Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/FHoweOmKaLkTpYFWQroLoMlmbXI.roa
File: FHoweOmKaLkTpYFWQroLoMlmbXI.roa (raw, json)
Hash identifier: ZCqn7doLPLRb8C3lqSmXhrq6CLidnMYsD+BcZjj0KhQ=
Subject key identifier: 14:7A:30:78:E9:8A:68:B9:13:A5:81:56:42:BA:0B:A0:C9:66:6D:72
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 018CC5DC52317986F34EEAA46832205D08F1
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/FHoweOmKaLkTpYFWQroLoMlmbXI.roa
Signing time: Mon 01 Jan 2024 16:29:59 +0000
ROA not before: Mon 01 Jan 2024 16:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29286
IP address blocks: 185.23.96.0/23 maxlen: 23
185.23.99.0/24 maxlen: 24
128.140.128.0/20 maxlen: 20
213.180.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:52:31:79:86:f3:4e:ea:a4:68:32:20:5d:08:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jan 1 16:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=147a3078e98a68b913a5815642ba0ba0c9666d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2e:2f:39:59:99:4a:48:e9:3b:05:66:c4:01:
0c:b6:3d:d2:a4:d2:02:3a:92:e9:43:0e:33:3b:01:
f3:79:cd:e9:54:b0:df:d5:ce:1a:58:5c:75:60:35:
db:7f:68:2d:06:2b:86:d7:75:02:1d:bf:b0:39:ae:
8f:d1:c2:b7:72:0e:0b:82:d6:3d:a0:fa:e2:85:0e:
cb:3d:7c:f1:fa:9c:7e:a7:ed:a1:fc:2f:7c:b1:ed:
9a:e1:1f:70:6f:ff:35:8f:e8:d0:6b:29:f7:84:66:
80:c7:c7:67:c7:c6:ca:79:34:44:06:c2:8d:de:15:
bd:fe:6f:47:12:94:9c:00:c0:46:81:f9:74:85:1b:
24:d0:3c:90:3f:36:6d:7c:33:cf:01:28:fe:e3:3e:
e5:aa:88:d7:09:67:d0:f2:f3:69:bf:cf:33:8c:a5:
35:cd:cf:ef:22:62:10:71:42:32:ab:27:fd:3b:78:
24:af:a5:85:09:ed:93:f4:67:0f:b9:e0:6d:82:3e:
f0:2b:f4:49:1e:30:93:b7:21:50:13:ff:de:39:b6:
06:aa:d1:3e:dd:5b:95:f7:7c:0a:d9:64:c2:4c:9e:
6f:00:87:9a:99:18:91:bb:64:1b:43:dd:01:a9:8b:
fb:9b:ee:4b:84:64:db:37:c1:d3:c0:43:c7:c4:4a:
87:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7A:30:78:E9:8A:68:B9:13:A5:81:56:42:BA:0B:A0:C9:66:6D:72
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/FHoweOmKaLkTpYFWQroLoMlmbXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.140.128.0/20
185.23.96.0/23
185.23.99.0/24
213.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:20:6d:8b:1e:e1:96:6c:89:c6:58:e1:40:dc:08:43:78:62:
b7:c6:65:56:1c:36:18:56:a7:cd:c1:b0:ac:94:e0:44:6b:38:
7d:94:62:a2:47:57:3f:a0:fd:30:c6:13:90:b8:e9:6e:c3:21:
db:e5:94:42:3a:ea:ce:65:4c:5e:f5:70:b0:ca:08:5f:fd:fa:
01:1a:a5:4c:42:bb:6c:d3:50:73:da:45:af:17:9d:0f:d4:83:
a3:e5:1c:78:67:d9:9d:71:ae:f6:f1:a7:17:35:b6:97:cb:93:
f8:b6:6c:64:3e:df:3c:22:7d:44:c0:40:f8:68:11:f7:c9:fb:
31:fb:02:a7:cd:3e:39:29:c9:a3:27:aa:1b:61:2b:f8:6a:fd:
92:2b:5c:5f:94:78:e8:2e:8b:1d:66:6f:e9:bc:d6:06:da:4d:
7c:0e:31:85:a7:50:87:5c:7b:36:65:32:ed:0e:4b:8e:44:eb:
9d:7f:57:96:64:79:a4:dc:5f:45:53:dc:f0:80:a4:ba:b1:26:
58:5a:0f:80:21:cb:29:04:9c:a3:3b:a2:73:62:c5:d9:25:2a:
20:17:11:06:19:bc:ad:88:87:07:58:7f:eb:f3:1c:8e:60:5e:
30:d2:31:44:86:7d:bf:6e:0c:f0:d3:a6:f1:75:81:48:f1:c5:
2b:48:6b:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3FIxeYbzTuqkaDIgXQjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjQwMTAxMTYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDdhMzA3OGU5OGE2OGI5MTNhNTgxNTY0MmJhMGJhMGM5NjY2ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy4vOVmZSkjpOwVmxAEMtj3SpNIC
OpLpQw4zOwHzec3pVLDf1c4aWFx1YDXbf2gtBiuG13UCHb+wOa6P0cK3cg4LgtY9
oPrihQ7LPXzx+px+p+2h/C98se2a4R9wb/81j+jQayn3hGaAx8dnx8bKeTREBsKN
3hW9/m9HEpScAMBGgfl0hRsk0DyQPzZtfDPPASj+4z7lqojXCWfQ8vNpv88zjKU1
zc/vImIQcUIyqyf9O3gkr6WFCe2T9GcPueBtgj7wK/RJHjCTtyFQE//eObYGqtE+
3VuV93wK2WTCTJ5vAIeamRiRu2QbQ90BqYv7m+5LhGTbN8HTwEPHxEqHrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBR6MHjpimi5E6WBVkK6C6DJZm1yMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvRkhvd2VPbUthTGtUcFlGV1Fyb0xvTWxtYlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEgIyAAwQB
uRdgAwQAuRdjAwQC1bT8MA0GCSqGSIb3DQEBCwUAA4IBAQDCIG2LHuGWbInGWOFA
3AhDeGK3xmVWHDYYVqfNwbCslOBEazh9lGKiR1c/oP0wxhOQuOluwyHb5ZRCOurO
ZUxe9XCwyghf/foBGqVMQrts01Bz2kWvF50P1IOj5Rx4Z9mdca728acXNbaXy5P4
tmxkPt88In1EwED4aBH3yfsx+wKnzT45KcmjJ6obYSv4av2SK1xflHjoLosdZm/p
vNYG2k18DjGFp1CHXHs2ZTLtDkuOROudf1eWZHmk3F9FU9zwgKS6sSZYWg+AIcsp
BJyjO6JzYsXZJSogFxEGGbytiIcHWH/r8xyOYF4w0jFEhn2/bgzw06bxdYFI8cUr
SGvV
-----END CERTIFICATE-----
Generated at Sun May 5 04:41:07 2024 by rpki-client on console-fra.rpki-client.org