Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/fwnrAmuza7o0LhqmDnbO8AHVGHY.roa
File: fwnrAmuza7o0LhqmDnbO8AHVGHY.roa (raw, json)
Hash identifier: WH7+vcBCZtmqeBX7mJ74I9Qh9gsJ0YFbzzAba89Zv4g=
Subject key identifier: 7F:09:EB:02:6B:B3:6B:BA:34:2E:1A:A6:0E:76:CE:F0:01:D5:18:76
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB6B3AB6BD0E7BDEEB809B3626A1C8
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/fwnrAmuza7o0LhqmDnbO8AHVGHY.roa
Signing time: Mon 01 Jan 2024 02:30:08 +0000
ROA not before: Mon 01 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210546
IP address blocks: 194.28.224.0/24 maxlen: 24
194.28.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:6b:3a:b6:bd:0e:7b:de:eb:80:9b:36:26:a1:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f09eb026bb36bba342e1aa60e76cef001d51876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7a:21:f4:fe:94:84:fa:8c:e6:a7:01:0e:f0:
c7:8c:8f:f6:e8:8e:4d:d3:fc:b7:a6:81:7a:31:ce:
af:fd:9f:57:16:d7:f8:e1:56:78:84:59:5b:97:15:
1d:8e:44:d3:81:a3:ad:6c:b4:a9:4c:27:8a:66:6e:
c1:e7:b3:48:1a:87:ef:a7:79:b6:07:56:68:1f:16:
83:6f:cd:42:e5:3c:21:a4:c1:8c:3c:2a:31:33:d2:
e0:ea:25:58:d6:aa:a6:96:26:df:ea:10:84:ab:e0:
89:ed:3c:eb:f7:1a:db:37:0b:22:10:de:de:47:23:
cf:6e:3b:ff:33:37:26:2a:77:66:d1:2c:33:18:9c:
05:e3:e0:c9:99:b4:d4:29:53:15:bb:da:b7:f3:60:
bc:e5:15:b0:73:98:50:32:e2:9a:01:d8:dd:97:86:
a6:0d:7b:ad:63:02:80:ef:a5:47:39:99:a5:a1:1f:
e6:4c:d1:b9:dd:1d:e3:fd:ad:da:26:e0:1d:14:60:
8d:a5:8c:7c:71:a6:7c:2a:d8:7a:4a:bd:63:06:19:
91:74:f8:f6:93:cc:03:95:4c:3c:47:df:55:4e:cb:
a4:de:09:99:60:0a:c4:5e:ba:7c:d2:df:36:a8:09:
e0:ef:16:6b:02:69:fc:5a:ff:42:7e:7a:a0:5c:61:
83:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:09:EB:02:6B:B3:6B:BA:34:2E:1A:A6:0E:76:CE:F0:01:D5:18:76
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/fwnrAmuza7o0LhqmDnbO8AHVGHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.224.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:d2:74:cc:98:bb:4d:01:5d:22:73:bb:d0:19:ea:16:96:ff:
a2:c4:86:93:fc:65:79:6a:3e:27:55:eb:68:c5:95:c0:52:0d:
fc:91:da:39:21:97:8c:e0:8f:65:e5:b6:0c:1f:46:3f:e5:47:
4b:a7:16:c5:cb:95:bb:58:a2:60:5d:2d:4e:40:41:ef:33:e2:
9e:5e:ba:7e:e2:59:cd:f5:b0:e1:95:38:8c:5e:e7:62:30:f2:
17:20:18:cc:13:19:1a:e7:9c:ed:e0:f7:f2:22:44:eb:6d:1e:
73:f5:6d:8f:de:1f:f9:9e:ed:86:6d:25:14:1d:06:57:aa:a4:
bb:b4:11:6f:96:55:cb:bb:9a:84:ed:d8:95:2a:d0:bb:fb:a4:
c1:b8:df:19:b7:69:9c:b2:48:f6:d4:43:10:8b:71:a2:e6:87:
91:b0:7c:e9:30:72:c2:b2:38:94:3f:17:0c:d4:fa:8d:5a:9d:
08:1b:de:d4:27:c0:6e:e6:46:c2:53:d5:22:b7:dd:ba:cf:b2:
fc:46:9c:02:93:0a:04:61:e0:31:ce:c6:5a:f2:c5:d5:c1:17:
6b:d2:77:37:84:6d:c2:8f:ab:cd:3b:9a:39:a3:a5:be:83:b0:
c3:39:9d:3b:f0:35:91:2d:9a:cb:f5:ab:5d:14:91:0a:b5:75:
5a:83:e9:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22s6tr0Oe97rgJs2JqHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjA5ZWIwMjZiYjM2YmJhMzQyZTFhYTYwZTc2Y2VmMDAxZDUxODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXoh9P6UhPqM5qcBDvDHjI/26I5N
0/y3poF6Mc6v/Z9XFtf44VZ4hFlblxUdjkTTgaOtbLSpTCeKZm7B57NIGofvp3m2
B1ZoHxaDb81C5TwhpMGMPCoxM9Lg6iVY1qqmlibf6hCEq+CJ7Tzr9xrbNwsiEN7e
RyPPbjv/MzcmKndm0SwzGJwF4+DJmbTUKVMVu9q382C85RWwc5hQMuKaAdjdl4am
DXutYwKA76VHOZmloR/mTNG53R3j/a3aJuAdFGCNpYx8caZ8Kth6Sr1jBhmRdPj2
k8wDlUw8R99VTsuk3gmZYArEXrp80t82qAng7xZrAmn8Wv9CfnqgXGGDWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH8J6wJrs2u6NC4apg52zvAB1Rh2MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvZnduckFtdXphN28wTGhxbURuYk84QUhWR0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwhzgMA0G
CSqGSIb3DQEBCwUAA4IBAQAq0nTMmLtNAV0ic7vQGeoWlv+ixIaT/GV5aj4nVeto
xZXAUg38kdo5IZeM4I9l5bYMH0Y/5UdLpxbFy5W7WKJgXS1OQEHvM+KeXrp+4lnN
9bDhlTiMXudiMPIXIBjMExka55zt4PfyIkTrbR5z9W2P3h/5nu2GbSUUHQZXqqS7
tBFvllXLu5qE7diVKtC7+6TBuN8Zt2mcskj21EMQi3Gi5oeRsHzpMHLCsjiUPxcM
1PqNWp0IG97UJ8Bu5kbCU9Uit926z7L8RpwCkwoEYeAxzsZa8sXVwRdr0nc3hG3C
j6vNO5o5o6W+g7DDOZ078DWRLZrL9atdFJEKtXVag+ka
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:03:09 2024 by rpki-client on console-ams.rpki-client.org