Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/FS6VHRHygYy7ZXD7wwcG6UbLmo8.roa
File: FS6VHRHygYy7ZXD7wwcG6UbLmo8.roa (raw, json)
Hash identifier: TLSb1rMyB0mwe4OBlI+lVv4Jrlp5PuZ9/oygYKtdW9U=
Subject key identifier: 15:2E:95:1D:11:F2:81:8C:BB:65:70:FB:C3:07:06:E9:46:CB:9A:8F
Certificate issuer: /CN=0e2d420e661c86571089ff0b51965a86e0d7bc75
Certificate serial: 018CC8DF529D3DAC0343D6CCE3B76A909EC7
Authority key identifier: 0E:2D:42:0E:66:1C:86:57:10:89:FF:0B:51:96:5A:86:E0:D7:BC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Di1CDmYchlcQif8LUZZahuDXvHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/FS6VHRHygYy7ZXD7wwcG6UbLmo8.roa
Signing time: Tue 02 Jan 2024 06:32:08 +0000
ROA not before: Tue 02 Jan 2024 06:32:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3223
IP address blocks: 37.221.174.0/23 maxlen: 23
37.221.160.0/21 maxlen: 24
37.221.164.0/24 maxlen: 24
37.221.167.0/24 maxlen: 24
37.221.168.0/23 maxlen: 24
37.221.170.0/23 maxlen: 23
37.221.172.0/23 maxlen: 23
195.60.76.0/23 maxlen: 24
185.5.175.0/24 maxlen: 24
185.5.174.0/24 maxlen: 24
185.5.173.0/24 maxlen: 24
109.163.224.0/24 maxlen: 24
109.163.225.0/24 maxlen: 24
109.163.226.0/23 maxlen: 23
109.163.229.0/24 maxlen: 24
109.163.228.0/24 maxlen: 24
109.163.230.0/23 maxlen: 24
109.163.232.0/24 maxlen: 24
109.163.233.0/24 maxlen: 24
109.163.234.0/23 maxlen: 24
109.163.236.0/22 maxlen: 24
109.163.239.0/24 maxlen: 24
185.5.172.0/24 maxlen: 24
2a03:5180:b::/48 maxlen: 64
2a03:5180:6::/48 maxlen: 48
2a03:5180:1::/48 maxlen: 64
2a03:5180:5::/48 maxlen: 48
2a03:5180::/32 maxlen: 48
2a03:5180:8::/48 maxlen: 48
2a03:5180:3::/48 maxlen: 48
2a03:5180:7::/48 maxlen: 48
2a03:5180:2::/48 maxlen: 48
2a03:5180:1:6::/64 maxlen: 64
2a03:5180::/48 maxlen: 48
2a03:5180:11::/48 maxlen: 48
2a03:5180:4::/48 maxlen: 48
2a03:5180:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/Di1CDmYchlcQif8LUZZahuDXvHU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/Di1CDmYchlcQif8LUZZahuDXvHU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Di1CDmYchlcQif8LUZZahuDXvHU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:52:9d:3d:ac:03:43:d6:cc:e3:b7:6a:90:9e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e2d420e661c86571089ff0b51965a86e0d7bc75
Validity
Not Before: Jan 2 06:32:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=152e951d11f2818cbb6570fbc30706e946cb9a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f7:65:e9:0a:94:12:67:ae:d9:95:d5:6b:7a:
39:4a:f7:fa:55:ea:ca:ea:8a:80:e5:66:e8:c2:49:
79:df:0f:af:98:c6:cb:60:2e:10:f5:4a:5d:bd:14:
bb:18:3f:d1:55:c5:01:21:41:c6:13:66:f8:48:1a:
85:f2:0e:05:63:57:24:7b:bf:bb:b0:6d:65:8f:e8:
e4:d9:cf:35:fe:3d:ba:77:49:f1:d3:32:2f:b5:5b:
24:ff:03:84:5c:f8:fb:09:0e:fe:c0:57:71:35:04:
62:c4:f3:fd:26:10:05:7e:81:97:38:dd:37:d3:00:
bd:97:63:3c:f0:fe:97:36:eb:96:25:94:e1:dc:b5:
1d:4c:6f:06:4b:dd:01:a7:83:f3:91:1b:1a:33:b5:
79:b1:2a:da:59:cd:f1:5b:41:4a:54:77:e7:81:48:
1b:e8:9e:97:f4:47:50:c9:61:12:82:29:62:68:a5:
10:bb:39:85:7a:50:15:1b:31:aa:71:be:f8:64:6b:
23:c8:de:e6:23:36:e1:9a:52:17:f5:58:00:bf:77:
83:9b:54:8a:b0:97:e7:92:3d:c0:0c:4c:ff:ab:a1:
bb:a1:f2:51:92:db:06:bb:5f:9b:20:01:b8:89:4c:
d6:58:8e:13:b1:d9:ef:de:f2:5a:eb:36:aa:a8:08:
36:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2E:95:1D:11:F2:81:8C:BB:65:70:FB:C3:07:06:E9:46:CB:9A:8F
X509v3 Authority Key Identifier:
keyid:0E:2D:42:0E:66:1C:86:57:10:89:FF:0B:51:96:5A:86:E0:D7:BC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Di1CDmYchlcQif8LUZZahuDXvHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/FS6VHRHygYy7ZXD7wwcG6UbLmo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/750009-6fa1-4ef1-832a-75188b3c112e/1/Di1CDmYchlcQif8LUZZahuDXvHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.160.0/20
109.163.224.0/20
185.5.172.0/22
195.60.76.0/23
IPv6:
2a03:5180::/32
Signature Algorithm: sha256WithRSAEncryption
05:90:4a:7a:84:5b:a5:f9:1e:72:fe:f5:13:e8:7e:93:c8:07:
27:6f:56:87:d1:24:e6:b9:35:bb:0b:8f:0b:a0:b4:b0:74:68:
bb:b3:3d:33:75:d7:15:50:43:6b:7e:f0:da:d2:bf:2c:ca:15:
ad:53:06:d7:63:e1:39:bf:a0:a0:1e:17:55:69:71:a6:51:78:
7e:02:d0:fd:62:09:f2:0d:89:3f:a5:f4:13:b2:74:c2:bd:5b:
d5:75:b6:7c:af:fb:62:c8:ed:f7:89:6e:43:39:d2:d6:ed:d0:
2d:95:e8:07:3e:35:e7:be:32:09:e3:3c:28:78:2c:b0:0b:60:
fb:a6:e4:1d:fb:35:8c:3e:02:d5:7b:e1:b1:5c:bc:25:c6:9c:
65:68:0e:05:f2:91:a7:5b:5a:f0:b3:ad:26:0d:82:24:af:fd:
bf:bf:b8:ee:9e:22:16:70:00:39:c1:34:8b:7d:a2:95:f0:a0:
5f:4c:29:58:8e:cf:60:e3:d7:5b:a9:e0:7a:3f:6f:8b:3d:cc:
e3:6b:99:2d:c9:da:3f:9d:9e:56:ce:80:df:b8:48:b3:61:f8:
7e:d6:82:3a:e7:ff:3a:3a:aa:23:42:a6:ed:69:e3:7b:66:9a:
74:21:58:66:b3:eb:0f:6c:c9:ab:3e:af:37:e0:5e:42:2e:25:
cd:16:46:d3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI31KdPawDQ9bM47dqkJ7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMmQ0MjBlNjYxYzg2NTcxMDg5ZmYwYjUxOTY1YTg2ZTBk
N2JjNzUwHhcNMjQwMTAyMDYzMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTJlOTUxZDExZjI4MThjYmI2NTcwZmJjMzA3MDZlOTQ2Y2I5YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvdl6QqUEmeu2ZXVa3o5Svf6VerK
6oqA5Wbowkl53w+vmMbLYC4Q9UpdvRS7GD/RVcUBIUHGE2b4SBqF8g4FY1cke7+7
sG1lj+jk2c81/j26d0nx0zIvtVsk/wOEXPj7CQ7+wFdxNQRixPP9JhAFfoGXON03
0wC9l2M88P6XNuuWJZTh3LUdTG8GS90Bp4PzkRsaM7V5sSraWc3xW0FKVHfngUgb
6J6X9EdQyWESgiliaKUQuzmFelAVGzGqcb74ZGsjyN7mIzbhmlIX9VgAv3eDm1SK
sJfnkj3ADEz/q6G7ofJRktsGu1+bIAG4iUzWWI4Tsdnv3vJa6zaqqAg2HwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBUulR0R8oGMu2Vw+8MHBulGy5qPMB8GA1UdIwQY
MBaAFA4tQg5mHIZXEIn/C1GWWobg17x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGkxQ0RtWWNobGNRaWY4TFVaWmFodURYdkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NTAwMDktNmZhMS00ZWYxLTgzMmEt
NzUxODhiM2MxMTJlLzEvRlM2VkhSSHlnWXk3WlhEN3d3Y0c2VWJMbW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NTAwMDktNmZhMS00ZWYxLTgzMmEtNzUxODhiM2MxMTJl
LzEvRGkxQ0RtWWNobGNRaWY4TFVaWmFodURYdkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJd2gAwQE
baPgAwQCuQWsAwQBwzxMMA0EAgACMAcDBQAqA1GAMA0GCSqGSIb3DQEBCwUAA4IB
AQAFkEp6hFul+R5y/vUT6H6TyAcnb1aH0STmuTW7C48LoLSwdGi7sz0zddcVUENr
fvDa0r8syhWtUwbXY+E5v6CgHhdVaXGmUXh+AtD9YgnyDYk/pfQTsnTCvVvVdbZ8
r/tiyO33iW5DOdLW7dAtlegHPjXnvjIJ4zwoeCywC2D7puQd+zWMPgLVe+GxXLwl
xpxlaA4F8pGnW1rws60mDYIkr/2/v7juniIWcAA5wTSLfaKV8KBfTClYjs9g49db
qeB6P2+LPczja5ktydo/nZ5WzoDfuEizYfh+1oI65/86OqojQqbtaeN7Zpp0IVhm
s+sPbMmrPq834F5CLiXNFkbT
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:43:23 2024 by rpki-client on console-fra.rpki-client.org