Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/F1YxRyCVMISpLiGpKxId5OF3nEE.roa
File: F1YxRyCVMISpLiGpKxId5OF3nEE.roa (raw, json)
Hash identifier: AUiaOIqIQESEN0D6w40A8Jc8ZlarDgse8lJcqPO0xvY=
Subject key identifier: 17:56:31:47:20:95:30:84:A9:2E:21:A9:2B:12:1D:E4:E1:77:9C:41
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 018CC6B92C5B8E2B138D5403B4E5C9CF13F8
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/F1YxRyCVMISpLiGpKxId5OF3nEE.roa
Signing time: Mon 01 Jan 2024 20:31:13 +0000
ROA not before: Mon 01 Jan 2024 20:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47328
IP address blocks: 212.124.108.0/22 maxlen: 24
212.124.112.0/21 maxlen: 24
212.124.120.0/21 maxlen: 24
185.190.188.0/24 maxlen: 24
185.190.189.0/24 maxlen: 24
83.222.124.0/22 maxlen: 24
212.124.96.0/22 maxlen: 24
212.124.100.0/22 maxlen: 24
212.124.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:2c:5b:8e:2b:13:8d:54:03:b4:e5:c9:cf:13:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jan 1 20:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1756314720953084a92e21a92b121de4e1779c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1f:1c:d0:9c:8e:38:e1:e8:50:99:1c:26:e4:
07:ba:e5:04:e4:2c:ea:a6:57:76:dc:67:3e:56:5f:
de:ae:24:3b:11:84:d0:f7:3f:a8:9a:04:cc:3e:1a:
6d:9e:5a:c0:fc:c9:b4:b8:b7:5b:41:2b:cb:d1:63:
60:ac:69:60:b1:0a:8c:89:24:1a:e1:df:ae:e6:46:
df:ad:74:44:df:cf:e3:63:f3:5c:c0:12:4a:3d:2c:
4c:9f:d7:3d:a6:67:d9:60:a5:e2:85:c9:b9:41:02:
ab:4b:a6:29:23:f0:11:25:83:b0:72:88:cb:ff:af:
d1:c5:8b:7b:11:b5:9e:1a:3e:db:87:05:ff:da:fb:
63:f9:a3:32:3c:0b:29:9f:e5:51:e4:4b:77:14:92:
75:72:9f:4b:a7:3f:6a:27:2b:0a:30:ee:f2:8e:05:
4d:17:8c:f0:6b:0e:63:30:7d:29:f1:7d:ff:f1:67:
b8:d4:68:26:e0:6c:2a:d1:c7:59:1c:ce:6e:cf:38:
2e:2e:80:f5:43:81:8d:19:66:0e:34:8b:94:af:b7:
58:c4:bb:ed:e2:67:0a:d8:71:b1:79:27:2e:b9:d2:
79:06:7a:97:09:4c:68:d9:72:c4:43:63:8f:56:bc:
43:b7:70:1a:f3:35:cf:71:d1:f5:f6:51:06:3a:d8:
cc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:56:31:47:20:95:30:84:A9:2E:21:A9:2B:12:1D:E4:E1:77:9C:41
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/F1YxRyCVMISpLiGpKxId5OF3nEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.222.124.0/22
185.190.188.0/23
212.124.96.0/19
Signature Algorithm: sha256WithRSAEncryption
63:54:4b:4e:59:8a:6f:a4:a2:14:a9:8b:bb:b6:53:0a:d0:27:
da:3a:39:a7:93:f0:f6:25:ce:75:b6:d2:ce:e5:03:b6:f1:0a:
49:1d:88:93:fb:81:7b:35:48:8b:3a:23:66:ae:d3:5d:30:6b:
a4:3a:b8:2c:a7:62:2a:d2:82:56:71:8c:00:de:9b:d4:80:72:
f9:7c:c1:5f:c8:d7:08:44:59:a1:3f:d0:38:15:87:0b:7d:55:
41:e4:2c:48:ab:b0:a0:4f:39:00:e2:c9:ea:99:db:11:22:67:
1e:ae:68:64:58:9b:1a:c1:d2:c7:60:2b:c2:96:28:2d:6c:8c:
e8:64:a3:e4:da:c9:46:0c:00:db:a3:f4:52:1c:9e:dd:5c:f8:
e7:bd:be:7c:2d:37:48:ec:19:f7:c5:80:1d:2b:3d:79:7b:34:
fb:b1:2e:18:3d:da:bb:78:b6:39:25:b1:36:3c:84:9b:a6:11:
34:de:6a:2b:25:7a:f0:a4:f5:73:e4:60:3c:0e:5c:a9:67:3c:
14:d1:07:10:81:e1:44:57:cc:c4:2f:32:6e:45:52:53:25:6e:
f6:ef:6c:3c:91:57:c8:51:fb:4f:ab:01:21:c4:fc:92:e7:64:
2e:bd:95:cc:a8:21:c6:59:97:16:db:38:7b:1e:0d:06:34:17:
66:68:f4:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuSxbjisTjVQDtOXJzxP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjQwMTAxMjAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzU2MzE0NzIwOTUzMDg0YTkyZTIxYTkyYjEyMWRlNGUxNzc5YzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR8c0JyOOOHoUJkcJuQHuuUE5Czq
pld23Gc+Vl/eriQ7EYTQ9z+omgTMPhptnlrA/Mm0uLdbQSvL0WNgrGlgsQqMiSQa
4d+u5kbfrXRE38/jY/NcwBJKPSxMn9c9pmfZYKXihcm5QQKrS6YpI/ARJYOwcojL
/6/RxYt7EbWeGj7bhwX/2vtj+aMyPAspn+VR5Et3FJJ1cp9Lpz9qJysKMO7yjgVN
F4zwaw5jMH0p8X3/8We41Ggm4Gwq0cdZHM5uzzguLoD1Q4GNGWYONIuUr7dYxLvt
4mcK2HGxeScuudJ5BnqXCUxo2XLEQ2OPVrxDt3Aa8zXPcdH19lEGOtjMTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBdWMUcglTCEqS4hqSsSHeThd5xBMB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvRjFZeFJ5Q1ZNSVNwTGlHcEt4SWQ1T0YzbkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU958AwQB
ub68AwQF1HxgMA0GCSqGSIb3DQEBCwUAA4IBAQBjVEtOWYpvpKIUqYu7tlMK0Cfa
Ojmnk/D2Jc51ttLO5QO28QpJHYiT+4F7NUiLOiNmrtNdMGukOrgsp2Iq0oJWcYwA
3pvUgHL5fMFfyNcIRFmhP9A4FYcLfVVB5CxIq7CgTzkA4snqmdsRImcermhkWJsa
wdLHYCvCligtbIzoZKPk2slGDADbo/RSHJ7dXPjnvb58LTdI7Bn3xYAdKz15ezT7
sS4YPdq7eLY5JbE2PISbphE03morJXrwpPVz5GA8DlypZzwU0QcQgeFEV8zELzJu
RVJTJW7272w8kVfIUftPqwEhxPyS52QuvZXMqCHGWZcW2zh7Hg0GNBdmaPTk
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:49:33 2024 by rpki-client on console-ams.rpki-client.org