Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/FP-rXCts5kIQQap09b6IiioW5fQ.roa
File: FP-rXCts5kIQQap09b6IiioW5fQ.roa (raw, json)
Hash identifier: TR94tYi4VrkrabDIzI+w0gZsRdTTVOCcMiWpVuoMhnE=
Subject key identifier: 14:FF:AB:5C:2B:6C:E6:42:10:41:AA:74:F5:BE:88:8A:2A:16:E5:F4
Certificate issuer: /CN=eebe79d147882422ec275417dfd2affa93a02757
Certificate serial: 018F52E5669418B4CDE70ED95864EBD65C0E
Authority key identifier: EE:BE:79:D1:47:88:24:22:EC:27:54:17:DF:D2:AF:FA:93:A0:27:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7r550UeIJCLsJ1QX39Kv-pOgJ1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/FP-rXCts5kIQQap09b6IiioW5fQ.roa
Signing time: Tue 07 May 2024 11:51:56 +0000
ROA not before: Tue 07 May 2024 11:51:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34876
IP address blocks: 95.86.128.0/24 maxlen: 24
95.86.129.0/24 maxlen: 24
95.86.130.0/24 maxlen: 24
95.86.131.0/24 maxlen: 24
95.86.132.0/24 maxlen: 24
95.86.133.0/24 maxlen: 24
95.86.134.0/24 maxlen: 24
95.86.135.0/24 maxlen: 24
95.86.137.0/24 maxlen: 24
95.86.138.0/24 maxlen: 24
95.86.139.0/24 maxlen: 24
95.86.140.0/24 maxlen: 24
95.86.141.0/24 maxlen: 24
95.86.142.0/24 maxlen: 24
95.86.143.0/24 maxlen: 24
95.86.144.0/21 maxlen: 21
95.86.152.0/24 maxlen: 24
95.86.153.0/24 maxlen: 24
95.86.154.0/24 maxlen: 24
95.86.155.0/24 maxlen: 24
95.86.156.0/24 maxlen: 24
95.86.157.0/24 maxlen: 24
95.86.158.0/24 maxlen: 24
95.86.159.0/24 maxlen: 24
95.86.160.0/24 maxlen: 24
95.86.161.0/24 maxlen: 24
95.86.162.0/24 maxlen: 24
95.86.163.0/24 maxlen: 24
95.86.164.0/24 maxlen: 24
95.86.165.0/24 maxlen: 24
95.86.166.0/24 maxlen: 24
95.86.167.0/24 maxlen: 24
95.86.168.0/22 maxlen: 22
95.86.172.0/24 maxlen: 24
95.86.173.0/24 maxlen: 24
95.86.174.0/24 maxlen: 24
95.86.175.0/24 maxlen: 24
95.86.176.0/24 maxlen: 24
95.86.177.0/24 maxlen: 24
95.86.178.0/24 maxlen: 24
95.86.179.0/24 maxlen: 24
95.86.180.0/24 maxlen: 24
95.86.181.0/24 maxlen: 24
95.86.182.0/24 maxlen: 24
95.86.183.0/24 maxlen: 24
95.86.184.0/22 maxlen: 22
95.86.188.0/24 maxlen: 24
95.86.189.0/24 maxlen: 24
95.86.190.0/24 maxlen: 24
95.86.191.0/24 maxlen: 24
193.8.62.0/23 maxlen: 23
193.8.62.0/24 maxlen: 24
193.8.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/7r550UeIJCLsJ1QX39Kv-pOgJ1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/7r550UeIJCLsJ1QX39Kv-pOgJ1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/7r550UeIJCLsJ1QX39Kv-pOgJ1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:52:e5:66:94:18:b4:cd:e7:0e:d9:58:64:eb:d6:5c:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebe79d147882422ec275417dfd2affa93a02757
Validity
Not Before: May 7 11:51:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14ffab5c2b6ce6421041aa74f5be888a2a16e5f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:59:61:9a:d3:36:13:f3:4f:e9:56:29:1e:30:
96:5c:9b:09:66:23:9c:09:b8:eb:de:be:d5:16:51:
02:30:40:2c:1b:c8:63:23:f2:81:ea:70:60:83:e6:
c9:a7:07:a9:5f:5d:7f:fd:34:70:1b:4a:04:6b:81:
b0:df:bc:23:a2:3f:9b:bd:d9:7a:9a:2d:a0:47:fe:
3d:9d:49:f9:f1:14:c7:6a:19:e9:af:74:78:09:06:
7f:1c:09:69:02:15:2d:6c:dc:0f:7f:5d:44:19:2a:
5f:60:c3:ea:07:e3:91:ca:14:38:59:a1:a9:6e:98:
a4:76:4c:ae:06:81:b2:5c:f5:c6:a6:54:f8:25:44:
a9:0e:f2:b5:09:ce:3d:5a:e5:34:e9:13:42:53:29:
1a:c4:18:f9:69:64:e3:fb:d2:28:f5:90:fd:a6:20:
df:64:a0:0a:b2:2c:16:48:20:7a:df:72:a1:25:2d:
db:7d:0a:1a:99:88:82:d8:4c:c9:cd:6c:61:fb:4b:
