Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/_Q5KAPgvNE9nc6x7RkV3ZIELNAQ.roa
File: _Q5KAPgvNE9nc6x7RkV3ZIELNAQ.roa (raw, json)
Hash identifier: d+JXTcLkahu/r2oh9l+hq9yR5VFielPloG503ZFyWRU=
Subject key identifier: FD:0E:4A:00:F8:2F:34:4F:67:73:AC:7B:46:45:77:64:81:0B:34:04
Certificate issuer: /CN=acf7ab3f1a93e714f3074a05d86fcce2206305a8
Certificate serial: 01922428D60D080CAEDA87DF53CFFB7C7AFF
Authority key identifier: AC:F7:AB:3F:1A:93:E7:14:F3:07:4A:05:D8:6F:CC:E2:20:63:05:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPerPxqT5xTzB0oF2G_M4iBjBag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/_Q5KAPgvNE9nc6x7RkV3ZIELNAQ.roa
Signing time: Tue 24 Sep 2024 13:11:48 +0000
ROA not before: Tue 24 Sep 2024 13:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199471
IP address blocks: 185.83.87.0/24 maxlen: 24
2a13:fc80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/rPerPxqT5xTzB0oF2G_M4iBjBag.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/rPerPxqT5xTzB0oF2G_M4iBjBag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rPerPxqT5xTzB0oF2G_M4iBjBag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:28:d6:0d:08:0c:ae:da:87:df:53:cf:fb:7c:7a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf7ab3f1a93e714f3074a05d86fcce2206305a8
Validity
Not Before: Sep 24 13:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd0e4a00f82f344f6773ac7b46457764810b3404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ba:35:86:8a:f4:01:15:7b:35:71:4f:14:95:
af:59:e6:a2:9e:9f:93:dd:23:1e:8e:35:f8:74:ac:
21:66:6e:bb:2e:59:bf:d9:3f:fc:20:30:b1:d1:dc:
37:05:5c:6b:6f:19:31:4c:de:ed:41:fe:fe:12:1d:
72:4c:58:e8:8b:97:0b:98:6a:1c:5b:db:0d:38:bb:
02:14:08:9b:5d:9c:17:57:c4:e5:42:4e:43:99:ca:
1b:cf:10:c0:f7:a8:84:00:a7:3d:f4:17:6f:c0:48:
09:26:63:09:89:86:7f:83:58:f8:c0:3e:c1:dc:ba:
62:85:7e:28:e4:2b:74:db:fe:c9:a5:02:ad:d9:3a:
01:f1:9c:23:0e:81:77:9e:f2:7c:12:6c:06:72:b9:
8b:85:bc:e4:b0:7a:c0:7d:32:d5:83:6a:c6:81:ba:
41:af:b7:5f:5f:b5:18:bf:bd:9b:46:ed:47:e1:b6:
2d:e4:9e:2c:72:ff:ce:23:7c:2b:db:2d:62:47:af:
c1:68:a9:a1:54:99:1e:a8:b7:86:fd:a4:8c:c9:34:
fe:01:61:65:27:2a:47:8f:67:5f:12:96:4f:61:20:
09:33:4b:a2:42:fc:3a:25:f5:22:96:ca:10:93:d4:
81:e6:37:16:87:c2:41:a2:d0:b8:6a:2b:e4:82:33:
e2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0E:4A:00:F8:2F:34:4F:67:73:AC:7B:46:45:77:64:81:0B:34:04
X509v3 Authority Key Identifier:
keyid:AC:F7:AB:3F:1A:93:E7:14:F3:07:4A:05:D8:6F:CC:E2:20:63:05:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPerPxqT5xTzB0oF2G_M4iBjBag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/_Q5KAPgvNE9nc6x7RkV3ZIELNAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a21f34-82f2-41c9-b60c-ad43ccd7aae8/1/rPerPxqT5xTzB0oF2G_M4iBjBag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.87.0/24
