Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/FLDOJvaPjEo6PSYOMumS0ZjrQaA.roa
File: FLDOJvaPjEo6PSYOMumS0ZjrQaA.roa (raw, json)
Hash identifier: ebYH6cJjpLQJUSLcic0/MjL+Nm0KzxkgLNCqVmvNYuA=
Subject key identifier: 14:B0:CE:26:F6:8F:8C:4A:3A:3D:26:0E:32:E9:92:D1:98:EB:41:A0
Certificate issuer: /CN=c070ee8dc8378086960182e3309226717e83e407
Certificate serial: 018CC26D027E644DEEAF5EA342E6DBB123F4
Authority key identifier: C0:70:EE:8D:C8:37:80:86:96:01:82:E3:30:92:26:71:7E:83:E4:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHDujcg3gIaWAYLjMJImcX6D5Ac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/FLDOJvaPjEo6PSYOMumS0ZjrQaA.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25082
IP address blocks: 91.215.68.0/24 maxlen: 24
91.203.143.0/24 maxlen: 24
91.203.140.0/24 maxlen: 24
91.203.140.0/22 maxlen: 22
91.203.141.0/24 maxlen: 24
91.203.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/wHDujcg3gIaWAYLjMJImcX6D5Ac.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/wHDujcg3gIaWAYLjMJImcX6D5Ac.mft
rsync://rpki.ripe.net/repository/DEFAULT/wHDujcg3gIaWAYLjMJImcX6D5Ac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:02:7e:64:4d:ee:af:5e:a3:42:e6:db:b1:23:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c070ee8dc8378086960182e3309226717e83e407
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14b0ce26f68f8c4a3a3d260e32e992d198eb41a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8e:89:6e:e2:d8:ab:11:fe:63:ed:90:c4:3c:
c9:68:fd:a2:74:06:3d:18:37:1e:19:0e:ad:7a:a6:
a4:6b:27:fc:8e:08:db:d3:e5:20:e0:12:50:c9:94:
0e:0b:e8:0a:33:c2:e4:df:92:d7:47:be:8e:10:27:
95:69:2f:29:d6:f4:06:6b:9f:69:49:99:97:d3:be:
ff:56:b7:ed:b2:36:36:e2:8c:e0:85:43:6f:1d:52:
d1:81:b0:b8:ea:5a:06:7e:97:77:8b:43:8b:94:be:
27:d1:ed:c6:69:94:01:8f:49:3a:ce:72:07:b2:24:
81:7b:2f:a2:63:4d:26:43:ac:a9:0d:0d:f9:c2:05:
49:76:e3:5f:67:2e:9a:ae:7a:5d:b1:32:f7:18:d0:
e6:d0:3f:7e:8c:e5:1c:02:27:c6:ac:6f:4b:62:f4:
ed:ac:a3:4c:39:d2:90:d4:52:1d:d3:31:77:0a:f4:
01:78:78:b6:7d:f4:ba:86:08:ec:f3:91:b7:58:b1:
9d:66:ad:ab:3d:cf:20:b8:a5:64:a9:9d:24:74:f2:
b9:49:fc:b2:37:be:f4:bb:8b:21:a0:66:ba:8c:e6:
58:14:2b:31:33:07:83:f1:fe:30:95:e7:f2:23:3e:
8d:6b:6e:1f:52:bb:66:a9:f8:c3:a4:14:50:9a:95:
f2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B0:CE:26:F6:8F:8C:4A:3A:3D:26:0E:32:E9:92:D1:98:EB:41:A0
X509v3 Authority Key Identifier:
keyid:C0:70:EE:8D:C8:37:80:86:96:01:82:E3:30:92:26:71:7E:83:E4:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHDujcg3gIaWAYLjMJImcX6D5Ac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/FLDOJvaPjEo6PSYOMumS0ZjrQaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/wHDujcg3gIaWAYLjMJImcX6D5Ac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.140.0/22
