Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/8nhXvPi8uY3gOJD_Vvi_gkZJ4Yg.roa
File: 8nhXvPi8uY3gOJD_Vvi_gkZJ4Yg.roa (raw, json)
Hash identifier: 7b4Xy0Ahyt8EU+ybAlfih5FwNzQogFLH8Ro8/B8jI8U=
Subject key identifier: F2:78:57:BC:F8:BC:B9:8D:E0:38:90:FF:56:F8:BF:82:46:49:E1:88
Certificate issuer: /CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Certificate serial: 018FF72D898EF260CBC2AE878E1D8E3A4920
Authority key identifier: FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/8nhXvPi8uY3gOJD_Vvi_gkZJ4Yg.roa
Signing time: Sat 08 Jun 2024 09:28:27 +0000
ROA not before: Sat 08 Jun 2024 09:28:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59943
IP address blocks: 91.208.211.0/24 maxlen: 24
91.223.195.0/24 maxlen: 24
185.3.216.0/22 maxlen: 24
193.104.8.0/24 maxlen: 24
194.32.152.0/22 maxlen: 22
194.32.152.0/24 maxlen: 24
194.32.153.0/24 maxlen: 24
194.32.154.0/24 maxlen: 24
194.32.155.0/24 maxlen: 24
194.247.160.0/23 maxlen: 23
195.225.164.0/22 maxlen: 22
195.225.164.0/24 maxlen: 24
195.225.166.0/24 maxlen: 24
195.225.167.0/24 maxlen: 24
2a02:5b40::/32 maxlen: 32
2a02:5b41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f7:2d:89:8e:f2:60:cb:c2:ae:87:8e:1d:8e:3a:49:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Validity
Not Before: Jun 8 09:28:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f27857bcf8bcb98de03890ff56f8bf824649e188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:de:14:2a:f2:4b:37:15:ee:84:aa:aa:cb:15:
97:b7:6e:40:16:0e:88:46:e9:87:c0:d8:47:ce:2d:
d9:db:85:bc:23:aa:95:f7:fd:f2:1a:81:42:3d:cf:
07:12:02:1a:93:5f:aa:28:20:e6:60:a2:d9:b9:6e:
80:0f:ee:bc:dd:2d:4b:fa:a6:62:06:9f:b4:03:b8:
f4:60:f5:47:56:fe:68:cd:33:1b:b1:a9:b4:e6:fd:
9d:d3:44:9d:88:bd:11:22:a9:a1:0f:84:e2:cb:85:
73:ad:41:1c:02:f7:df:f2:36:07:1f:fc:21:20:57:
c5:b9:d6:95:c6:86:c4:c2:fa:28:78:75:58:cb:46:
67:40:b9:5c:b8:eb:97:7a:30:78:6d:13:3b:7d:bc:
ca:be:fc:72:e1:47:be:25:4e:d4:05:a7:4e:e1:37:
ed:36:b5:7b:42:f8:be:a6:b5:4b:69:4a:9f:90:12:
3e:13:b4:84:a0:8c:30:e2:04:ee:e8:7a:7e:aa:e4:
ab:b0:e2:1d:b3:07:70:56:dc:b7:16:88:95:8b:22:
25:d9:16:08:8e:97:62:c1:e9:7d:58:20:fb:4e:53:
11:d3:36:60:c9:12:fc:0a:a3:ea:5b:56:d2:c4:0f:
7a:ef:e9:61:46:64:44:64:8e:7d:23:0e:75:a6:75:
88:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:78:57:BC:F8:BC:B9:8D:E0:38:90:FF:56:F8:BF:82:46:49:E1:88
X509v3 Authority Key Identifier:
keyid:FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/8nhXvPi8uY3gOJD_Vvi_gkZJ4Yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.211.0/24
91.223.195.0/24
185.3.216.0/22
193.104.8.0/24
