Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/F3MZSDWeKid3bsLP36qSLG0IpHM.roa
File: F3MZSDWeKid3bsLP36qSLG0IpHM.roa (raw, json)
Hash identifier: kYQFN+ZbFUs34L8IykJsu3VxIakyCfmo0o+SDshxmcQ=
Subject key identifier: 17:73:19:48:35:9E:2A:27:77:6E:C2:CF:DF:AA:92:2C:6D:08:A4:73
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018CC8DEDF5509D185EB1DA66641CBE132A9
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/F3MZSDWeKid3bsLP36qSLG0IpHM.roa
Signing time: Tue 02 Jan 2024 06:31:38 +0000
ROA not before: Tue 02 Jan 2024 06:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200702
IP address blocks: 91.212.220.0/24 maxlen: 24
91.212.226.0/24 maxlen: 24
45.159.16.0/22 maxlen: 22
91.212.198.0/24 maxlen: 24
91.212.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 15:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:df:55:09:d1:85:eb:1d:a6:66:41:cb:e1:32:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 06:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17731948359e2a27776ec2cfdfaa922c6d08a473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:83:30:d0:4a:91:18:e3:21:75:4d:9a:ff:98:
e8:c9:85:98:d4:52:f1:a0:3c:ec:36:72:e8:ca:6e:
5a:1d:ca:9e:fc:75:df:56:57:0f:93:02:87:90:45:
1c:7f:62:c7:33:73:63:66:61:55:ab:ee:bd:0e:86:
9c:b4:78:f9:ef:f4:93:f5:e4:ec:6e:11:76:6d:47:
ff:71:4d:3b:2e:5c:04:d0:32:9b:bf:41:a0:e3:a6:
c4:03:1b:69:27:17:f5:8a:c4:d1:0e:d6:f7:93:22:
d5:a5:2e:66:d0:57:4d:26:32:f0:2d:a4:99:3a:12:
49:c0:f7:cd:cd:f4:46:64:19:e8:85:6a:fa:10:f6:
76:4a:dc:43:d2:db:e1:9b:92:d1:49:40:0d:b2:8f:
f0:fd:f5:66:35:dc:bf:c2:da:fe:b0:8b:ca:cf:b2:
51:31:42:b2:e7:f8:82:4f:c5:77:9b:84:15:83:9a:
d1:8a:32:ac:81:54:63:dd:b5:8b:ce:26:cf:a9:50:
d2:c9:96:f6:fb:c1:29:13:51:c7:bf:9d:bd:6d:55:
3d:66:f2:63:bb:2a:d3:76:75:fa:0d:da:8f:5c:3b:
37:73:7a:b0:64:5f:61:ee:c0:cc:e7:64:9e:c4:9c:
e8:d8:60:78:22:fa:ec:c0:c0:ec:d4:15:49:63:f2:
9e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:73:19:48:35:9E:2A:27:77:6E:C2:CF:DF:AA:92:2C:6D:08:A4:73
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/F3MZSDWeKid3bsLP36qSLG0IpHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.16.0/22
91.212.198.0/24
91.212.201.0/24
91.212.220.0/24
91.212.226.0/24
Signature Algorithm: sha256WithRSAEncryption
72:a8:5d:59:c5:8a:83:ce:d4:95:43:5f:81:67:8d:83:1f:1b:
53:9b:81:fa:a3:4c:6c:12:06:71:5d:a2:c7:ad:4d:2e:72:fd:
ae:c1:3f:6e:bb:d3:8f:d3:1e:a6:8f:b3:3c:d9:f6:5c:4a:3d:
ec:3b:f2:ed:32:a0:48:e5:81:da:9c:7f:34:2c:63:70:c9:92:
d3:8c:42:f2:70:db:aa:d7:16:0b:09:83:6e:a4:4a:c5:a6:76:
40:2e:21:e4:36:2d:64:04:5b:67:0e:91:7e:1b:ff:93:12:a5:
44:68:f3:97:79:4d:9b:25:0f:61:67:47:a1:a3:7d:52:23:23:
c3:85:74:d0:e1:de:1e:e7:93:2c:8f:fb:0a:5b:49:a4:54:5f:
76:ed:f3:46:51:cc:d7:ac:1c:92:ec:41:83:da:68:ca:31:8f:
87:76:7a:b0:6c:12:25:87:f6:81:d4:56:3b:7e:06:a5:ef:bf:
03:77:d7:f5:cb:b3:6a:9e:2e:83:ae:a2:7a:f8:3a:dd:b6:fe:
45:a0:88:47:70:26:33:1a:67:1e:48:a9:8d:a7:e3:bc:76:cf:
8a:b3:66:a4:0c:a5:f1:53:15:ac:06:7e:e7:b1:8d:39:a7:d3:
a6:26:7b:3b:65:da:7d:f8:df:d5:19:a2:75:02:07:df:13:11:
82:95:81:6f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3t9VCdGF6x2mZkHL4TKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQwMTAyMDYzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzczMTk0ODM1OWUyYTI3Nzc2ZWMyY2ZkZmFhOTIyYzZkMDhhNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYMw0EqRGOMhdU2a/5joyYWY1FLx
oDzsNnLoym5aHcqe/HXfVlcPkwKHkEUcf2LHM3NjZmFVq+69DoactHj57/ST9eTs
bhF2bUf/cU07LlwE0DKbv0Gg46bEAxtpJxf1isTRDtb3kyLVpS5m0FdNJjLwLaSZ
OhJJwPfNzfRGZBnohWr6EPZ2StxD0tvhm5LRSUANso/w/fVmNdy/wtr+sIvKz7JR
MUKy5/iCT8V3m4QVg5rRijKsgVRj3bWLzibPqVDSyZb2+8EpE1HHv529bVU9ZvJj
uyrTdnX6DdqPXDs3c3qwZF9h7sDM52SexJzo2GB4IvrswMDs1BVJY/KeIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBdzGUg1niond27Cz9+qkixtCKRzMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvRjNNWlNEV2VLaWQzYnNMUDM2cVNMRzBJcEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLZ8QAwQA
W9TGAwQAW9TJAwQAW9TcAwQAW9TiMA0GCSqGSIb3DQEBCwUAA4IBAQByqF1ZxYqD
ztSVQ1+BZ42DHxtTm4H6o0xsEgZxXaLHrU0ucv2uwT9uu9OP0x6mj7M82fZcSj3s
O/LtMqBI5YHanH80LGNwyZLTjELycNuq1xYLCYNupErFpnZALiHkNi1kBFtnDpF+
G/+TEqVEaPOXeU2bJQ9hZ0eho31SIyPDhXTQ4d4e55Msj/sKW0mkVF927fNGUczX
rByS7EGD2mjKMY+HdnqwbBIlh/aB1FY7fgal778Dd9f1y7Nqni6DrqJ6+Drdtv5F
oIhHcCYzGmceSKmNp+O8ds+Ks2akDKXxUxWsBn7nsY05p9OmJns7Zdp9+N/VGaJ1
AgffExGClYFv
-----END CERTIFICATE-----
Generated at Sat Jun 29 02:09:46 2024 by rpki-client on console-ams.rpki-client.org