Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/fmfax-B5bsHPXY_UTyDMokB0Jvc.roa
File: fmfax-B5bsHPXY_UTyDMokB0Jvc.roa (raw, json)
Hash identifier: rMGVner7d48NGxbJxNee+0KtddgiekXS54fkkb7MfDc=
Subject key identifier: 7E:67:DA:C7:E0:79:6E:C1:CF:5D:8F:D4:4F:20:CC:A2:40:74:26:F7
Certificate issuer: /CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6
Certificate serial: 018CC794318A5B3500FEC43B592488860BF6
Authority key identifier: 17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/fmfax-B5bsHPXY_UTyDMokB0Jvc.roa
Signing time: Tue 02 Jan 2024 00:30:27 +0000
ROA not before: Tue 02 Jan 2024 00:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60664
IP address blocks: 157.97.76.0/23 maxlen: 23
157.97.78.0/23 maxlen: 23
153.92.160.0/24 maxlen: 24
153.92.162.0/24 maxlen: 24
153.92.161.0/24 maxlen: 24
153.92.164.0/24 maxlen: 24
153.92.163.0/24 maxlen: 24
153.92.165.0/24 maxlen: 24
153.92.166.0/24 maxlen: 24
153.92.167.0/24 maxlen: 24
153.92.169.0/24 maxlen: 24
153.92.168.0/24 maxlen: 24
153.92.170.0/24 maxlen: 24
153.92.172.0/24 maxlen: 24
153.92.171.0/24 maxlen: 24
153.92.175.0/24 maxlen: 24
153.92.174.0/24 maxlen: 24
153.92.173.0/24 maxlen: 24
157.180.192.0/24 maxlen: 24
157.180.194.0/24 maxlen: 24
157.180.193.0/24 maxlen: 24
157.180.195.0/24 maxlen: 24
157.180.197.0/24 maxlen: 24
157.180.196.0/24 maxlen: 24
157.180.196.0/23 maxlen: 23
157.180.198.0/23 maxlen: 23
157.180.198.0/24 maxlen: 24
157.180.199.0/24 maxlen: 24
145.14.130.0/24 maxlen: 24
153.92.124.0/24 maxlen: 24
158.220.64.0/21 maxlen: 24
153.92.64.0/24 maxlen: 24
153.92.66.0/24 maxlen: 24
153.92.65.0/24 maxlen: 24
153.92.68.0/24 maxlen: 24
153.92.67.0/24 maxlen: 24
153.92.70.0/24 maxlen: 24
153.92.69.0/24 maxlen: 24
153.92.71.0/24 maxlen: 24
147.75.144.0/20 maxlen: 24
185.74.64.0/24 maxlen: 24
185.74.64.0/23 maxlen: 23
185.74.65.0/24 maxlen: 24
185.74.67.0/24 maxlen: 24
185.74.66.0/23 maxlen: 23
185.74.66.0/24 maxlen: 24
185.27.181.0/24 maxlen: 24
185.27.183.0/24 maxlen: 24
185.27.182.0/23 maxlen: 23
185.27.182.0/24 maxlen: 24
185.27.180.0/24 maxlen: 24
185.27.180.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:31:8a:5b:35:00:fe:c4:3b:59:24:88:86:0b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6
Validity
Not Before: Jan 2 00:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e67dac7e0796ec1cf5d8fd44f20cca2407426f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ac:2c:27:7e:47:e0:ee:27:cd:c1:07:32:c9:
32:a8:de:85:0d:a7:ec:62:be:9d:16:c9:76:29:dd:
c7:2e:54:0f:7a:69:ec:ca:52:65:c1:a6:6d:d9:67:
ca:ad:df:f0:b3:82:78:75:64:ec:df:1e:99:39:31:
52:99:da:72:92:46:9e:b5:47:a6:c8:e0:17:5e:1b:
45:98:e8:2f:86:20:92:4a:0d:d1:85:61:1f:6a:23:
46:8c:2f:14:a7:1b:22:3b:1f:91:23:bf:4b:f1:78:
f1:2d:bc:aa:9c:d2:60:b0:30:a5:ba:e6:4d:e7:96:
31:d0:06:1f:92:23:1a:cb:bf:8a:97:e7:d4:b9:aa:
6c:41:d2:25:95:1b:86:e3:fe:24:cf:6f:26:14:a7:
e4:08:17:44:49:97:8d:dd:98:6f:41:d8:3b:32:30:
8b:cd:27:19:38:37:f7:8e:fa:a3:e3:e0:e5:48:60:
4b:b8:a1:79:8e:38:be:0e:e8:1f:91:3c:da:2c:73:
e9:47:df:18:f8:e2:74:6b:19:50:b1:97:dc:96:66:
42:21:64:aa:76:9a:bd:bd:eb:79:1b:2e:00:a9:52:
62:f7:f7:0b:e8:42:6a:af:cf:99:25:62:cd:0a:5e:
