Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/FxUbtoBHHJFHh1rjxlWefJqQzd4.roa
File: FxUbtoBHHJFHh1rjxlWefJqQzd4.roa (raw, json)
Hash identifier: oou3zVQHUOxJX3ve8cBSBLzJOCd68/v5Grbr0NCv7dw=
Subject key identifier: 17:15:1B:B6:80:47:1C:91:47:87:5A:E3:C6:55:9E:7C:9A:90:CD:DE
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 018CC26D01BE2B1C26981FC04D282A575B6C
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/FxUbtoBHHJFHh1rjxlWefJqQzd4.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 209.35.99.0/24 maxlen: 24
193.36.76.0/24 maxlen: 24
194.29.67.0/24 maxlen: 24
194.29.70.0/24 maxlen: 24
194.29.80.0/24 maxlen: 24
193.200.96.0/23 maxlen: 23
89.32.204.0/24 maxlen: 24
89.47.34.0/24 maxlen: 24
86.104.215.0/24 maxlen: 24
89.33.83.0/24 maxlen: 24
194.26.149.0/24 maxlen: 24
86.104.227.0/24 maxlen: 24
162.218.158.0/24 maxlen: 24
162.218.157.0/24 maxlen: 24
212.102.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:01:be:2b:1c:26:98:1f:c0:4d:28:2a:57:5b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17151bb680471c9147875ae3c6559e7c9a90cdde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:dd:26:c3:c4:20:df:34:f1:c2:95:f3:fc:08:
69:9e:94:f5:69:0f:1e:6c:00:d5:50:72:65:68:12:
df:ef:03:40:b0:a5:8c:07:ea:60:35:34:30:c7:0e:
78:62:fb:02:3a:77:27:cc:9f:7d:a4:8e:27:a3:e3:
7d:14:17:02:80:df:d3:aa:94:67:89:35:81:5b:c7:
c3:c3:da:f9:f0:c6:5c:09:db:e2:ac:32:02:17:4a:
e0:5f:13:8a:cc:62:92:66:18:73:9c:93:93:e1:f8:
ef:f5:a6:c6:d2:74:fa:2d:de:ea:6a:3e:b9:23:d5:
d7:bd:df:ae:d5:4d:42:e3:4a:a3:81:60:f1:43:60:
96:65:86:34:ee:43:f6:1a:03:2d:2b:8f:2c:b2:96:
b5:52:78:77:54:45:fd:7c:8d:f4:02:bd:3d:55:56:
fa:0d:ae:0f:a2:6c:2a:5b:04:18:65:67:a6:2a:d3:
30:ac:80:79:79:7a:a4:62:55:db:89:99:bc:93:1f:
70:66:2e:e4:80:19:71:01:61:f5:c1:e7:b2:55:68:
a3:2e:f6:49:1c:df:10:ca:80:96:39:98:1f:70:b9:
ba:22:4b:61:12:cd:f7:25:d3:1b:65:17:70:23:fd:
af:3c:b0:ac:94:bd:a3:48:5a:14:e3:ba:05:a2:f0:
14:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:15:1B:B6:80:47:1C:91:47:87:5A:E3:C6:55:9E:7C:9A:90:CD:DE
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/FxUbtoBHHJFHh1rjxlWefJqQzd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.215.0/24
86.104.227.0/24
89.32.204.0/24
89.33.83.0/24
89.47.34.0/24
162.218.157.0-162.218.158.255
193.36.76.0/24
193.200.96.0/23
194.26.149.0/24
194.29.67.0/24
