Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/FYAwcsICtH_F1mmvuzYTwVdnao0.roa
File: FYAwcsICtH_F1mmvuzYTwVdnao0.roa (raw, json)
Hash identifier: BSFaaft4YEJ/75pArKH+UKX8uoafnE+oE7ilDdlEB9Q=
Subject key identifier: 15:80:30:72:C2:02:B4:7F:C5:D6:69:AF:BB:36:13:C1:57:67:6A:8D
Certificate issuer: /CN=1690970ddbb7619cc82186ddb536eb4e8985d2de
Certificate serial: 018CC7936BA3A825DF219BCA79C5FF1F5D57
Authority key identifier: 16:90:97:0D:DB:B7:61:9C:C8:21:86:DD:B5:36:EB:4E:89:85:D2:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpCXDdu3YZzIIYbdtTbrTomF0t4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/FYAwcsICtH_F1mmvuzYTwVdnao0.roa
Signing time: Tue 02 Jan 2024 00:29:36 +0000
ROA not before: Tue 02 Jan 2024 00:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42697
IP address blocks: 109.200.64.0/20 maxlen: 20
185.29.78.0/23 maxlen: 23
185.29.77.0/24 maxlen: 24
77.243.48.0/20 maxlen: 20
2a03:dc86::/32 maxlen: 32
2a03:dc80::/29 maxlen: 32
2a03:dc84::/32 maxlen: 32
2a03:dc82::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/FpCXDdu3YZzIIYbdtTbrTomF0t4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/FpCXDdu3YZzIIYbdtTbrTomF0t4.mft
rsync://rpki.ripe.net/repository/DEFAULT/FpCXDdu3YZzIIYbdtTbrTomF0t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:6b:a3:a8:25:df:21:9b:ca:79:c5:ff:1f:5d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1690970ddbb7619cc82186ddb536eb4e8985d2de
Validity
Not Before: Jan 2 00:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15803072c202b47fc5d669afbb3613c157676a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:f5:e5:24:27:48:c6:cc:1c:19:dd:27:02:
04:76:04:48:64:3e:f4:82:10:ef:84:13:9b:3e:f3:
33:16:2b:94:7a:4b:c6:ea:8c:df:9b:86:76:53:61:
aa:3e:d1:4a:1c:24:4e:7c:2c:80:6d:43:12:3a:3c:
7b:05:62:5f:29:f6:52:30:4b:5c:37:b8:30:d9:8b:
ba:08:21:8a:3d:cc:41:3a:2e:a1:37:5c:63:eb:4a:
ee:1a:46:36:9a:b6:fc:34:45:a0:66:2d:b2:33:38:
69:58:0d:fb:af:b2:f6:c8:11:80:19:c6:7d:ca:3d:
b4:e9:be:d1:cd:8e:df:fd:ad:e9:19:8e:7d:ea:f4:
fb:c0:bb:90:37:9a:c7:ab:93:37:9b:6c:70:dc:45:
e4:28:2b:1c:8f:27:67:48:3a:b1:cf:ce:8f:2d:5a:
70:57:bf:1b:94:26:0f:91:cb:8c:5a:33:ed:0c:87:
f9:bf:b0:c1:7e:f1:07:04:62:09:08:0b:8c:2a:bd:
72:25:80:cd:f4:df:e9:b7:32:9d:56:67:5d:41:91:
2e:5a:ef:b8:22:26:cf:a2:90:09:1c:8b:d0:75:09:
d2:3f:cd:a1:9b:81:5d:d2:b4:fc:28:8e:2d:e7:c4:
5d:7d:2f:34:34:80:44:81:eb:f1:b3:f2:b0:04:8b:
ee:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:80:30:72:C2:02:B4:7F:C5:D6:69:AF:BB:36:13:C1:57:67:6A:8D
X509v3 Authority Key Identifier:
keyid:16:90:97:0D:DB:B7:61:9C:C8:21:86:DD:B5:36:EB:4E:89:85:D2:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpCXDdu3YZzIIYbdtTbrTomF0t4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/FYAwcsICtH_F1mmvuzYTwVdnao0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/FpCXDdu3YZzIIYbdtTbrTomF0t4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.48.0/20
