Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/Fc_LZ9up5hSyrHSXtEUK-R4y8lM.roa
File: Fc_LZ9up5hSyrHSXtEUK-R4y8lM.roa (raw, json)
Hash identifier: F3Qz86jJNiPp7bqfd02fW5JB96+8IppHlQxEM1BGGGU=
Subject key identifier: 15:CF:CB:67:DB:A9:E6:14:B2:AC:74:97:B4:45:0A:F9:1E:32:F2:53
Certificate issuer: /CN=27bb32aa8c9f8d05c517be2ad6652f66550a8d57
Certificate serial: 018CCA96D8371D7669B62E33C5D2671EA511
Authority key identifier: 27:BB:32:AA:8C:9F:8D:05:C5:17:BE:2A:D6:65:2F:66:55:0A:8D:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J7syqoyfjQXFF74q1mUvZlUKjVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/Fc_LZ9up5hSyrHSXtEUK-R4y8lM.roa
Signing time: Tue 02 Jan 2024 14:32:12 +0000
ROA not before: Tue 02 Jan 2024 14:32:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61049
IP address blocks: 185.231.218.0/24 maxlen: 24
185.231.216.0/24 maxlen: 24
185.231.217.0/24 maxlen: 24
185.20.54.0/24 maxlen: 24
185.20.55.0/24 maxlen: 24
185.20.52.0/24 maxlen: 24
185.20.53.0/24 maxlen: 24
185.195.116.0/24 maxlen: 24
185.195.117.0/24 maxlen: 24
185.195.118.0/24 maxlen: 24
185.195.119.0/24 maxlen: 24
2a04:13c1::/32 maxlen: 32
2a0c:8305::/32 maxlen: 32
2a0c:8301::/32 maxlen: 32
2a04:13c5::/32 maxlen: 32
2a04:13c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/J7syqoyfjQXFF74q1mUvZlUKjVc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/J7syqoyfjQXFF74q1mUvZlUKjVc.mft
rsync://rpki.ripe.net/repository/DEFAULT/J7syqoyfjQXFF74q1mUvZlUKjVc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:96:d8:37:1d:76:69:b6:2e:33:c5:d2:67:1e:a5:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27bb32aa8c9f8d05c517be2ad6652f66550a8d57
Validity
Not Before: Jan 2 14:32:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15cfcb67dba9e614b2ac7497b4450af91e32f253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:48:96:49:fe:07:50:12:7c:ac:c5:b5:1b:d0:
7e:0e:2e:9d:dd:27:82:59:31:a2:17:b7:f6:97:ab:
fc:de:fa:0f:75:9e:5e:99:f6:62:cf:a4:8a:0c:63:
18:03:d3:07:36:78:50:fd:0e:95:9a:b6:b9:fa:c2:
37:7b:29:e7:25:ad:9e:4c:1b:f6:f3:5a:7c:8c:3e:
d9:e8:d7:a1:3c:87:e9:a2:19:c4:aa:9a:a5:da:83:
69:07:05:d3:78:a2:30:14:5a:f7:2e:2f:8e:e4:fc:
49:11:7b:5f:8e:42:4f:af:17:8e:17:02:6a:bb:81:
65:58:e3:7f:6b:2e:86:0f:b7:ab:70:db:59:f2:04:
84:c0:50:f4:41:db:dd:e9:49:aa:93:62:73:a3:a3:
0e:fa:89:a3:68:1a:c0:da:77:f0:f9:11:0d:43:a9:
ca:37:d0:8e:79:ec:ca:0b:23:41:ee:29:48:5f:30:
e3:14:4a:e1:9f:48:17:28:88:d5:4b:81:fa:cc:52:
55:0e:f6:0d:36:ad:cc:7c:c8:11:94:7d:0c:d6:2b:
4c:14:82:44:f6:0e:ce:87:9f:20:f6:46:11:c7:38:
8e:82:9c:b2:00:44:cc:cb:03:1f:c1:e8:fa:76:b0:
3c:11:55:a3:13:58:24:47:b4:82:62:9c:47:40:e2:
ab:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:CF:CB:67:DB:A9:E6:14:B2:AC:74:97:B4:45:0A:F9:1E:32:F2:53
X509v3 Authority Key Identifier:
keyid:27:BB:32:AA:8C:9F:8D:05:C5:17:BE:2A:D6:65:2F:66:55:0A:8D:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J7syqoyfjQXFF74q1mUvZlUKjVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/Fc_LZ9up5hSyrHSXtEUK-R4y8lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a7dceb-ff54-436a-9415-484221a1f285/1/J7syqoyfjQXFF74q1mUvZlUKjVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.52.0/22
