Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/c284cd-b2b7-4911-b20b-b2cea7690837/1/FTso0lWfJF7slkbyzAgqYdUFktw.roa
File: FTso0lWfJF7slkbyzAgqYdUFktw.roa (raw, json)
Hash identifier: Yx1+5trbmTTeu7To2qBsupKCGzkwzAZnzGZQKg51a50=
Subject key identifier: 15:3B:28:D2:55:9F:24:5E:EC:96:46:F2:CC:08:2A:61:D5:05:92:DC
Certificate issuer: /CN=9d36e91b62d3dc7c137a28aaa006ede9b9ea1fe4
Certificate serial: 018CC6B919085E2B99E9445DADBEDBFB39AE
Authority key identifier: 9D:36:E9:1B:62:D3:DC:7C:13:7A:28:AA:A0:06:ED:E9:B9:EA:1F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTbpG2LT3HwTeiiqoAbt6bnqH-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/c284cd-b2b7-4911-b20b-b2cea7690837/1/FTso0lWfJF7slkbyzAgqYdUFktw.roa
Signing time: Mon 01 Jan 2024 20:31:08 +0000
ROA not before: Mon 01 Jan 2024 20:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12930
IP address blocks: 128.65.128.0/21 maxlen: 21
185.102.228.0/22 maxlen: 22
2a03:8a80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/c284cd-b2b7-4911-b20b-b2cea7690837/1/nTbpG2LT3HwTeiiqoAbt6bnqH-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/c284cd-b2b7-4911-b20b-b2cea7690837/1/nTbpG2LT3HwTeiiqoAbt6bnqH-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTbpG2LT3HwTeiiqoAbt6bnqH-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:19:08:5e:2b:99:e9:44:5d:ad:be:db:fb:39:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d36e91b62d3dc7c137a28aaa006ede9b9ea1fe4
Validity
Not Before: Jan 1 20:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=153b28d2559f245eec9646f2cc082a61d50592dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a8:70:a0:65:45:74:3f:94:55:ba:dc:b2:db:
f3:ed:7c:6e:7c:13:93:4f:0b:19:eb:73:17:d2:da:
a9:f1:e8:e8:88:bf:e6:18:5c:55:ae:d3:d9:f3:52:
01:4c:fc:f0:d8:45:bd:0b:25:d3:02:0b:7f:1e:22:
1e:a1:24:df:cd:92:75:41:6e:6d:f1:ad:f6:0b:52:
ed:45:80:9e:a4:e4:5e:67:ed:4f:53:ad:79:3d:ed:
00:22:13:41:84:87:fe:47:51:43:83:a1:ab:22:9d:
54:c9:e7:5e:63:d9:8b:ac:61:9d:57:5a:cc:72:7c:
96:78:d3:ca:fd:69:89:f7:5f:ed:f2:3a:1a:47:d9:
c0:0b:78:0f:10:77:59:d9:1c:78:d4:65:7d:8c:fd:
b4:b7:d4:ae:a3:33:58:70:13:0f:53:96:c4:7a:dd:
7a:5f:c3:ab:fc:dd:7b:d4:42:e1:66:67:92:75:91:
d9:dd:b2:5f:72:6e:b8:56:a4:ab:e8:99:d6:06:b1:
f4:20:ac:e3:1e:55:5b:ac:de:26:92:66:d8:ea:eb:
2d:46:9e:7f:f9:22:75:f0:c1:d3:a9:44:bf:2d:37:
c3:f0:29:48:63:e1:f5:64:65:5d:53:93:63:ac:18:
6d:6a:79:b7:fd:e2:5e:c2:ed:4d:bc:ca:4d:f0:83:
92:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:3B:28:D2:55:9F:24:5E:EC:96:46:F2:CC:08:2A:61:D5:05:92:DC
X509v3 Authority Key Identifier:
keyid:9D:36:E9:1B:62:D3:DC:7C:13:7A:28:AA:A0:06:ED:E9:B9:EA:1F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTbpG2LT3HwTeiiqoAbt6bnqH-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/c284cd-b2b7-4911-b20b-b2cea7690837/1/FTso0lWfJF7slkbyzAgqYdUFktw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/c284cd-b2b7-4911-b20b-b2cea7690837/1/nTbpG2LT3HwTeiiqoAbt6bnqH-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.128.0/21
