Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/Fc_TsEkc3TVdvwv3MG7jyPw-Ofc.roa
File: Fc_TsEkc3TVdvwv3MG7jyPw-Ofc.roa (raw, json)
Hash identifier: hlgMErFS2ZJMCi/gZtvzyWQAvSpxAHu9+CA9GIfeBVE=
Subject key identifier: 15:CF:D3:B0:49:1C:DD:35:5D:BF:0B:F7:30:6E:E3:C8:FC:3E:39:F7
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018CC7945228F9B70AB72BC795850BEB760C
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/Fc_TsEkc3TVdvwv3MG7jyPw-Ofc.roa
Signing time: Tue 02 Jan 2024 00:30:35 +0000
ROA not before: Tue 02 Jan 2024 00:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48159
IP address blocks: 2.188.1.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
78.39.155.0/24 maxlen: 24
80.191.56.0/24 maxlen: 24
217.218.67.0/24 maxlen: 24
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.185.0.0/20 maxlen: 20
2.185.0.0/16 maxlen: 16
78.38.243.0/24 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
2.177.0.0/16 maxlen: 16
2.191.0.0/16 maxlen: 16
80.191.0.0/16 maxlen: 16
217.218.0.0/16 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
217.219.236.0/22 maxlen: 22
78.38.0.0/16 maxlen: 24
78.38.160.0/19 maxlen: 19
2.176.128.0/17 maxlen: 17
2.185.164.0/24 maxlen: 24
2.185.160.0/19 maxlen: 19
2.188.179.0/24 maxlen: 24
2.185.88.0/22 maxlen: 22
217.219.0.0/16 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.182.0.0/16 maxlen: 24
2.189.68.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.189.42.0/24 maxlen: 24
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.182.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:52:28:f9:b7:0a:b7:2b:c7:95:85:0b:eb:76:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 00:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15cfd3b0491cdd355dbf0bf7306ee3c8fc3e39f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:23:3b:f7:c9:e9:6d:fd:7b:1b:3d:8c:06:ea:
9b:e6:f4:3b:4c:3a:fc:4c:e7:f2:1b:5c:6f:66:34:
db:6c:3e:76:bb:59:20:97:04:ee:ff:15:d0:29:f1:
dd:4f:1e:32:46:c3:dc:d4:b7:f1:18:8c:11:27:d4:
60:5a:d6:cf:c8:b2:39:9a:0b:aa:d5:16:2d:12:b8:
93:94:d0:97:8a:33:71:81:8f:3f:d2:79:da:e5:1e:
23:4b:67:8e:a5:89:eb:28:7a:fa:0e:43:5b:ae:b5:
84:50:33:e2:2e:c0:ce:99:8c:9b:0a:01:6c:93:f4:
ec:c8:13:01:bd:84:ad:94:6d:92:1f:a4:b9:53:07:
69:29:31:35:95:d8:24:d2:71:10:27:9c:cb:26:53:
de:c1:34:4d:77:55:63:5d:2b:11:40:b5:23:bd:cf:
cb:53:f3:44:ba:3e:1b:90:bd:3b:8b:b5:a9:80:59:
f7:30:52:1a:b9:d6:1b:aa:d0:5a:d8:0e:30:b1:ed:
c1:3c:6a:3c:ae:ee:f5:c4:de:f5:22:65:f6:34:91:
08:d6:aa:87:d8:5e:5d:84:fd:af:7c:cd:44:61:ca:
8c:78:95:06:05:74:98:4a:f3:f9:f5:e8:45:60:01:
eb:61:f5:9a:ae:2c:79:a4:30:fe:5d:ad:36:68:83:
56:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:CF:D3:B0:49:1C:DD:35:5D:BF:0B:F7:30:6E:E3:C8:FC:3E:39:F7
