Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/FB19Bef1HM3mgBfLqqgRu0HUrNg.roa
File: FB19Bef1HM3mgBfLqqgRu0HUrNg.roa (raw, json)
Hash identifier: nGD2OvKuRHoohVzQieC5aURvOzaRXblf9QMrTkN4rB8=
Subject key identifier: 14:1D:7D:05:E7:F5:1C:CD:E6:80:17:CB:AA:A8:11:BB:41:D4:AC:D8
Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Certificate serial: 018EA92A6E7A4EEA48E9ED94EC778E5DA7E0
Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/FB19Bef1HM3mgBfLqqgRu0HUrNg.roa
Signing time: Thu 04 Apr 2024 12:51:54 +0000
ROA not before: Thu 04 Apr 2024 12:51:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21412
IP address blocks: 5.20.0.0/21 maxlen: 32
5.20.8.0/21 maxlen: 21
5.20.16.0/20 maxlen: 20
5.20.32.0/19 maxlen: 19
5.20.64.0/19 maxlen: 19
5.20.96.0/21 maxlen: 21
5.20.104.0/21 maxlen: 21
5.20.112.0/21 maxlen: 21
5.20.120.0/21 maxlen: 21
5.20.128.0/19 maxlen: 19
5.20.160.0/19 maxlen: 19
5.20.192.0/19 maxlen: 19
5.20.224.0/21 maxlen: 21
5.20.232.0/21 maxlen: 21
5.20.240.0/20 maxlen: 20
37.157.144.0/21 maxlen: 21
46.251.32.0/19 maxlen: 19
77.87.8.0/21 maxlen: 21
77.221.64.0/19 maxlen: 19
79.133.224.0/19 maxlen: 19
80.240.0.0/20 maxlen: 20
81.29.16.0/20 maxlen: 20
87.239.112.0/21 maxlen: 21
87.247.64.0/18 maxlen: 18
91.187.160.0/19 maxlen: 19
178.16.32.0/20 maxlen: 20
178.250.32.0/21 maxlen: 21
185.26.132.0/22 maxlen: 22
185.198.32.0/22 maxlen: 22
212.52.32.0/19 maxlen: 19
212.117.0.0/19 maxlen: 19
217.17.80.0/20 maxlen: 20
2a00:7600::/32 maxlen: 32
2a01:a1c0::/32 maxlen: 32
2a04:ce00::/29 maxlen: 29
2a04:eb00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.mft
rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:2a:6e:7a:4e:ea:48:e9:ed:94:ec:77:8e:5d:a7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Validity
Not Before: Apr 4 12:51:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=141d7d05e7f51ccde68017cbaaa811bb41d4acd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c8:67:32:2e:96:b0:c9:b1:9e:23:cb:9d:6d:
ea:81:34:1b:9f:cc:64:54:b6:41:2e:39:19:93:5c:
6e:3c:c2:be:bd:71:16:aa:97:84:a6:44:55:ec:15:
5c:58:8a:ef:e3:ad:31:6c:77:ba:d0:30:4d:9e:6d:
df:00:bc:8c:3e:66:95:58:d3:14:ae:90:2c:49:7b:
0b:99:14:2a:fc:59:7f:79:4e:00:56:51:86:81:58:
9d:1f:90:b1:10:fd:c9:6c:bb:f9:85:45:88:aa:bd:
de:e2:77:35:f2:a1:38:b7:e3:e8:eb:f7:79:7e:ac:
4e:17:72:f8:c2:8f:bf:21:89:ad:ab:c1:9e:f9:28:
60:1a:6c:aa:4d:70:8c:e7:60:a6:13:15:c6:c7:2d:
19:ec:6e:cb:8f:30:8b:50:b6:62:0a:39:b8:77:79:
7a:43:09:ae:ad:29:f8:df:61:c5:84:d9:08:90:3b:
0b:b9:12:d0:74:62:3e:69:de:7b:04:cc:0b:6b:f8:
f3:c4:1c:d7:15:62:41:79:23:b3:e0:29:f5:82:fb:
c7:a6:77:ed:a4:8a:85:e8:9e:1e:6e:51:dd:f3:ad:
ef:2d:2e:bc:f4:bf:46:7b:1b:ac:5f:4d:bf:c2:e2:
ca:b3:39:41:73:29:89:43:a9:a8:03:47:3e:f0:7d:
f7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:1D:7D:05:E7:F5:1C:CD:E6:80:17:CB:AA:A8:11:BB:41:D4:AC:D8
X509v3 Authority Key Identifier:
keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/FB19Bef1HM3mgBfLqqgRu0HUrNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.20.0.0/16
37.157.144.0/21
46.251.32.0/19
77.87.8.0/21
77.221.64.0/19
79.133.224.0/19
80.240.0.0/20
81.29.16.0/20
87.239.112.0/21
87.247.64.0/18
91.187.160.0/19
178.16.32.0/20
178.250.32.0/21
185.26.132.0/22
185.198.32.0/22
212.52.32.0/19
212.117.0.0/19
217.17.80.0/20
IPv6:
2a00:7600::/32
2a01:a1c0::/32
2a04:ce00::/29
2a04:eb00::/29
Signature Algorithm: sha256WithRSAEncryption
5f:1b:b0:33:a8:60:e6:3a:17:2c:a0:36:76:79:d7:6a:d0:10:
95:ac:81:20:4c:8f:90:a1:45:53:9f:36:6b:a4:d3:b6:ce:b6:
7b:c6:8d:09:df:2d:62:e7:2a:7b:8a:08:a0:e6:a5:f6:e3:3c:
64:5e:60:cd:cb:1a:d3:ae:75:d7:68:66:d8:39:ac:6a:96:ce:
a3:d6:b8:62:2f:a0:44:ab:2c:9a:7a:3f:3c:41:e7:1c:2d:22:
0b:ce:f4:93:11:6f:0e:38:3a:28:f4:b0:66:14:a3:46:24:73:
b6:63:eb:d1:71:9b:e8:6c:34:39:47:d8:6f:b3:f7:e7:cb:f9:
ac:5b:ee:62:85:25:25:f1:62:29:50:64:ca:5c:5d:a6:20:27:
5b:10:f1:9e:63:7d:b7:1a:50:6f:18:75:7b:8b:a7:c4:73:63:
83:53:36:22:74:c6:59:64:80:10:2d:fa:33:91:84:aa:db:42:
d9:ed:eb:2b:df:69:0c:e8:9f:a5:41:5b:37:94:69:72:5b:ec:
83:e2:13:70:71:3a:b6:2e:3a:8c:bf:55:ba:0d:bc:46:be:0a:
d4:b7:9b:ed:52:11:91:7a:6e:40:05:1d:43:89:4f:be:a1:ae:
f8:1b:e8:1f:9a:6a:43:b8:17:1d:6d:30:fb:65:e4:c5:55:a5:
66:84:5b:7e
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAY6pKm56TupI6e2U7HeOXafgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz
NDQ5Y2EwHhcNMjQwNDA0MTI1MTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDFkN2QwNWU3ZjUxY2NkZTY4MDE3Y2JhYWE4MTFiYjQxZDRhY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8hnMi6WsMmxniPLnW3qgTQbn8xk
VLZBLjkZk1xuPMK+vXEWqpeEpkRV7BVcWIrv460xbHe60DBNnm3fALyMPmaVWNMU
rpAsSXsLmRQq/Fl/eU4AVlGGgVidH5CxEP3JbLv5hUWIqr3e4nc18qE4t+Po6/d5
fqxOF3L4wo+/IYmtq8Ge+ShgGmyqTXCM52CmExXGxy0Z7G7LjzCLULZiCjm4d3l6
QwmurSn432HFhNkIkDsLuRLQdGI+ad57BMwLa/jzxBzXFWJBeSOz4Cn1gvvHpnft
pIqF6J4eblHd863vLS689L9GexusX02/wuLKszlBcymJQ6moA0c+8H33TQIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFBQdfQXn9RzN5oAXy6qoEbtB1KzYMB8GA1UdIwQY
MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt
ZGEwM2JmN2EyZWMyLzEvRkIxOUJlZjFITTNtZ0JmTHFxZ1J1MEhVck5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEtZGEwM2JmN2EyZWMy
LzEvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzBxBAIAATBrAwMABRQD
BAMlnZADBAUu+yADBANNVwgDBAVN3UADBAVPheADBARQ8AADBARRHRADBANX73AD
BAZX90ADBAVbu6ADBASyECADBAOy+iADBAK5GoQDBAK5xiADBAXUNCADBAXUdQAD
BATZEVAwIgQCAAIwHAMFACoAdgADBQAqAaHAAwUDKgTOAAMFAyoE6wAwDQYJKoZI
hvcNAQELBQADggEBAF8bsDOoYOY6FyygNnZ512rQEJWsgSBMj5ChRVOfNmuk07bO
tnvGjQnfLWLnKnuKCKDmpfbjPGReYM3LGtOudddoZtg5rGqWzqPWuGIvoESrLJp6
PzxB5xwtIgvO9JMRbw44Oij0sGYUo0Ykc7Zj69Fxm+hsNDlH2G+z9+fL+axb7mKF
JSXxYilQZMpcXaYgJ1sQ8Z5jfbcaUG8YdXuLp8RzY4NTNiJ0xllkgBAt+jORhKrb
Qtnt6yvfaQzon6VBWzeUaXJb7IPiE3BxOrYuOoy/VboNvEa+CtS3m+1SEZF6bkAF
HUOJT76hrvgb6B+aakO4Fx1tMPtl5MVVpWaEW34=
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:54:33 2024 by rpki-client on console-fra.rpki-client.org