fb:04:59:00:41:c7:95:81:23:be:51:a5:7c:fa:62:
36:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:67:DA:C7:E0:79:6E:C1:CF:5D:8F:D4:4F:20:CC:A2:40:74:26:F7
X509v3 Authority Key Identifier:
keyid:17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/fmfax-B5bsHPXY_UTyDMokB0Jvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.130.0/24
147.75.144.0/20
153.92.64.0/21
153.92.124.0/24
153.92.160.0/20
157.97.76.0/22
157.180.192.0/21
158.220.64.0/21
185.27.180.0/22
185.74.64.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:2c:86:fd:08:1a:2c:9f:6b:1c:4f:51:22:10:c3:ec:ff:8e:
c0:bc:8f:dd:33:e3:f9:a8:e8:48:6b:b4:46:6e:cd:82:dd:df:
b6:be:0c:ac:9e:91:5a:df:4a:b3:f8:d7:71:91:aa:08:48:e4:
3d:b8:15:68:cd:82:97:b4:aa:bc:c6:f2:42:46:f6:c2:2b:17:
a7:db:17:16:d5:6d:b8:33:17:34:12:bd:45:0a:ae:ed:6e:2b:
4f:0e:fc:b2:3e:e0:b0:46:6c:8a:0d:cf:ea:67:eb:9a:a6:a6:
a5:f3:99:2f:82:bd:5e:d6:03:97:05:35:d0:10:37:e6:f7:cd:
63:75:3c:fa:6f:b4:0f:d9:b3:66:1a:26:76:4e:e8:d6:af:c9:
89:7c:73:61:9e:03:07:9d:6a:26:db:e9:03:34:fc:c1:39:6d:
28:ac:12:04:ed:6c:59:74:4c:de:5b:99:9a:d6:85:92:68:f2:
89:47:c2:1a:88:12:78:4b:dd:c3:07:30:76:da:75:e8:e5:9e:
09:fb:f2:0f:91:03:02:1b:fd:1e:ec:5a:61:40:c6:0c:c7:b4:
8d:08:16:cb:a6:48:4b:13:57:3c:5f:24:4a:a3:9a:a3:90:14:
31:0c:de:4f:c9:08:96:eb:9f:45:6c:da:d2:c2:04:d9:00:14:
39:f3:44:3d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzHlDGKWzUA/sQ7WSSIhgv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzhjZmMwOWEzNjNhNzNjYzhkZGEzNjJhMmM5ZTgyMjNk
N2RhZDYwHhcNMjQwMTAyMDAzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTY3ZGFjN2UwNzk2ZWMxY2Y1ZDhmZDQ0ZjIwY2NhMjQwNzQyNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqwsJ35H4O4nzcEHMskyqN6FDafs
Yr6dFsl2Kd3HLlQPemnsylJlwaZt2WfKrd/ws4J4dWTs3x6ZOTFSmdpykkaetUem
yOAXXhtFmOgvhiCSSg3RhWEfaiNGjC8UpxsiOx+RI79L8XjxLbyqnNJgsDCluuZN
55Yx0AYfkiMay7+Kl+fUuapsQdIllRuG4/4kz28mFKfkCBdESZeN3ZhvQdg7MjCL
zScZODf3jvqj4+DlSGBLuKF5jji+DugfkTzaLHPpR98Y+OJ0axlQsZfclmZCIWSq
dpq9vet5Gy4AqVJi9/cL6EJqr8+ZJWLNCl77BFkAQceVgSO+UaV8+mI2tQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFH5n2sfgeW7Bz12P1E8gzKJAdCb3MB8GA1UdIwQY
MBaAFBd4z8CaNjpzzI3aNiosnoIj19rWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNqUHdKbzJPblBNamRvMktpeWVnaVBYMnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8wOTAxMmYtYjRmNi00ZGY3LWI1NjIt
MDEwY2YyZGQ0MGFmLzEvZm1mYXgtQjVic0hQWFlfVVR5RE1va0IwSnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8wOTAxMmYtYjRmNi00ZGY3LWI1NjItMDEwY2YyZGQ0MGFm
LzEvRjNqUHdKbzJPblBNamRvMktpeWVnaVBYMnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAkQ6CAwQE
k0uQAwQDmVxAAwQAmVx8AwQEmVygAwQCnWFMAwQDnbTAAwQDntxAAwQCuRu0AwQC
uUpAMA0GCSqGSIb3DQEBCwUAA4IBAQCsLIb9CBosn2scT1EiEMPs/47AvI/dM+P5
qOhIa7RGbs2C3d+2vgysnpFa30qz+NdxkaoISOQ9uBVozYKXtKq8xvJCRvbCKxen
2xcW1W24Mxc0Er1FCq7tbitPDvyyPuCwRmyKDc/qZ+uapqal85kvgr1e1gOXBTXQ
EDfm981jdTz6b7QP2bNmGiZ2TujWr8mJfHNhngMHnWom2+kDNPzBOW0orBIE7WxZ
dEzeW5ma1oWSaPKJR8IaiBJ4S93DBzB22nXo5Z4J+/IPkQMCG/0e7FphQMYMx7SN
CBbLpkhLE1c8XyRKo5qjkBQxDN5PyQiW659FbNrSwgTZABQ580Q9
-----END CERTIFICATE-----
Generated at Tue May 21 18:54:49 2024 by rpki-client on console-fra.rpki-client.org