Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/FNGluFUdyMuD-OMIPb4Ao8KJ06o.roa
File: FNGluFUdyMuD-OMIPb4Ao8KJ06o.roa (raw, json)
Hash identifier: i6yiWrQj78isOMLQ5FfxNbYE/+N01ZYjVvU/vvPVSqI=
Subject key identifier: 14:D1:A5:B8:55:1D:C8:CB:83:F8:E3:08:3D:BE:00:A3:C2:89:D3:AA
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018CC86F29098048DF39431110A158049144
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/FNGluFUdyMuD-OMIPb4Ao8KJ06o.roa
Signing time: Tue 02 Jan 2024 04:29:37 +0000
ROA not before: Tue 02 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207249
IP address blocks: 78.159.130.0/24 maxlen: 24
93.152.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:29:09:80:48:df:39:43:11:10:a1:58:04:91:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14d1a5b8551dc8cb83f8e3083dbe00a3c289d3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e3:40:02:f8:53:94:85:6d:52:9f:18:91:d4:
2d:ca:25:58:7f:26:98:d4:15:a6:29:aa:70:22:88:
b1:4f:5f:96:21:b2:28:37:b0:60:5d:00:d5:08:b7:
9e:4c:ed:cc:73:1b:59:a8:cc:0c:f9:27:ce:e1:06:
01:35:a2:d1:58:75:96:af:fc:62:b9:3b:94:83:b1:
be:72:84:6d:b0:f9:b6:65:02:62:32:3b:b9:4e:3f:
28:fa:46:87:f1:cf:70:8a:06:48:a1:a9:27:b5:31:
90:8e:12:48:de:86:f8:15:d5:a4:c3:64:69:2a:77:
fb:12:64:29:1d:7c:8d:ea:13:e5:af:39:b2:f7:87:
e4:1d:6a:50:3b:79:67:af:f5:54:66:36:30:c1:d0:
43:a7:b6:3d:a7:a9:b2:46:bb:a2:0c:26:5f:86:a2:
2b:b9:16:32:19:41:3f:9d:dc:6c:ac:6e:47:f9:2b:
c7:da:4b:9d:57:0f:58:7f:81:ba:8e:d5:dc:41:3c:
cd:75:b6:c8:9e:54:15:e9:ed:f3:97:2f:0a:92:a6:
bb:08:3a:73:f9:4d:a1:10:98:ba:a1:01:7a:1a:99:
29:f2:12:0b:5b:26:6e:57:00:46:45:a4:f6:ef:4c:
fe:a5:18:fa:4e:56:ae:8b:0a:3c:cc:e5:fe:fd:83:
28:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D1:A5:B8:55:1D:C8:CB:83:F8:E3:08:3D:BE:00:A3:C2:89:D3:AA
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/FNGluFUdyMuD-OMIPb4Ao8KJ06o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.130.0/24
93.152.233.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:00:c0:3c:58:5f:b6:4b:d5:aa:f4:ea:a3:c6:63:1a:a6:28:
a4:72:2a:18:b0:45:03:eb:86:7f:a2:75:a3:01:75:89:46:c8:
76:3e:4c:54:93:81:b8:75:f2:2b:46:84:2f:ac:fa:56:f4:67:
4d:c9:12:1b:2c:9a:3e:89:17:63:18:e1:87:ad:c2:d5:53:d5:
86:a7:bf:9d:e9:20:c6:0c:86:c9:8f:13:cb:b2:c5:3a:42:ba:
f3:5f:fe:b7:91:28:af:04:96:13:db:79:80:90:61:cf:fb:42:
68:f6:a0:ba:11:07:78:4b:bf:e4:ca:c2:fb:eb:0d:2a:81:1d:
f7:54:a8:47:e2:03:89:c0:da:b7:a9:f4:af:fc:36:6d:c9:47:
f4:e8:fd:08:f3:db:3e:89:3a:f8:5d:07:2b:c7:f1:8a:ea:63:
17:08:fa:76:f8:76:88:45:f5:41:cf:df:6b:18:dc:a3:6c:72:
cb:3b:ff:f6:b3:93:60:99:10:b9:88:6c:9b:c8:41:04:70:b8:
22:f9:3e:26:be:99:18:bb:0d:40:3c:74:8e:e6:87:8f:79:48:
dc:9d:c0:11:44:c7:c7:b0:d2:c7:57:6d:2d:09:c4:8a:32:2e:
53:a6:0a:02:68:c9:5e:18:e6:02:ee:6d:54:a9:d8:58:9f:a1:
f0:6d:3d:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbykJgEjfOUMREKFYBJFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMTAyMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQxYTViODU1MWRjOGNiODNmOGUzMDgzZGJlMDBhM2MyODlkM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+NAAvhTlIVtUp8YkdQtyiVYfyaY
1BWmKapwIoixT1+WIbIoN7BgXQDVCLeeTO3McxtZqMwM+SfO4QYBNaLRWHWWr/xi
uTuUg7G+coRtsPm2ZQJiMju5Tj8o+kaH8c9wigZIoakntTGQjhJI3ob4FdWkw2Rp
Knf7EmQpHXyN6hPlrzmy94fkHWpQO3lnr/VUZjYwwdBDp7Y9p6myRruiDCZfhqIr
uRYyGUE/ndxsrG5H+SvH2kudVw9Yf4G6jtXcQTzNdbbInlQV6e3zly8Kkqa7CDpz
+U2hEJi6oQF6Gpkp8hILWyZuVwBGRaT270z+pRj6Tlauiwo8zOX+/YMomwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBTRpbhVHcjLg/jjCD2+AKPCidOqMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvRk5HbHVGVWR5TXVELU9NSVBiNEFvOEtKMDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATp+CAwQA
XZjpMA0GCSqGSIb3DQEBCwUAA4IBAQA+AMA8WF+2S9Wq9OqjxmMapiikcioYsEUD
64Z/onWjAXWJRsh2PkxUk4G4dfIrRoQvrPpW9GdNyRIbLJo+iRdjGOGHrcLVU9WG
p7+d6SDGDIbJjxPLssU6QrrzX/63kSivBJYT23mAkGHP+0Jo9qC6EQd4S7/kysL7
6w0qgR33VKhH4gOJwNq3qfSv/DZtyUf06P0I89s+iTr4XQcrx/GK6mMXCPp2+HaI
RfVBz99rGNyjbHLLO//2s5NgmRC5iGybyEEEcLgi+T4mvpkYuw1APHSO5oePeUjc
ncARRMfHsNLHV20tCcSKMi5TpgoCaMleGOYC7m1UqdhYn6HwbT11
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:11:03 2024 by rpki-client on console-fra.rpki-client.org