Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Fa1CJ--zJYD73xJh_iOQtnXbllw.roa
File: Fa1CJ--zJYD73xJh_iOQtnXbllw.roa (raw, json)
Hash identifier: WO85CT2uE69tuHtBQAuqr7l7zwz529GfkWpeFP02VPo=
Subject key identifier: 15:AD:42:27:EF:B3:25:80:FB:DF:12:61:FE:23:90:B6:75:DB:96:5C
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64ADC9CB3D46167D2192873B3D9ABFF
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Fa1CJ--zJYD73xJh_iOQtnXbllw.roa
Signing time: Mon 01 Jan 2024 18:30:44 +0000
ROA not before: Mon 01 Jan 2024 18:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34549
IP address blocks: 83.243.45.114/32 maxlen: 32
178.251.225.0/24 maxlen: 32
178.251.224.0/22 maxlen: 32
178.251.224.0/21 maxlen: 21
178.251.230.0/24 maxlen: 32
178.251.229.0/24 maxlen: 32
178.251.228.0/23 maxlen: 32
178.251.230.0/23 maxlen: 32
80.77.16.0/20 maxlen: 32
80.77.16.0/24 maxlen: 32
185.90.161.0/24 maxlen: 32
185.90.160.0/24 maxlen: 32
185.90.162.0/24 maxlen: 32
185.90.160.0/22 maxlen: 32
83.243.46.83/32 maxlen: 32
80.77.31.254/32 maxlen: 32
185.150.96.0/22 maxlen: 32
5.1.64.0/24 maxlen: 32
5.1.64.0/20 maxlen: 32
5.1.64.0/19 maxlen: 32
45.155.248.0/22 maxlen: 22
5.1.66.0/24 maxlen: 32
5.1.65.0/24 maxlen: 32
5.1.67.0/24 maxlen: 32
5.1.70.0/24 maxlen: 32
94.247.40.0/21 maxlen: 32
94.247.46.0/24 maxlen: 32
94.247.45.0/24 maxlen: 32
5.1.72.0/24 maxlen: 32
5.1.76.0/24 maxlen: 32
5.1.73.0/24 maxlen: 32
5.1.82.0/24 maxlen: 32
5.1.85.0/24 maxlen: 32
5.1.84.0/24 maxlen: 32
5.1.91.0/24 maxlen: 32
5.1.86.0/24 maxlen: 32
5.1.90.0/24 maxlen: 32
5.1.89.0/24 maxlen: 32
5.1.87.0/24 maxlen: 32
5.1.94.0/23 maxlen: 32
5.1.93.0/24 maxlen: 32
5.1.94.0/24 maxlen: 32
83.243.40.0/21 maxlen: 32
185.44.107.0/24 maxlen: 32
185.44.106.0/24 maxlen: 32
83.243.44.0/24 maxlen: 32
83.243.47.0/24 maxlen: 32
83.243.46.0/24 maxlen: 32
83.243.45.0/24 maxlen: 32
195.10.195.0/24 maxlen: 32
31.47.232.0/21 maxlen: 32
185.37.144.0/22 maxlen: 32
185.37.145.0/24 maxlen: 32
185.37.147.0/24 maxlen: 32
185.44.104.0/22 maxlen: 32
2a01:360::/29 maxlen: 29
2a0f:b80::/29 maxlen: 29
2a01:360::/32 maxlen: 32
2a07:6fc0::/29 maxlen: 48
2a00:f820::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:dc:9c:b3:d4:61:67:d2:19:28:73:b3:d9:ab:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15ad4227efb32580fbdf1261fe2390b675db965c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3e:29:94:cd:18:33:c8:76:6c:3c:13:bb:e1:
df:14:3c:37:2c:c4:8c:fb:8e:5e:d8:69:c8:c6:21:
29:d5:e2:6b:f1:70:3d:f3:b3:9d:4a:df:55:d8:99:
bc:59:6f:7f:22:5e:3d:fa:3f:2a:44:b3:bd:cd:e3:
24:63:ad:cc:43:66:44:2f:3d:d3:38:38:0b:24:b4:
84:27:d8:73:33:9e:5a:a2:39:ef:8d:f0:c8:59:c1:
d5:ed:73:80:02:7c:67:a9:97:82:78:c2:b2:5e:d6:
fb:5b:55:6e:33:4c:7f:a4:5b:50:71:c0:62:6f:ac:
c0:f1:37:ab:70:82:a2:2a:19:9f:4d:9d:2b:23:5f:
8b:7a:bc:1e:fd:e1:a5:4b:56:b3:9f:fd:85:53:00:
08:87:32:2f:17:c1:f2:13:c9:24:c7:a9:95:4b:fc:
65:e9:f2:8a:2d:1c:1f:7c:6f:76:27:3b:bd:2b:5e:
8f:d2:e6:7d:63:bf:85:52:6c:42:a9:0b:5e:2a:f2:
