Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/FW91WM2LEaMwGbOZxB7BjiSaFSg.roa
File: FW91WM2LEaMwGbOZxB7BjiSaFSg.roa (raw, json)
Hash identifier: VOl4VT6JARkw6I1jcBO8zzo4Pt/UeP7yiOi1zsvt3SQ=
Subject key identifier: 15:6F:75:58:CD:8B:11:A3:30:19:B3:99:C4:1E:C1:8E:24:9A:15:28
Certificate issuer: /CN=54296d23def4c8521c647dc68acb3c123f611d89
Certificate serial: 018CC6B791080BA85914C74089CDEBDD9897
Authority key identifier: 54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/FW91WM2LEaMwGbOZxB7BjiSaFSg.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8953
IP address blocks: 86.106.83.0/24 maxlen: 24
37.156.224.0/24 maxlen: 24
128.127.112.0/20 maxlen: 24
89.37.97.0/24 maxlen: 24
93.113.56.0/24 maxlen: 24
93.122.128.0/17 maxlen: 24
89.42.27.0/24 maxlen: 24
37.251.208.0/20 maxlen: 24
109.166.212.0/24 maxlen: 24
92.114.82.0/24 maxlen: 24
185.53.196.0/22 maxlen: 24
92.114.38.0/24 maxlen: 24
62.217.192.0/18 maxlen: 24
89.39.71.0/24 maxlen: 24
89.39.81.0/24 maxlen: 24
93.115.244.0/23 maxlen: 24
109.166.128.0/17 maxlen: 24
2a02:a58::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:91:08:0b:a8:59:14:c7:40:89:cd:eb:dd:98:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54296d23def4c8521c647dc68acb3c123f611d89
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=156f7558cd8b11a33019b399c41ec18e249a1528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9c:d2:74:dc:e1:32:99:81:41:f0:1b:52:42:
b5:f6:d4:a1:c6:10:ba:da:cb:35:42:fa:25:3e:e9:
6e:b9:be:f6:b7:d1:c6:49:28:26:66:7b:24:15:6e:
51:cd:24:b2:e7:6a:eb:20:a2:5a:d6:08:7c:eb:ec:
70:fe:ee:b7:6d:e2:ce:b9:85:4e:e6:17:62:8a:8d:
c2:95:83:40:06:18:9f:9b:0e:55:23:50:29:13:85:
90:70:c1:6e:a1:e2:9b:13:cc:6a:f3:97:ae:d2:e8:
d6:57:9b:7d:0d:fd:a0:70:73:9e:a6:c3:79:56:6e:
dd:17:44:43:70:df:2a:31:72:cf:2c:b1:23:d6:66:
4d:70:1e:41:ea:07:ec:b3:01:9f:64:42:ab:79:1e:
35:44:90:0b:e1:1c:13:a1:e0:0a:d1:f3:a4:c3:15:
08:25:7b:fa:e3:aa:0f:83:a5:d6:2a:3f:55:39:85:
17:a3:c7:4e:7a:25:e3:10:87:22:ef:8b:76:ec:22:
07:fd:54:3a:75:5b:55:3b:f8:85:8d:04:e2:58:60:
42:22:dd:89:29:59:85:33:57:00:4b:f4:06:f9:cf:
01:84:4d:6d:1e:3f:f1:e6:a8:9b:39:26:c1:51:14:
cb:ea:8a:20:88:12:78:6f:af:c1:a5:e2:10:da:a8:
8d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:6F:75:58:CD:8B:11:A3:30:19:B3:99:C4:1E:C1:8E:24:9A:15:28
X509v3 Authority Key Identifier:
keyid:54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/FW91WM2LEaMwGbOZxB7BjiSaFSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.224.0/24
37.251.208.0/20
62.217.192.0/18
86.106.83.0/24
89.37.97.0/24
89.39.71.0/24
89.39.81.0/24
89.42.27.0/24
92.114.38.0/24
92.114.82.0/24
93.113.56.0/24