91.215.68.0/24
Signature Algorithm: sha256WithRSAEncryption
87:d5:20:50:cf:87:95:07:a5:cd:7c:a3:98:b6:e6:78:1f:a0:
c9:41:a5:da:60:e9:07:26:ce:0e:80:4c:04:d0:d2:11:af:0c:
31:59:5c:16:a9:c7:4f:4e:c4:02:bf:b9:58:79:e1:c7:49:bc:
ea:35:ea:91:ec:d7:e4:84:b8:0c:97:1f:1d:7e:e9:d0:3b:6b:
51:cd:e7:8e:b6:89:5f:35:91:7f:b7:95:ce:23:8c:f3:39:15:
47:fc:f9:0e:4b:f2:2d:f1:42:9c:85:3d:70:32:11:64:36:e0:
eb:74:34:55:f6:9c:e8:a7:43:e2:e2:94:fa:57:25:29:8f:f4:
bd:01:bd:1b:30:0a:2b:02:69:0d:bd:49:f0:89:d6:94:1f:fd:
30:b9:bd:c2:a0:80:ee:5f:9f:36:31:c2:4c:ab:2d:69:8e:5a:
ba:0f:78:86:35:31:e0:41:37:75:20:9e:84:42:5a:56:20:c4:
df:39:49:6a:af:19:5f:26:5f:0b:7d:41:6e:a3:5f:54:0a:5c:
38:76:b9:14:b2:4c:ff:61:6f:a6:fe:75:58:7a:71:4c:ee:8f:
2a:3b:e0:9b:62:ff:a4:f2:7e:a9:fd:61:2f:c0:b2:9d:74:47:
d6:ef:38:dd:72:27:53:d5:c3:af:f9:c2:1f:1a:6b:02:59:68:
c0:a2:51:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbQJ+ZE3ur16jQubbsSP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzBlZThkYzgzNzgwODY5NjAxODJlMzMwOTIyNjcxN2U4
M2U0MDcwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGIwY2UyNmY2OGY4YzRhM2EzZDI2MGUzMmU5OTJkMTk4ZWI0MWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI6JbuLYqxH+Y+2QxDzJaP2idAY9
GDceGQ6teqakayf8jgjb0+Ug4BJQyZQOC+gKM8Lk35LXR76OECeVaS8p1vQGa59p
SZmX077/VrftsjY24ozghUNvHVLRgbC46loGfpd3i0OLlL4n0e3GaZQBj0k6znIH
siSBey+iY00mQ6ypDQ35wgVJduNfZy6arnpdsTL3GNDm0D9+jOUcAifGrG9LYvTt
rKNMOdKQ1FId0zF3CvQBeHi2ffS6hgjs85G3WLGdZq2rPc8guKVkqZ0kdPK5Sfyy
N770u4shoGa6jOZYFCsxMweD8f4wlefyIz6Na24fUrtmqfjDpBRQmpXyqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBSwzib2j4xKOj0mDjLpktGY60GgMB8GA1UdIwQY
MBaAFMBw7o3IN4CGlgGC4zCSJnF+g+QHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hEdWpjZzNnSWFXQVlMak1KSW1jWDZENUFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8yYTM2NTUtOTQxYi00NmQ4LTg3ODkt
NDVhN2I2OTc4NDkzLzEvRkxET0p2YVBqRW82UFNZT011bVMwWmpyUWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8yYTM2NTUtOTQxYi00NmQ4LTg3ODktNDVhN2I2OTc4NDkz
LzEvd0hEdWpjZzNnSWFXQVlMak1KSW1jWDZENUFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8uMAwQA
W9dEMA0GCSqGSIb3DQEBCwUAA4IBAQCH1SBQz4eVB6XNfKOYtuZ4H6DJQaXaYOkH
Js4OgEwE0NIRrwwxWVwWqcdPTsQCv7lYeeHHSbzqNeqR7NfkhLgMlx8dfunQO2tR
zeeOtolfNZF/t5XOI4zzORVH/PkOS/It8UKchT1wMhFkNuDrdDRV9pzop0Pi4pT6
VyUpj/S9Ab0bMAorAmkNvUnwidaUH/0wub3CoIDuX582McJMqy1pjlq6D3iGNTHg
QTd1IJ6EQlpWIMTfOUlqrxlfJl8LfUFuo19UClw4drkUskz/YW+m/nVYenFM7o8q
O+CbYv+k8n6p/WEvwLKddEfW7zjdcidT1cOv+cIfGmsCWWjAolEk
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:15:10 2024 by rpki-client on console-ams.rpki-client.org