1a:3c:0e:2a:02:8a:ff:9b:be:fb:88:bf:5f:af:2f:
52:b3:87:95:1b:6c:0a:2e:04:fb:39:9c:c6:3f:f4:
03:b4:2a:45:76:8a:1f:1a:b9:34:65:57:ff:e1:68:
7f:ed:e3:f3:9a:84:fb:59:7e:b2:ba:f4:9a:d4:4f:
69:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:AD:42:27:EF:B3:25:80:FB:DF:12:61:FE:23:90:B6:75:DB:96:5C
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Fa1CJ--zJYD73xJh_iOQtnXbllw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.64.0/19
31.47.232.0/21
45.155.248.0/22
80.77.16.0/20
83.243.40.0/21
94.247.40.0/21
178.251.224.0/21
185.37.144.0/22
185.44.104.0/22
185.90.160.0/22
185.150.96.0/22
195.10.195.0/24
IPv6:
2a00:f820::/29
2a01:360::/29
2a07:6fc0::/29
2a0f:b80::/29
Signature Algorithm: sha256WithRSAEncryption
7e:4f:d2:97:02:28:39:ed:b9:fa:fe:37:1a:f5:4f:ef:5b:db:
d7:b5:02:ee:28:c9:d6:98:4b:28:fb:35:79:50:1c:fd:1a:e0:
46:a8:07:5b:41:56:01:50:88:95:8f:43:28:25:27:0d:fa:1b:
ef:87:be:28:7f:b5:ac:aa:3e:f8:35:59:e8:63:e5:8f:5c:95:
ed:8d:d7:d3:bc:34:e1:76:1e:c0:f8:5e:88:9a:54:48:79:12:
73:a9:3d:53:4a:ff:d0:8a:92:17:a7:1a:d5:06:5a:b4:d7:59:
c0:18:e6:1e:fc:34:5b:a1:b5:18:37:1f:ae:6a:44:ee:35:3a:
17:10:0d:9f:56:4b:4b:80:af:09:0d:1b:c8:02:0a:49:56:d1:
10:4e:cc:9f:ee:c2:92:30:c3:81:d6:68:22:6e:66:10:f6:73:
47:70:0f:34:09:a0:18:eb:4f:64:ff:58:a8:96:39:3e:56:fb:
82:8d:42:9d:af:8c:cc:75:65:e0:99:37:90:29:be:50:ba:a8:
36:a0:b7:23:45:63:10:49:4a:cd:37:85:2f:ef:fa:83:e9:a2:
cd:7e:76:49:98:9e:38:b0:8d:71:4b:25:1c:0a:79:dd:bb:40:
6a:c4:96:0a:87:27:47:87:c1:97:ab:76:9b:eb:ac:99:99:36:
93:05:58:2e
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzGStycs9RhZ9IZKHOz2av/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWFkNDIyN2VmYjMyNTgwZmJkZjEyNjFmZTIzOTBiNjc1ZGI5NjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT4plM0YM8h2bDwTu+HfFDw3LMSM
+45e2GnIxiEp1eJr8XA987OdSt9V2Jm8WW9/Il49+j8qRLO9zeMkY63MQ2ZELz3T
ODgLJLSEJ9hzM55aojnvjfDIWcHV7XOAAnxnqZeCeMKyXtb7W1VuM0x/pFtQccBi
b6zA8TercIKiKhmfTZ0rI1+Lerwe/eGlS1azn/2FUwAIhzIvF8HyE8kkx6mVS/xl
6fKKLRwffG92Jzu9K16P0uZ9Y7+FUmxCqQteKvIaPA4qAor/m777iL9fry9Ss4eV
G2wKLgT7OZzGP/QDtCpFdoofGrk0ZVf/4Wh/7ePzmoT7WX6yuvSa1E9p7wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFBWtQifvsyWA+98SYf4jkLZ125ZcMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvRmExQ0otLXpKWUQ3M3hKaF9pT1F0blhibGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwTgQCAAEwSAMEBQUBQAME
Ax8v6AMEAi2b+AMEBFBNEAMEA1PzKAMEA173KAMEA7L74AMEArklkAMEArksaAME
ArlaoAMEArmWYAMEAMMKwzAiBAIAAjAcAwUDKgD4IAMFAyoBA2ADBQMqB2/AAwUD
Kg8LgDANBgkqhkiG9w0BAQsFAAOCAQEAfk/SlwIoOe25+v43GvVP71vb17UC7ijJ
1phLKPs1eVAc/RrgRqgHW0FWAVCIlY9DKCUnDfob74e+KH+1rKo++DVZ6GPlj1yV
7Y3X07w04XYewPheiJpUSHkSc6k9U0r/0IqSF6ca1QZatNdZwBjmHvw0W6G1GDcf
rmpE7jU6FxANn1ZLS4CvCQ0byAIKSVbREE7Mn+7CkjDDgdZoIm5mEPZzR3APNAmg
GOtPZP9YqJY5Plb7go1Cna+MzHVl4Jk3kCm+ULqoNqC3I0VjEElKzTeFL+/6g+mi
zX52SZieOLCNcUslHAp53btAasSWCocnR4fBl6t2m+usmZk2kwVYLg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:54 2024 by rpki-client on console-fra.rpki-client.org