Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/FrwSaWAVQGgF2cou9DwWDBFMNyM.roa
File: FrwSaWAVQGgF2cou9DwWDBFMNyM.roa (raw, json)
Hash identifier: 1fmOZBTVdI2RSYx0Z2CgkOQnBwWnyyrX3TLeOMdec28=
Subject key identifier: 16:BC:12:69:60:15:40:68:05:D9:CA:2E:F4:3C:16:0C:11:4C:37:23
Certificate issuer: /CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
Certificate serial: 018CC64B325DE492E20B99F88C5B74118F3E
Authority key identifier: BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/FrwSaWAVQGgF2cou9DwWDBFMNyM.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60522
IP address blocks: 217.61.192.0/20 maxlen: 20
185.29.216.0/22 maxlen: 22
86.111.152.0/21 maxlen: 21
195.192.216.0/21 maxlen: 21
185.205.124.0/22 maxlen: 22
134.255.192.0/22 maxlen: 22
2a00:ab60::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/vkjMNUiL2ebzErIPx2oQJy8M3to.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/vkjMNUiL2ebzErIPx2oQJy8M3to.mft
rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 16:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:32:5d:e4:92:e2:0b:99:f8:8c:5b:74:11:8f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16bc12696015406805d9ca2ef43c160c114c3723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9d:10:de:f8:f3:0f:87:87:41:a5:f5:20:65:
d2:82:18:0a:05:62:3d:fe:e4:1c:62:04:5b:71:90:
1f:18:04:3d:e0:04:b4:9b:7b:53:8c:0c:a1:d3:3d:
1d:a0:d1:00:16:39:c5:27:52:d1:a1:39:54:a4:c7:
01:7c:09:8e:19:52:a0:80:9a:2a:eb:fc:6e:c4:7c:
52:40:cb:86:60:2f:00:01:77:4f:37:e2:f5:03:be:
12:7b:c4:e2:89:cc:a4:8f:03:a2:54:8e:11:06:c5:
6f:f3:a1:04:a3:80:5c:d2:8d:e3:07:98:79:f2:83:
d1:38:2f:f1:87:cb:40:ad:d7:d7:66:49:08:f0:72:
15:03:e9:8c:64:35:5e:b1:02:3b:6a:a9:8a:88:45:
25:91:5e:37:ee:da:fa:c4:d2:60:d2:61:19:e4:8b:
0f:c5:65:08:80:fe:7c:63:28:fa:4e:74:89:78:f3:
fc:4d:67:fc:01:dc:a8:0b:6d:c3:de:e1:bd:8d:87:
e0:9c:ac:56:dc:b7:b8:69:05:6d:bd:a1:64:91:da:
94:99:3f:60:7b:c2:ab:7e:69:62:d8:41:c8:53:50:
d0:fc:3b:c0:91:f6:89:47:af:4b:cb:95:28:96:75:
66:e4:27:93:66:c0:b5:31:cf:b3:95:7d:42:de:90:
9c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:BC:12:69:60:15:40:68:05:D9:CA:2E:F4:3C:16:0C:11:4C:37:23
X509v3 Authority Key Identifier:
keyid:BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/FrwSaWAVQGgF2cou9DwWDBFMNyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/vkjMNUiL2ebzErIPx2oQJy8M3to.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.152.0/21
134.255.192.0/22
185.29.216.0/22
185.205.124.0/22
195.192.216.0/21
217.61.192.0/20
IPv6:
2a00:ab60::/29
Signature Algorithm: sha256WithRSAEncryption