185.195.116.0/22
185.231.216.0-185.231.218.255
IPv6:
2a04:13c0::/31
2a04:13c5::/32
2a0c:8301::/32
2a0c:8305::/32
Signature Algorithm: sha256WithRSAEncryption
70:e8:19:7a:8c:a0:e5:13:ab:fc:c7:1b:b4:05:2f:ee:cc:5f:
2f:9c:80:3e:40:66:56:9c:3d:2c:a5:66:a1:37:f0:21:b9:a5:
99:ad:c6:b8:5a:01:34:53:55:7a:ca:56:ba:54:c4:c1:f6:0e:
9d:f0:16:61:14:65:b0:94:45:c3:c0:f1:27:4f:33:9b:bf:5b:
f9:1d:25:16:93:03:97:9b:0e:59:f1:0b:9b:a9:74:14:18:f5:
e4:11:56:d7:95:aa:b9:9e:43:35:07:78:1c:b3:da:d9:b0:fd:
99:bb:19:13:35:0d:dd:7b:8a:39:1d:ef:d0:ed:2c:ed:79:f4:
15:f2:b8:80:a3:61:dd:85:5f:22:ab:ff:03:62:3a:63:ea:81:
52:f0:49:05:00:92:1c:cf:4b:65:dc:9e:51:45:04:8f:8a:c5:
cb:53:73:4f:b0:e3:2d:b7:03:59:21:2d:ab:5d:56:ba:62:c8:
97:83:1e:d7:90:e9:89:b5:27:fc:a5:20:c5:10:11:79:d3:2e:
b0:ac:b1:46:03:b2:af:94:44:0e:03:d6:c9:1e:e4:5b:4c:7a:
0d:1d:97:22:f7:02:14:38:55:a4:4a:71:51:a7:57:df:08:27:
d2:62:e1:33:ed:06:e0:17:76:68:d8:ae:34:b7:16:f8:6b:fd:
57:73:b6:68
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzKltg3HXZpti4zxdJnHqURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YmIzMmFhOGM5ZjhkMDVjNTE3YmUyYWQ2NjUyZjY2NTUw
YThkNTcwHhcNMjQwMTAyMTQzMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWNmY2I2N2RiYTllNjE0YjJhYzc0OTdiNDQ1MGFmOTFlMzJmMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkiWSf4HUBJ8rMW1G9B+Di6d3SeC
WTGiF7f2l6v83voPdZ5emfZiz6SKDGMYA9MHNnhQ/Q6Vmra5+sI3eynnJa2eTBv2
81p8jD7Z6NehPIfpohnEqpql2oNpBwXTeKIwFFr3Li+O5PxJEXtfjkJPrxeOFwJq
u4FlWON/ay6GD7ercNtZ8gSEwFD0Qdvd6Umqk2Jzo6MO+omjaBrA2nfw+RENQ6nK
N9COeezKCyNB7ilIXzDjFErhn0gXKIjVS4H6zFJVDvYNNq3MfMgRlH0M1itMFIJE
9g7Oh58g9kYRxziOgpyyAETMywMfwej6drA8EVWjE1gkR7SCYpxHQOKrtwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBXPy2fbqeYUsqx0l7RFCvkeMvJTMB8GA1UdIwQY
MBaAFCe7MqqMn40FxRe+KtZlL2ZVCo1XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjdzeXFveWZqUVhGRjc0cTFtVXZabFVLalZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hN2RjZWItZmY1NC00MzZhLTk0MTUt
NDg0MjIxYTFmMjg1LzEvRmNfTFo5dXA1aFN5ckhTWHRFVUstUjR5OGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hN2RjZWItZmY1NC00MzZhLTk0MTUtNDg0MjIxYTFmMjg1
LzEvSjdzeXFveWZqUVhGRjc0cTFtVXZabFVLalZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAgBAIAATAaAwQCuRQ0AwQC
ucN0MAwDBAO559gDBAC559owIgQCAAIwHAMFASoEE8ADBQAqBBPFAwUAKgyDAQMF
ACoMgwUwDQYJKoZIhvcNAQELBQADggEBAHDoGXqMoOUTq/zHG7QFL+7MXy+cgD5A
ZlacPSylZqE38CG5pZmtxrhaATRTVXrKVrpUxMH2Dp3wFmEUZbCURcPA8SdPM5u/
W/kdJRaTA5ebDlnxC5updBQY9eQRVteVqrmeQzUHeByz2tmw/Zm7GRM1Dd17ijkd
79DtLO159BXyuICjYd2FXyKr/wNiOmPqgVLwSQUAkhzPS2XcnlFFBI+KxctTc0+w
4y23A1khLatdVrpiyJeDHteQ6Ym1J/ylIMUQEXnTLrCssUYDsq+URA4D1ske5FtM
eg0dlyL3AhQ4VaRKcVGnV98IJ9Ji4TPtBuAXdmjYrjS3Fvhr/Vdztmg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:36:17 2024 by rpki-client on console-fra.rpki-client.org