Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/FN-ooGgo_cWlqDGcmUxe_fzJTNg.roa
File: FN-ooGgo_cWlqDGcmUxe_fzJTNg.roa (raw, json)
Hash identifier: QVXO7TH9CpRv77aVzKkYO2BYguK1Y1AirUWw68ge9K4=
Subject key identifier: 14:DF:A8:A0:68:28:FD:C5:A5:A8:31:9C:99:4C:5E:FD:FC:C9:4C:D8
Certificate issuer: /CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Certificate serial: 018CC501109040C7915E263D043D79B84A96
Authority key identifier: 3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/FN-ooGgo_cWlqDGcmUxe_fzJTNg.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51703
IP address blocks: 212.174.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:10:90:40:c7:91:5e:26:3d:04:3d:79:b8:4a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14dfa8a06828fdc5a5a8319c994c5efdfcc94cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:22:36:06:22:67:3d:16:b2:13:fa:99:dc:d1:
13:98:af:80:6b:4b:76:5c:ff:6e:05:20:4f:7e:93:
46:69:7f:73:98:8b:0b:a5:52:f7:a2:06:07:7f:3b:
5a:78:a2:40:0a:db:ae:e9:d2:a1:4c:4d:84:0a:a2:
ef:13:94:f9:cc:52:41:87:e9:df:44:e4:68:af:58:
15:d8:b3:14:63:c0:3f:dd:70:17:1c:e1:6c:0d:c7:
e5:fb:2a:88:10:33:3a:00:f1:f7:fb:79:38:cf:a5:
80:51:34:d4:02:50:7b:31:d6:e8:bb:7e:9e:ae:d1:
e2:eb:17:16:f4:c9:53:d4:6e:a9:59:55:c6:2c:c7:
1e:f9:c0:32:fc:6e:1e:f2:4a:1a:fc:d6:50:40:45:
58:0d:62:0d:da:9d:31:bf:98:f1:c4:2b:80:8d:7f:
a3:7e:95:56:eb:72:9e:8c:6f:25:a0:20:9e:a1:aa:
2a:5a:72:a4:e6:78:84:f4:71:77:47:45:3e:88:7d:
66:8b:76:f7:91:33:fd:0a:d5:7d:5d:e7:67:f8:bc:
6c:52:83:7d:d9:ac:b7:36:52:4b:4a:b3:5b:13:51:
a3:2e:77:83:8a:96:48:f7:d3:05:b3:3e:53:1c:0f:
88:d7:1e:21:86:05:0a:aa:a0:34:20:18:47:17:6f:
f9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DF:A8:A0:68:28:FD:C5:A5:A8:31:9C:99:4C:5E:FD:FC:C9:4C:D8
X509v3 Authority Key Identifier:
keyid:3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/FN-ooGgo_cWlqDGcmUxe_fzJTNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.174.139.0/24
Signature Algorithm: sha256WithRSAEncryption
94:94:6c:35:79:44:d5:d6:0c:88:e0:db:f1:39:c7:7a:9a:a5:
6a:e2:45:e3:17:80:56:dd:ac:66:99:b7:2e:92:1b:eb:67:7d:
3f:74:92:a9:b9:09:5d:50:3d:25:a1:c7:b5:82:ee:25:01:36:
34:9f:5c:87:c4:88:0f:a0:57:aa:af:76:5c:8d:97:b4:92:f2:
ac:15:00:ae:bc:d0:73:47:40:9b:77:82:c2:ce:02:02:a1:c8:
75:5e:6c:ff:b3:f9:8a:da:88:21:61:3f:ed:48:65:7d:28:27:
cd:51:e2:89:33:e0:b9:77:e4:4c:e6:26:e9:8c:b5:83:00:2e:
93:77:96:4a:22:76:61:b0:79:22:13:bc:bc:67:fc:ad:b4:0b:
40:83:73:de:35:f6:61:b2:01:6d:dd:a0:20:82:c2:58:cc:db:
25:b1:20:72:a5:09:73:42:01:21:8a:43:6a:e1:ee:fd:1f:c6:
0d:18:1b:85:cf:85:b3:64:a6:42:7d:5a:a0:ee:f6:19:e5:e2:
64:c4:eb:08:a2:63:b9:c5:aa:a2:d8:35:42:fb:21:58:c4:a2:
d2:f5:1f:94:ae:30:96:48:17:f6:63:00:15:18:e5:58:b5:0e:
d9:25:99:c7:bf:08:14:ad:a3:7d:5a:11:19:85:97:51:51:fe:
20:42:99:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFARCQQMeRXiY9BD15uEqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWYxMWJiOGE4ZDQ4MGEwMzEzZTFmMjE4YTY2YmRmNGU5
NWY2MjcwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGRmYThhMDY4MjhmZGM1YTVhODMxOWM5OTRjNWVmZGZjYzk0Y2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriI2BiJnPRayE/qZ3NETmK+Aa0t2
XP9uBSBPfpNGaX9zmIsLpVL3ogYHfztaeKJACtuu6dKhTE2ECqLvE5T5zFJBh+nf
RORor1gV2LMUY8A/3XAXHOFsDcfl+yqIEDM6APH3+3k4z6WAUTTUAlB7Mdbou36e
rtHi6xcW9MlT1G6pWVXGLMce+cAy/G4e8koa/NZQQEVYDWIN2p0xv5jxxCuAjX+j
fpVW63KejG8loCCeoaoqWnKk5niE9HF3R0U+iH1mi3b3kTP9CtV9Xedn+LxsUoN9
2ay3NlJLSrNbE1GjLneDipZI99MFsz5THA+I1x4hhgUKqqA0IBhHF2/5GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTfqKBoKP3FpagxnJlMXv38yUzYMB8GA1UdIwQY
MBaAFD3vEbuKjUgKAxPh8hima99OlfYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYt
YjQ5NDY2NDcyNGFkLzEvRk4tb29HZ29fY1dscURHY21VeGVfZnpKVE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYtYjQ5NDY2NDcyNGFk
LzEvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1K6LMA0G
CSqGSIb3DQEBCwUAA4IBAQCUlGw1eUTV1gyI4NvxOcd6mqVq4kXjF4BW3axmmbcu
khvrZ30/dJKpuQldUD0loce1gu4lATY0n1yHxIgPoFeqr3ZcjZe0kvKsFQCuvNBz
R0Cbd4LCzgICoch1Xmz/s/mK2oghYT/tSGV9KCfNUeKJM+C5d+RM5ibpjLWDAC6T
d5ZKInZhsHkiE7y8Z/yttAtAg3PeNfZhsgFt3aAggsJYzNslsSBypQlzQgEhikNq
4e79H8YNGBuFz4WzZKZCfVqg7vYZ5eJkxOsIomO5xaqi2DVC+yFYxKLS9R+UrjCW
SBf2YwAVGOVYtQ7ZJZnHvwgUraN9WhEZhZdRUf4gQpks
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:30:22 2024 by rpki-client on console-fra.rpki-client.org