Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/FubD1t8lGSIP8UyX3xM3wqCfyQI.roa
File: FubD1t8lGSIP8UyX3xM3wqCfyQI.roa (raw, json)
Hash identifier: dHMqdu/N981/5d2l+V0GbGKSPtnbixBRNZWPdXTleYU=
Subject key identifier: 16:E6:C3:D6:DF:25:19:22:0F:F1:4C:97:DF:13:37:C2:A0:9F:C9:02
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB6375E18EE8E246C5AC664A2BDD97
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/FubD1t8lGSIP8UyX3xM3wqCfyQI.roa
Signing time: Mon 01 Jan 2024 02:30:06 +0000
ROA not before: Mon 01 Jan 2024 02:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47550
IP address blocks: 89.23.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:63:75:e1:8e:e8:e2:46:c5:ac:66:4a:2b:dd:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16e6c3d6df2519220ff14c97df1337c2a09fc902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5a:49:94:2b:e5:b2:26:5f:a6:ba:f0:80:c1:
33:6a:f0:47:7f:b3:7f:f4:7f:af:d9:e1:1f:23:59:
c8:3b:c0:01:50:72:29:27:c9:68:04:23:cd:27:fe:
dc:08:70:01:17:e3:e2:10:db:d5:de:14:c6:5c:ad:
2a:9b:89:59:1c:68:92:2a:f3:7b:98:11:ea:1e:56:
44:ba:2e:cc:fe:15:22:0f:d7:99:c2:8a:de:c6:05:
7f:81:87:ac:5a:df:7c:fc:3e:48:89:73:4c:cb:f3:
72:9a:a6:23:96:92:47:10:81:6a:1d:af:1c:e3:ad:
bb:16:fc:ff:82:21:36:ee:ae:29:bb:b8:72:8d:9f:
6f:56:70:9b:78:91:d5:1f:9c:44:3d:4f:0a:b8:74:
2b:14:68:fc:4d:ca:3e:ea:de:53:19:94:dc:30:d2:
e2:d4:e3:01:df:41:67:0e:3a:0e:7c:73:31:4d:56:
9e:96:d5:ec:a2:1b:07:44:b4:cc:d7:62:30:5f:36:
84:a6:97:c0:fb:79:70:ed:55:1a:28:e3:68:10:b8:
1e:17:b8:3e:4f:df:a8:dd:ee:72:82:9c:6f:2b:ba:
f4:52:0b:ac:1c:ff:86:08:62:20:fb:19:72:b5:94:
66:4c:db:40:b4:ac:19:06:e4:c2:12:dd:76:fe:06:
8d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:E6:C3:D6:DF:25:19:22:0F:F1:4C:97:DF:13:37:C2:A0:9F:C9:02
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/FubD1t8lGSIP8UyX3xM3wqCfyQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.111.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:39:95:36:f9:1c:85:98:56:5d:0c:01:ad:47:9e:d2:5e:b2:
85:59:e1:e1:7a:44:01:76:69:b5:a0:a7:b1:b9:31:e3:6e:76:
73:30:df:45:dc:31:fb:fa:6c:63:87:fc:e3:14:a0:41:d4:7b:
58:58:b4:75:59:8e:18:39:f1:56:82:30:46:1f:b7:9e:ba:84:
57:bc:c9:a5:ca:b2:26:12:e5:92:e4:a0:44:e7:78:b9:cc:b8:
81:35:84:1a:ac:68:54:d9:83:48:b5:cb:c0:99:04:fd:4e:02:
46:18:59:72:6d:e8:f6:23:60:e8:21:a3:b6:89:cc:28:4f:ea:
81:44:0b:e4:1f:6b:9d:c2:af:27:56:c4:e4:ff:9d:7a:07:87:
ae:1c:8b:96:37:13:87:fa:03:00:d3:0d:2d:81:3a:1a:6d:96:
44:c9:5d:b4:40:6b:64:e1:f5:03:71:c7:aa:19:79:a5:08:0e:
2d:b0:5f:55:3c:ad:6f:07:8f:2b:2f:2d:b2:5c:e5:5d:a7:4e:
f0:2a:c6:1a:bc:95:be:77:c5:ae:33:05:a7:72:a2:19:82:4c:
ae:4c:f6:ce:ec:8b:3b:5d:4a:64:ad:21:a4:e0:a4:2d:0c:c8:
1e:1e:ae:80:b2:06:72:b0:b9:24:2b:91:4b:09:18:b3:b0:02:
2f:5f:9a:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22N14Y7o4kbFrGZKK92XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmU2YzNkNmRmMjUxOTIyMGZmMTRjOTdkZjEzMzdjMmEwOWZjOTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilpJlCvlsiZfprrwgMEzavBHf7N/
9H+v2eEfI1nIO8ABUHIpJ8loBCPNJ/7cCHABF+PiENvV3hTGXK0qm4lZHGiSKvN7
mBHqHlZEui7M/hUiD9eZworexgV/gYesWt98/D5IiXNMy/NymqYjlpJHEIFqHa8c
4627Fvz/giE27q4pu7hyjZ9vVnCbeJHVH5xEPU8KuHQrFGj8Tco+6t5TGZTcMNLi
1OMB30FnDjoOfHMxTVaeltXsohsHRLTM12IwXzaEppfA+3lw7VUaKONoELgeF7g+
T9+o3e5ygpxvK7r0UgusHP+GCGIg+xlytZRmTNtAtKwZBuTCEt12/gaNPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbmw9bfJRkiD/FMl98TN8Kgn8kCMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRnViRDF0OGxHU0lQOFV5WDN4TTN3cUNmeVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdvMA0G
CSqGSIb3DQEBCwUAA4IBAQAqOZU2+RyFmFZdDAGtR57SXrKFWeHhekQBdmm1oKex
uTHjbnZzMN9F3DH7+mxjh/zjFKBB1HtYWLR1WY4YOfFWgjBGH7eeuoRXvMmlyrIm
EuWS5KBE53i5zLiBNYQarGhU2YNItcvAmQT9TgJGGFlybej2I2DoIaO2icwoT+qB
RAvkH2udwq8nVsTk/516B4euHIuWNxOH+gMA0w0tgToabZZEyV20QGtk4fUDcceq
GXmlCA4tsF9VPK1vB48rLy2yXOVdp07wKsYavJW+d8WuMwWncqIZgkyuTPbO7Is7
XUpkrSGk4KQtDMgeHq6AsgZysLkkK5FLCRizsAIvX5rh
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:31:53 2024 by rpki-client on console-fra.rpki-client.org