Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/55a277-036e-4737-9af1-d3bec06ac8e1/1/fzSrL8rZzzGSBDjJlSyRlPaclxg.roa
File: fzSrL8rZzzGSBDjJlSyRlPaclxg.roa (raw, json)
Hash identifier: ynDvbcuL0i7aMGCEhsGFPTPralMdydSjkujBQmHTmqs=
Subject key identifier: 7F:34:AB:2F:CA:D9:CF:31:92:04:38:C9:95:2C:91:94:F6:9C:97:18
Certificate issuer: /CN=b9eaa99b1b55b4e50b5d9eccdeecdf3892473539
Certificate serial: 018CC5DD2432C65B0A92BC6965314114B697
Authority key identifier: B9:EA:A9:9B:1B:55:B4:E5:0B:5D:9E:CC:DE:EC:DF:38:92:47:35:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqpmxtVtOULXZ7M3uzfOJJHNTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/55a277-036e-4737-9af1-d3bec06ac8e1/1/fzSrL8rZzzGSBDjJlSyRlPaclxg.roa
Signing time: Mon 01 Jan 2024 16:30:53 +0000
ROA not before: Mon 01 Jan 2024 16:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31337
IP address blocks: 193.178.60.0/22 maxlen: 24
2001:67c:1898::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/55a277-036e-4737-9af1-d3bec06ac8e1/1/ueqpmxtVtOULXZ7M3uzfOJJHNTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/55a277-036e-4737-9af1-d3bec06ac8e1/1/ueqpmxtVtOULXZ7M3uzfOJJHNTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ueqpmxtVtOULXZ7M3uzfOJJHNTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 13:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:24:32:c6:5b:0a:92:bc:69:65:31:41:14:b6:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9eaa99b1b55b4e50b5d9eccdeecdf3892473539
Validity
Not Before: Jan 1 16:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f34ab2fcad9cf31920438c9952c9194f69c9718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:16:1e:a7:dd:f8:18:81:f6:b8:01:81:60:9f:
f1:67:10:c7:be:66:56:17:89:b4:98:22:be:86:1c:
99:fb:cb:67:3e:02:7e:63:df:fe:5a:45:d1:6a:67:
ac:ec:44:76:80:04:ad:62:83:74:e9:90:b5:54:41:
6d:3b:1b:1e:6c:da:d4:f2:c9:b0:7b:a9:a3:40:50:
f2:56:3d:a3:09:3d:bd:24:54:ba:ba:62:c3:0b:36:
48:35:5e:f3:96:0e:2b:e4:e9:11:09:0b:d2:b8:28:
be:e4:3c:47:75:3e:bb:57:86:d3:a9:1a:06:bf:17:
dc:98:12:2c:04:2c:c4:7e:00:23:f9:38:d1:76:26:
0d:c8:51:07:d6:ce:71:b0:17:49:f9:99:65:73:81:
7b:cb:24:00:65:aa:06:38:c3:58:da:2e:0f:39:f9:
de:73:c9:82:3e:77:d1:c5:ff:14:10:52:a0:1f:e8:
a2:9e:bd:9e:40:19:db:2e:43:ad:fa:96:57:17:eb:
a5:0a:61:2e:6b:74:d9:82:ae:88:5b:45:14:e1:2a:
ab:c8:44:a6:63:30:55:59:d2:59:55:e8:58:66:ae:
62:4c:7c:69:ea:8e:c6:12:da:05:ce:66:5a:a6:c7:
2f:3f:0a:ef:63:c0:3d:76:0e:8e:15:25:b8:74:8f:
54:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:34:AB:2F:CA:D9:CF:31:92:04:38:C9:95:2C:91:94:F6:9C:97:18
X509v3 Authority Key Identifier:
keyid:B9:EA:A9:9B:1B:55:B4:E5:0B:5D:9E:CC:DE:EC:DF:38:92:47:35:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqpmxtVtOULXZ7M3uzfOJJHNTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/55a277-036e-4737-9af1-d3bec06ac8e1/1/fzSrL8rZzzGSBDjJlSyRlPaclxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/55a277-036e-4737-9af1-d3bec06ac8e1/1/ueqpmxtVtOULXZ7M3uzfOJJHNTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.60.0/22