a8:6b:9e:83:19:29:1f:1c:4b:7e:2d:ca:fc:87:ec:9f:2a:65:
9c:47:e6:84:92:c4:91:7b:fb:5f:0c:e5:77:11:2d:cc:dc:9a:
72:c6:93:df:91:cc:a3:0a:1e:88:3a:b2:eb:9c:f9:a1:bb:fc:
97:2b:d0:89:ba:c8:a1:12:09:42:69:b2:d2:e4:80:76:35:94:
5f:67:c6:5c:28:4a:75:71:b4:7f:0c:a5:61:e5:f1:c6:50:53:
8c:30:89:26:9f:83:b7:62:4e:0c:ce:54:99:af:70:d0:a5:27:
39:05:06:4e:f8:03:98:e3:de:8d:35:92:43:8d:2b:f7:fd:03:
7d:21:5f:1d:7d:1e:cf:e6:ef:ee:ff:cc:ca:24:d3:e5:bc:99:
af:06:99:64:cc:f4:f5:17:f5:35:75:27:7e:23:b9:32:b3:74:
12:12:d5:ad:93:50:58:07:f0:1b:6e:dc:fe:68:14:34:24:9e:
81:15:0c:59:d3:b3:d7:3c:91:de:ab:92:24:90:43:02:bf:e8:
5b:70:31:49:e1:90:5f:1b:84:6c:83:59:3d:52:bd:e1:c9:cf:
96:13:df:b6:a2:de:04:7e:6d:4e:a9:41:56:37:9b:ff:52:f0:
79:c6:d3:cc:43:8e:1a:0f:67:15:13:cf:a6:fb:11:ef:2e:09:
12:37:95:ba
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzGSzJd5JLiC5n4jFt0EY8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDhjYzM1NDg4YmQ5ZTZmMzEyYjIwZmM3NmExMDI3MmYw
Y2RlZGEwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmJjMTI2OTYwMTU0MDY4MDVkOWNhMmVmNDNjMTYwYzExNGMzNzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ0Q3vjzD4eHQaX1IGXSghgKBWI9
/uQcYgRbcZAfGAQ94AS0m3tTjAyh0z0doNEAFjnFJ1LRoTlUpMcBfAmOGVKggJoq
6/xuxHxSQMuGYC8AAXdPN+L1A74Se8TiicykjwOiVI4RBsVv86EEo4Bc0o3jB5h5
8oPROC/xh8tArdfXZkkI8HIVA+mMZDVesQI7aqmKiEUlkV437tr6xNJg0mEZ5IsP
xWUIgP58Yyj6TnSJePP8TWf8AdyoC23D3uG9jYfgnKxW3Le4aQVtvaFkkdqUmT9g
e8Krfmli2EHIU1DQ/DvAkfaJR69Ly5UolnVm5CeTZsC1Mc+zlX1C3pCcuwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBa8EmlgFUBoBdnKLvQ8FgwRTDcjMB8GA1UdIwQY
MBaAFL5IzDVIi9nm8xKyD8dqECcvDN7aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtqTU5VaUwyZWJ6RXJJUHgyb1FKeThNM3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kMjY5NzEtYjdhOC00ZWRlLThiYjQt
NDliYzQzNjYwYzk3LzEvRnJ3U2FXQVZRR2dGMmNvdTlEd1dEQkZNTnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kMjY5NzEtYjdhOC00ZWRlLThiYjQtNDliYzQzNjYwYzk3
LzEvdmtqTU5VaUwyZWJ6RXJJUHgyb1FKeThNM3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDVm+YAwQC
hv/AAwQCuR3YAwQCuc18AwQDw8DYAwQE2T3AMA0EAgACMAcDBQMqAKtgMA0GCSqG
SIb3DQEBCwUAA4IBAQCoa56DGSkfHEt+Lcr8h+yfKmWcR+aEksSRe/tfDOV3ES3M
3JpyxpPfkcyjCh6IOrLrnPmhu/yXK9CJusihEglCabLS5IB2NZRfZ8ZcKEp1cbR/
DKVh5fHGUFOMMIkmn4O3Yk4MzlSZr3DQpSc5BQZO+AOY496NNZJDjSv3/QN9IV8d
fR7P5u/u/8zKJNPlvJmvBplkzPT1F/U1dSd+I7kys3QSEtWtk1BYB/Abbtz+aBQ0
JJ6BFQxZ07PXPJHeq5IkkEMCv+hbcDFJ4ZBfG4Rsg1k9Ur3hyc+WE9+2ot4Efm1O
qUFWN5v/UvB5xtPMQ44aD2cVE8+m+xHvLgkSN5W6
-----END CERTIFICATE-----
Generated at Fri Jun 28 22:40:09 2024 by rpki-client on console-ams.rpki-client.org