93.115.244.0/23
93.122.128.0/17
109.166.128.0/17
128.127.112.0/20
185.53.196.0/22
IPv6:
2a02:a58::/32
Signature Algorithm: sha256WithRSAEncryption
4e:f2:39:a7:c4:af:89:c7:22:43:d8:b3:a8:86:01:25:84:1f:
74:38:a1:05:4c:52:a0:99:c9:92:18:b1:97:0c:54:38:7a:52:
ac:ca:38:f5:65:40:af:5a:e0:11:ed:a9:43:77:5d:78:37:c0:
f7:e8:92:63:7f:09:9c:c8:85:a7:14:3f:e2:45:03:45:a4:70:
df:76:f0:59:ae:1a:f7:ab:50:b1:ce:3e:db:55:5a:7e:df:fb:
53:9f:c9:0f:82:ec:9e:a7:2c:71:33:6c:a6:fb:4d:59:7a:a6:
16:1c:96:66:09:1f:43:0d:ff:43:c7:99:a3:ab:47:be:5a:73:
93:5b:d2:26:cf:7b:57:f7:11:a2:f3:be:98:d0:03:b4:6d:dd:
e3:4d:07:d5:de:4c:17:9b:75:99:09:fb:c5:e7:98:43:95:9c:
34:50:b9:a8:ce:a4:d9:db:69:53:77:e0:c9:83:b9:da:c6:26:
a2:a7:01:ed:fd:8e:8e:4d:4e:5f:c7:65:59:10:73:09:e5:57:
52:cc:25:a4:b9:c5:c9:24:b7:e4:e0:78:8c:5a:60:e9:46:3f:
fe:cd:c8:dc:de:f7:a5:98:0a:3a:4a:3e:f1:ae:66:f7:ae:ed:
09:c7:47:e4:c1:ae:6e:19:99:5a:d0:a0:df:81:b6:cb:b1:cb:
97:0f:79:38
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYzGt5EIC6hZFMdAic3r3ZiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Mjk2ZDIzZGVmNGM4NTIxYzY0N2RjNjhhY2IzYzEyM2Y2
MTFkODkwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTZmNzU1OGNkOGIxMWEzMzAxOWIzOTljNDFlYzE4ZTI0OWExNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopzSdNzhMpmBQfAbUkK19tShxhC6
2ss1QvolPuluub72t9HGSSgmZnskFW5RzSSy52rrIKJa1gh86+xw/u63beLOuYVO
5hdiio3ClYNABhifmw5VI1ApE4WQcMFuoeKbE8xq85eu0ujWV5t9Df2gcHOepsN5
Vm7dF0RDcN8qMXLPLLEj1mZNcB5B6gfsswGfZEKreR41RJAL4RwToeAK0fOkwxUI
JXv646oPg6XWKj9VOYUXo8dOeiXjEIci74t27CIH/VQ6dVtVO/iFjQTiWGBCIt2J
KVmFM1cAS/QG+c8BhE1tHj/x5qibOSbBURTL6oogiBJ4b6/BpeIQ2qiN6QIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFBVvdVjNixGjMBmzmcQewY4kmhUoMB8GA1UdIwQY
MBaAFFQpbSPe9MhSHGR9xorLPBI/YR2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUt
OTQyNDgyZjhkMmVhLzEvRlc5MVdNMkxFYU13R2JPWnhCN0JqaVNhRlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUtOTQyNDgyZjhkMmVh
LzEvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEACWc4AME
BCX70AMEBj7ZwAMEAFZqUwMEAFklYQMEAFknRwMEAFknUQMEAFkqGwMEAFxyJgME
AFxyUgMEAF1xOAMEAV1z9AMEB116gAMEB22mgAMEBIB/cAMEArk1xDANBAIAAjAH
AwUAKgIKWDANBgkqhkiG9w0BAQsFAAOCAQEATvI5p8SvicciQ9izqIYBJYQfdDih
BUxSoJnJkhixlwxUOHpSrMo49WVAr1rgEe2pQ3ddeDfA9+iSY38JnMiFpxQ/4kUD
RaRw33bwWa4a96tQsc4+21Vaft/7U5/JD4LsnqcscTNspvtNWXqmFhyWZgkfQw3/
Q8eZo6tHvlpzk1vSJs97V/cRovO+mNADtG3d400H1d5MF5t1mQn7xeeYQ5WcNFC5
qM6k2dtpU3fgyYO52sYmoqcB7f2Ojk1OX8dlWRBzCeVXUswlpLnFySS35OB4jFpg
6UY//s3I3N73pZgKOko+8a5m967tCcdH5MGubhmZWtCg34G2y7HLlw95OA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:23:11 2024 by rpki-client on console-fra.rpki-client.org