IPv6:
2001:67c:1898::/48
Signature Algorithm: sha256WithRSAEncryption
a2:90:ac:ae:73:7b:f8:67:af:f9:c5:9b:b2:91:1e:5c:44:40:
19:1e:d1:02:ef:af:ac:55:f7:ed:14:35:0e:43:e5:38:3f:16:
0b:e4:4e:04:c2:83:de:cf:15:67:eb:38:2d:c1:5d:2b:4c:0c:
b8:ee:e3:78:ca:9e:80:e6:ed:b3:10:e9:a0:56:76:d4:84:d2:
fd:ac:65:87:96:c4:8c:5f:ec:cf:76:05:af:e7:62:00:14:48:
41:05:07:08:82:d3:2e:a4:79:a7:bf:63:23:e0:2c:0c:6b:f5:
4f:50:8b:5e:5a:d6:8a:87:13:f0:64:42:53:0e:b8:c0:c7:f3:
4f:af:14:8e:44:f6:d4:82:72:4e:e5:1c:71:80:6c:92:59:03:
e2:00:d8:fb:6d:c1:6f:25:3b:a6:5c:d7:ec:ba:e9:f0:d3:e0:
55:90:0f:6d:3a:32:3c:7c:e5:ec:d2:e9:99:22:cc:89:4c:20:
6d:84:11:08:17:6a:c5:34:c6:ab:77:47:92:01:f4:79:38:ed:
e5:dc:57:65:ee:9e:f4:de:1f:96:18:ac:20:c4:d7:be:31:e3:
e4:b0:ad:ac:20:e9:b5:42:e0:3e:0d:73:a0:55:a1:19:14:48:
a4:6c:dd:c6:b9:f5:2e:97:67:07:ed:94:f6:64:f5:1b:45:63:
57:b9:ab:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3SQyxlsKkrxpZTFBFLaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWFhOTliMWI1NWI0ZTUwYjVkOWVjY2RlZWNkZjM4OTI0
NzM1MzkwHhcNMjQwMTAxMTYzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjM0YWIyZmNhZDljZjMxOTIwNDM4Yzk5NTJjOTE5NGY2OWM5NzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRYep934GIH2uAGBYJ/xZxDHvmZW
F4m0mCK+hhyZ+8tnPgJ+Y9/+WkXRames7ER2gAStYoN06ZC1VEFtOxsebNrU8smw
e6mjQFDyVj2jCT29JFS6umLDCzZINV7zlg4r5OkRCQvSuCi+5DxHdT67V4bTqRoG
vxfcmBIsBCzEfgAj+TjRdiYNyFEH1s5xsBdJ+Zllc4F7yyQAZaoGOMNY2i4POfne
c8mCPnfRxf8UEFKgH+iinr2eQBnbLkOt+pZXF+ulCmEua3TZgq6IW0UU4SqryESm
YzBVWdJZVehYZq5iTHxp6o7GEtoFzmZapscvPwrvY8A9dg6OFSW4dI9UvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH80qy/K2c8xkgQ4yZUskZT2nJcYMB8GA1UdIwQY
MBaAFLnqqZsbVbTlC12ezN7s3ziSRzU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxcG14dFZ0T1VMWFo3TTN1emZPSkpITlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC81NWEyNzctMDM2ZS00NzM3LTlhZjEt
ZDNiZWMwNmFjOGUxLzEvZnpTckw4clp6ekdTQkRqSmxTeVJsUGFjbHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC81NWEyNzctMDM2ZS00NzM3LTlhZjEtZDNiZWMwNmFjOGUx
LzEvdWVxcG14dFZ0T1VMWFo3TTN1emZPSkpITlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwbI8MA8E
AgACMAkDBwAgAQZ8GJgwDQYJKoZIhvcNAQELBQADggEBAKKQrK5ze/hnr/nFm7KR
HlxEQBke0QLvr6xV9+0UNQ5D5Tg/FgvkTgTCg97PFWfrOC3BXStMDLju43jKnoDm
7bMQ6aBWdtSE0v2sZYeWxIxf7M92Ba/nYgAUSEEFBwiC0y6keae/YyPgLAxr9U9Q
i15a1oqHE/BkQlMOuMDH80+vFI5E9tSCck7lHHGAbJJZA+IA2PttwW8lO6Zc1+y6
6fDT4FWQD206Mjx85ezS6ZkizIlMIG2EEQgXasU0xqt3R5IB9Hk47eXcV2XunvTe
H5YYrCDE174x4+Swrawg6bVC4D4Nc6BVoRkUSKRs3ca59S6XZwftlPZk9RtFY1e5
qxM=
-----END CERTIFICATE-----
Generated at Fri Jun 28 22:48:26 2024 by rpki-client on console-ams.rpki-client.org