185.102.228.0/22
IPv6:
2a03:8a80::/32
Signature Algorithm: sha256WithRSAEncryption
4e:72:d7:81:32:18:24:86:ae:c3:59:c5:c3:bd:68:7a:f4:59:
61:fc:51:71:b2:d7:df:7f:5e:07:ac:6a:2c:f5:82:af:7e:27:
33:0a:00:50:55:62:70:26:bd:17:32:c0:d9:9a:68:15:60:26:
4e:f9:e2:5f:52:00:50:bf:b4:0c:43:32:01:d5:c3:84:c0:c7:
56:9c:54:50:d7:08:7b:ed:7f:ec:b2:46:45:b7:43:08:f0:e6:
06:80:c4:7d:98:e1:b6:52:6e:75:7e:eb:6a:0e:e3:b5:14:73:
b0:f1:2f:5d:cc:1a:45:9c:00:5b:3c:fd:48:f2:6e:e9:09:d8:
5c:4f:bf:bc:85:19:75:cf:9a:e9:85:80:55:c7:36:91:70:bb:
ca:6e:a7:5e:ff:86:c1:58:e3:72:3d:12:6c:78:cc:bb:ea:ef:
32:1f:8d:bc:f3:9b:8e:e0:d9:c0:8a:8e:ad:ec:b4:4b:89:a5:
12:d8:3c:ef:57:4e:25:81:72:c0:7a:e7:e9:5d:40:f8:c6:57:
b8:b3:01:4e:9f:f3:c3:a7:90:a0:52:87:52:91:9d:f4:6f:7b:
18:a2:86:44:40:5d:8c:40:30:22:1b:4b:e1:91:29:a9:41:53:
a6:c1:84:67:58:26:89:88:5a:85:33:60:0d:8b:20:50:af:cc:
73:e2:1e:da
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuRkIXiuZ6URdrb7b+zmuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzZlOTFiNjJkM2RjN2MxMzdhMjhhYWEwMDZlZGU5Yjll
YTFmZTQwHhcNMjQwMTAxMjAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTNiMjhkMjU1OWYyNDVlZWM5NjQ2ZjJjYzA4MmE2MWQ1MDU5MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6hwoGVFdD+UVbrcstvz7XxufBOT
TwsZ63MX0tqp8ejoiL/mGFxVrtPZ81IBTPzw2EW9CyXTAgt/HiIeoSTfzZJ1QW5t
8a32C1LtRYCepOReZ+1PU615Pe0AIhNBhIf+R1FDg6GrIp1UyedeY9mLrGGdV1rM
cnyWeNPK/WmJ91/t8joaR9nAC3gPEHdZ2Rx41GV9jP20t9SuozNYcBMPU5bEet16
X8Or/N171ELhZmeSdZHZ3bJfcm64VqSr6JnWBrH0IKzjHlVbrN4mkmbY6ustRp5/
+SJ18MHTqUS/LTfD8ClIY+H1ZGVdU5NjrBhtanm3/eJewu1NvMpN8IOSzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBU7KNJVnyRe7JZG8swIKmHVBZLcMB8GA1UdIwQY
MBaAFJ026Rti09x8E3ooqqAG7em56h/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRicEcyTFQzSHdUZWlpcW9BYnQ2Ym5xSC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9jMjg0Y2QtYjJiNy00OTExLWIyMGIt
YjJjZWE3NjkwODM3LzEvRlRzbzBsV2ZKRjdzbGtieXpBZ3FZZFVGa3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9jMjg0Y2QtYjJiNy00OTExLWIyMGItYjJjZWE3NjkwODM3
LzEvblRicEcyTFQzSHdUZWlpcW9BYnQ2Ym5xSC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDgEGAAwQC
uWbkMA0EAgACMAcDBQAqA4qAMA0GCSqGSIb3DQEBCwUAA4IBAQBOcteBMhgkhq7D
WcXDvWh69Flh/FFxstfff14HrGos9YKvficzCgBQVWJwJr0XMsDZmmgVYCZO+eJf
UgBQv7QMQzIB1cOEwMdWnFRQ1wh77X/sskZFt0MI8OYGgMR9mOG2Um51futqDuO1
FHOw8S9dzBpFnABbPP1I8m7pCdhcT7+8hRl1z5rphYBVxzaRcLvKbqde/4bBWONy
PRJseMy76u8yH42885uO4NnAio6t7LRLiaUS2DzvV04lgXLAeufpXUD4xle4swFO
n/PDp5CgUodSkZ30b3sYooZEQF2MQDAiG0vhkSmpQVOmwYRnWCaJiFqFM2ANiyBQ
r8xz4h7a
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:14:05 2024 by rpki-client on console-fra.rpki-client.org