Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/fcaVSI1wF_tLH1V0FR6P-7LNXrg.roa
File: fcaVSI1wF_tLH1V0FR6P-7LNXrg.roa (raw, json)
Hash identifier: Y/g2OWpAp9n9/o6kWMFL9m5UuVK3CKkRDiLfriiw7hc=
Subject key identifier: 7D:C6:95:48:8D:70:17:FB:4B:1F:55:74:15:1E:8F:FB:B2:CD:5E:B8
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018E15C847EDFE9B150ADBB5D5C2C8BE4607
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/fcaVSI1wF_tLH1V0FR6P-7LNXrg.roa
Signing time: Wed 06 Mar 2024 22:00:30 +0000
ROA not before: Wed 06 Mar 2024 22:00:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.253.184.0/23 maxlen: 23
5.253.187.0/24 maxlen: 24
45.81.161.0/24 maxlen: 24
45.81.162.0/24 maxlen: 24
45.81.163.0/24 maxlen: 24
45.130.33.0/24 maxlen: 24
45.130.34.0/23 maxlen: 23
88.214.0.0/24 maxlen: 24
88.214.1.0/24 maxlen: 24
88.214.2.0/24 maxlen: 24
88.214.3.0/24 maxlen: 24
88.218.196.0/22 maxlen: 22
185.114.204.0/24 maxlen: 24
185.219.160.0/24 maxlen: 24
185.219.161.0/24 maxlen: 24
185.219.163.0/24 maxlen: 24
193.111.184.0/22 maxlen: 22
193.135.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:15:c8:47:ed:fe:9b:15:0a:db:b5:d5:c2:c8:be:46:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Mar 6 22:00:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dc695488d7017fb4b1f5574151e8ffbb2cd5eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7e:fd:bc:96:86:bf:5f:54:1d:41:3a:07:cf:
8d:02:9c:87:e0:c7:2b:49:23:32:ca:31:2c:d1:d4:
b2:f1:46:30:bc:c3:dc:5c:75:d2:33:45:a8:7b:f4:
9d:eb:fa:5c:be:78:61:8a:80:a7:cc:75:fe:e1:a3:
43:9b:0c:50:f1:71:4a:78:fb:fe:c4:bc:b6:79:24:
5d:5b:4e:ec:ea:25:84:d5:37:f7:e5:7e:3b:4d:75:
6c:50:6f:b6:7f:5c:d9:7c:bb:6d:d7:cf:31:bf:21:
e1:91:08:01:de:3e:9e:e1:48:09:c9:c3:d5:aa:b4:
8c:49:12:f9:e3:39:69:f5:57:3a:59:80:e6:fc:c1:
45:92:5f:5e:80:1a:0f:1d:06:aa:e1:2b:25:15:92:
85:42:2a:7e:ae:90:0f:d6:7d:f4:bb:f2:25:f7:d0:
e1:d1:86:08:0e:4e:fe:10:c8:fc:b6:11:db:d6:2a:
f5:52:d0:e9:f1:66:d3:d8:f1:f5:17:13:4f:67:c9:
a6:90:36:47:a6:f7:42:3e:6c:04:dc:8c:e9:79:54:
f3:ec:f6:94:d1:e8:88:05:eb:d8:e2:70:6f:a7:2d:
0d:71:c9:7c:af:e0:97:9a:a9:0c:33:9e:bf:55:14:
58:b7:9f:fa:fc:2a:1b:08:69:d6:f1:18:09:0f:f4:
fe:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C6:95:48:8D:70:17:FB:4B:1F:55:74:15:1E:8F:FB:B2:CD:5E:B8
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/fcaVSI1wF_tLH1V0FR6P-7LNXrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.184.0/23
5.253.187.0/24
