Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/FcmAUO2MG0hZapJRE1xB9019YRE.roa
File: FcmAUO2MG0hZapJRE1xB9019YRE.roa (raw, json)
Hash identifier: tBwZpPW8OfYIQBhmQ22P6CQfgS4YgpgJnxO7Yejs8Ow=
Subject key identifier: 15:C9:80:50:ED:8C:1B:48:59:6A:92:51:13:5C:41:F7:4D:7D:61:11
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 018CC6B91D3B61F1F7FBF8AEA35612E86D02
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/FcmAUO2MG0hZapJRE1xB9019YRE.roa
Signing time: Mon 01 Jan 2024 20:31:09 +0000
ROA not before: Mon 01 Jan 2024 20:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35077
IP address blocks: 166.108.128.0/19 maxlen: 24
166.108.128.0/18 maxlen: 18
45.13.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1d:3b:61:f1:f7:fb:f8:ae:a3:56:12:e8:6d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jan 1 20:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15c98050ed8c1b48596a9251135c41f74d7d6111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e8:bf:33:fd:98:b2:82:a8:e4:29:22:06:5e:
63:fc:f1:7a:3c:5e:48:1d:79:43:84:fc:bd:63:d3:
7b:86:33:b0:31:1b:cc:78:16:18:73:30:42:03:7e:
61:44:e5:0c:59:4f:79:79:03:74:10:bb:47:7b:bd:
0e:ba:e1:e0:69:ed:e6:c8:38:94:f7:d4:ea:1a:8a:
85:80:67:2d:ef:1f:6b:39:bb:b0:f9:07:b2:2b:38:
88:a2:2b:31:e3:0d:aa:a9:ce:07:7d:b4:3c:de:b4:
78:bf:15:41:f5:21:cc:1d:02:b8:fa:62:8d:df:f1:
e4:0e:26:86:65:21:2b:cd:aa:dc:c4:17:fa:db:5b:
81:6a:52:1a:b4:de:ad:d7:05:f5:be:1e:7b:b7:91:
54:9b:be:8a:da:8c:c6:1a:1c:d9:20:e5:01:8e:b1:
86:1d:3c:af:65:af:16:ec:43:01:d6:2b:ef:6f:cd:
4b:7a:1b:b5:c5:a7:00:de:fd:a3:98:ee:6f:df:fa:
cd:b5:50:b8:09:bb:7e:26:27:de:77:03:6d:41:4a:
20:1a:d5:a2:c6:2e:02:de:3c:1c:85:ce:88:9b:50:
f2:30:ae:99:5b:4c:03:e1:94:cb:33:9f:4b:21:b0:
d5:1c:5a:31:82:47:c9:50:c3:19:30:54:db:72:b9:
cc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C9:80:50:ED:8C:1B:48:59:6A:92:51:13:5C:41:F7:4D:7D:61:11
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/FcmAUO2MG0hZapJRE1xB9019YRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.32.0/22
166.108.128.0/18
Signature Algorithm: sha256WithRSAEncryption
0c:ea:dc:d6:dc:24:fb:2f:34:73:a2:e6:0f:ee:28:9d:f5:a5:
48:f5:74:e4:c3:7f:ad:07:bf:4d:ab:fa:69:7d:3f:e6:5f:47:
2a:2f:27:df:54:cc:5f:6a:8b:c5:b6:e1:f2:4d:82:1a:04:ae:
87:1b:94:b2:ef:2a:b3:fd:6f:fe:93:d0:0e:7f:51:94:fe:6d:
fa:d5:c4:38:de:85:77:c3:c8:b3:77:87:52:e5:3d:69:61:d5:
6c:9a:8b:c2:07:17:db:bb:99:13:2a:fa:ea:21:45:56:c7:1d:
1a:3c:01:61:39:ae:a0:72:d9:6b:10:21:98:a7:f1:1d:bb:8c:
99:40:05:a4:99:e6:86:c8:b5:da:bd:98:80:5a:ff:aa:00:5e:
d8:1d:d0:68:3e:38:26:05:62:68:67:cb:59:e0:e0:c1:56:f5:
10:9a:03:f5:98:97:18:2f:02:8e:a7:a3:7d:19:db:55:0a:9d:
ad:57:ac:4e:8c:af:eb:e7:82:ff:04:f4:3d:e6:4b:98:85:8a:
a6:58:47:00:d8:5e:9b:48:d5:e9:26:27:8e:95:0b:07:bd:7e:
96:bf:da:47:05:90:69:ad:9b:88:5c:86:59:f6:cd:06:09:25:
6c:7f:66:c6:b6:26:67:7f:b2:b9:35:a6:b7:2d:a4:db:0c:50:
22:1c:b9:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuR07YfH3+/iuo1YS6G0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjQwMTAxMjAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWM5ODA1MGVkOGMxYjQ4NTk2YTkyNTExMzVjNDFmNzRkN2Q2MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOi/M/2YsoKo5CkiBl5j/PF6PF5I
HXlDhPy9Y9N7hjOwMRvMeBYYczBCA35hROUMWU95eQN0ELtHe70OuuHgae3myDiU
99TqGoqFgGct7x9rObuw+QeyKziIoisx4w2qqc4HfbQ83rR4vxVB9SHMHQK4+mKN
3/HkDiaGZSErzarcxBf621uBalIatN6t1wX1vh57t5FUm76K2ozGGhzZIOUBjrGG
HTyvZa8W7EMB1ivvb81Lehu1xacA3v2jmO5v3/rNtVC4Cbt+JifedwNtQUogGtWi
xi4C3jwchc6Im1DyMK6ZW0wD4ZTLM59LIbDVHFoxgkfJUMMZMFTbcrnMZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBXJgFDtjBtIWWqSURNcQfdNfWERMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvRmNtQVVPMk1HMGhaYXBKUkUxeEI5MDE5WVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQ0gAwQG
pmyAMA0GCSqGSIb3DQEBCwUAA4IBAQAM6tzW3CT7LzRzouYP7iid9aVI9XTkw3+t
B79Nq/ppfT/mX0cqLyffVMxfaovFtuHyTYIaBK6HG5Sy7yqz/W/+k9AOf1GU/m36
1cQ43oV3w8izd4dS5T1pYdVsmovCBxfbu5kTKvrqIUVWxx0aPAFhOa6gctlrECGY
p/Edu4yZQAWkmeaGyLXavZiAWv+qAF7YHdBoPjgmBWJoZ8tZ4ODBVvUQmgP1mJcY
LwKOp6N9GdtVCp2tV6xOjK/r54L/BPQ95kuYhYqmWEcA2F6bSNXpJieOlQsHvX6W
v9pHBZBprZuIXIZZ9s0GCSVsf2bGtiZnf7K5Naa3LaTbDFAiHLlc
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:17:52 2024 by rpki-client on console-fra.rpki-client.org