Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/_Flj-IUEdTePdYjt8aJVlZKYWh0.roa
File: _Flj-IUEdTePdYjt8aJVlZKYWh0.roa (raw, json)
Hash identifier: NPrIG5yLLfB1pXRt48DVhr1nKTlhfUN6vhkaIAw4zMA=
Subject key identifier: FC:59:63:F8:85:04:75:37:8F:75:88:ED:F1:A2:55:95:92:98:5A:1D
Certificate issuer: /CN=1efa596a3126ace029c6d70d529257e07b38ba06
Certificate serial: 0191414769B463B733EB89B357CF2ACCDCFB
Authority key identifier: 1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/_Flj-IUEdTePdYjt8aJVlZKYWh0.roa
Signing time: Sun 11 Aug 2024 11:51:24 +0000
ROA not before: Sun 11 Aug 2024 11:51:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 378
IP address blocks: 128.139.0.0/16 maxlen: 16
128.139.0.0/17 maxlen: 17
128.139.4.0/24 maxlen: 24
128.139.6.0/24 maxlen: 24
128.139.128.0/17 maxlen: 17
128.139.199.0/24 maxlen: 24
128.139.200.0/24 maxlen: 24
132.78.0.0/16 maxlen: 16
185.115.212.0/22 maxlen: 22
192.114.0.0/21 maxlen: 21
192.114.16.0/21 maxlen: 21
192.114.48.0/21 maxlen: 21
192.114.56.0/22 maxlen: 22
192.114.60.0/23 maxlen: 23
192.114.92.0/22 maxlen: 22
192.114.96.0/20 maxlen: 20
192.114.100.0/24 maxlen: 24
192.114.101.0/24 maxlen: 24
192.114.102.0/24 maxlen: 24
192.114.124.0/22 maxlen: 22
192.114.128.0/20 maxlen: 20
192.114.192.0/18 maxlen: 18
192.115.32.0/20 maxlen: 20
192.115.46.0/24 maxlen: 24
192.115.64.0/22 maxlen: 22
192.115.164.0/22 maxlen: 22
192.115.168.0/21 maxlen: 21
192.115.192.0/21 maxlen: 21
192.117.80.0/20 maxlen: 20
2001:bf8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.mft
rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:47:69:b4:63:b7:33:eb:89:b3:57:cf:2a:cc:dc:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1efa596a3126ace029c6d70d529257e07b38ba06
Validity
Not Before: Aug 11 11:51:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc5963f8850475378f7588edf1a2559592985a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:66:bf:12:cb:5a:75:79:e5:90:6c:80:fd:db:
88:5f:0a:d5:6e:90:fd:6b:16:ac:03:0a:e3:e1:37:
1a:39:80:f4:70:4d:a0:98:26:dd:e8:e2:1d:a4:3c:
ee:e8:6c:c7:b9:bc:78:b7:3d:96:88:62:99:98:a6:
66:98:33:48:2d:e6:07:2c:3d:50:a8:b7:88:dc:25:
32:33:7a:60:f9:c8:57:0a:42:92:d3:60:78:f0:bc:
b4:7c:b2:a7:86:50:d0:54:46:aa:c1:88:32:4c:43:
36:fc:37:0e:5d:18:48:56:82:e9:6b:fd:dc:7e:ae:
be:25:58:5a:46:e9:48:34:2d:89:5d:29:d7:b0:59:
67:a0:9a:57:e6:3d:a6:d2:43:28:d8:b3:29:08:00:
3b:48:ef:b7:fc:d4:0c:26:4d:13:04:64:4b:e0:d4:
a0:54:f5:4d:af:81:00:b4:8e:c5:1b:42:a0:27:ff:
ae:b2:ac:40:a5:e4:e8:e1:b4:ed:1c:a1:89:50:76:
d8:4e:12:ec:68:d2:53:ca:ac:47:27:3a:f1:45:2f:
47:0a:ac:82:dc:b3:50:7b:0b:75:6d:d5:fc:27:90:
3f:23:41:9f:7e:20:9d:29:97:e4:7f:d5:eb:85:81:
ae:ee:94:06:c0:90:8b:c3:cf:af:64:3b:91:70:8e:
ff:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:59:63:F8:85:04:75:37:8F:75:88:ED:F1:A2:55:95:92:98:5A:1D
X509v3 Authority Key Identifier:
keyid:1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/_Flj-IUEdTePdYjt8aJVlZKYWh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.139.0.0/16
