Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/ifGG_QLeIRSTklFn12GeN6QX8zM.roa
File: ifGG_QLeIRSTklFn12GeN6QX8zM.roa (raw, json)
Hash identifier: IsT/fjhFqX6M446oO3ckjUumf+0TsLGHVCGSBjDuHTc=
Subject key identifier: 89:F1:86:FD:02:DE:21:14:93:92:51:67:D7:61:9E:37:A4:17:F3:33
Certificate issuer: /CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Certificate serial: 018CC6B941D9D330DEE6B466B51C8929B25A
Authority key identifier: 06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/ifGG_QLeIRSTklFn12GeN6QX8zM.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51395
IP address blocks: 185.85.108.0/22 maxlen: 22
185.32.220.0/22 maxlen: 22
185.32.221.0/24 maxlen: 24
185.32.223.0/24 maxlen: 24
185.189.148.0/22 maxlen: 22
185.189.149.128/25 maxlen: 25
185.189.151.0/24 maxlen: 24
185.195.68.0/23 maxlen: 23
185.195.68.0/24 maxlen: 24
185.195.69.0/24 maxlen: 24
195.225.117.0/24 maxlen: 24
195.225.118.0/23 maxlen: 23
176.10.96.0/19 maxlen: 24
176.10.97.0/25 maxlen: 25
176.10.111.0/24 maxlen: 24
176.10.118.128/25 maxlen: 25
176.10.125.0/25 maxlen: 25
176.10.124.128/26 maxlen: 26
176.10.119.0/24 maxlen: 24
91.192.102.0/24 maxlen: 24
91.192.100.0/22 maxlen: 22
91.201.56.0/22 maxlen: 22
176.10.104.240/32 maxlen: 32
2a0b:ee80::/29 maxlen: 29
2a0a:5dc0::/29 maxlen: 29
2a00:bd80:a176:10::/64 maxlen: 64
2a00:bd80::/32 maxlen: 32
2a0b:ee80:0:2::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/Btocaxpl96PZf5vXXnysMTUkb6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/Btocaxpl96PZf5vXXnysMTUkb6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:41:d9:d3:30:de:e6:b4:66:b5:1c:89:29:b2:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89f186fd02de211493925167d7619e37a417f333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f4:97:27:a1:bc:77:61:b1:1d:12:fa:a9:35:
19:85:29:c0:06:11:e7:a6:ab:9f:a3:51:3c:34:85:
1b:fa:14:14:d1:33:aa:ab:ab:3d:9f:7a:ab:33:ec:
b6:1c:c7:49:a4:08:fd:cb:44:9e:6f:b6:79:00:db:
4d:d8:ec:56:63:d8:10:c9:05:7d:58:13:84:56:20:
7b:97:ad:ca:96:2f:f1:ee:a8:fd:ec:04:c1:d8:a9:
c3:ea:19:4e:3b:dc:73:c4:8d:41:23:a0:f0:0b:22:
88:08:18:d8:70:8e:df:7f:4a:f0:21:08:7d:f7:da:
b5:25:f2:27:9d:e4:2c:32:d2:27:b5:02:ce:15:65:
8c:33:42:d6:00:e1:d0:ee:b4:57:8c:1c:ff:50:dd:
ee:0f:b3:9b:6a:89:3a:8b:9e:bb:03:09:7b:eb:ab:
a1:4e:a6:d8:e7:3a:ba:4e:81:1c:16:34:e1:c7:88:
e9:ba:47:41:67:ca:63:c4:a0:dd:7c:53:14:97:02:
5a:fe:61:57:ea:9a:40:9e:1b:a6:e7:d8:36:f2:8a:
cd:76:d5:ca:f8:87:2c:88:c2:09:d8:ba:f3:ee:5c:
89:3b:8e:60:c1:a6:43:12:33:e5:21:2b:72:74:9d:
59:62:d9:a0:bc:63:e5:bc:e0:f9:6d:ec:6c:93:5c:
b5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F1:86:FD:02:DE:21:14:93:92:51:67:D7:61:9E:37:A4:17:F3:33
X509v3 Authority Key Identifier:
keyid:06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/ifGG_QLeIRSTklFn12GeN6QX8zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/Btocaxpl96PZf5vXXnysMTUkb6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.100.0/22
