Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/kOzpOonGjkveqUnNUqL4TueZqpY.roa
File: kOzpOonGjkveqUnNUqL4TueZqpY.roa (raw, json)
Hash identifier: 9Wp6kShGrRZmAlqGQqljT69RR4PF0UonPhGcA/FH9kg=
Subject key identifier: 90:EC:E9:3A:89:C6:8E:4B:DE:A9:49:CD:52:A2:F8:4E:E7:99:AA:96
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018DD09343438E05D100822A89D71D6D7D9B
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/kOzpOonGjkveqUnNUqL4TueZqpY.roa
Signing time: Thu 22 Feb 2024 11:28:48 +0000
ROA not before: Thu 22 Feb 2024 11:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 80.96.44.0/23 maxlen: 24
80.96.54.0/23 maxlen: 24
80.96.102.0/23 maxlen: 24
80.96.156.0/22 maxlen: 24
80.97.40.0/21 maxlen: 24
80.97.96.0/23 maxlen: 24
81.180.98.0/23 maxlen: 24
81.180.174.0/23 maxlen: 24
81.180.228.0/23 maxlen: 24
81.180.254.0/23 maxlen: 24
81.181.14.0/23 maxlen: 24
81.181.26.0/23 maxlen: 24
81.181.68.0/23 maxlen: 24
81.181.72.0/23 maxlen: 24
81.181.104.0/21 maxlen: 24
85.120.84.0/23 maxlen: 24
85.120.224.0/21 maxlen: 24
85.121.48.0/21 maxlen: 24
85.121.168.0/22 maxlen: 24
85.121.208.0/21 maxlen: 24
85.121.232.0/21 maxlen: 24
85.122.120.0/22 maxlen: 22
85.122.124.0/22 maxlen: 24
193.226.76.0/22 maxlen: 24
194.102.36.0/22 maxlen: 24
194.102.148.0/23 maxlen: 24
194.102.160.0/23 maxlen: 24
194.102.174.0/23 maxlen: 24
194.102.180.0/22 maxlen: 24
194.102.224.0/22 maxlen: 24
194.105.12.0/22 maxlen: 24
194.153.225.0/24 maxlen: 24
194.153.230.0/23 maxlen: 24
194.153.244.0/23 maxlen: 24
217.156.16.0/23 maxlen: 24
217.156.26.0/24 maxlen: 24
217.156.48.0/22 maxlen: 24
217.156.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 10:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:93:43:43:8e:05:d1:00:82:2a:89:d7:1d:6d:7d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Feb 22 11:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90ece93a89c68e4bdea949cd52a2f84ee799aa96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:87:79:c8:0a:2a:3e:73:3b:b9:7f:82:49:8e:
0f:07:e6:85:72:ec:f4:71:95:13:f2:2e:6b:20:c2:
0d:9e:b9:3d:bc:f6:e1:3d:11:f0:c8:b8:2e:51:6d:
61:b1:69:94:73:7a:52:32:47:91:a4:2d:69:b0:05:
5c:ba:e6:ca:6c:71:eb:4f:1f:56:c3:af:5f:3e:a2:
f0:e6:a4:20:c7:97:70:71:c2:69:8f:5f:5e:06:32:
2f:59:78:c0:cd:42:24:1c:09:9c:64:80:e6:9b:a8:
e2:d3:4f:49:7b:ef:ae:8a:e7:8d:a4:30:20:4f:16:
7b:34:a4:e8:d6:e7:2b:89:fd:84:87:97:c6:74:d4:
2c:77:a5:5f:21:17:0f:7d:10:6a:38:6e:3b:22:50:
f4:5b:0a:e1:7f:d4:cc:19:15:5c:72:23:4f:33:81:
7b:ff:c1:71:bc:2c:20:dc:cd:fd:62:08:71:3c:bb:
8c:bb:85:be:4e:64:70:e0:24:c7:4d:55:5a:98:fa:
44:c0:19:9d:99:8e:c7:26:1b:c2:f9:19:fa:e1:64:
52:80:b4:c3:43:3f:8a:db:27:da:47:a0:00:9f:bf:
89:28:6f:f9:27:cd:b0:cf:a9:f2:36:a6:f1:c7:89:
01:cc:8a:fd:62:b7:4b:ba:10:c7:e4:a3:61:3f:fc:
9f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EC:E9:3A:89:C6:8E:4B:DE:A9:49:CD:52:A2:F8:4E:E7:99:AA:96
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/kOzpOonGjkveqUnNUqL4TueZqpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.44.0/23
80.96.54.0/23
80.96.102.0/23
