Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/FP6WkszLcaGR5fa3zgdQSXeUMPU.roa
File: FP6WkszLcaGR5fa3zgdQSXeUMPU.roa (raw, json)
Hash identifier: n61SkHEcPvaI55Rkh7jlKnW5d/4NCyLlN5IGHA860OM=
Subject key identifier: 14:FE:96:92:CC:CB:71:A1:91:E5:F6:B7:CE:07:50:49:77:94:30:F5
Certificate issuer: /CN=10071dab168e8e53e3cd7df5db8e0f04242e9086
Certificate serial: 018CC26D1589E69CAEB958755A43E372935A
Authority key identifier: 10:07:1D:AB:16:8E:8E:53:E3:CD:7D:F5:DB:8E:0F:04:24:2E:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAcdqxaOjlPjzX31244PBCQukIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/FP6WkszLcaGR5fa3zgdQSXeUMPU.roa
Signing time: Mon 01 Jan 2024 00:29:37 +0000
ROA not before: Mon 01 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60776
IP address blocks: 45.155.84.0/22 maxlen: 22
2a0f:f100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/EAcdqxaOjlPjzX31244PBCQukIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/EAcdqxaOjlPjzX31244PBCQukIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/EAcdqxaOjlPjzX31244PBCQukIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 07:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:15:89:e6:9c:ae:b9:58:75:5a:43:e3:72:93:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10071dab168e8e53e3cd7df5db8e0f04242e9086
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14fe9692cccb71a191e5f6b7ce075049779430f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9d:ad:5b:f0:29:ff:6c:c3:29:b5:27:89:35:
d9:2b:ea:60:56:d3:b2:71:17:3c:35:ab:2c:80:e0:
4b:71:b9:71:3a:35:d4:ec:eb:ae:85:92:8b:f1:df:
6f:d5:0d:ae:d1:0c:c4:11:e5:71:64:05:ce:00:5c:
ea:71:b7:b3:35:e3:e4:69:b2:7b:91:fd:3f:a3:9d:
75:c5:48:79:dd:80:27:3b:26:25:5c:c4:ee:67:6d:
33:1f:ca:a2:11:cb:02:5d:81:55:8f:c2:c8:a6:9c:
98:62:8c:5b:c1:8f:79:25:37:46:18:67:64:ee:60:
5a:ec:ed:f7:1e:39:ea:f7:c8:3b:7b:76:c9:11:e7:
0c:fe:ba:15:84:38:28:7f:10:47:88:0c:68:30:4f:
18:e9:32:13:04:32:ba:f4:10:e1:57:cf:4b:94:a1:
63:ec:05:ab:8b:c5:e6:75:08:0e:ef:7e:86:86:76:
43:08:05:ac:36:75:e2:e0:07:ed:3a:5d:4c:72:1e:
ff:9b:cc:1c:53:17:2c:96:aa:95:f1:b8:ea:6c:06:
1c:ce:36:5b:92:87:cb:d8:fd:30:95:5a:ae:93:aa:
92:bd:a1:3d:30:85:da:16:e8:a4:85:23:78:02:74:
8d:bf:47:b2:e9:e3:86:f8:9f:51:8d:99:a8:1d:28:
fa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:FE:96:92:CC:CB:71:A1:91:E5:F6:B7:CE:07:50:49:77:94:30:F5
X509v3 Authority Key Identifier:
keyid:10:07:1D:AB:16:8E:8E:53:E3:CD:7D:F5:DB:8E:0F:04:24:2E:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAcdqxaOjlPjzX31244PBCQukIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/FP6WkszLcaGR5fa3zgdQSXeUMPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/EAcdqxaOjlPjzX31244PBCQukIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.84.0/22
