Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/_cg19903bZU6vhFVDLYGYBLW4L4.roa
File: _cg19903bZU6vhFVDLYGYBLW4L4.roa (raw, json)
Hash identifier: 448dZLB02NFnGA4FsUGEQ+q5+OCKCf79vQC5TYR6cC8=
Subject key identifier: FD:C8:35:F7:DD:37:6D:95:3A:BE:11:55:0C:B6:06:60:12:D6:E0:BE
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 018CC94ADCB76D662E086E1A9A0F290360A3
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/_cg19903bZU6vhFVDLYGYBLW4L4.roa
Signing time: Tue 02 Jan 2024 08:29:35 +0000
ROA not before: Tue 02 Jan 2024 08:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42894
IP address blocks: 145.31.0.0/16 maxlen: 24
145.50.0.0/16 maxlen: 24
145.45.0.0/17 maxlen: 24
131.237.0.0/16 maxlen: 24
194.104.116.0/22 maxlen: 24
2a13:e080::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 Nov 2024 02:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:dc:b7:6d:66:2e:08:6e:1a:9a:0f:29:03:60:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 2 08:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdc835f7dd376d953abe11550cb6066012d6e0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f2:07:e1:46:67:8b:61:3a:dd:42:de:db:ee:
62:fa:6a:27:3d:ea:5c:f3:5e:8c:a6:b1:fc:66:ac:
e2:93:1c:77:e7:51:8a:f8:3d:15:29:86:f3:56:b9:
9e:bc:71:b0:5c:de:74:d0:09:42:06:63:a7:f1:50:
31:bd:f8:75:c2:5c:43:88:6e:f6:1e:7b:de:d6:a9:
2b:62:73:72:43:3e:a5:5a:94:43:f8:c7:9b:1b:51:
4a:db:22:b3:a7:37:1c:28:91:be:fa:0d:a8:a0:55:
92:61:22:b2:29:8c:78:c9:3a:b9:e5:9d:06:dc:d0:
fe:b2:61:28:b7:2d:a5:69:55:88:0f:c4:0d:2e:9a:
e6:a9:a5:83:41:0a:ca:3c:f4:19:d9:4e:49:c6:cd:
81:ec:11:8f:96:e0:7d:cb:bf:8a:f4:de:f3:6b:82:
2e:49:ea:be:b2:32:e0:96:e4:ed:7e:59:a9:0f:aa:
7a:84:79:10:b6:e3:61:58:82:41:a7:7b:01:75:54:
d6:92:cc:5d:63:8e:73:5b:e5:30:68:df:fe:57:c6:
d1:d7:cc:eb:e2:c9:8a:71:22:6f:a8:ef:cb:90:c4:
b8:b3:86:0a:32:d0:af:aa:9c:24:2a:99:6d:9f:bc:
ff:78:fb:69:ca:bf:d9:82:7f:ef:df:cc:12:e4:23:
2f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C8:35:F7:DD:37:6D:95:3A:BE:11:55:0C:B6:06:60:12:D6:E0:BE
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/_cg19903bZU6vhFVDLYGYBLW4L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.237.0.0/16
145.31.0.0/16
145.45.0.0/17
145.50.0.0/16
194.104.116.0/22
IPv6:
2a13:e080::/32
Signature Algorithm: sha256WithRSAEncryption
a5:1f:dc:f6:0f:85:db:bf:e3:04:28:78:db:16:bb:53:cd:a3:
49:2d:56:28:f8:ca:68:51:f1:5b:62:b0:3a:0a:cb:c0:d3:16:
f4:7a:00:7d:60:94:e6:e4:af:b0:a3:2b:28:b3:38:d0:08:e9:
17:a0:a1:9e:96:5f:df:ad:b1:ad:f8:bf:14:3e:5e:b7:2f:be:
79:bb:94:e6:e0:1c:13:1b:4d:4b:51:98:9e:81:44:e9:0e:d0:
c9:cd:ca:1e:39:c3:46:2b:40:c0:c1:c1:3e:ab:8d:ab:82:f7:
f9:da:e1:8b:10:da:62:41:73:24:ba:39:15:f8:ef:16:10:d2:
ae:46:50:b3:06:b1:80:ac:7a:d7:5c:99:43:51:ae:36:20:f0:
51:5e:26:b5:93:61:79:44:8d:cb:da:d0:81:5c:53:a1:3a:ae:
44:0b:c7:ce:f1:bb:5a:51:2b:f6:b5:36:0e:b7:3c:c4:7e:7f:
aa:84:30:35:8a:a0:69:ea:53:e1:c5:36:38:82:8c:8f:23:9d:
ae:50:f6:d8:c5:b2:49:d5:1c:1a:3e:8b:ac:76:e8:c0:f7:c0:
1d:16:59:75:ef:2d:da:04:55:a1:77:20:e2:b7:33:10:8e:54:
90:24:32:98:4f:66:25:e2:79:98:5b:30:f1:dc:3d:2c:b3:51:
9d:c9:55:a1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzJSty3bWYuCG4amg8pA2CjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjQwMTAyMDgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGM4MzVmN2RkMzc2ZDk1M2FiZTExNTUwY2I2MDY2MDEyZDZlMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivIH4UZni2E63ULe2+5i+monPepc
816MprH8Zqzikxx351GK+D0VKYbzVrmevHGwXN500AlCBmOn8VAxvfh1wlxDiG72
Hnve1qkrYnNyQz6lWpRD+MebG1FK2yKzpzccKJG++g2ooFWSYSKyKYx4yTq55Z0G
3ND+smEoty2laVWID8QNLprmqaWDQQrKPPQZ2U5Jxs2B7BGPluB9y7+K9N7za4Iu
Seq+sjLgluTtflmpD6p6hHkQtuNhWIJBp3sBdVTWksxdY45zW+UwaN/+V8bR18zr
4smKcSJvqO/LkMS4s4YKMtCvqpwkKpltn7z/ePtpyr/Zgn/v38wS5CMvlQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFP3INffdN22VOr4RVQy2BmAS1uC+MB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvX2NnMTk5MDNiWlU2dmhGVkRMWUdZQkxXNEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR
HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQClH9z2D4Xbv+MEKHjbFrtTzaNJLVYo+MpoUfFbYrA6CsvA0xb0egB9YJTm
5K+woysoszjQCOkXoKGell/frbGt+L8UPl63L755u5Tm4BwTG01LUZiegUTpDtDJ
zcoeOcNGK0DAwcE+q42rgvf52uGLENpiQXMkujkV+O8WENKuRlCzBrGArHrXXJlD
Ua42IPBRXia1k2F5RI3L2tCBXFOhOq5EC8fO8btaUSv2tTYOtzzEfn+qhDA1iqBp
6lPhxTY4goyPI52uUPbYxbJJ1RwaPousdujA98AdFll17y3aBFWhdyDitzMQjlSQ
JDKYT2Yl4nmYWzDx3D0ss1GdyVWh
-----END CERTIFICATE-----
Generated at Fri Nov 29 07:41:20 2024 by rpki-client on console-ams.rpki-client.org