80.96.156.0/22
80.97.40.0/21
80.97.96.0/23
81.180.98.0/23
81.180.174.0/23
81.180.228.0/23
81.180.254.0/23
81.181.14.0/23
81.181.26.0/23
81.181.68.0/23
81.181.72.0/23
81.181.104.0/21
85.120.84.0/23
85.120.224.0/21
85.121.48.0/21
85.121.168.0/22
85.121.208.0/21
85.121.232.0/21
85.122.120.0/21
193.226.76.0/22
194.102.36.0/22
194.102.148.0/23
194.102.160.0/23
194.102.174.0/23
194.102.180.0/22
194.102.224.0/22
194.105.12.0/22
194.153.225.0/24
194.153.230.0/23
194.153.244.0/23
217.156.16.0/23
217.156.26.0/24
217.156.48.0/22
217.156.94.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:35:0b:f6:46:86:45:fa:5d:f3:6a:0e:50:90:df:73:6c:94:
46:de:17:90:94:9f:a0:35:05:00:5c:04:32:ab:69:80:08:01:
61:77:a3:c9:b3:48:55:32:79:62:9a:88:a9:14:48:d6:f6:10:
c1:24:f7:b8:f5:1f:95:a6:de:5d:50:a5:74:d5:e6:11:df:de:
3a:77:82:cd:7b:28:3d:f0:e3:b7:47:bd:8d:e7:b9:06:b8:b1:
ae:07:a3:5e:04:96:44:51:d6:c7:63:3a:30:aa:b6:0f:f2:54:
37:08:6e:63:09:dd:4d:fe:ec:65:77:1a:28:22:b2:c9:12:e4:
0b:52:74:dd:cb:9c:28:ae:d4:a8:5c:5f:d8:7c:42:bc:81:cd:
31:58:91:61:6c:99:f0:8f:11:3c:84:7e:b5:b0:3a:ab:55:34:
22:53:16:b0:a1:8e:bd:92:78:a2:be:27:9d:a7:2f:c0:eb:a7:
26:25:af:42:34:b9:74:5d:1b:63:c7:e3:4f:bc:29:47:ab:7d:
31:40:5f:ae:4e:ec:d4:3d:c0:da:eb:2d:7d:6e:96:46:71:8c:
f1:4e:2c:db:97:7d:7a:35:8f:91:a2:c1:2c:36:b9:05:5b:6b:
09:84:e2:ae:84:1e:5b:20:52:00:2d:db:5f:be:68:c3:7c:6a:
cf:74:30:81
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAY3Qk0NDjgXRAIIqidcdbX2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMjIyMTEyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGVjZTkzYTg5YzY4ZTRiZGVhOTQ5Y2Q1MmEyZjg0ZWU3OTlhYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYd5yAoqPnM7uX+CSY4PB+aFcuz0
cZUT8i5rIMINnrk9vPbhPRHwyLguUW1hsWmUc3pSMkeRpC1psAVcuubKbHHrTx9W
w69fPqLw5qQgx5dwccJpj19eBjIvWXjAzUIkHAmcZIDmm6ji009Je++uiueNpDAg
TxZ7NKTo1ucrif2Eh5fGdNQsd6VfIRcPfRBqOG47IlD0Wwrhf9TMGRVcciNPM4F7
/8FxvCwg3M39YghxPLuMu4W+TmRw4CTHTVVamPpEwBmdmY7HJhvC+Rn64WRSgLTD
Qz+K2yfaR6AAn7+JKG/5J82wz6nyNqbxx4kBzIr9YrdLuhDH5KNhP/yfWQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFJDs6TqJxo5L3qlJzVKi+E7nmaqWMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEva096cE9vbkdqa3ZlcVVuTlVxTDRUdWVacXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAFQ
YCwDBAFQYDYDBAFQYGYDBAJQYJwDBANQYSgDBAFQYWADBAFRtGIDBAFRtK4DBAFR
tOQDBAFRtP4DBAFRtQ4DBAFRtRoDBAFRtUQDBAFRtUgDBANRtWgDBAFVeFQDBANV
eOADBANVeTADBAJVeagDBANVedADBANVeegDBANVengDBALB4kwDBALCZiQDBAHC
ZpQDBAHCZqADBAHCZq4DBALCZrQDBALCZuADBALCaQwDBADCmeEDBAHCmeYDBAHC
mfQDBAHZnBADBADZnBoDBALZnDADBAHZnF4wDQYJKoZIhvcNAQELBQADggEBADw1
C/ZGhkX6XfNqDlCQ33NslEbeF5CUn6A1BQBcBDKraYAIAWF3o8mzSFUyeWKaiKkU
SNb2EMEk97j1H5Wm3l1QpXTV5hHf3jp3gs17KD3w47dHvY3nuQa4sa4Ho14ElkRR
1sdjOjCqtg/yVDcIbmMJ3U3+7GV3GigisskS5AtSdN3LnCiu1KhcX9h8QryBzTFY
kWFsmfCPETyEfrWwOqtVNCJTFrChjr2SeKK+J52nL8DrpyYlr0I0uXRdG2PH40+8
KUerfTFAX65O7NQ9wNrrLX1ulkZxjPFOLNuXfXo1j5GiwSw2uQVbawmE4q6EHlsg
UgAt21++aMN8as90MIE=
-----END CERTIFICATE-----
Generated at Sun Apr 28 16:24:55 2024 by rpki-client on console-fra.rpki-client.org