IPv6:
2a0f:f100::/29
Signature Algorithm: sha256WithRSAEncryption
80:1e:29:21:de:26:65:48:53:32:d2:75:39:ef:56:22:87:3d:
8c:21:50:98:80:4a:a3:56:a0:43:e0:12:95:32:b9:cb:33:20:
c8:a8:cb:9b:29:b2:af:a6:0e:60:f3:36:d2:a4:43:13:79:8c:
51:fd:64:8a:c5:e7:36:1a:b4:32:7a:75:e3:97:d5:3f:aa:8c:
05:55:bd:c0:0f:7c:c0:39:28:cc:f4:ae:19:fd:9f:1b:e0:1a:
71:e6:ae:7a:a6:ed:bf:b6:fe:b5:9c:da:0b:c9:33:1f:a7:d1:
4d:06:4f:a3:0e:65:ef:9d:1b:dd:c5:02:f5:9b:c4:43:d0:78:
b9:eb:cb:db:8e:77:b8:68:ea:98:13:b4:51:c9:0d:62:fb:6b:
d8:da:0d:0b:2e:5d:85:db:0e:7a:bd:ac:76:d5:02:ba:f2:b7:
a9:f1:cf:7a:79:9f:61:06:c2:6b:b8:ef:55:af:d2:52:4e:a1:
bc:89:3d:f7:6a:ed:4c:37:4f:19:d5:3e:8a:85:5d:a5:76:16:
20:20:2e:6e:a3:ea:8b:b1:20:dc:4e:53:fb:eb:2a:23:70:e3:
00:aa:dd:df:65:3b:ef:4e:79:96:22:43:f2:cc:01:72:08:95:
c5:96:7c:b7:3f:f9:fc:ce:66:00:9f:e5:6c:bc:87:50:b2:fc:
2a:31:e2:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbRWJ5pyuuVh1WkPjcpNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDcxZGFiMTY4ZThlNTNlM2NkN2RmNWRiOGUwZjA0MjQy
ZTkwODYwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGZlOTY5MmNjY2I3MWExOTFlNWY2YjdjZTA3NTA0OTc3OTQzMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ2tW/Ap/2zDKbUniTXZK+pgVtOy
cRc8NassgOBLcblxOjXU7OuuhZKL8d9v1Q2u0QzEEeVxZAXOAFzqcbezNePkabJ7
kf0/o511xUh53YAnOyYlXMTuZ20zH8qiEcsCXYFVj8LIppyYYoxbwY95JTdGGGdk
7mBa7O33Hjnq98g7e3bJEecM/roVhDgofxBHiAxoME8Y6TITBDK69BDhV89LlKFj
7AWri8XmdQgO736GhnZDCAWsNnXi4AftOl1Mch7/m8wcUxcslqqV8bjqbAYczjZb
kofL2P0wlVquk6qSvaE9MIXaFuikhSN4AnSNv0ey6eOG+J9RjZmoHSj6twIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBT+lpLMy3GhkeX2t84HUEl3lDD1MB8GA1UdIwQY
MBaAFBAHHasWjo5T48199duODwQkLpCGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFjZHF4YU9qbFBqelgzMTI0NFBCQ1F1a0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jYmU2YjctNWUxMy00MDk0LWI5Nzkt
MmZlNDEyZTNlYWI0LzEvRlA2V2tzekxjYUdSNWZhM3pnZFFTWGVVTVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jYmU2YjctNWUxMy00MDk0LWI5NzktMmZlNDEyZTNlYWI0
LzEvRUFjZHF4YU9qbFBqelgzMTI0NFBCQ1F1a0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZtUMA0E
AgACMAcDBQMqD/EAMA0GCSqGSIb3DQEBCwUAA4IBAQCAHikh3iZlSFMy0nU571Yi
hz2MIVCYgEqjVqBD4BKVMrnLMyDIqMubKbKvpg5g8zbSpEMTeYxR/WSKxec2GrQy
enXjl9U/qowFVb3AD3zAOSjM9K4Z/Z8b4Bpx5q56pu2/tv61nNoLyTMfp9FNBk+j
DmXvnRvdxQL1m8RD0Hi568vbjne4aOqYE7RRyQ1i+2vY2g0LLl2F2w56vax21QK6
8rep8c96eZ9hBsJruO9Vr9JSTqG8iT33au1MN08Z1T6KhV2ldhYgIC5uo+qLsSDc
TlP76yojcOMAqt3fZTvvTnmWIkPyzAFyCJXFlny3P/n8zmYAn+VsvIdQsvwqMeI+
-----END CERTIFICATE-----
Generated at Fri May 17 14:13:33 2024 by rpki-client on console-ams.rpki-client.org