Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/FBKGAgVmmyUnw3k2kc60d3qLCsg.roa
File: FBKGAgVmmyUnw3k2kc60d3qLCsg.roa (raw, json)
Hash identifier: G4cbv4EDCQUHBu2nNfTjvKBVfiImAxHDQpsUlcpEypM=
Subject key identifier: 14:12:86:02:05:66:9B:25:27:C3:79:36:91:CE:B4:77:7A:8B:0A:C8
Certificate issuer: /CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91
Certificate serial: 018D7CF127428B847CA00738B986FA1A12AC
Authority key identifier: 76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/FBKGAgVmmyUnw3k2kc60d3qLCsg.roa
Signing time: Tue 06 Feb 2024 05:43:15 +0000
ROA not before: Tue 06 Feb 2024 05:43:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44702
IP address blocks: 5.199.184.0/22 maxlen: 22
5.199.184.0/24 maxlen: 24
5.199.185.0/24 maxlen: 24
5.199.186.0/24 maxlen: 24
5.199.187.0/24 maxlen: 24
45.142.196.0/22 maxlen: 22
45.142.196.0/24 maxlen: 24
45.142.197.0/24 maxlen: 24
45.142.198.0/24 maxlen: 24
45.142.199.0/24 maxlen: 24
79.134.128.0/22 maxlen: 22
79.134.128.0/24 maxlen: 24
79.134.129.0/24 maxlen: 24
79.134.130.0/24 maxlen: 24
79.134.131.0/24 maxlen: 24
79.134.132.0/22 maxlen: 22
79.134.132.0/24 maxlen: 24
79.134.133.0/24 maxlen: 24
79.134.134.0/24 maxlen: 24
79.134.135.0/24 maxlen: 24
79.134.136.0/22 maxlen: 22
79.134.136.0/24 maxlen: 24
79.134.137.0/24 maxlen: 24
79.134.138.0/24 maxlen: 24
79.134.139.0/24 maxlen: 24
79.134.140.0/22 maxlen: 22
79.134.140.0/24 maxlen: 24
79.134.141.0/24 maxlen: 24
79.134.142.0/24 maxlen: 24
79.134.143.0/24 maxlen: 24
79.134.144.0/22 maxlen: 22
79.134.144.0/24 maxlen: 24
79.134.145.0/24 maxlen: 24
79.134.146.0/24 maxlen: 24
79.134.147.0/24 maxlen: 24
79.134.148.0/22 maxlen: 22
79.134.148.0/24 maxlen: 24
79.134.149.0/24 maxlen: 24
79.134.150.0/24 maxlen: 24
79.134.151.0/24 maxlen: 24
79.134.152.0/22 maxlen: 22
79.134.152.0/24 maxlen: 24
79.134.153.0/24 maxlen: 24
79.134.154.0/24 maxlen: 24
79.134.155.0/24 maxlen: 24
79.134.156.0/22 maxlen: 22
79.134.156.0/24 maxlen: 24
79.134.157.0/24 maxlen: 24
79.134.158.0/24 maxlen: 24
79.134.159.0/24 maxlen: 24
185.139.220.0/22 maxlen: 22
185.139.220.0/24 maxlen: 24
185.139.221.0/24 maxlen: 24
185.139.222.0/24 maxlen: 24
185.139.223.0/24 maxlen: 24
2a07:140::/29 maxlen: 29
2a07:140::/32 maxlen: 32
2a07:141::/32 maxlen: 32
2a07:142::/32 maxlen: 32
2a07:143::/32 maxlen: 32
2a07:144::/32 maxlen: 32
2a07:145::/32 maxlen: 32
2a07:146::/32 maxlen: 32
2a07:147::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft
rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7c:f1:27:42:8b:84:7c:a0:07:38:b9:86:fa:1a:12:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91
Validity
Not Before: Feb 6 05:43:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1412860205669b2527c3793691ceb4777a8b0ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0a:4b:d2:02:3e:1d:7c:0a:d7:17:55:25:1c:
b7:5e:47:6b:8c:1e:a8:f1:e0:d5:d2:d9:6c:cf:ee:
c9:e3:34:b0:ce:fd:76:76:fa:f4:ff:9b:69:94:76:
db:9e:9b:83:cf:94:c1:fa:1f:db:31:b1:e0:62:01:
d6:25:6d:7a:08:e1:5e:cb:e4:42:af:3b:69:e6:b2:
ae:58:28:47:26:3e:3f:5c:87:af:c0:7e:a6:49:19:
f5:f2:1c:c7:ac:e4:b0:af:f1:6a:1e:e1:3e:25:a2:
c8:e2:b8:f7:ce:cb:7a:c7:58:6c:d1:92:80:ad:0d:
da:f2:75:61:6e:71:15:eb:c7:af:fe:e2:c5:b4:4e:
