Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/iFIGbWA21VJafCCvxww-F5feY64.roa
File: iFIGbWA21VJafCCvxww-F5feY64.roa (raw, json)
Hash identifier: 94EyHJHGZRyAiloweoWGUeuMTjsknxxEadOHyLqmilo=
Subject key identifier: 88:52:06:6D:60:36:D5:52:5A:7C:20:AF:C7:0C:3E:17:97:DE:63:AE
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0190C192140B557BBA3D3DCDAC7F42CF5E75
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/iFIGbWA21VJafCCvxww-F5feY64.roa
Signing time: Wed 17 Jul 2024 16:41:34 +0000
ROA not before: Wed 17 Jul 2024 16:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13115
IP address blocks: 213.145.64.0/23 maxlen: 23
213.145.80.0/23 maxlen: 23
2001:41f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c1:92:14:0b:55:7b:ba:3d:3d:cd:ac:7f:42:cf:5e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jul 17 16:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8852066d6036d5525a7c20afc70c3e1797de63ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:64:13:eb:23:f9:f2:3c:3c:30:f8:90:ed:9c:
30:84:d9:a6:60:14:db:e9:bc:bf:ee:88:6c:6c:b0:
99:32:64:1c:31:1a:b4:a0:25:39:e8:40:86:91:de:
a5:2d:5c:cf:99:53:82:b0:fd:d7:8f:a9:d8:f8:10:
52:dc:79:db:0a:09:1d:4e:0c:ae:e7:d7:e7:15:23:
77:b1:91:b3:2f:bd:a9:0a:63:a6:c3:b6:66:c4:98:
ea:ca:df:3c:2c:ce:ad:d5:4d:c3:d8:e1:1b:da:3e:
51:ef:a4:f9:0b:80:cc:ae:6f:47:2f:e7:9c:07:d1:
33:89:1f:ac:29:7b:1a:b8:1c:16:78:df:7b:1c:53:
e2:31:f7:49:bd:40:a3:19:6b:e0:55:a2:1f:66:d5:
59:7c:78:6c:f5:23:73:74:91:6b:b7:25:65:db:45:
80:91:06:e4:70:f5:4a:88:bf:ef:eb:37:5a:12:97:
00:4b:bb:d6:a4:d9:6f:8e:72:81:8d:a7:48:7c:e8:
03:74:bf:4b:97:68:fd:17:dc:a6:2f:54:a7:f1:35:
54:28:cf:b0:b2:11:83:8d:85:36:fa:45:eb:d4:cd:
1c:59:68:4c:55:5c:2f:08:ac:c8:3a:4a:ff:d7:ac:
d8:75:63:b4:45:3b:ed:d4:ad:24:7f:4a:8b:eb:aa:
c8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:52:06:6D:60:36:D5:52:5A:7C:20:AF:C7:0C:3E:17:97:DE:63:AE
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/iFIGbWA21VJafCCvxww-F5feY64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.64.0/23
213.145.80.0/23
IPv6:
2001:41f8::/32
Signature Algorithm: sha256WithRSAEncryption
f4:5c:2d:cd:36:44:09:0d:75:95:24:89:61:37:fb:8c:b0:15:
a7:84:e3:b2:ec:1d:22:8c:95:42:38:ce:25:60:72:58:b4:09:
2b:02:53:d6:fa:cf:f5:1e:e7:ff:e6:33:db:3e:b1:fc:3e:c0:
ff:e8:d1:a0:a2:e7:48:e8:24:8a:1e:b7:06:76:34:12:a7:f0:
c0:e2:14:62:76:8c:c2:ac:74:d1:27:d0:55:e0:f2:45:bc:95:
c4:d2:94:47:fa:fc:a7:64:11:92:cc:ac:bd:85:e0:72:58:3e:
ad:3d:c4:04:c4:a5:4c:ae:18:75:df:33:c7:d3:db:fd:79:ba:
ba:35:d9:a6:5e:4d:c5:03:a4:56:1d:fa:ef:17:be:c2:b5:58:
45:42:63:25:48:8f:e2:42:8f:e2:70:5c:ab:39:6a:75:f9:af:
92:a7:fb:14:27:d6:f6:7d:66:ed:31:d9:a3:32:25:34:bf:50:
7c:cc:b3:78:7c:fc:ec:0a:22:e4:c3:1c:44:ec:b7:0c:d7:30:
a5:fd:c6:e5:f8:88:73:3f:11:e0:9e:c4:eb:fb:79:c6:51:86:
9b:75:7e:d4:6b:37:b3:63:b2:11:da:36:f1:32:28:30:99:94:
74:24:a5:58:9b:47:f1:6b:18:6f:56:54:e9:4e:b8:4b:5c:0f:
50:05:cb:46
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZDBkhQLVXu6PT3NrH9Cz151MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwNzE3MTY0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODUyMDY2ZDYwMzZkNTUyNWE3YzIwYWZjNzBjM2UxNzk3ZGU2M2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WQT6yP58jw8MPiQ7ZwwhNmmYBTb
6by/7ohsbLCZMmQcMRq0oCU56ECGkd6lLVzPmVOCsP3Xj6nY+BBS3HnbCgkdTgyu
59fnFSN3sZGzL72pCmOmw7ZmxJjqyt88LM6t1U3D2OEb2j5R76T5C4DMrm9HL+ec
B9EziR+sKXsauBwWeN97HFPiMfdJvUCjGWvgVaIfZtVZfHhs9SNzdJFrtyVl20WA
kQbkcPVKiL/v6zdaEpcAS7vWpNlvjnKBjadIfOgDdL9Ll2j9F9ymL1Sn8TVUKM+w
shGDjYU2+kXr1M0cWWhMVVwvCKzIOkr/16zYdWO0RTvt1K0kf0qL66rIOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIhSBm1gNtVSWnwgr8cMPheX3mOuMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvaUZJR2JXQTIxVkphZkNDdnh3dy1GNWZlWTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQB1ZFAAwQB
1ZFQMA0EAgACMAcDBQAgAUH4MA0GCSqGSIb3DQEBCwUAA4IBAQD0XC3NNkQJDXWV
JIlhN/uMsBWnhOOy7B0ijJVCOM4lYHJYtAkrAlPW+s/1Huf/5jPbPrH8PsD/6NGg
oudI6CSKHrcGdjQSp/DA4hRidozCrHTRJ9BV4PJFvJXE0pRH+vynZBGSzKy9heBy
WD6tPcQExKVMrhh13zPH09v9ebq6NdmmXk3FA6RWHfrvF77CtVhFQmMlSI/iQo/i
cFyrOWp1+a+Sp/sUJ9b2fWbtMdmjMiU0v1B8zLN4fPzsCiLkwxxE7LcM1zCl/cbl
+IhzPxHgnsTr+3nGUYabdX7UazezY7IR2jbxMigwmZR0JKVYm0fxaxhvVlTpTrhL
XA9QBctG
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:46:59 2024 by rpki-client on console-ams.rpki-client.org