IPv6:
2a13:fc80::/32
Signature Algorithm: sha256WithRSAEncryption
4b:0c:5e:20:e2:aa:b2:de:9f:37:db:a2:ea:a0:40:dd:94:ef:
2b:93:56:47:3a:38:e2:ca:37:8b:12:9b:87:61:ea:18:06:2d:
85:4b:49:b2:37:02:6d:fb:5c:ab:a0:93:98:22:97:11:2c:9e:
af:8f:e7:85:1f:ac:6c:85:b2:4c:3e:1c:ea:da:f2:fc:d6:6c:
89:aa:c1:a6:f9:9d:81:e3:8d:af:46:83:8a:50:7b:b7:94:93:
9c:f0:d1:fe:c1:dd:01:14:d8:a9:e5:31:4b:a9:fc:24:9e:1d:
33:c9:06:9b:81:28:a3:96:32:8b:7d:45:5d:0c:fc:5a:9b:b9:
73:14:e7:06:0a:07:80:8d:43:41:00:da:8c:64:46:46:ae:e8:
a3:cc:e8:19:32:3d:e7:38:67:70:3a:5c:0f:75:0d:2c:5a:9b:
4d:11:18:ca:d1:86:10:9c:5f:3f:0e:88:29:6e:35:c2:09:34:
bc:a0:58:1d:df:47:26:bf:a9:97:3d:fe:dc:61:2b:64:da:06:
3d:06:78:6c:fe:d1:4d:9c:ad:9d:17:8b:c0:65:67:9d:0d:d6:
0e:f3:f3:f2:3d:f8:9a:13:fa:8f:a6:2e:e5:17:a0:0c:74:66:
d8:71:4e:fd:7d:94:8a:a5:4d:08:ca:10:e5:f2:0a:2d:38:cd:
59:19:3e:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZIkKNYNCAyu2offU8/7fHr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjdhYjNmMWE5M2U3MTRmMzA3NGEwNWQ4NmZjY2UyMjA2
MzA1YTgwHhcNMjQwOTI0MTMxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDBlNGEwMGY4MmYzNDRmNjc3M2FjN2I0NjQ1Nzc2NDgxMGIzNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27o1hor0ARV7NXFPFJWvWeainp+T
3SMejjX4dKwhZm67Llm/2T/8IDCx0dw3BVxrbxkxTN7tQf7+Eh1yTFjoi5cLmGoc
W9sNOLsCFAibXZwXV8TlQk5DmcobzxDA96iEAKc99BdvwEgJJmMJiYZ/g1j4wD7B
3LpihX4o5Ct02/7JpQKt2ToB8ZwjDoF3nvJ8EmwGcrmLhbzksHrAfTLVg2rGgbpB
r7dfX7UYv72bRu1H4bYt5J4scv/OI3wr2y1iR6/BaKmhVJkeqLeG/aSMyTT+AWFl
JypHj2dfEpZPYSAJM0uiQvw6JfUilsoQk9SB5jcWh8JBotC4aivkgjPiMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP0OSgD4LzRPZ3Ose0ZFd2SBCzQEMB8GA1UdIwQY
MBaAFKz3qz8ak+cU8wdKBdhvzOIgYwWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBlclB4cVQ1eFR6QjBvRjJHX000aUJqQmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hMjFmMzQtODJmMi00MWM5LWI2MGMt
YWQ0M2NjZDdhYWU4LzEvX1E1S0FQZ3ZORTluYzZ4N1JrVjNaSUVMTkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hMjFmMzQtODJmMi00MWM5LWI2MGMtYWQ0M2NjZDdhYWU4
LzEvclBlclB4cVQ1eFR6QjBvRjJHX000aUJqQmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuVNXMA0E
AgACMAcDBQAqE/yAMA0GCSqGSIb3DQEBCwUAA4IBAQBLDF4g4qqy3p8326LqoEDd
lO8rk1ZHOjjiyjeLEpuHYeoYBi2FS0myNwJt+1yroJOYIpcRLJ6vj+eFH6xshbJM
Phzq2vL81myJqsGm+Z2B442vRoOKUHu3lJOc8NH+wd0BFNip5TFLqfwknh0zyQab
gSijljKLfUVdDPxam7lzFOcGCgeAjUNBANqMZEZGruijzOgZMj3nOGdwOlwPdQ0s
WptNERjK0YYQnF8/DogpbjXCCTS8oFgd30cmv6mXPf7cYStk2gY9Bnhs/tFNnK2d
F4vAZWedDdYO8/PyPfiaE/qPpi7lF6AMdGbYcU79fZSKpU0IyhDl8gotOM1ZGT5J
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:40:04 2024 by rpki-client on console-ams.rpki-client.org