91.201.56.0/22
176.10.96.0/19
185.32.220.0/22
185.85.108.0/22
185.189.148.0/22
185.195.68.0/23
195.225.117.0-195.225.119.255
IPv6:
2a00:bd80::/32
2a0a:5dc0::/29
2a0b:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
58:fe:53:b7:76:08:e9:81:ef:43:85:10:ca:9a:c8:90:b6:32:
fb:c0:b4:23:20:06:6f:19:7d:42:fb:69:d7:10:01:e4:39:cb:
74:67:c2:91:52:53:bf:f0:44:13:ce:ca:bc:cc:27:2d:ff:50:
71:5b:1d:9c:51:35:41:c5:7a:86:66:df:f3:54:4f:91:c1:5b:
32:46:1c:2d:2c:2d:30:e3:13:ed:79:ea:27:17:ad:d2:0b:9b:
12:9e:cd:1b:48:5b:36:d8:ab:05:ae:a2:5a:8d:c7:58:be:3b:
42:92:aa:04:7d:07:b5:1f:ec:22:51:4c:a8:80:5e:68:e6:00:
b1:2c:c1:1c:fe:b0:a6:10:0b:7d:c5:ee:a7:fe:43:05:f3:09:
ac:5f:e8:a8:36:52:d3:2d:14:0f:4b:be:58:df:21:2a:b9:6c:
a7:4b:0d:ac:21:74:13:42:f8:7a:e0:a5:f8:64:af:7d:2c:f4:
54:29:a7:e3:f2:0e:af:04:20:59:f9:31:89:06:52:64:c6:02:
68:6e:e0:56:69:61:c4:b4:b2:b7:a7:b7:d6:4d:d9:75:21:5b:
5c:a7:fb:b2:0c:b2:d8:2e:82:97:57:94:41:eb:44:1d:08:9a:
53:3e:2b:e7:8f:be:1b:bb:71:23:d7:95:e7:6f:46:6a:be:e9:
de:09:0c:78
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYzGuUHZ0zDe5rRmtRyJKbJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZGExYzZiMWE2NWY3YTNkOTdmOWJkNzVlN2NhYzMxMzUy
NDZmYTUwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWYxODZmZDAyZGUyMTE0OTM5MjUxNjdkNzYxOWUzN2E0MTdmMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvSXJ6G8d2GxHRL6qTUZhSnABhHn
pqufo1E8NIUb+hQU0TOqq6s9n3qrM+y2HMdJpAj9y0Seb7Z5ANtN2OxWY9gQyQV9
WBOEViB7l63Kli/x7qj97ATB2KnD6hlOO9xzxI1BI6DwCyKICBjYcI7ff0rwIQh9
99q1JfInneQsMtIntQLOFWWMM0LWAOHQ7rRXjBz/UN3uD7Obaok6i567Awl766uh
TqbY5zq6ToEcFjThx4jpukdBZ8pjxKDdfFMUlwJa/mFX6ppAnhum59g28orNdtXK
+IcsiMIJ2Lrz7lyJO45gwaZDEjPlIStydJ1ZYtmgvGPlvOD5bexsk1y1rwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFInxhv0C3iEUk5JRZ9dhnjekF/MzMB8GA1UdIwQY
MBaAFAbaHGsaZfej2X+b1158rDE1JG+lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnRvY2F4cGw5NlBaZjV2WFhueXNNVFVrYjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82MmEzYjEtMTE3ZC00YjE3LTk2NjIt
NDVlYjczOGNiOWM4LzEvaWZHR19RTGVJUlNUa2xGbjEyR2VONlFYOHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82MmEzYjEtMTE3ZC00YjE3LTk2NjItNDVlYjczOGNiOWM4
LzEvQnRvY2F4cGw5NlBaZjV2WFhueXNNVFVrYjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA+BAIAATA4AwQCW8BkAwQC
W8k4AwQFsApgAwQCuSDcAwQCuVVsAwQCub2UAwQBucNEMAwDBADD4XUDBAPD4XAw
GwQCAAIwFQMFACoAvYADBQMqCl3AAwUDKgvugDANBgkqhkiG9w0BAQsFAAOCAQEA
WP5Tt3YI6YHvQ4UQyprIkLYy+8C0IyAGbxl9Qvtp1xAB5DnLdGfCkVJTv/BEE87K
vMwnLf9QcVsdnFE1QcV6hmbf81RPkcFbMkYcLSwtMOMT7XnqJxet0gubEp7NG0hb
NtirBa6iWo3HWL47QpKqBH0HtR/sIlFMqIBeaOYAsSzBHP6wphALfcXup/5DBfMJ
rF/oqDZS0y0UD0u+WN8hKrlsp0sNrCF0E0L4euCl+GSvfSz0VCmn4/IOrwQgWfkx
iQZSZMYCaG7gVmlhxLSyt6e31k3ZdSFbXKf7sgyy2C6Cl1eUQetEHQiaUz4r54++
G7txI9eV529Gar7p3gkMeA==
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:26:41 2024 by rpki-client on console-ams.rpki-client.org