194.29.70.0/24
194.29.80.0/24
209.35.99.0/24
212.102.116.0/24
Signature Algorithm: sha256WithRSAEncryption
94:05:5f:49:c1:01:c4:76:3c:4b:1e:7a:9f:f6:25:37:08:cc:
2d:eb:3a:d0:8b:80:cf:49:27:e5:ba:a8:c8:a6:a9:0f:75:7d:
4c:da:7a:f0:bd:3f:af:c6:1f:24:4c:d9:3f:ac:c7:97:c8:88:
4a:dc:b3:2b:72:42:95:e1:d4:47:01:1e:00:93:96:02:5d:a1:
07:2f:28:6b:43:a8:f6:51:5d:08:6e:04:24:23:66:94:d8:b5:
8a:e8:25:ed:1e:4d:f9:c4:c1:46:05:69:81:71:33:35:aa:14:
8e:5b:47:98:61:e9:3a:99:73:17:24:57:57:3b:58:90:b9:70:
74:4e:be:01:9e:06:07:1d:d8:ac:fd:af:db:a4:7a:b9:72:1b:
5d:3d:c1:1f:c3:e1:41:a1:66:e3:9d:a9:f1:bb:90:1a:55:5b:
7b:e3:17:22:0b:c5:52:68:a5:af:8d:ff:fa:f2:e2:bd:2d:09:
05:2c:ad:d6:de:4a:34:fc:da:ad:0e:16:88:10:b4:49:f3:d8:
b9:1a:ac:3c:d1:30:4e:7a:2b:20:30:20:33:ea:ec:5f:fc:43:
3f:d3:3a:10:4e:2a:d1:5f:5a:39:24:ca:bc:23:f6:3d:45:9b:
c9:92:6e:0c:5a:89:87:52:75:81:40:d9:d8:aa:ff:02:7b:fc:
b3:92:be:78
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYzCbQG+KxwmmB/ATSgqV1tsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzE1MWJiNjgwNDcxYzkxNDc4NzVhZTNjNjU1OWU3YzlhOTBjZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA190mw8Qg3zTxwpXz/AhpnpT1aQ8e
bADVUHJlaBLf7wNAsKWMB+pgNTQwxw54YvsCOncnzJ99pI4no+N9FBcCgN/TqpRn
iTWBW8fDw9r58MZcCdvirDICF0rgXxOKzGKSZhhznJOT4fjv9abG0nT6Ld7qaj65
I9XXvd+u1U1C40qjgWDxQ2CWZYY07kP2GgMtK48sspa1Unh3VEX9fI30Ar09VVb6
Da4PomwqWwQYZWemKtMwrIB5eXqkYlXbiZm8kx9wZi7kgBlxAWH1weeyVWijLvZJ
HN8QyoCWOZgfcLm6IkthEs33JdMbZRdwI/2vPLCslL2jSFoU47oFovAUOwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFBcVG7aARxyRR4da48ZVnnyakM3eMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvRnhVYnRvQkhISkZIaDFyanhsV2VmSnFRemQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAVmjXAwQA
VmjjAwQAWSDMAwQAWSFTAwQAWS8iMAwDBACi2p0DBACi2p4DBADBJEwDBAHByGAD
BADCGpUDBADCHUMDBADCHUYDBADCHVADBADRI2MDBADUZnQwDQYJKoZIhvcNAQEL
BQADggEBAJQFX0nBAcR2PEseep/2JTcIzC3rOtCLgM9JJ+W6qMimqQ91fUzaevC9
P6/GHyRM2T+sx5fIiErcsytyQpXh1EcBHgCTlgJdoQcvKGtDqPZRXQhuBCQjZpTY
tYroJe0eTfnEwUYFaYFxMzWqFI5bR5hh6TqZcxckV1c7WJC5cHROvgGeBgcd2Kz9
r9ukerlyG109wR/D4UGhZuOdqfG7kBpVW3vjFyILxVJopa+N//ry4r0tCQUsrdbe
SjT82q0OFogQtEnz2LkarDzRME56KyAwIDPq7F/8Qz/TOhBOKtFfWjkkyrwj9j1F
m8mSbgxaiYdSdYFA2diq/wJ7/LOSvng=
-----END CERTIFICATE-----
Generated at Fri May 17 06:44:21 2024 by rpki-client on console-fra.rpki-client.org