Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/FXsBMHT8GMR9DxRaKPfirydKdTE.roa
File: FXsBMHT8GMR9DxRaKPfirydKdTE.roa (raw, json)
Hash identifier: 6aQA+Nvc6Kcv4h7MqC/vu0C8p+/We4hvD08ZeotzaB4=
Subject key identifier: 15:7B:01:30:74:FC:18:C4:7D:0F:14:5A:28:F7:E2:AF:27:4A:75:31
Certificate issuer: /CN=c0520cecba251cd37cdf3c4d5ab03625522bbaac
Certificate serial: 018CC3B720361372FB99BD0E36F31D5BE40F
Authority key identifier: C0:52:0C:EC:BA:25:1C:D3:7C:DF:3C:4D:5A:B0:36:25:52:2B:BA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wFIM7LolHNN83zxNWrA2JVIruqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/FXsBMHT8GMR9DxRaKPfirydKdTE.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.179.150.0/24 maxlen: 24
185.179.151.0/24 maxlen: 24
185.240.125.0/24 maxlen: 24
185.231.166.0/24 maxlen: 24
185.231.165.0/24 maxlen: 24
185.240.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/wFIM7LolHNN83zxNWrA2JVIruqw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/wFIM7LolHNN83zxNWrA2JVIruqw.mft
rsync://rpki.ripe.net/repository/DEFAULT/wFIM7LolHNN83zxNWrA2JVIruqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:20:36:13:72:fb:99:bd:0e:36:f3:1d:5b:e4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0520cecba251cd37cdf3c4d5ab03625522bbaac
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=157b013074fc18c47d0f145a28f7e2af274a7531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3b:19:5f:b4:ef:96:9f:0c:24:bb:f2:74:ce:
db:1e:56:d4:d0:1b:56:6c:ef:cd:df:d3:5d:04:cf:
0c:3e:19:1f:40:e7:d3:eb:97:09:09:a2:2d:f3:14:
32:bd:f9:fd:da:fb:2a:86:e7:95:4e:99:c8:24:b1:
df:35:c8:36:14:bc:ef:9c:52:17:3f:b0:3d:86:cc:
91:f5:c2:d8:23:42:84:03:dd:bc:35:34:48:5c:4d:
84:eb:94:78:86:da:c2:82:e1:07:94:0e:c6:0c:d2:
69:2f:0b:56:f0:50:2f:13:a7:b9:68:24:0b:44:f3:
35:84:3d:27:91:c1:81:41:94:d3:9e:9d:3d:bf:25:
82:b1:8a:55:60:d2:b9:58:7c:0f:77:c5:fd:0d:0c:
41:97:37:7f:e2:d5:0b:5e:3d:c3:fb:f6:68:21:02:
a0:47:75:fa:7d:43:74:79:1b:2d:fb:1e:81:e8:79:
da:b5:87:f8:7c:95:d7:d3:6b:4b:d1:89:5f:6f:b1:
45:6f:e2:8a:91:9f:68:e8:fc:56:ed:9d:bc:b1:40:
a9:39:0b:a6:5d:74:07:40:c6:8f:d6:55:ce:2f:d0:
3c:61:be:09:c3:c0:f1:56:a0:7e:04:1b:7a:d6:5b:
ad:c7:6d:bc:f7:b4:80:b8:fa:d3:a1:be:1a:32:66:
38:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7B:01:30:74:FC:18:C4:7D:0F:14:5A:28:F7:E2:AF:27:4A:75:31
X509v3 Authority Key Identifier:
keyid:C0:52:0C:EC:BA:25:1C:D3:7C:DF:3C:4D:5A:B0:36:25:52:2B:BA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wFIM7LolHNN83zxNWrA2JVIruqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/FXsBMHT8GMR9DxRaKPfirydKdTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/361bae-ab14-4aab-bb8f-7418b92aa209/1/wFIM7LolHNN83zxNWrA2JVIruqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.150.0/23
