Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/fnwKDSSYpr02vfQYdlY1i-n_zeI.roa
File: fnwKDSSYpr02vfQYdlY1i-n_zeI.roa (raw, json)
Hash identifier: IEYYM+f63/Hajy+KN1yTwKeb0UNsMNhyjTdyNV/5cRc=
Subject key identifier: 7E:7C:0A:0D:24:98:A6:BD:36:BD:F4:18:76:56:35:8B:E9:FF:CD:E2
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DACB1BB03793C5C7B8033685859C1B
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/fnwKDSSYpr02vfQYdlY1i-n_zeI.roa
Signing time: Mon 01 Jan 2024 02:29:27 +0000
ROA not before: Mon 01 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201337
IP address blocks: 185.75.200.0/22 maxlen: 24
185.77.168.0/22 maxlen: 24
86.105.31.0/24 maxlen: 24
86.105.28.0/22 maxlen: 24
86.105.28.0/24 maxlen: 24
89.47.4.0/22 maxlen: 24
89.47.6.0/23 maxlen: 24
188.240.205.0/24 maxlen: 24
195.82.122.0/24 maxlen: 24
195.82.120.0/24 maxlen: 24
188.240.204.0/24 maxlen: 24
188.240.206.0/24 maxlen: 24
195.82.121.0/24 maxlen: 24
188.240.206.0/23 maxlen: 24
195.82.120.0/22 maxlen: 24
86.106.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cb:1b:b0:37:93:c5:c7:b8:03:36:85:85:9c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e7c0a0d2498a6bd36bdf4187656358be9ffcde2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:78:d4:6e:45:68:a2:8d:9d:15:e6:19:73:ef:
84:5d:de:1b:70:6b:99:79:49:d4:d3:c0:26:eb:59:
75:35:41:d0:61:b4:81:57:77:35:fb:fa:c3:06:2a:
97:ba:7d:5f:66:d7:cb:17:b7:72:9f:41:85:8b:1e:
b1:2c:4d:c8:d0:39:91:f1:57:6d:70:51:6d:ad:a5:
7e:39:40:23:7d:9d:bc:8e:3d:f0:5d:db:35:6a:90:
23:5b:72:60:fb:7b:5e:98:a6:bc:1d:d9:6b:ba:a7:
19:cc:d0:8a:60:3d:2d:49:4a:c9:4b:28:d4:2f:cd:
d8:02:23:71:c9:a9:27:a1:11:5f:21:a3:6b:4f:0d:
21:7e:a0:e0:83:49:d3:f6:e7:7f:4c:1e:21:30:14:
b6:09:59:f7:99:5f:cd:3b:c3:92:a3:2a:8c:aa:c9:
6f:e0:04:53:2a:ef:fa:a0:ed:6b:2b:79:f3:8d:f1:
27:73:8a:2c:5b:0a:51:99:5b:b6:12:63:08:ef:8e:
78:04:da:96:e7:bc:95:c7:8b:29:2e:94:23:21:ed:
4b:bd:b0:c4:9a:3c:c8:3f:4f:21:ce:cf:ae:6d:21:
ae:ca:1b:f7:bb:32:fc:0a:ba:8e:4d:89:a1:b6:14:
7e:79:42:d0:43:15:b2:d0:e7:4c:90:7b:cb:c0:e3:
c4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:7C:0A:0D:24:98:A6:BD:36:BD:F4:18:76:56:35:8B:E9:FF:CD:E2
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/fnwKDSSYpr02vfQYdlY1i-n_zeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.28.0/22
86.106.184.0/22
89.47.4.0/22
185.75.200.0/22
185.77.168.0/22
188.240.204.0/22
195.82.120.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:06:6b:af:9e:e5:85:e1:9a:08:28:45:e3:bd:20:72:18:fa:
23:10:54:97:77:35:ef:2d:b1:cf:12:fe:36:af:eb:0d:c6:05:
f9:38:40:35:af:ed:7a:74:5c:a4:7a:7d:6f:c9:74:79:65:4e:
d6:2f:d0:74:7e:64:42:fa:2c:38:df:22:f2:8a:f0:a4:4c:20:
e8:62:b4:ac:7b:37:26:6a:bc:cc:f8:1e:df:b8:94:e1:43:92:
0e:d1:7b:44:43:cc:55:e3:87:32:e7:0d:e2:0b:24:68:8f:f0:
f4:6a:5f:93:66:65:64:d4:ae:44:32:54:59:28:f6:f6:99:ed:
c4:f8:dc:c0:05:4f:43:ce:89:84:2b:77:33:5a:9f:75:c4:f4:
eb:1b:6c:33:e0:3a:95:af:cb:d4:3f:b9:c1:5a:01:e0:17:4f:
d0:45:87:a5:d6:c4:88:12:89:71:e5:d4:fc:c8:82:83:07:20:
b0:be:d7:5d:3e:3b:b1:e5:de:43:93:b1:f7:a0:74:a5:64:45:
a0:fd:e6:33:56:54:ec:33:74:5e:39:cf:fb:62:6f:43:67:88:
4b:69:84:35:b7:e1:0a:32:e0:aa:51:c8:60:30:f8:33:3c:a8:
95:d1:75:15:50:ed:8d:6c:f4:14:51:8c:bc:ed:c6:d9:2d:72:
cc:f9:c1:1c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzC2ssbsDeTxce4AzaFhZwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTdjMGEwZDI0OThhNmJkMzZiZGY0MTg3NjU2MzU4YmU5ZmZjZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnjUbkVooo2dFeYZc++EXd4bcGuZ
eUnU08Am61l1NUHQYbSBV3c1+/rDBiqXun1fZtfLF7dyn0GFix6xLE3I0DmR8Vdt
cFFtraV+OUAjfZ28jj3wXds1apAjW3Jg+3temKa8HdlruqcZzNCKYD0tSUrJSyjU
L83YAiNxyaknoRFfIaNrTw0hfqDgg0nT9ud/TB4hMBS2CVn3mV/NO8OSoyqMqslv
4ARTKu/6oO1rK3nzjfEnc4osWwpRmVu2EmMI7454BNqW57yVx4spLpQjIe1LvbDE
mjzIP08hzs+ubSGuyhv3uzL8CrqOTYmhthR+eULQQxWy0OdMkHvLwOPE3QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFH58Cg0kmKa9Nr30GHZWNYvp/83iMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvZm53S0RTU1lwcjAydmZRWWRsWTFpLW5femVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVmkcAwQC
Vmq4AwQCWS8EAwQCuUvIAwQCuU2oAwQCvPDMAwQCw1J4MA0GCSqGSIb3DQEBCwUA
A4IBAQA/BmuvnuWF4ZoIKEXjvSByGPojEFSXdzXvLbHPEv42r+sNxgX5OEA1r+16
dFyken1vyXR5ZU7WL9B0fmRC+iw43yLyivCkTCDoYrSsezcmarzM+B7fuJThQ5IO
0XtEQ8xV44cy5w3iCyRoj/D0al+TZmVk1K5EMlRZKPb2me3E+NzABU9DzomEK3cz
Wp91xPTrG2wz4DqVr8vUP7nBWgHgF0/QRYel1sSIEolx5dT8yIKDByCwvtddPjux
5d5Dk7H3oHSlZEWg/eYzVlTsM3ReOc/7Ym9DZ4hLaYQ1t+EKMuCqUchgMPgzPKiV
0XUVUO2NbPQUUYy87cbZLXLM+cEc
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:26:08 2024 by rpki-client on console-ams.rpki-client.org