Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/fuXP5Dbr0DLk589B24YbqCyvMJk.roa
File: fuXP5Dbr0DLk589B24YbqCyvMJk.roa (raw, json)
Hash identifier: H5sNreqrhUbS9iJfdMIfXSfnZDJqeZYRW5/Qh46aEE0=
Subject key identifier: 7E:E5:CF:E4:36:EB:D0:32:E4:E7:CF:41:DB:86:1B:A8:2C:AF:30:99
Certificate issuer: /CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Certificate serial: 018CC5DBF7751DA9BCE8BD752D4973E3CCCF
Authority key identifier: DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/fuXP5Dbr0DLk589B24YbqCyvMJk.roa
Signing time: Mon 01 Jan 2024 16:29:36 +0000
ROA not before: Mon 01 Jan 2024 16:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21183
IP address blocks: 217.73.132.0/24 maxlen: 24
217.73.131.0/24 maxlen: 24
217.73.130.0/24 maxlen: 24
217.73.128.0/20 maxlen: 20
217.73.129.0/24 maxlen: 24
217.73.128.0/24 maxlen: 24
217.73.136.0/24 maxlen: 24
217.73.135.0/24 maxlen: 24
217.73.133.0/24 maxlen: 24
217.73.139.0/24 maxlen: 24
217.73.138.0/24 maxlen: 24
217.73.137.0/24 maxlen: 24
217.73.143.0/24 maxlen: 24
217.73.142.0/24 maxlen: 24
217.73.141.0/24 maxlen: 24
141.98.140.0/22 maxlen: 24
66.186.198.0/23 maxlen: 24
109.69.2.0/24 maxlen: 24
109.69.1.0/24 maxlen: 24
109.69.0.0/24 maxlen: 24
109.69.0.0/21 maxlen: 21
109.69.4.0/23 maxlen: 23
109.69.3.0/24 maxlen: 24
109.69.6.0/24 maxlen: 24
109.69.5.0/24 maxlen: 24
109.69.7.0/24 maxlen: 24
91.132.172.0/22 maxlen: 22
185.62.174.0/23 maxlen: 23
185.200.212.0/22 maxlen: 22
80.78.64.0/20 maxlen: 20
2a04:eb40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.mft
rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f7:75:1d:a9:bc:e8:bd:75:2d:49:73:e3:cc:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Validity
Not Before: Jan 1 16:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ee5cfe436ebd032e4e7cf41db861ba82caf3099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:45:35:cb:7f:7a:9a:cd:ad:36:41:11:43:a6:
81:22:45:4f:66:40:9c:37:75:e4:5a:77:c9:8e:7e:
d9:f1:e4:87:37:95:0a:8f:68:a1:b8:49:60:da:21:
2e:d6:b6:9a:bd:58:85:85:be:08:9d:28:b9:2f:04:
ea:d3:14:a8:98:e3:d8:e8:7b:71:b2:0a:05:d5:5e:
ed:b1:c2:aa:43:ab:db:86:51:21:32:70:03:25:7a:
ec:90:4a:cc:f1:c6:a0:b1:e9:b1:ba:fa:e2:6a:e3:
7f:5d:6c:bb:9b:bf:ee:1f:ca:36:7a:22:bc:d8:d5:
36:56:11:50:1f:68:54:46:eb:f6:06:40:79:3d:8b:
d3:d5:6f:1b:a3:54:ba:4e:22:2a:fd:a0:4c:55:53:
ee:f5:45:51:d0:69:07:80:46:3d:0a:0b:e3:b2:17:
39:77:d3:19:e2:90:0a:12:51:57:1d:48:b0:dc:99:
52:da:f0:70:d3:64:a5:d4:c0:ee:1c:b4:b8:43:21:
fb:bd:bd:86:a0:bd:d5:17:7d:1f:46:43:3e:7e:f2:
56:83:a6:33:6b:dd:37:d7:ad:15:cf:bd:5f:94:8f:
7e:31:7f:63:6b:0a:fb:d6:1a:1f:26:e0:57:2e:d1:
f7:30:98:39:c7:a3:2c:fe:e5:b0:87:59:99:29:54:
aa:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E5:CF:E4:36:EB:D0:32:E4:E7:CF:41:DB:86:1B:A8:2C:AF:30:99