53:a5:5f:55:94:97:4c:11:f6:62:4b:88:0f:bc:28:
46:13:ef:e6:18:93:a0:fb:1d:d0:d4:d9:4c:87:13:
6d:12:ad:43:7e:5a:f4:7a:de:3a:d4:04:df:73:74:
e0:48:bb:3f:00:79:45:a4:6c:31:fd:1c:52:e1:00:
62:fc:59:e2:08:ba:49:3e:90:ca:9c:83:3e:82:dd:
96:45:cf:1e:64:e2:f9:d6:21:8b:a9:7e:f2:27:30:
17:cc:39:92:a2:cc:7a:92:ef:12:c7:ee:34:ec:0a:
3d:62:1f:8a:8f:b1:0f:4f:22:ce:f6:fa:f9:b3:40:
1f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:12:86:02:05:66:9B:25:27:C3:79:36:91:CE:B4:77:7A:8B:0A:C8
X509v3 Authority Key Identifier:
keyid:76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/FBKGAgVmmyUnw3k2kc60d3qLCsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.184.0/22
45.142.196.0/22
79.134.128.0/19
185.139.220.0/22
IPv6:
2a07:140::/29
Signature Algorithm: sha256WithRSAEncryption
34:b4:1d:76:a4:d3:7b:64:51:8b:d7:0c:00:cf:2d:bc:10:d9:
20:10:c3:0f:58:4b:b4:00:df:95:94:66:db:b4:c0:b2:9c:99:
df:f9:00:89:e0:0e:f1:e9:d5:d0:b1:58:2c:27:df:4d:84:f5:
18:92:16:a3:b9:de:dd:b1:e4:07:08:d1:16:6d:36:20:4a:b0:
5b:f3:84:f9:77:fb:74:25:02:bf:c5:b0:d0:7c:2f:1e:be:57:
2d:98:e4:26:a0:91:72:a3:8e:ed:90:93:3e:c4:e5:37:04:77:
75:13:e8:6e:02:b0:36:e6:84:4a:a2:4b:a6:89:49:c2:af:6e:
a0:7b:0b:7f:1f:34:96:99:45:e3:0a:a0:8d:44:f2:9f:4a:f7:
98:5a:e1:6a:e1:63:b4:e1:b8:5b:b4:9f:eb:c6:c7:3d:2a:b2:
8e:e4:03:05:a7:5c:86:89:12:0c:76:b5:4d:12:29:7a:2e:cf:
94:ae:0b:3d:42:2c:4e:64:65:cc:e9:4d:56:79:1e:fb:0a:eb:
e9:72:0b:ad:95:9e:ed:bf:e8:82:96:15:b8:45:81:cd:97:fa:
46:5a:96:bd:a3:7f:e6:45:ec:16:d3:3c:65:50:bb:b0:74:c2:
24:ed:5c:33:a7:91:f8:4d:82:c1:5e:86:25:e8:c7:04:f4:c8:
6c:f8:c8:b4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY188SdCi4R8oAc4uYb6GhKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2JjMDJhNTg1OTYyM2Y1NjNlYTg0YTZiYjBhMjkyMGQ1
YjNlOTEwHhcNMjQwMjA2MDU0MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDEyODYwMjA1NjY5YjI1MjdjMzc5MzY5MWNlYjQ3NzdhOGIwYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigpL0gI+HXwK1xdVJRy3XkdrjB6o
8eDV0tlsz+7J4zSwzv12dvr0/5tplHbbnpuDz5TB+h/bMbHgYgHWJW16COFey+RC
rztp5rKuWChHJj4/XIevwH6mSRn18hzHrOSwr/FqHuE+JaLI4rj3zst6x1hs0ZKA
rQ3a8nVhbnEV68ev/uLFtE5TpV9VlJdMEfZiS4gPvChGE+/mGJOg+x3Q1NlMhxNt
Eq1Dflr0et461ATfc3TgSLs/AHlFpGwx/RxS4QBi/FniCLpJPpDKnIM+gt2WRc8e
ZOL51iGLqX7yJzAXzDmSosx6ku8Sx+407Ao9Yh+Kj7EPTyLO9vr5s0AfwQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBQShgIFZpslJ8N5NpHOtHd6iwrIMB8GA1UdIwQY
MBaAFHZ7wCpYWWI/Vj6oSmuwopINWz6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTct
NjgxNTU0OGJmMzNmLzEvRkJLR0FnVm1teVVudzNrMmtjNjBkM3FMQ3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTctNjgxNTU0OGJmMzNm
LzEvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBce4AwQC
LY7EAwQFT4aAAwQCuYvcMA0EAgACMAcDBQMqBwFAMA0GCSqGSIb3DQEBCwUAA4IB
AQA0tB12pNN7ZFGL1wwAzy28ENkgEMMPWEu0AN+VlGbbtMCynJnf+QCJ4A7x6dXQ
sVgsJ99NhPUYkhajud7dseQHCNEWbTYgSrBb84T5d/t0JQK/xbDQfC8evlctmOQm
oJFyo47tkJM+xOU3BHd1E+huArA25oRKokumiUnCr26gewt/HzSWmUXjCqCNRPKf
SveYWuFq4WO04bhbtJ/rxsc9KrKO5AMFp1yGiRIMdrVNEil6Ls+Urgs9QixOZGXM
6U1WeR77CuvpcgutlZ7tv+iClhW4RYHNl/pGWpa9o3/mRewW0zxlULuwdMIk7Vwz
p5H4TYLBXoYl6McE9Mhs+Mi0
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:26:20 2024 by rpki-client on console-ams.rpki-client.org