Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/adf329-09c5-4bb8-af6c-d95ab99fb0c5/1/fPvhx4Ccgzorn19myHzcML1HuSQ.roa
File: fPvhx4Ccgzorn19myHzcML1HuSQ.roa (raw, json)
Hash identifier: 5vW6eHRIh4n4/vlQD3vlxkyTnYVoxcQheYWDQ8pHg+E=
Subject key identifier: 7C:FB:E1:C7:80:9C:83:3A:2B:9F:5F:66:C8:7C:DC:30:BD:47:B9:24
Certificate issuer: /CN=f36f9cbaff653b60134b46aa70e79117098a7c64
Certificate serial: 018F156AD14CB2AB0B420A6849B9C7926F00
Authority key identifier: F3:6F:9C:BA:FF:65:3B:60:13:4B:46:AA:70:E7:91:17:09:8A:7C:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/82-cuv9lO2ATS0aqcOeRFwmKfGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/adf329-09c5-4bb8-af6c-d95ab99fb0c5/1/fPvhx4Ccgzorn19myHzcML1HuSQ.roa
Signing time: Thu 25 Apr 2024 13:21:12 +0000
ROA not before: Thu 25 Apr 2024 13:21:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56740
IP address blocks: 31.130.200.0/21 maxlen: 24
2001:67c:2268::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/adf329-09c5-4bb8-af6c-d95ab99fb0c5/1/82-cuv9lO2ATS0aqcOeRFwmKfGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/adf329-09c5-4bb8-af6c-d95ab99fb0c5/1/82-cuv9lO2ATS0aqcOeRFwmKfGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/82-cuv9lO2ATS0aqcOeRFwmKfGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:03:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:6a:d1:4c:b2:ab:0b:42:0a:68:49:b9:c7:92:6f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f36f9cbaff653b60134b46aa70e79117098a7c64
Validity
Not Before: Apr 25 13:21:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cfbe1c7809c833a2b9f5f66c87cdc30bd47b924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2e:f3:9f:8e:c8:b3:0c:05:98:58:21:19:f1:
2f:10:b4:6a:3d:0f:9a:cf:d3:f2:2c:fd:a0:25:c6:
98:60:65:65:5d:ad:e6:03:82:59:42:c9:ed:a6:5e:
d7:ec:2a:67:c2:75:33:db:67:93:a0:71:ba:f1:b3:
11:c1:1b:d7:52:51:67:f4:ad:5d:e2:39:3b:a2:b3:
f8:9b:a6:46:b0:a2:ec:73:57:b9:ff:f9:2a:fb:68:
13:3c:32:81:22:41:71:53:e3:57:f9:ad:8a:3b:b9:
3b:1b:f8:13:9f:b0:a1:ef:f9:d0:c7:43:bc:30:eb:
d5:b5:cd:95:c8:ee:ee:5e:c7:25:dd:05:d1:ae:6d:
02:b1:77:c7:2b:6f:76:37:0a:30:17:f8:dd:c0:4f:
3b:a2:5f:75:cb:c0:6a:ab:57:a6:87:92:a9:3b:0d:
e6:bf:ad:f4:cd:e7:a2:96:0c:77:21:7c:6b:65:5e:
d2:5a:55:36:33:32:5f:a0:e8:9e:f7:89:5d:60:79:
1c:18:8f:52:e3:47:40:f3:42:d0:5e:37:4f:70:57:
f7:23:79:77:56:38:1b:80:f0:8f:99:9e:06:65:06:
53:c7:88:59:8c:92:01:d0:94:4e:0a:0f:17:bd:ab:
f3:27:88:aa:87:05:94:6f:53:50:72:65:4f:fe:2e:
53:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:FB:E1:C7:80:9C:83:3A:2B:9F:5F:66:C8:7C:DC:30:BD:47:B9:24
X509v3 Authority Key Identifier:
keyid:F3:6F:9C:BA:FF:65:3B:60:13:4B:46:AA:70:E7:91:17:09:8A:7C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/82-cuv9lO2ATS0aqcOeRFwmKfGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/adf329-09c5-4bb8-af6c-d95ab99fb0c5/1/fPvhx4Ccgzorn19myHzcML1HuSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/adf329-09c5-4bb8-af6c-d95ab99fb0c5/1/82-cuv9lO2ATS0aqcOeRFwmKfGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.200.0/21