X509v3 Authority Key Identifier:
keyid:DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/fuXP5Dbr0DLk589B24YbqCyvMJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.186.198.0/23
80.78.64.0/20
91.132.172.0/22
109.69.0.0/21
141.98.140.0/22
185.62.174.0/23
185.200.212.0/22
217.73.128.0/20
IPv6:
2a04:eb40::/29
Signature Algorithm: sha256WithRSAEncryption
4c:9f:ab:37:a7:43:d8:2a:73:27:e4:9b:ab:9c:8c:00:3c:c4:
c9:f4:f6:dc:11:97:29:28:fb:61:29:ad:a0:9f:7e:a1:46:f3:
18:1a:53:32:cb:1e:38:3f:36:ed:c1:90:bd:ca:89:62:31:a8:
cd:07:a9:7f:6a:4b:ff:46:6d:80:2d:b4:e9:f6:2d:83:04:fb:
20:19:c1:8d:7f:36:5a:7e:eb:23:cf:4d:0c:6f:af:23:8f:e6:
e1:73:ad:85:1a:4c:fd:0a:1d:35:3a:17:1f:e3:36:56:d8:58:
d6:f8:ae:ce:ed:ee:6b:e7:03:58:9e:4e:aa:0e:30:55:a8:3f:
a8:43:2c:c9:fa:33:39:01:21:36:41:a1:88:7d:31:5b:df:40:
03:17:13:98:49:1d:34:78:c5:00:df:b4:6f:d5:be:54:e5:12:
02:2e:e2:9a:f4:e1:4b:4a:7d:84:93:c9:a0:aa:d5:66:eb:19:
15:bd:a9:9a:97:d4:a5:36:e7:87:5f:ad:29:a6:9e:91:bc:78:
76:7b:48:85:1e:1b:47:a2:83:1f:c5:4f:4b:78:ca:b2:67:5a:
20:c8:81:84:14:41:f6:c1:27:09:31:c5:69:b4:a0:3a:6c:e8:
71:23:1f:8d:31:1e:9c:7a:7c:c0:a9:6e:e6:8d:65:80:a6:74:
fb:3b:d9:05
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzF2/d1Ham86L11LUlz48zPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODg3N2YzYzU1YjUyOGUxYTI5ZGIzZDc5OTIwNjU2ZjBj
NjZhZWIwHhcNMjQwMTAxMTYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWU1Y2ZlNDM2ZWJkMDMyZTRlN2NmNDFkYjg2MWJhODJjYWYzMDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0U1y396ms2tNkERQ6aBIkVPZkCc
N3XkWnfJjn7Z8eSHN5UKj2ihuElg2iEu1raavViFhb4InSi5LwTq0xSomOPY6Htx
sgoF1V7tscKqQ6vbhlEhMnADJXrskErM8cagsemxuvriauN/XWy7m7/uH8o2eiK8
2NU2VhFQH2hURuv2BkB5PYvT1W8bo1S6TiIq/aBMVVPu9UVR0GkHgEY9Cgvjshc5
d9MZ4pAKElFXHUiw3JlS2vBw02Sl1MDuHLS4QyH7vb2GoL3VF30fRkM+fvJWg6Yz
a903160Vz71flI9+MX9jawr71hofJuBXLtH3MJg5x6Ms/uWwh1mZKVSqWQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFH7lz+Q269Ay5OfPQduGG6gsrzCZMB8GA1UdIwQY
MBaAFN+Id/PFW1KOGinbPXmSBlbwxmrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODkt
MjU0NTVhOGRkZDQ1LzEvZnVYUDVEYnIwRExrNTg5QjI0WWJxQ3l2TUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODktMjU0NTVhOGRkZDQ1
LzEvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBQrrGAwQE
UE5AAwQCW4SsAwQDbUUAAwQCjWKMAwQBuT6uAwQCucjUAwQE2UmAMA0EAgACMAcD
BQMqBOtAMA0GCSqGSIb3DQEBCwUAA4IBAQBMn6s3p0PYKnMn5JurnIwAPMTJ9Pbc
EZcpKPthKa2gn36hRvMYGlMyyx44PzbtwZC9yoliMajNB6l/akv/Rm2ALbTp9i2D
BPsgGcGNfzZafusjz00Mb68jj+bhc62FGkz9Ch01Ohcf4zZW2FjW+K7O7e5r5wNY
nk6qDjBVqD+oQyzJ+jM5ASE2QaGIfTFb30ADFxOYSR00eMUA37Rv1b5U5RICLuKa
9OFLSn2Ek8mgqtVm6xkVvamal9SlNueHX60ppp6RvHh2e0iFHhtHooMfxU9LeMqy
Z1ogyIGEFEH2wScJMcVptKA6bOhxIx+NMR6cenzAqW7mjWWApnT7O9kF
-----END CERTIFICATE-----
Generated at Sat Nov 23 08:46:57 2024 by rpki-client on console-fra.rpki-client.org