132.78.0.0/16
185.115.212.0/22
192.114.0.0/21
192.114.16.0/21
192.114.48.0-192.114.61.255
192.114.92.0-192.114.111.255
192.114.124.0-192.114.143.255
192.114.192.0/18
192.115.32.0/20
192.115.64.0/22
192.115.164.0-192.115.175.255
192.115.192.0/21
192.117.80.0/20
IPv6:
2001:bf8::/32
Signature Algorithm: sha256WithRSAEncryption
47:a7:1d:ff:1d:12:b9:7f:fb:4a:52:dc:a4:d0:1f:7e:db:fc:
c6:6d:a9:38:17:67:25:a9:5d:34:c8:26:9c:e0:95:9b:1b:4f:
7c:83:e7:e9:25:dd:18:e0:94:b7:ea:66:6d:61:4d:cc:57:ed:
0f:59:06:aa:fa:82:51:48:20:3c:65:22:11:d8:b2:b5:21:6f:
3b:73:4b:8b:e6:6c:2a:46:c3:59:d2:43:db:de:47:01:8d:d3:
06:ca:63:49:87:ef:b9:4d:84:cb:da:f6:d6:19:37:5d:37:01:
a5:35:b2:b3:6a:fa:72:54:f4:91:00:13:b1:af:09:b0:24:4c:
e1:5d:e0:93:4e:94:0f:a1:95:88:5d:de:6f:19:7e:39:d9:a5:
77:af:b2:a8:b0:f9:3c:f4:d5:8d:c7:82:d7:1b:31:6b:5b:50:
ff:f7:19:97:bf:21:ba:e7:50:a6:18:8a:f2:6e:a8:95:bd:e5:
96:f4:39:93:21:cf:cf:58:aa:20:11:aa:b7:4b:7a:3e:15:8d:
b5:a7:95:bd:b3:86:a9:8d:85:30:62:41:ae:d0:ec:7e:bb:9e:
8f:00:83:cf:71:c3:ca:94:10:0c:08:e2:a7:8d:13:f3:f1:7c:
4c:b5:41:cb:43:be:b7:0c:ff:ef:1f:36:d4:62:20:dd:88:4b:
c3:9d:c1:01
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZFBR2m0Y7cz64mzV88qzNz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmE1OTZhMzEyNmFjZTAyOWM2ZDcwZDUyOTI1N2UwN2Iz
OGJhMDYwHhcNMjQwODExMTE1MTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzU5NjNmODg1MDQ3NTM3OGY3NTg4ZWRmMWEyNTU5NTkyOTg1YTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGa/EstadXnlkGyA/duIXwrVbpD9
axasAwrj4TcaOYD0cE2gmCbd6OIdpDzu6GzHubx4tz2WiGKZmKZmmDNILeYHLD1Q
qLeI3CUyM3pg+chXCkKS02B48Ly0fLKnhlDQVEaqwYgyTEM2/DcOXRhIVoLpa/3c
fq6+JVhaRulINC2JXSnXsFlnoJpX5j2m0kMo2LMpCAA7SO+3/NQMJk0TBGRL4NSg
VPVNr4EAtI7FG0KgJ/+usqxApeTo4bTtHKGJUHbYThLsaNJTyqxHJzrxRS9HCqyC
3LNQewt1bdX8J5A/I0GffiCdKZfkf9XrhYGu7pQGwJCLw8+vZDuRcI7/iQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFPxZY/iFBHU3j3WI7fGiVZWSmFodMB8GA1UdIwQY
MBaAFB76WWoxJqzgKcbXDVKSV+B7OLoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODIt
OWQwYzYyMDczNWYxLzEvX0Zsai1JVUVkVGVQZFlqdDhhSlZsWktZV2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODItOWQwYzYyMDczNWYx
LzEvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwMAgIsD
AwCETgMEArlz1AMEA8ByAAMEA8ByEDAMAwQEwHIwAwQBwHI8MAwDBALAclwDBATA
cmAwDAMEAsByfAMEBMBygAMEBsBywAMEBMBzIAMEAsBzQDAMAwQCwHOkAwQEwHOg
AwQDwHPAAwQEwHVQMA0EAgACMAcDBQAgAQv4MA0GCSqGSIb3DQEBCwUAA4IBAQBH
px3/HRK5f/tKUtyk0B9+2/zGbak4F2clqV00yCac4JWbG098g+fpJd0Y4JS36mZt
YU3MV+0PWQaq+oJRSCA8ZSIR2LK1IW87c0uL5mwqRsNZ0kPb3kcBjdMGymNJh++5
TYTL2vbWGTddNwGlNbKzavpyVPSRABOxrwmwJEzhXeCTTpQPoZWIXd5vGX452aV3
r7KosPk89NWNx4LXGzFrW1D/9xmXvyG651CmGIrybqiVveWW9DmTIc/PWKogEaq3
S3o+FY21p5W9s4apjYUwYkGu0Ox+u56PAIPPccPKlBAMCOKnjRPz8XxMtUHLQ763
DP/vHzbUYiDdiEvDncEB
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:03:09 2024 by rpki-client on console-ams.rpki-client.org