Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/FeTu7fZK5StlkXD9yc39SRIXFfM.roa
File: FeTu7fZK5StlkXD9yc39SRIXFfM.roa (raw, json)
Hash identifier: z7WSQnKYa4lv0scmh9D3u2rsYPQ7Fj2nSYOc9tKmS8U=
Subject key identifier: 15:E4:EE:ED:F6:4A:E5:2B:65:91:70:FD:C9:CD:FD:49:12:17:15:F3
Certificate issuer: /CN=984503d4d18140b92aa8923193101d0f3eafe2c3
Certificate serial: 018CC26D2748C9C0234CB5E1E5311B7C7517
Authority key identifier: 98:45:03:D4:D1:81:40:B9:2A:A8:92:31:93:10:1D:0F:3E:AF:E2:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mEUD1NGBQLkqqJIxkxAdDz6v4sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/FeTu7fZK5StlkXD9yc39SRIXFfM.roa
Signing time: Mon 01 Jan 2024 00:29:42 +0000
ROA not before: Mon 01 Jan 2024 00:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52183
IP address blocks: 193.5.117.0/24 maxlen: 24
193.5.116.0/24 maxlen: 24
193.5.118.0/24 maxlen: 24
193.5.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/mEUD1NGBQLkqqJIxkxAdDz6v4sM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/mEUD1NGBQLkqqJIxkxAdDz6v4sM.mft
rsync://rpki.ripe.net/repository/DEFAULT/mEUD1NGBQLkqqJIxkxAdDz6v4sM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:27:48:c9:c0:23:4c:b5:e1:e5:31:1b:7c:75:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=984503d4d18140b92aa8923193101d0f3eafe2c3
Validity
Not Before: Jan 1 00:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15e4eeedf64ae52b659170fdc9cdfd49121715f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6f:b4:4b:84:03:0d:35:28:ab:3b:11:f6:26:
1c:cb:23:48:1a:c9:34:2b:31:f0:bf:c0:f9:1d:f5:
5b:76:47:3d:d2:a1:0e:c2:46:2b:ab:74:41:22:07:
28:92:dd:1a:1e:d4:ab:66:ac:e6:49:91:b0:90:29:
b3:a1:8c:51:d0:20:fd:9e:15:ce:b4:40:6a:63:13:
77:55:a6:2a:1d:06:19:c2:38:b3:6a:a6:70:e2:a9:
24:d0:34:33:16:4e:4b:32:cc:01:03:0b:da:76:c2:
d8:3c:a5:b3:30:f0:d8:8f:eb:67:b0:eb:94:a8:b1:
5b:31:9d:37:d5:77:f2:ee:fb:40:54:1d:4a:73:ef:
e6:cf:3b:bb:5b:de:5f:38:80:6e:9f:b7:1b:14:5a:
98:84:1f:8a:3b:ef:a4:02:b0:d1:68:96:7c:1f:42:
e6:6b:65:a6:a4:8b:53:a7:6c:d2:ff:09:03:1d:96:
ad:c0:5e:72:d0:d1:f0:9f:ec:c0:ab:1a:b4:f9:17:
57:68:dc:8c:bf:29:5c:62:14:d2:0c:f4:d5:e3:68:
aa:4a:dd:c1:a6:35:2f:a2:92:9c:af:13:ef:2e:aa:
8b:32:b3:b3:a3:55:5c:d8:ea:71:15:5c:65:43:8a:
10:04:75:ea:35:5b:4e:c7:61:5c:2a:13:ac:fe:f0:
c0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:E4:EE:ED:F6:4A:E5:2B:65:91:70:FD:C9:CD:FD:49:12:17:15:F3
X509v3 Authority Key Identifier:
keyid:98:45:03:D4:D1:81:40:B9:2A:A8:92:31:93:10:1D:0F:3E:AF:E2:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mEUD1NGBQLkqqJIxkxAdDz6v4sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/FeTu7fZK5StlkXD9yc39SRIXFfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/mEUD1NGBQLkqqJIxkxAdDz6v4sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:81:ee:8f:ba:be:9f:ea:24:0d:f0:ff:76:d0:62:65:41:da:
46:c0:ef:07:a8:e0:94:5f:f2:9d:f9:f0:5f:fd:53:45:89:c3:
4d:ab:e8:85:28:ae:41:c3:f3:a6:2c:8c:d2:bf:ef:e9:61:d9:
a8:6d:30:f4:9c:78:b9:cd:69:2f:4d:f0:f8:4c:eb:96:4d:59:
1c:88:95:96:10:63:b6:b1:29:35:64:d8:c0:f6:01:b9:92:30:
56:3b:c6:7f:6d:7d:be:19:4a:fd:c2:d0:5a:ec:54:7a:b4:8d:
39:77:be:ec:e4:49:ec:c3:49:f9:27:f0:b4:5d:e1:ff:bc:34:
a1:af:05:91:65:fa:ac:0e:82:42:24:ac:d9:fa:59:9e:de:00:
69:b2:68:a6:50:85:c7:10:ba:41:ec:c3:85:30:a9:15:2f:6a:
ed:8a:48:46:dc:fd:2b:07:a8:25:f2:c6:2f:7a:47:02:7a:f8:
d2:fc:33:b3:6d:ea:7f:f4:e7:02:e5:87:c6:38:79:16:55:ac:
64:b5:b1:9b:c4:73:58:35:a0:43:89:57:2e:87:fb:d7:86:d5:
2f:de:fb:a0:b1:06:61:91:5e:d9:53:ee:ac:dd:df:1c:5f:77:
9c:94:7a:da:cb:88:25:49:b3:fd:3d:9e:0b:9a:c9:44:f8:44:
c2:6a:1f:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbSdIycAjTLXh5TEbfHUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NDUwM2Q0ZDE4MTQwYjkyYWE4OTIzMTkzMTAxZDBmM2Vh
ZmUyYzMwHhcNMjQwMTAxMDAyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWU0ZWVlZGY2NGFlNTJiNjU5MTcwZmRjOWNkZmQ0OTEyMTcxNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm+0S4QDDTUoqzsR9iYcyyNIGsk0
KzHwv8D5HfVbdkc90qEOwkYrq3RBIgcokt0aHtSrZqzmSZGwkCmzoYxR0CD9nhXO
tEBqYxN3VaYqHQYZwjizaqZw4qkk0DQzFk5LMswBAwvadsLYPKWzMPDYj+tnsOuU
qLFbMZ031Xfy7vtAVB1Kc+/mzzu7W95fOIBun7cbFFqYhB+KO++kArDRaJZ8H0Lm
a2WmpItTp2zS/wkDHZatwF5y0NHwn+zAqxq0+RdXaNyMvylcYhTSDPTV42iqSt3B
pjUvopKcrxPvLqqLMrOzo1Vc2OpxFVxlQ4oQBHXqNVtOx2FcKhOs/vDANwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBXk7u32SuUrZZFw/cnN/UkSFxXzMB8GA1UdIwQY
MBaAFJhFA9TRgUC5KqiSMZMQHQ8+r+LDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUVVRDFOR0JRTGtxcUpJeGt4QWREejZ2NHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jYTlmMmMtNTI2ZS00NTNmLThiMzIt
NjBmZWVjZWE5YWE0LzEvRmVUdTdmWks1U3Rsa1hEOXljMzlTUklYRmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jYTlmMmMtNTI2ZS00NTNmLThiMzItNjBmZWVjZWE5YWE0
LzEvbUVVRDFOR0JRTGtxcUpJeGt4QWREejZ2NHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwQV0MA0G
CSqGSIb3DQEBCwUAA4IBAQCpge6Pur6f6iQN8P920GJlQdpGwO8HqOCUX/Kd+fBf
/VNFicNNq+iFKK5Bw/OmLIzSv+/pYdmobTD0nHi5zWkvTfD4TOuWTVkciJWWEGO2
sSk1ZNjA9gG5kjBWO8Z/bX2+GUr9wtBa7FR6tI05d77s5Ensw0n5J/C0XeH/vDSh
rwWRZfqsDoJCJKzZ+lme3gBpsmimUIXHELpB7MOFMKkVL2rtikhG3P0rB6gl8sYv
ekcCevjS/DOzbep/9OcC5YfGOHkWVaxktbGbxHNYNaBDiVcuh/vXhtUv3vugsQZh
kV7ZU+6s3d8cX3eclHray4glSbP9PZ4LmslE+ETCah9Q
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:21:45 2024 by rpki-client on console-fra.rpki-client.org