Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/FNR-NbkiO3IGrbiS05Li-q90I_A.roa
File: FNR-NbkiO3IGrbiS05Li-q90I_A.roa (raw, json)
Hash identifier: 46NmnE4BhbEYCqMz2FNs4jZrElca2DEiAAX3PL4X5YY=
Subject key identifier: 14:D4:7E:35:B9:22:3B:72:06:AD:B8:92:D3:92:E2:FA:AF:74:23:F0
Certificate issuer: /CN=1678b49f9ae25f1e127534b1915044ac7d0d9e73
Certificate serial: 018CC348E38F3E8924190BDF075F335B349C
Authority key identifier: 16:78:B4:9F:9A:E2:5F:1E:12:75:34:B1:91:50:44:AC:7D:0D:9E:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fni0n5riXx4SdTSxkVBErH0NnnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/FNR-NbkiO3IGrbiS05Li-q90I_A.roa
Signing time: Mon 01 Jan 2024 04:29:43 +0000
ROA not before: Mon 01 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48095
IP address blocks: 193.38.242.0/23 maxlen: 23
185.223.40.0/22 maxlen: 22
193.37.54.0/23 maxlen: 23
193.37.52.0/23 maxlen: 23
193.38.240.0/23 maxlen: 23
185.226.80.0/22 maxlen: 22
185.249.236.0/22 maxlen: 22
147.78.52.0/23 maxlen: 23
147.78.54.0/23 maxlen: 23
194.93.36.0/23 maxlen: 23
194.93.38.0/23 maxlen: 23
194.26.176.0/22 maxlen: 22
194.55.80.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/Fni0n5riXx4SdTSxkVBErH0NnnM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/Fni0n5riXx4SdTSxkVBErH0NnnM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fni0n5riXx4SdTSxkVBErH0NnnM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e3:8f:3e:89:24:19:0b:df:07:5f:33:5b:34:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1678b49f9ae25f1e127534b1915044ac7d0d9e73
Validity
Not Before: Jan 1 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14d47e35b9223b7206adb892d392e2faaf7423f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d7:b5:b3:57:44:16:96:5b:b3:03:42:95:f1:
c2:7d:75:5f:ae:ea:6d:f1:52:0c:c5:21:60:c2:84:
be:1f:11:d2:ff:09:28:39:e2:f4:13:46:e7:e4:ca:
ac:97:f0:f6:65:94:57:73:d1:23:81:3a:53:97:58:
43:08:3e:98:31:d2:17:cf:fd:2d:f3:61:2a:ff:b7:
5b:37:57:4e:91:b9:86:ee:b1:2b:c2:c1:94:24:b1:
76:7d:94:c9:47:e9:d1:fd:5d:00:38:09:b8:d5:6f:
56:dd:58:3e:d4:66:f7:3e:0b:ab:bb:d6:8a:7e:4f:
17:eb:a1:97:17:bc:2c:cd:4e:26:e6:c8:8f:5c:f9:
9b:43:cf:f1:44:f6:a4:4a:ee:ca:f2:75:32:df:77:
da:5a:cf:77:14:67:d2:33:2b:34:15:cc:65:2f:ba:
28:89:7c:30:6e:cb:40:54:93:7d:64:4d:c6:71:1d:
71:78:eb:da:a5:f5:a2:38:39:46:ec:5d:91:75:a1:
0d:1f:55:b9:fe:9f:a9:b3:a8:13:7f:cb:2e:d0:97:
cd:61:01:db:4f:98:79:e1:ae:58:4c:2d:02:be:34:
6e:e9:90:d2:47:7f:1b:96:9b:0f:95:df:4c:0f:bc:
da:c8:db:ac:a1:aa:a0:2f:02:4f:3b:1a:9a:fa:48:
49:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D4:7E:35:B9:22:3B:72:06:AD:B8:92:D3:92:E2:FA:AF:74:23:F0
X509v3 Authority Key Identifier:
keyid:16:78:B4:9F:9A:E2:5F:1E:12:75:34:B1:91:50:44:AC:7D:0D:9E:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fni0n5riXx4SdTSxkVBErH0NnnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/FNR-NbkiO3IGrbiS05Li-q90I_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/Fni0n5riXx4SdTSxkVBErH0NnnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.52.0/22