IPv6:
2001:67c:2268::/48
Signature Algorithm: sha256WithRSAEncryption
88:23:ee:08:a0:8a:fc:a0:63:ac:37:91:91:54:25:d9:e6:03:
8e:ad:ec:cb:60:f5:9d:57:63:4b:a7:8b:63:c8:e5:5d:16:4d:
e5:68:dd:21:e8:88:92:23:ed:ac:f5:6c:d6:6d:6c:75:3d:8c:
0a:ca:b2:61:42:63:74:ba:f1:5c:91:2c:50:e2:1c:fa:22:28:
3b:e8:87:83:09:ff:8f:ad:95:63:39:df:4f:db:80:92:16:15:
02:83:cd:4d:77:43:36:5c:77:9b:82:f2:33:21:15:02:bf:57:
63:19:d0:0a:ed:69:f8:df:0a:9d:3c:ec:04:82:27:ac:ff:d2:
9f:08:21:03:69:97:b9:85:ed:89:9e:02:99:3c:2e:ba:7b:68:
67:54:ee:af:3b:d5:12:07:51:b1:02:db:35:76:be:8a:e0:03:
78:1e:3f:02:8b:f9:80:60:dc:4f:4f:ca:ed:da:18:41:e7:b2:
4c:e7:93:ac:13:fd:be:00:40:4b:8f:ba:81:b2:37:61:9b:38:
e2:d7:23:d8:ce:d5:21:ab:7f:f6:97:6f:2b:7d:54:b2:de:c2:
fe:5d:5a:90:e3:75:d8:30:a0:22:06:b5:24:70:ec:d6:d6:a4:
0e:bd:9d:6f:cb:0f:01:ff:d5:9c:5f:59:30:cd:5c:74:68:16:
8e:7b:8c:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8VatFMsqsLQgpoSbnHkm8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNmY5Y2JhZmY2NTNiNjAxMzRiNDZhYTcwZTc5MTE3MDk4
YTdjNjQwHhcNMjQwNDI1MTMyMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2ZiZTFjNzgwOWM4MzNhMmI5ZjVmNjZjODdjZGMzMGJkNDdiOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni7zn47IswwFmFghGfEvELRqPQ+a
z9PyLP2gJcaYYGVlXa3mA4JZQsntpl7X7CpnwnUz22eToHG68bMRwRvXUlFn9K1d
4jk7orP4m6ZGsKLsc1e5//kq+2gTPDKBIkFxU+NX+a2KO7k7G/gTn7Ch7/nQx0O8
MOvVtc2VyO7uXscl3QXRrm0CsXfHK292NwowF/jdwE87ol91y8Bqq1emh5KpOw3m
v630zeeilgx3IXxrZV7SWlU2MzJfoOie94ldYHkcGI9S40dA80LQXjdPcFf3I3l3
VjgbgPCPmZ4GZQZTx4hZjJIB0JROCg8XvavzJ4iqhwWUb1NQcmVP/i5TAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHz74ceAnIM6K59fZsh83DC9R7kkMB8GA1UdIwQY
MBaAFPNvnLr/ZTtgE0tGqnDnkRcJinxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODItY3V2OWxPMkFUUzBhcWNPZVJGd21LZkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZGYzMjktMDljNS00YmI4LWFmNmMt
ZDk1YWI5OWZiMGM1LzEvZlB2aHg0Q2Nnem9ybjE5bXlIemNNTDFIdVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZGYzMjktMDljNS00YmI4LWFmNmMtZDk1YWI5OWZiMGM1
LzEvODItY3V2OWxPMkFUUzBhcWNPZVJGd21LZkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDH4LIMA8E
AgACMAkDBwAgAQZ8ImgwDQYJKoZIhvcNAQELBQADggEBAIgj7gigivygY6w3kZFU
JdnmA46t7Mtg9Z1XY0uni2PI5V0WTeVo3SHoiJIj7az1bNZtbHU9jArKsmFCY3S6
8VyRLFDiHPoiKDvoh4MJ/4+tlWM530/bgJIWFQKDzU13QzZcd5uC8jMhFQK/V2MZ
0ArtafjfCp087ASCJ6z/0p8IIQNpl7mF7YmeApk8Lrp7aGdU7q871RIHUbEC2zV2
vorgA3gePwKL+YBg3E9Pyu3aGEHnskznk6wT/b4AQEuPuoGyN2GbOOLXI9jO1SGr
f/aXbyt9VLLewv5dWpDjddgwoCIGtSRw7NbWpA69nW/LDwH/1ZxfWTDNXHRoFo57
jEs=
-----END CERTIFICATE-----
Generated at Fri May 17 18:56:54 2024 by rpki-client on console-ams.rpki-client.org