Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/FymsKQcI75lLFdc1AbTqWJGE_qM.roa
File: FymsKQcI75lLFdc1AbTqWJGE_qM.roa (raw, json)
Hash identifier: LufxZj9QzD3nX63MX/yyTm8k5QD8DA0v6X9t3D1FxjY=
Subject key identifier: 17:29:AC:29:07:08:EF:99:4B:15:D7:35:01:B4:EA:58:91:84:FE:A3
Certificate issuer: /CN=2a9100a145dcb7b3795379bb0938fe89aa861924
Certificate serial: 018CC56EB56BD54DE891CF720C8FB35D0C2F
Authority key identifier: 2A:91:00:A1:45:DC:B7:B3:79:53:79:BB:09:38:FE:89:AA:86:19:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KpEAoUXct7N5U3m7CTj-iaqGGSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/FymsKQcI75lLFdc1AbTqWJGE_qM.roa
Signing time: Mon 01 Jan 2024 14:30:16 +0000
ROA not before: Mon 01 Jan 2024 14:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48143
IP address blocks: 91.207.132.0/23 maxlen: 23
194.213.110.0/23 maxlen: 23
91.218.144.0/22 maxlen: 22
91.218.144.0/23 maxlen: 23
91.218.146.0/23 maxlen: 23
91.218.146.128/25 maxlen: 25
91.218.146.0/25 maxlen: 25
91.218.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/KpEAoUXct7N5U3m7CTj-iaqGGSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/KpEAoUXct7N5U3m7CTj-iaqGGSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KpEAoUXct7N5U3m7CTj-iaqGGSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 05:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b5:6b:d5:4d:e8:91:cf:72:0c:8f:b3:5d:0c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a9100a145dcb7b3795379bb0938fe89aa861924
Validity
Not Before: Jan 1 14:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1729ac290708ef994b15d73501b4ea589184fea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3a:da:21:fc:58:11:cc:0b:c1:e4:50:6b:eb:
d2:3b:ce:f6:8b:8e:ce:6f:6f:98:08:e2:86:a9:88:
d8:44:c8:76:1f:de:11:43:8a:5c:8d:ad:d4:94:2c:
d7:24:04:42:f8:e2:2f:d1:2a:a7:1d:17:77:65:dc:
19:0d:bc:e2:24:b0:e8:30:55:bb:67:d8:32:9b:b3:
0c:09:a4:13:57:b0:07:cb:ca:d3:9b:cd:19:ed:4b:
79:1d:24:5b:23:54:e9:5e:e5:9f:05:9e:7e:24:af:
5c:ea:58:2e:47:ed:b0:f1:94:f7:63:7e:91:a9:40:
88:9f:96:74:5e:e5:89:01:35:ab:da:63:2a:74:2a:
b4:86:86:06:63:e0:13:af:a6:45:50:0f:4b:1c:8c:
14:6f:0e:01:75:25:7e:6f:45:5d:67:e0:0a:2f:6d:
37:bc:20:5f:a2:4a:5e:ed:6f:8b:7c:94:0d:f7:a6:
a3:5e:0d:5d:19:6f:98:aa:fe:dd:ae:c3:8c:47:3f:
e5:29:f0:01:a7:74:f9:d5:0c:2d:85:98:07:60:eb:
db:86:25:58:b1:b6:92:39:6c:9a:3e:32:19:5d:ec:
59:8d:da:09:b5:8f:0c:51:e3:e7:19:d4:1e:9e:13:
de:63:eb:d5:47:4a:88:8e:27:61:59:dd:7a:8d:41:
22:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:29:AC:29:07:08:EF:99:4B:15:D7:35:01:B4:EA:58:91:84:FE:A3
X509v3 Authority Key Identifier:
keyid:2A:91:00:A1:45:DC:B7:B3:79:53:79:BB:09:38:FE:89:AA:86:19:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KpEAoUXct7N5U3m7CTj-iaqGGSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/FymsKQcI75lLFdc1AbTqWJGE_qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a398eb-c429-4837-8e77-79246c894591/1/KpEAoUXct7N5U3m7CTj-iaqGGSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.132.0/23