1a:79:e9:66:a2:25:75:97:05:b9:dd:d5:07:ea:a9:
8e:ed:a4:9e:d2:f0:61:f4:0e:65:28:4a:4f:a1:2c:
ce:ac:3e:d5:22:52:18:0c:7f:f6:91:16:97:99:07:
b5:a9:e2:31:f6:06:90:20:49:b2:81:2e:a5:85:d9:
ce:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:FF:AB:5C:2B:6C:E6:42:10:41:AA:74:F5:BE:88:8A:2A:16:E5:F4
X509v3 Authority Key Identifier:
keyid:EE:BE:79:D1:47:88:24:22:EC:27:54:17:DF:D2:AF:FA:93:A0:27:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7r550UeIJCLsJ1QX39Kv-pOgJ1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/FP-rXCts5kIQQap09b6IiioW5fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/c44b7f-5bcd-4ee7-8712-38823c1449af/1/7r550UeIJCLsJ1QX39Kv-pOgJ1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.86.128.0/21
95.86.137.0-95.86.191.255
193.8.62.0/23
Signature Algorithm: sha256WithRSAEncryption
74:fa:d8:54:c0:a8:5a:fd:87:bd:41:2b:d0:7d:94:a6:04:01:
4d:54:3b:bb:4d:02:89:b0:55:ff:4d:bf:f6:bb:6e:db:62:84:
82:56:cc:80:65:c9:39:e4:df:12:bb:fc:95:a5:4c:fb:8c:78:
42:99:86:c5:ba:65:46:eb:a2:24:fb:63:01:22:4b:a0:4f:12:
b2:b6:ea:04:39:1c:0c:a1:e0:12:a5:91:51:e3:84:46:e8:b2:
f4:85:7a:55:97:e9:a2:01:db:c7:ed:57:bf:aa:56:69:6a:7a:
09:6a:44:24:ab:58:5c:79:bc:be:3b:d5:4b:ba:4f:3e:6d:d2:
1b:89:9a:f1:b0:e0:c3:d7:8b:23:44:30:e9:b5:17:a1:52:89:
a2:e0:f5:57:a1:e5:06:cd:71:18:3b:fc:1d:fe:71:51:6c:a9:
4f:49:80:cc:8a:26:55:9b:c8:d7:f6:a8:14:2e:f1:1b:7a:33:
9e:d0:cf:5c:89:36:aa:9c:03:0e:66:75:3c:6e:d8:db:74:ee:
b3:ce:c8:e7:16:29:42:14:27:b6:ca:f3:70:92:ee:66:3f:ff:
32:9a:6d:da:b2:d4:23:f6:53:cb:49:d5:20:dc:12:82:98:2d:
59:81:db:cf:60:ae:86:a5:9a:98:81:7f:e2:b9:bf:d4:63:0d:
86:0b:24:ab
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY9S5WaUGLTN5w7ZWGTr1lwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmU3OWQxNDc4ODI0MjJlYzI3NTQxN2RmZDJhZmZhOTNh
MDI3NTcwHhcNMjQwNTA3MTE1MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGZmYWI1YzJiNmNlNjQyMTA0MWFhNzRmNWJlODg4YTJhMTZlNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxllhmtM2E/NP6VYpHjCWXJsJZiOc
Cbjr3r7VFlECMEAsG8hjI/KB6nBgg+bJpwepX11//TRwG0oEa4Gw37wjoj+bvdl6
mi2gR/49nUn58RTHahnpr3R4CQZ/HAlpAhUtbNwPf11EGSpfYMPqB+ORyhQ4WaGp
bpikdkyuBoGyXPXGplT4JUSpDvK1Cc49WuU06RNCUykaxBj5aWTj+9Io9ZD9piDf
ZKAKsiwWSCB633KhJS3bfQoamYiC2EzJzWxh+0saeelmoiV1lwW53dUH6qmO7aSe
0vBh9A5lKEpPoSzOrD7VIlIYDH/2kRaXmQe1qeIx9gaQIEmygS6lhdnOXQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBT/q1wrbOZCEEGqdPW+iIoqFuX0MB8GA1UdIwQY
MBaAFO6+edFHiCQi7CdUF9/Sr/qToCdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3I1NTBVZUlKQ0xzSjFRWDM5S3YtcE9nSjFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9jNDRiN2YtNWJjZC00ZWU3LTg3MTIt
Mzg4MjNjMTQ0OWFmLzEvRlAtclhDdHM1a0lRUWFwMDliNklpaW9XNWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9jNDRiN2YtNWJjZC00ZWU3LTg3MTItMzg4MjNjMTQ0OWFm
LzEvN3I1NTBVZUlKQ0xzSjFRWDM5S3YtcE9nSjFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDX1aAMAwD
BABfVokDBAZfVoADBAHBCD4wDQYJKoZIhvcNAQELBQADggEBAHT62FTAqFr9h71B
K9B9lKYEAU1UO7tNAomwVf9Nv/a7bttihIJWzIBlyTnk3xK7/JWlTPuMeEKZhsW6
ZUbroiT7YwEiS6BPErK26gQ5HAyh4BKlkVHjhEbosvSFelWX6aIB28ftV7+qVmlq
eglqRCSrWFx5vL471Uu6Tz5t0huJmvGw4MPXiyNEMOm1F6FSiaLg9Veh5QbNcRg7
/B3+cVFsqU9JgMyKJlWbyNf2qBQu8Rt6M57Qz1yJNqqcAw5mdTxu2Nt07rPOyOcW
KUIUJ7bK83CS7mY//zKabdqy1CP2U8tJ1SDcEoKYLVmB289groalmpiBf+K5v9Rj
DYYLJKs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:04:47 2024 by rpki-client on console-fra.rpki-client.org