Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/fSrMTla0YP_I16M2TFYqhj6aqKk.roa
File: fSrMTla0YP_I16M2TFYqhj6aqKk.roa (raw, json)
Hash identifier: Vxg+v+7WTNY2pucnVWIab+OcZaOnJA8dKIsyr/9zPbk=
Subject key identifier: 7D:2A:CC:4E:56:B4:60:FF:C8:D7:A3:36:4C:56:2A:86:3E:9A:A8:A9
Certificate issuer: /CN=d1bd64cc94a4a8518a71f96ef8b77625afa527d1
Certificate serial: 018CC726CE9844AD3DF6E0FD76EBEC76725B
Authority key identifier: D1:BD:64:CC:94:A4:A8:51:8A:71:F9:6E:F8:B7:76:25:AF:A5:27:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0b1kzJSkqFGKcflu-Ld2Ja-lJ9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/fSrMTla0YP_I16M2TFYqhj6aqKk.roa
Signing time: Mon 01 Jan 2024 22:30:58 +0000
ROA not before: Mon 01 Jan 2024 22:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61386
IP address blocks: 185.167.124.0/22 maxlen: 22
185.167.124.0/24 maxlen: 24
185.167.125.0/24 maxlen: 24
185.167.126.0/24 maxlen: 24
185.167.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/0b1kzJSkqFGKcflu-Ld2Ja-lJ9E.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/0b1kzJSkqFGKcflu-Ld2Ja-lJ9E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0b1kzJSkqFGKcflu-Ld2Ja-lJ9E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ce:98:44:ad:3d:f6:e0:fd:76:eb:ec:76:72:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1bd64cc94a4a8518a71f96ef8b77625afa527d1
Validity
Not Before: Jan 1 22:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d2acc4e56b460ffc8d7a3364c562a863e9aa8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:cf:ac:b3:ec:98:78:b0:d3:c8:53:e2:93:db:
d2:b0:cb:b9:2d:bb:ec:0b:d1:f9:bf:85:b7:c8:9e:
0b:1d:68:7a:25:0d:4d:3c:f6:a9:b0:10:86:cf:e8:
1e:06:17:74:df:a1:73:2c:ec:43:4a:9a:00:f4:ee:
88:04:54:6e:ed:33:cf:b3:8b:f9:8e:f1:b6:bc:63:
81:75:a2:4f:de:21:3e:64:81:6d:71:78:91:d6:25:
1d:9b:9e:15:42:85:00:70:f7:95:64:71:dc:f0:a6:
ed:8e:b9:ee:e9:f5:90:34:44:dd:10:af:31:51:d0:
04:7c:9c:29:c0:e8:5f:be:03:73:5a:e4:28:02:d0:
4b:12:57:78:4e:28:90:c9:84:62:6e:55:1d:1d:1d:
07:5c:f4:48:22:8c:23:9e:c0:94:31:ab:44:85:6e:
81:46:40:15:19:8b:17:bd:67:34:4f:fd:64:99:05:
52:f9:41:b0:37:67:ad:a7:41:63:75:7a:ba:32:41:
92:14:7a:55:1e:72:6c:ed:0d:a0:72:2a:95:98:fa:
4c:1b:4a:d4:e7:05:59:34:c2:37:08:f8:8a:01:2c:
33:99:e0:a0:9b:05:9f:c9:f1:4e:92:72:87:79:a7:
b5:ca:72:b4:78:ec:aa:62:32:85:3b:be:b3:57:cf:
bc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2A:CC:4E:56:B4:60:FF:C8:D7:A3:36:4C:56:2A:86:3E:9A:A8:A9
X509v3 Authority Key Identifier:
keyid:D1:BD:64:CC:94:A4:A8:51:8A:71:F9:6E:F8:B7:76:25:AF:A5:27:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b1kzJSkqFGKcflu-Ld2Ja-lJ9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/fSrMTla0YP_I16M2TFYqhj6aqKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/2efa50-f483-4b53-b1e7-0826f36ff28f/1/0b1kzJSkqFGKcflu-Ld2Ja-lJ9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.124.0/22