109.200.64.0/20
185.29.77.0-185.29.79.255
IPv6:
2a03:dc80::/29
Signature Algorithm: sha256WithRSAEncryption
95:f5:f4:41:c8:34:15:92:af:cc:cf:a6:32:ce:f4:56:e9:d4:
e1:bf:3a:76:0f:24:1d:75:1d:07:95:30:80:fe:63:1a:94:4e:
87:fa:8c:22:77:bb:32:37:ed:05:e2:46:07:c0:46:81:0b:38:
0e:9a:0c:de:04:21:b1:fa:b2:9e:ae:21:e5:1f:2b:30:b1:4e:
8f:67:fc:06:6b:01:87:21:53:6f:0f:50:8c:98:ab:08:03:32:
2a:f3:05:bd:1c:e6:52:36:e1:d4:97:01:fd:27:69:19:d9:cd:
91:63:b0:6a:6f:94:ab:a8:cf:67:ca:61:f6:e5:f2:a0:f5:35:
4b:d0:57:b9:5e:be:76:8a:cb:8a:52:73:99:6b:c7:01:cc:0e:
89:0f:e5:4b:c6:18:49:bf:d3:69:a8:8d:0f:16:9e:f7:c8:65:
fe:f7:8e:6f:b9:d2:2a:a5:2f:a4:c7:3a:62:ff:08:29:aa:58:
09:84:5e:b7:7a:0f:32:4b:11:71:03:fd:d7:2e:96:0e:64:e2:
17:47:de:af:bc:6f:76:67:33:22:20:30:62:3c:96:bc:41:2e:
78:91:da:67:90:c5:a8:93:85:c1:7b:12:3e:0b:2a:42:82:07:
8c:17:51:fc:50:58:42:7a:91:74:b6:ca:b8:b9:b2:3b:f4:62:
69:64:14:38
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzHk2ujqCXfIZvKecX/H11XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTA5NzBkZGJiNzYxOWNjODIxODZkZGI1MzZlYjRlODk4
NWQyZGUwHhcNMjQwMTAyMDAyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTgwMzA3MmMyMDJiNDdmYzVkNjY5YWZiYjM2MTNjMTU3Njc2YThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4r15SQnSMbMHBndJwIEdgRIZD70
ghDvhBObPvMzFiuUekvG6ozfm4Z2U2GqPtFKHCROfCyAbUMSOjx7BWJfKfZSMEtc
N7gw2Yu6CCGKPcxBOi6hN1xj60ruGkY2mrb8NEWgZi2yMzhpWA37r7L2yBGAGcZ9
yj206b7RzY7f/a3pGY596vT7wLuQN5rHq5M3m2xw3EXkKCscjydnSDqxz86PLVpw
V78blCYPkcuMWjPtDIf5v7DBfvEHBGIJCAuMKr1yJYDN9N/ptzKdVmddQZEuWu+4
IibPopAJHIvQdQnSP82hm4Fd0rT8KI4t58RdfS80NIBEgevxs/KwBIvuewIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBWAMHLCArR/xdZpr7s2E8FXZ2qNMB8GA1UdIwQY
MBaAFBaQlw3bt2GcyCGG3bU2606JhdLeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBDWERkdTNZWnpJSVliZHRUYnJUb21GMHQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yZTg1MzctMzZiZS00OThmLTgxNTUt
Y2MwM2JkMzE1ZmY5LzEvRllBd2NzSUN0SF9GMW1tdnV6WVR3VmRuYW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8yZTg1MzctMzZiZS00OThmLTgxNTUtY2MwM2JkMzE1ZmY5
LzEvRnBDWERkdTNZWnpJSVliZHRUYnJUb21GMHQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQETfMwAwQE
bchAMAwDBAC5HU0DBAS5HUAwDQQCAAIwBwMFAyoD3IAwDQYJKoZIhvcNAQELBQAD
ggEBAJX19EHINBWSr8zPpjLO9Fbp1OG/OnYPJB11HQeVMID+YxqUTof6jCJ3uzI3
7QXiRgfARoELOA6aDN4EIbH6sp6uIeUfKzCxTo9n/AZrAYchU28PUIyYqwgDMirz
Bb0c5lI24dSXAf0naRnZzZFjsGpvlKuoz2fKYfbl8qD1NUvQV7levnaKy4pSc5lr
xwHMDokP5UvGGEm/02mojQ8WnvfIZf73jm+50iqlL6THOmL/CCmqWAmEXrd6DzJL
EXED/dculg5k4hdH3q+8b3ZnMyIgMGI8lrxBLniR2meQxaiThcF7Ej4LKkKCB4wX
UfxQWEJ6kXS2yri5sjv0YmlkFDg=
-----END CERTIFICATE-----
Generated at Sat Sep 28 18:40:32 2024 by rpki-client on console-fra.rpki-client.org