Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/fL7GRVfIeN3aWxjOa5jSMPtqgpE.roa
File: fL7GRVfIeN3aWxjOa5jSMPtqgpE.roa (raw, json)
Hash identifier: Vd+InEHcsIFunMxDvAGLFtuBT2Y+3ALxz2mFplphBKk=
Subject key identifier: 7C:BE:C6:45:57:C8:78:DD:DA:5B:18:CE:6B:98:D2:30:FB:6A:82:91
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 018CC64B0128D469D2C8743D1649095086CB
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/fL7GRVfIeN3aWxjOa5jSMPtqgpE.roa
Signing time: Mon 01 Jan 2024 18:30:53 +0000
ROA not before: Mon 01 Jan 2024 18:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20847
IP address blocks: 195.211.72.0/22 maxlen: 24
141.138.168.0/22 maxlen: 24
2a03:3c00::/33 maxlen: 33
2a03:3c00:8000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.mft
rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 11:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:01:28:d4:69:d2:c8:74:3d:16:49:09:50:86:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Jan 1 18:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cbec64557c878ddda5b18ce6b98d230fb6a8291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3c:70:78:9c:2b:74:0c:0b:8b:1a:96:0d:e6:
00:8a:5e:4b:5f:d8:45:6c:d3:f4:57:6b:b7:c3:93:
64:df:33:e9:14:63:bb:ac:53:f1:71:47:10:40:b4:
5e:d4:d9:97:23:46:ba:74:4d:92:ec:7c:a1:ca:c2:
56:af:42:16:4b:db:66:95:d8:37:5c:4b:fa:7d:9a:
74:36:fe:db:4e:51:8c:41:ff:e7:6a:46:7b:71:a3:
1f:d5:0a:c0:f3:8e:b4:7a:32:70:f1:f5:77:36:3c:
2f:8f:0d:5a:8a:1a:3b:b7:86:4c:21:3d:f5:f4:6d:
54:69:94:6f:f7:f9:98:01:5e:ca:99:9b:5a:6a:6d:
4f:f0:2f:5b:8c:a0:c8:e2:06:7a:8e:dd:e4:32:32:
22:06:ec:38:26:12:2f:44:e1:6e:93:b9:64:13:b6:
90:3d:b7:16:64:98:51:09:c6:99:ac:2b:63:25:ea:
ba:f2:b6:55:ff:f8:f5:a0:e7:19:ec:8a:a3:15:a7:
a5:78:b7:4b:b7:28:de:c0:e6:d3:06:7e:b7:2e:5d:
37:b4:cc:c9:68:2f:e1:84:bf:54:8d:66:74:b3:53:
49:bd:ab:95:22:19:6d:98:c1:fd:6a:ab:bb:ed:36:
27:21:45:9d:1a:72:90:6c:e5:be:30:95:c2:7d:9d:
db:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:BE:C6:45:57:C8:78:DD:DA:5B:18:CE:6B:98:D2:30:FB:6A:82:91
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/fL7GRVfIeN3aWxjOa5jSMPtqgpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.168.0/22
195.211.72.0/22
IPv6:
2a03:3c00::-2a03:3c00:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
97:69:c9:ee:3a:dc:cc:99:c4:95:c3:f6:f8:48:ae:a5:9b:38:
15:68:70:cf:2e:2b:a4:92:bc:cd:79:d0:00:d3:f7:cc:2f:f8:
f8:df:06:07:ba:89:99:2c:8d:ef:a1:35:bb:1e:dd:88:10:c3:
12:6d:9c:7c:a2:a1:b0:7d:39:d6:65:ce:7e:83:76:52:16:cb:
64:bd:44:c4:85:4d:aa:50:82:bc:8b:3b:b6:f3:21:a8:ef:2c:
87:c3:0a:31:d4:59:81:cb:73:b6:27:f8:5b:b4:cf:a6:2f:1f:
be:85:a5:98:b1:e7:3f:27:8f:6d:6b:e0:67:66:46:b7:d3:1b:
0a:4b:bf:4e:11:e7:04:64:0f:53:a1:4a:ce:e1:62:71:53:87:
ba:8c:14:8a:de:32:b4:65:44:b0:ea:3f:97:d7:32:c0:df:4d:
cf:c5:5d:b1:0a:e3:52:6c:3a:5c:2e:6b:8d:ec:69:19:f4:99:
6a:62:27:56:c2:78:6e:65:22:fc:da:72:07:c9:f8:16:16:bd:
0d:d7:56:0f:c2:bc:1e:32:14:fa:77:c5:c6:bf:01:f6:cb:88:
78:c7:4b:0f:77:af:f3:76:ed:42:06:fb:4d:34:4e:e2:9d:f1:
fd:74:4a:4b:d2:b0:af:bd:fe:0e:bb:24:8e:b0:4d:2a:46:a3:
03:06:74:0b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGSwEo1GnSyHQ9FkkJUIbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjQwMTAxMTgzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2JlYzY0NTU3Yzg3OGRkZGE1YjE4Y2U2Yjk4ZDIzMGZiNmE4MjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszxweJwrdAwLixqWDeYAil5LX9hF
bNP0V2u3w5Nk3zPpFGO7rFPxcUcQQLRe1NmXI0a6dE2S7HyhysJWr0IWS9tmldg3
XEv6fZp0Nv7bTlGMQf/nakZ7caMf1QrA8460ejJw8fV3Njwvjw1aiho7t4ZMIT31
9G1UaZRv9/mYAV7KmZtaam1P8C9bjKDI4gZ6jt3kMjIiBuw4JhIvROFuk7lkE7aQ
PbcWZJhRCcaZrCtjJeq68rZV//j1oOcZ7IqjFaeleLdLtyjewObTBn63Ll03tMzJ
aC/hhL9UjWZ0s1NJvauVIhltmMH9aqu77TYnIUWdGnKQbOW+MJXCfZ3bwQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHy+xkVXyHjd2lsYzmuY0jD7aoKRMB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEvZkw3R1JWZkllTjNhV3hqT2E1alNNUHRxZ3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCjYqoAwQC
w9NIMBYEAgACMBAwDgMEAioDPAMGBioDPACAMA0GCSqGSIb3DQEBCwUAA4IBAQCX
acnuOtzMmcSVw/b4SK6lmzgVaHDPLiukkrzNedAA0/fML/j43wYHuomZLI3voTW7
Ht2IEMMSbZx8oqGwfTnWZc5+g3ZSFstkvUTEhU2qUIK8izu28yGo7yyHwwox1FmB
y3O2J/hbtM+mLx++haWYsec/J49ta+BnZka30xsKS79OEecEZA9ToUrO4WJxU4e6
jBSK3jK0ZUSw6j+X1zLA303PxV2xCuNSbDpcLmuN7GkZ9JlqYidWwnhuZSL82nIH
yfgWFr0N11YPwrweMhT6d8XGvwH2y4h4x0sPd6/zdu1CBvtNNE7infH9dEpL0rCv
vf4OuySOsE0qRqMDBnQL
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:23:35 2024 by rpki-client on console-fra.rpki-client.org