185.223.40.0/22
185.226.80.0/22
185.249.236.0/22
193.37.52.0/22
193.38.240.0/22
194.26.176.0/22
194.55.80.0/22
194.93.36.0/22
Signature Algorithm: sha256WithRSAEncryption
29:0f:90:b8:3a:1f:87:91:3b:c3:15:92:e9:e0:00:68:08:ae:
22:bc:4f:47:2b:b6:87:62:95:97:67:14:6a:88:03:a2:03:15:
a7:bd:5b:96:0d:b6:b7:30:d4:04:25:21:99:df:fc:3d:e9:23:
8e:d3:bd:4b:3c:50:6e:b8:50:34:0b:1e:64:bf:71:ad:97:b0:
16:29:27:41:19:35:13:72:e0:5a:64:4a:c6:28:b8:31:7e:80:
36:65:22:41:8c:49:2d:23:5d:7b:a0:41:d2:ef:8c:4d:38:f3:
c1:39:61:7b:0d:6d:d4:e7:c5:ac:f8:d0:2e:e4:72:7f:d4:85:
9a:00:e1:da:6c:7e:d5:47:dc:96:dd:92:95:c2:bd:4d:c7:fe:
f8:74:0a:be:e0:81:b3:34:81:e6:fb:1c:b3:b1:db:6e:e6:30:
df:69:47:18:4a:14:f9:d0:67:1f:1c:d4:1b:10:c9:24:4c:f9:
cc:fc:ed:56:0f:67:01:a7:76:00:68:3f:7a:cf:65:6d:2f:d4:
31:29:0a:5b:56:91:83:b8:cb:e2:cc:12:bd:6c:a4:b4:9f:de:
14:48:61:2e:b0:e6:d7:1e:79:4d:11:13:93:c9:3f:9e:d9:c1:
69:2a:94:49:c1:44:93:07:c3:89:9f:40:fb:1b:92:1a:ca:c6:
28:ec:d5:be
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzDSOOPPokkGQvfB18zWzScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NzhiNDlmOWFlMjVmMWUxMjc1MzRiMTkxNTA0NGFjN2Qw
ZDllNzMwHhcNMjQwMTAxMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQ0N2UzNWI5MjIzYjcyMDZhZGI4OTJkMzkyZTJmYWFmNzQyM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAste1s1dEFpZbswNClfHCfXVfrupt
8VIMxSFgwoS+HxHS/wkoOeL0E0bn5Mqsl/D2ZZRXc9EjgTpTl1hDCD6YMdIXz/0t
82Eq/7dbN1dOkbmG7rErwsGUJLF2fZTJR+nR/V0AOAm41W9W3Vg+1Gb3Pguru9aK
fk8X66GXF7wszU4m5siPXPmbQ8/xRPakSu7K8nUy33faWs93FGfSMys0FcxlL7oo
iXwwbstAVJN9ZE3GcR1xeOvapfWiODlG7F2RdaENH1W5/p+ps6gTf8su0JfNYQHb
T5h54a5YTC0CvjRu6ZDSR38blpsPld9MD7zayNusoaqgLwJPOxqa+khJ9QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBTUfjW5IjtyBq24ktOS4vqvdCPwMB8GA1UdIwQY
MBaAFBZ4tJ+a4l8eEnU0sZFQRKx9DZ5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm5pMG41cmlYeDRTZFRTeGtWQkVySDBObm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wZjcxZjMtN2UxMy00NzEzLWIyMzIt
NzQ1NGExOWQzMmQxLzEvRk5SLU5ia2lPM0lHcmJpUzA1TGktcTkwSV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wZjcxZjMtN2UxMy00NzEzLWIyMzItNzQ1NGExOWQzMmQx
LzEvRm5pMG41cmlYeDRTZFRTeGtWQkVySDBObm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCk040AwQC
ud8oAwQCueJQAwQCufnsAwQCwSU0AwQCwSbwAwQCwhqwAwQCwjdQAwQCwl0kMA0G
CSqGSIb3DQEBCwUAA4IBAQApD5C4Oh+HkTvDFZLp4ABoCK4ivE9HK7aHYpWXZxRq
iAOiAxWnvVuWDba3MNQEJSGZ3/w96SOO071LPFBuuFA0Cx5kv3Gtl7AWKSdBGTUT
cuBaZErGKLgxfoA2ZSJBjEktI117oEHS74xNOPPBOWF7DW3U58Ws+NAu5HJ/1IWa
AOHabH7VR9yW3ZKVwr1Nx/74dAq+4IGzNIHm+xyzsdtu5jDfaUcYShT50GcfHNQb
EMkkTPnM/O1WD2cBp3YAaD96z2VtL9QxKQpbVpGDuMvizBK9bKS0n94USGEusObX
HnlNEROTyT+e2cFpKpRJwUSTB8OJn0D7G5IaysYo7NW+
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:51 2024 by rpki-client on console-fra.rpki-client.org