Signature Algorithm: sha256WithRSAEncryption
19:19:06:23:3a:98:e9:3a:fb:fe:94:1c:17:c9:a1:35:b2:df:
cd:0a:33:9b:72:87:88:9d:f3:c4:10:e8:98:50:ab:67:2b:34:
2e:de:2c:cd:04:1a:a6:6c:3c:d4:2e:c6:f4:d4:a5:39:2f:e9:
15:9c:20:07:f7:c9:46:90:00:06:e7:de:67:a1:6b:7d:66:ea:
30:f1:53:d6:36:fe:f7:71:e0:3d:b9:08:d6:21:77:1a:b9:0c:
81:eb:47:a7:2c:88:d3:cb:9a:b4:5b:d0:c7:90:ff:43:bb:1f:
72:af:74:0f:47:7d:e7:b8:f3:a7:57:79:1c:4f:74:07:df:58:
fe:2d:05:3c:1b:19:26:cb:25:49:07:64:5a:42:76:67:7a:5b:
c9:b2:cd:a7:81:dc:40:8b:b6:e0:ad:fd:95:be:7c:34:1a:f5:
11:17:d3:b2:27:eb:87:92:eb:93:08:05:d5:65:bf:36:44:bd:
1f:09:ae:9a:e3:09:92:b5:97:17:ae:01:eb:01:d8:2a:5b:c8:
5a:dd:b4:28:a2:03:dc:ca:60:cd:c5:66:29:f7:22:ec:95:a8:
62:f9:b6:cb:29:0b:f5:dc:64:7f:b8:5c:94:2e:ac:31:fd:0b:
9b:30:b7:13:26:23:d2:53:5c:5e:f3:85:7c:47:4f:7d:62:d7:
32:60:66:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJs6YRK099uD9duvsdnJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYmQ2NGNjOTRhNGE4NTE4YTcxZjk2ZWY4Yjc3NjI1YWZh
NTI3ZDEwHhcNMjQwMTAxMjIzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDJhY2M0ZTU2YjQ2MGZmYzhkN2EzMzY0YzU2MmE4NjNlOWFhOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgs+ss+yYeLDTyFPik9vSsMu5Lbvs
C9H5v4W3yJ4LHWh6JQ1NPPapsBCGz+geBhd036FzLOxDSpoA9O6IBFRu7TPPs4v5
jvG2vGOBdaJP3iE+ZIFtcXiR1iUdm54VQoUAcPeVZHHc8Kbtjrnu6fWQNETdEK8x
UdAEfJwpwOhfvgNzWuQoAtBLEld4TiiQyYRiblUdHR0HXPRIIowjnsCUMatEhW6B
RkAVGYsXvWc0T/1kmQVS+UGwN2etp0FjdXq6MkGSFHpVHnJs7Q2gciqVmPpMG0rU
5wVZNMI3CPiKASwzmeCgmwWfyfFOknKHeae1ynK0eOyqYjKFO76zV8+8GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0qzE5WtGD/yNejNkxWKoY+mqipMB8GA1UdIwQY
MBaAFNG9ZMyUpKhRinH5bvi3diWvpSfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGIxa3pKU2txRkdLY2ZsdS1MZDJKYS1sSjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8yZWZhNTAtZjQ4My00YjUzLWIxZTct
MDgyNmYzNmZmMjhmLzEvZlNyTVRsYTBZUF9JMTZNMlRGWXFoajZhcUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8yZWZhNTAtZjQ4My00YjUzLWIxZTctMDgyNmYzNmZmMjhm
LzEvMGIxa3pKU2txRkdLY2ZsdS1MZDJKYS1sSjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuad8MA0G
CSqGSIb3DQEBCwUAA4IBAQAZGQYjOpjpOvv+lBwXyaE1st/NCjObcoeInfPEEOiY
UKtnKzQu3izNBBqmbDzULsb01KU5L+kVnCAH98lGkAAG595noWt9Zuow8VPWNv73
ceA9uQjWIXcauQyB60enLIjTy5q0W9DHkP9Dux9yr3QPR33nuPOnV3kcT3QH31j+
LQU8GxkmyyVJB2RaQnZnelvJss2ngdxAi7bgrf2Vvnw0GvURF9OyJ+uHkuuTCAXV
Zb82RL0fCa6a4wmStZcXrgHrAdgqW8ha3bQoogPcymDNxWYp9yLslahi+bbLKQv1
3GR/uFyULqwx/QubMLcTJiPSU1xe84V8R099YtcyYGZg
-----END CERTIFICATE-----
Generated at Sun May 19 21:56:36 2024 by rpki-client on console-ams.rpki-client.org