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/Fc_TsEkc3TVdvwv3MG7jyPw-Ofc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.182.0.0/16
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.42.0/23
2.189.56.0/24
2.189.58.0/24
2.189.68.0/24
2.189.72.0/24
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
12:7e:fc:d4:4d:a2:0d:fc:7c:cc:9a:3a:5a:a2:a5:36:bf:20:
39:51:18:9e:39:4b:84:99:82:27:b0:93:b0:6d:da:00:c8:b5:
4b:cb:f4:e2:0b:3a:1e:eb:57:c3:b4:8d:4c:b9:36:50:c5:10:
e6:11:9b:50:d0:32:e4:60:fa:b3:2e:6f:8e:79:bf:e1:d0:92:
70:94:6f:eb:50:3f:fb:09:1c:a3:c0:63:00:67:f4:9b:19:a5:
d2:02:11:74:8d:2f:db:8f:80:b8:fb:33:9b:86:10:19:e1:13:
76:a4:53:60:7d:77:52:89:e3:c7:e8:96:db:fd:f4:24:05:fd:
39:c1:34:53:5b:d1:c5:3a:f6:b0:89:20:34:de:ba:0f:be:75:
1c:f5:df:32:41:ef:ff:18:11:29:85:a8:db:d2:a3:67:b8:2a:
aa:39:1d:aa:eb:1f:fa:de:da:1c:bd:e4:1b:d9:71:ff:dd:2f:
24:75:39:35:16:73:70:b0:d9:31:6e:09:10:8e:f1:ad:3b:f2:
7f:84:c7:8f:13:67:8a:61:f4:7b:70:bf:09:8b:a8:0d:2e:28:
eb:39:a2:68:0b:2f:9c:af:b1:b4:a8:df:b5:0f:82:48:4b:37:
f3:ec:09:d7:29:6c:ce:89:42:e7:03:1c:53:ef:aa:5a:8a:e7:
0f:18:cc:cc
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzHlFIo+bcKtyvHlYUL63YMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjQwMTAyMDAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWNmZDNiMDQ5MWNkZDM1NWRiZjBiZjczMDZlZTNjOGZjM2UzOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSM798npbf17Gz2MBuqb5vQ7TDr8
TOfyG1xvZjTbbD52u1kglwTu/xXQKfHdTx4yRsPc1LfxGIwRJ9RgWtbPyLI5mguq
1RYtEriTlNCXijNxgY8/0nna5R4jS2eOpYnrKHr6DkNbrrWEUDPiLsDOmYybCgFs
k/TsyBMBvYStlG2SH6S5UwdpKTE1ldgk0nEQJ5zLJlPewTRNd1VjXSsRQLUjvc/L
U/NEuj4bkL07i7WpgFn3MFIaudYbqtBa2A4wse3BPGo8ru71xN71ImX2NJEI1qqH
2F5dhP2vfM1EYcqMeJUGBXSYSvP59ehFYAHrYfWarix5pDD+Xa02aINWlQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFBXP07BJHN01Xb8L9zBu48j8Pjn3MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvRmNfVHNFa2MzVFZkdnd2M01HN2p5UHctT2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTB/BAIAATB5MAsDBAcC
sIADAwECsAMDAAK2AwMAArkDBAECvAADBAACvBYDBAACvBwDBAMCvEADBAACvEwD
BAACvLMDBAECvLgDBAACvLsDBAECvSoDBAACvTgDBAACvToDBAACvUQDBAACvUgD
AwACvwMDAU4mAwMAUL8DAwHZ2jANBgkqhkiG9w0BAQsFAAOCAQEAEn781E2iDfx8
zJo6WqKlNr8gOVEYnjlLhJmCJ7CTsG3aAMi1S8v04gs6HutXw7SNTLk2UMUQ5hGb
UNAy5GD6sy5vjnm/4dCScJRv61A/+wkco8BjAGf0mxml0gIRdI0v24+AuPszm4YQ
GeETdqRTYH13Uonjx+iW2/30JAX9OcE0U1vRxTr2sIkgNN66D751HPXfMkHv/xgR
KYWo29KjZ7gqqjkdqusf+t7aHL3kG9lx/90vJHU5NRZzcLDZMW4JEI7xrTvyf4TH
jxNnimH0e3C/CYuoDS4o6zmiaAsvnK+xtKjftQ+CSEs38+wJ1ylszolC5wMcU++q
WornDxjMzA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:53:57 2024 by rpki-client on console-fra.rpki-client.org