:ed:7b:e1:51:86:71:
49:6d:89:7c:15:3d:96:65:be:c9:42:c2:2b:b3:54:7c:05:5b:
47:10:f7:b9:74:fb:e3:b1:80:7e:6a:ee:18:25:2c:09:02:a9:
2b:9c:36:15:61:68:14:89:44:76:d7:24:f6:59:8e:76:c3:1b:
d1:16:13:9c:f6:be:8f:7a:86:24:b3:ed:b6:b1:73:92:bf:f6:
1f:16:05:db:2f:32:ee:ea:f2:6b:53:f1:6d:a7:76:0e:4e:07:
9f:59:bc:51:d4:99:19:d8:27:58:a1:11:88:42:f3:7c:ff:ce:
96:27:ab:20:3a:57:bd:0a:ae:36:55:27:e4:d9:31:38:42:8c:
bb:d9:a5:8d:9f:4f:7f:32:57:b9:6c:b7:28:74:9d:01:30:d3:
4a:a7:d9:36:08:be:c2:25:29:79:6e:d4:cd:d4:a4:1e:13:6c:
60:4a:3a:12:6d:71:be:49:f7:c8:70:c1:cf:d8:e3:50:cd:70:
58:b5:48:a5:40:ae:32:71:1a:79:33:43:81:17:7f:07:47:aa:
a4:09:db:d7:ea:4b:89:5d:2c:50:3d:3a:79:ef:29:85:49:11:
9c:2f:84:51:7e:9f:c7:4b:e9:5a:33:7f:cf:85:8c:47:fc:67:
87:35:97:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuTppPEYWBclQYzRrWeTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDg3ODA5MjRmMjcwZGJlODJlYjcxNjZmNGY0NWM3MWM2YjU2YTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnofolNVOROFkXZiOMQDS7flISkaV
xr0mahp2qtUK3nm0GlpFnYFPoQRQOvD0valhJkLKKwycVzj3XwE0aVThIZoMjrva
SDP4WAcqGArDPC7ZCfN5AaGlLwJWffp7VP0kvmULlOOhF6hY5lbed+IknGE3QM7d
jPHXcpWku7rWkRZeoRnVcUjmu0AObjEZLe9P0XTGeo4aoPL6Cm5kPvOh1/jkBk7x
lVdS+qfmzK5h8vqksUOkDZwmYLsgo9vyvN/z1YU/xguFc2FwtGlTNn4A0AQep0cP
Rf6LKmOxiCE//hO04OgXbvNPE77HQ0vdVOcE50NNszbA0zQ1nuI90Q10ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBSHgJJPJw2+gutxZvT0XHHGtWpZMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvRkllQWtrOG5EYjZDNjNGbTlQUmNjY2ExYWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBSCAAwQB
l+2IMA0GCSqGSIb3DQEBCwUAA4IBAQAK4nk0EI9obdhEbLXte+FRhnFJbYl8FT2W
Zb7JQsIrs1R8BVtHEPe5dPvjsYB+au4YJSwJAqkrnDYVYWgUiUR21yT2WY52wxvR
FhOc9r6PeoYks+22sXOSv/YfFgXbLzLu6vJrU/Ftp3YOTgefWbxR1JkZ2CdYoRGI
QvN8/86WJ6sgOle9Cq42VSfk2TE4Qoy72aWNn09/Mle5bLcodJ0BMNNKp9k2CL7C
JSl5btTN1KQeE2xgSjoSbXG+SffIcMHP2ONQzXBYtUilQK4ycRp5M0OBF38HR6qk
CdvX6kuJXSxQPTp57ymFSRGcL4RRfp/HS+laM3/PhYxH/GeHNZdf
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:54:39 2024 by rpki-client on console-fra.rpki-client.org