45.81.161.0-45.81.163.255
45.130.33.0-45.130.35.255
88.214.0.0/22
88.218.196.0/22
185.114.204.0/24
185.219.160.0/23
185.219.163.0/24
193.111.184.0/22
193.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
86:1a:97:e1:14:3b:0b:35:1c:99:0c:5e:59:4c:45:48:55:cb:
30:db:12:93:b6:e8:b4:5a:68:5d:b7:24:8c:a2:2b:84:75:c9:
29:60:fe:4d:f2:84:d1:4e:e4:d8:cd:aa:bb:69:0c:4a:e9:92:
1f:e6:4b:41:98:5a:b5:d7:62:ab:34:e1:a5:a6:21:a2:b7:af:
c7:a7:d9:4f:da:00:c1:41:d2:c4:7b:4e:65:a3:91:f3:b3:3e:
89:39:d0:70:02:a8:e9:dd:a2:8a:f4:19:c4:f5:b8:7e:23:fc:
36:f8:94:11:a8:49:90:92:ec:91:87:f5:eb:2e:e3:c9:de:43:
bd:7b:f1:94:51:8c:3a:4a:75:3e:da:1e:1c:9b:81:0b:bf:09:
16:a7:37:56:4c:bd:18:f3:d0:94:1c:3d:2d:ae:b4:8f:96:37:
96:9a:fb:f2:2d:58:3d:cb:27:83:e5:7b:43:25:cf:e2:ce:87:
3d:3e:f0:e1:c0:4c:41:e7:e9:5b:ba:33:0a:03:c4:59:17:19:
e4:8b:9e:65:3b:35:58:a5:e8:73:51:98:36:b2:20:1c:fd:3c:
c1:d7:b6:79:d4:8b:3e:99:b3:a7:4f:bd:32:6a:b9:41:2d:91:
b4:b6:56:9e:68:cb:3d:4d:18:b6:a0:1e:e5:67:f6:d5:88:1b:
76:71:03:7f
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY4VyEft/psVCtu11cLIvkYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMzA2MjIwMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM2OTU0ODhkNzAxN2ZiNGIxZjU1NzQxNTFlOGZmYmIyY2Q1ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh379vJaGv19UHUE6B8+NApyH4Mcr
SSMyyjEs0dSy8UYwvMPcXHXSM0Woe/Sd6/pcvnhhioCnzHX+4aNDmwxQ8XFKePv+
xLy2eSRdW07s6iWE1Tf35X47TXVsUG+2f1zZfLtt188xvyHhkQgB3j6e4UgJycPV
qrSMSRL54zlp9Vc6WYDm/MFFkl9egBoPHQaq4SslFZKFQip+rpAP1n30u/Il99Dh
0YYIDk7+EMj8thHb1ir1UtDp8WbT2PH1FxNPZ8mmkDZHpvdCPmwE3IzpeVTz7PaU
0eiIBevY4nBvpy0Nccl8r+CXmqkMM56/VRRYt5/6/CobCGnW8RgJD/T+sQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFH3GlUiNcBf7Sx9VdBUej/uyzV64MB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvZmNhVlNJMXdGX3RMSDFWMEZSNlAtN0xOWHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaAwDAMEAC2CIQMEAi2CIAMEAljWAAMEAljaxAMEALly
zAMEAbnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0BAQsFAAOCAQEAhhqX
4RQ7CzUcmQxeWUxFSFXLMNsSk7botFpoXbckjKIrhHXJKWD+TfKE0U7k2M2qu2kM
SumSH+ZLQZhatddiqzThpaYhorevx6fZT9oAwUHSxHtOZaOR87M+iTnQcAKo6d2i
ivQZxPW4fiP8NviUEahJkJLskYf16y7jyd5DvXvxlFGMOkp1PtoeHJuBC78JFqc3
Vky9GPPQlBw9La60j5Y3lpr78i1YPcsng+V7QyXP4s6HPT7w4cBMQefpW7ozCgPE
WRcZ5IueZTs1WKXoc1GYNrIgHP08wde2edSLPpmzp0+9Mmq5QS2RtLZWnmjLPU0Y
tqAe5Wf21YgbdnEDfw==
-----END CERTIFICATE-----
Generated at Sun Apr 28 12:25:14 2024 by rpki-client on console-ams.rpki-client.org