185.231.165.0-185.231.166.255
185.240.125.0/24
185.240.127.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:8c:de:74:e2:1c:0a:fb:5a:47:61:35:e5:02:b7:f9:4d:2f:
e4:5c:84:fc:d0:90:a1:e1:8d:a1:5f:f9:f4:4d:22:20:e6:e2:
46:6d:81:ef:e3:eb:6e:14:0a:ea:ae:15:81:ab:f8:80:f0:ec:
e6:21:3f:13:95:e6:b9:42:83:99:15:a3:0f:ae:19:57:85:c4:
68:0e:5b:31:0a:85:ec:ce:af:31:c2:41:49:89:2b:41:7e:2f:
d1:ec:a5:00:04:62:d6:ee:09:35:d9:73:fb:8d:cd:d8:95:0e:
bd:96:42:d1:f1:52:43:24:51:cb:4a:3f:a2:91:bf:18:40:e1:
77:6f:0a:30:c7:d4:21:47:79:f2:d4:de:62:06:31:37:e1:7e:
97:53:35:16:48:d5:01:ff:02:cc:35:8e:46:f6:4c:f0:44:7a:
59:6b:79:31:ca:f9:b8:36:70:2b:fb:14:a8:83:91:2b:05:d5:
2d:b7:fe:7e:21:5d:96:3a:35:c8:b5:49:c4:92:f7:cf:34:d6:
eb:60:6f:a3:83:21:69:17:c5:ff:96:b2:d2:28:e3:1e:50:c7:
c6:0b:2d:e1:12:d1:2a:f6:23:b8:1a:64:c1:6b:5d:8d:d3:e7:
07:7d:b3:a8:69:51:16:d1:34:77:15:b7:66:3b:9f:7d:22:8e:
d0:5c:62:5a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDtyA2E3L7mb0ONvMdW+QPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNTIwY2VjYmEyNTFjZDM3Y2RmM2M0ZDVhYjAzNjI1NTIy
YmJhYWMwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdiMDEzMDc0ZmMxOGM0N2QwZjE0NWEyOGY3ZTJhZjI3NGE3NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjsZX7Tvlp8MJLvydM7bHlbU0BtW
bO/N39NdBM8MPhkfQOfT65cJCaIt8xQyvfn92vsqhueVTpnIJLHfNcg2FLzvnFIX
P7A9hsyR9cLYI0KEA928NTRIXE2E65R4htrCguEHlA7GDNJpLwtW8FAvE6e5aCQL
RPM1hD0nkcGBQZTTnp09vyWCsYpVYNK5WHwPd8X9DQxBlzd/4tULXj3D+/ZoIQKg
R3X6fUN0eRst+x6B6HnatYf4fJXX02tL0Ylfb7FFb+KKkZ9o6PxW7Z28sUCpOQum
XXQHQMaP1lXOL9A8Yb4Jw8DxVqB+BBt61lutx22897SAuPrTob4aMmY4zwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBV7ATB0/BjEfQ8UWij34q8nSnUxMB8GA1UdIwQY
MBaAFMBSDOy6JRzTfN88TVqwNiVSK7qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0ZJTTdMb2xITk44M3p4TldyQTJKVklydXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zNjFiYWUtYWIxNC00YWFiLWJiOGYt
NzQxOGI5MmFhMjA5LzEvRlhzQk1IVDhHTVI5RHhSYUtQZmlyeWRLZFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zNjFiYWUtYWIxNC00YWFiLWJiOGYtNzQxOGI5MmFhMjA5
LzEvd0ZJTTdMb2xITk44M3p4TldyQTJKVklydXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBubOWMAwD
BAC556UDBAC556YDBAC58H0DBAC58H8wDQYJKoZIhvcNAQELBQADggEBAMiM3nTi
HAr7WkdhNeUCt/lNL+RchPzQkKHhjaFf+fRNIiDm4kZtge/j624UCuquFYGr+IDw
7OYhPxOV5rlCg5kVow+uGVeFxGgOWzEKhezOrzHCQUmJK0F+L9HspQAEYtbuCTXZ
c/uNzdiVDr2WQtHxUkMkUctKP6KRvxhA4XdvCjDH1CFHefLU3mIGMTfhfpdTNRZI
1QH/Asw1jkb2TPBEellreTHK+bg2cCv7FKiDkSsF1S23/n4hXZY6Nci1ScSS9880
1utgb6ODIWkXxf+WstIo4x5Qx8YLLeES0Sr2I7gaZMFrXY3T5wd9s6hpURbRNHcV
t2Y7n30ijtBcYlo=
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:17:53 2024 by rpki-client on console-ams.rpki-client.org