91.218.144.0/22
194.213.110.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:66:2d:f4:e2:68:95:97:35:ff:9f:a6:84:3e:49:88:88:a7:
df:16:74:1f:7d:ab:46:8f:5a:d7:99:c9:cc:7e:73:b7:bd:f5:
ee:3e:41:02:e2:5d:22:86:85:48:e1:87:ce:7b:af:b7:46:80:
b9:fc:e0:b1:a9:7d:0c:15:12:27:d1:e2:95:b3:c9:89:e5:4a:
c5:3f:29:2d:d8:d7:cb:67:05:a5:80:78:5d:2d:6e:3c:54:4c:
6e:29:f4:fb:fd:f9:b2:17:6a:35:b9:0c:e2:7d:cf:f7:34:40:
e1:b0:d7:15:22:49:02:1f:ae:ef:37:b8:76:1e:c8:03:1a:7a:
8b:ad:1b:34:cc:73:67:9e:07:33:22:09:6c:ad:9f:29:89:87:
82:3a:a6:ff:9c:48:da:65:1f:4f:13:9b:e2:1f:82:47:eb:1c:
ea:ef:19:36:6f:1a:f2:48:b2:11:b9:9c:33:8a:fd:98:06:45:
44:7d:e3:fc:df:24:e7:37:ed:f2:44:0b:ff:47:99:8c:b5:70:
fc:11:e9:d8:4e:5b:ce:80:49:70:7c:d0:6d:0b:03:6b:d2:96:
5f:f2:e9:58:2d:d8:93:9c:24:68:fc:12:62:b9:99:21:b7:71:
7f:1a:bf:53:05:70:12:81:97:19:65:82:b0:1e:30:50:76:3d:
6c:9d:49:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbrVr1U3okc9yDI+zXQwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTEwMGExNDVkY2I3YjM3OTUzNzliYjA5MzhmZTg5YWE4
NjE5MjQwHhcNMjQwMTAxMTQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzI5YWMyOTA3MDhlZjk5NGIxNWQ3MzUwMWI0ZWE1ODkxODRmZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzraIfxYEcwLweRQa+vSO872i47O
b2+YCOKGqYjYRMh2H94RQ4pcja3UlCzXJARC+OIv0SqnHRd3ZdwZDbziJLDoMFW7
Z9gym7MMCaQTV7AHy8rTm80Z7Ut5HSRbI1TpXuWfBZ5+JK9c6lguR+2w8ZT3Y36R
qUCIn5Z0XuWJATWr2mMqdCq0hoYGY+ATr6ZFUA9LHIwUbw4BdSV+b0VdZ+AKL203
vCBfokpe7W+LfJQN96ajXg1dGW+Yqv7drsOMRz/lKfABp3T51QwthZgHYOvbhiVY
sbaSOWyaPjIZXexZjdoJtY8MUePnGdQenhPeY+vVR0qIjidhWd16jUEiKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBcprCkHCO+ZSxXXNQG06liRhP6jMB8GA1UdIwQY
MBaAFCqRAKFF3LezeVN5uwk4/omqhhkkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3BFQW9VWGN0N041VTNtN0NUai1pYXFHR1NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hMzk4ZWItYzQyOS00ODM3LThlNzct
NzkyNDZjODk0NTkxLzEvRnltc0tRY0k3NWxMRmRjMUFiVHFXSkdFX3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hMzk4ZWItYzQyOS00ODM3LThlNzctNzkyNDZjODk0NTkx
LzEvS3BFQW9VWGN0N041VTNtN0NUai1pYXFHR1NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8+EAwQC
W9qQAwQBwtVuMA0GCSqGSIb3DQEBCwUAA4IBAQCaZi304miVlzX/n6aEPkmIiKff
FnQffatGj1rXmcnMfnO3vfXuPkEC4l0ihoVI4YfOe6+3RoC5/OCxqX0MFRIn0eKV
s8mJ5UrFPykt2NfLZwWlgHhdLW48VExuKfT7/fmyF2o1uQzifc/3NEDhsNcVIkkC
H67vN7h2HsgDGnqLrRs0zHNnngczIglsrZ8piYeCOqb/nEjaZR9PE5viH4JH6xzq
7xk2bxrySLIRuZwziv2YBkVEfeP83yTnN+3yRAv/R5mMtXD8EenYTlvOgElwfNBt
CwNr0pZf8ulYLdiTnCRo/BJiuZkht3F/Gr9TBXASgZcZZYKwHjBQdj1snUl2
-----END CERTIFICATE-----
Generated at Mon Jun 17 13:22:03 2024 by rpki-client on console-ams.rpki-client.org