194.32.152.0/22
194.247.160.0/23
195.225.164.0/22
IPv6:
2a02:5b40::/31
Signature Algorithm: sha256WithRSAEncryption
3a:f4:ad:30:a3:c0:cc:b7:5e:0e:46:f9:eb:c9:a7:df:20:d1:
eb:93:26:99:bd:06:4d:4a:0a:8d:8b:62:70:6c:bb:0e:00:f7:
72:13:34:4d:ba:10:38:7b:17:d8:ae:2f:0a:8a:92:4a:14:38:
e5:24:cb:63:b4:fc:6a:09:ce:50:9d:ad:70:d5:63:60:5d:ed:
03:96:17:cb:30:45:1c:b4:16:c4:5d:a8:71:36:c9:4a:2a:ef:
b6:f5:d2:53:53:36:ed:6a:9e:4d:65:b7:ef:03:37:20:ed:52:
f9:0f:3f:a5:7e:91:ac:ea:ff:64:fe:68:68:dc:e2:f0:d4:68:
24:06:33:b6:7f:62:92:63:cb:f4:2e:88:78:3a:da:f6:98:eb:
fb:ea:71:a8:b4:3b:25:d4:01:a0:85:5e:f8:4c:0f:39:51:d8:
69:ca:d6:55:12:ed:22:6c:35:af:4a:f3:02:be:57:db:5b:b4:
68:26:89:70:1f:00:64:95:55:64:8b:ed:d9:ca:a5:9f:85:09:
9f:a5:86:e4:96:5b:6f:28:0b:7b:58:84:43:f0:b3:d1:06:a1:
99:a9:6d:5f:ea:10:32:ed:a1:35:e4:fb:3d:29:32:f6:2d:53:
0b:31:5c:7c:14:02:bf:4b:ca:72:67:84:56:38:1a:17:b4:91:
b6:f3:73:5e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY/3LYmO8mDLwq6Hjh2OOkkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYjRmNDBmMzIxMTU2MWMyOWYxYmJjMzIwYmQ4N2NmYTJk
ZGQwMjkwHhcNMjQwNjA4MDkyODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjc4NTdiY2Y4YmNiOThkZTAzODkwZmY1NmY4YmY4MjQ2NDllMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA594UKvJLNxXuhKqqyxWXt25AFg6I
RumHwNhHzi3Z24W8I6qV9/3yGoFCPc8HEgIak1+qKCDmYKLZuW6AD+683S1L+qZi
Bp+0A7j0YPVHVv5ozTMbsam05v2d00SdiL0RIqmhD4Tiy4VzrUEcAvff8jYHH/wh
IFfFudaVxobEwvooeHVYy0ZnQLlcuOuXejB4bRM7fbzKvvxy4Ue+JU7UBadO4Tft
NrV7Qvi+prVLaUqfkBI+E7SEoIww4gTu6Hp+quSrsOIdswdwVty3FoiViyIl2RYI
jpdiwel9WCD7TlMR0zZgyRL8CqPqW1bSxA967+lhRmREZI59Iw51pnWIPQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPJ4V7z4vLmN4DiQ/1b4v4JGSeGIMB8GA1UdIwQY
MBaAFP+09A8yEVYcKfG7wyC9h8+i3dApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzdUMER6SVJWaHdwOGJ2RElMMkh6NkxkMENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNDhkODgtNjEzNi00Mzc0LTk5NGIt
ZDUzZjk0ZTIwN2E5LzEvOG5oWHZQaTh1WTNnT0pEX1Z2aV9na1pKNFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xNDhkODgtNjEzNi00Mzc0LTk5NGItZDUzZjk0ZTIwN2E5
LzEvXzdUMER6SVJWaHdwOGJ2RElMMkh6NkxkMENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAW9DTAwQA
W9/DAwQCuQPYAwQAwWgIAwQCwiCYAwQBwvegAwQCw+GkMA0EAgACMAcDBQEqAltA
MA0GCSqGSIb3DQEBCwUAA4IBAQA69K0wo8DMt14ORvnryaffINHrkyaZvQZNSgqN
i2JwbLsOAPdyEzRNuhA4exfYri8KipJKFDjlJMtjtPxqCc5Qna1w1WNgXe0DlhfL
MEUctBbEXahxNslKKu+29dJTUzbtap5NZbfvAzcg7VL5Dz+lfpGs6v9k/mho3OLw
1GgkBjO2f2KSY8v0Loh4Otr2mOv76nGotDsl1AGghV74TA85UdhpytZVEu0ibDWv
SvMCvlfbW7RoJolwHwBklVVki+3ZyqWfhQmfpYbklltvKAt7WIRD8LPRBqGZqW1f
6hAy7aE15Ps9KTL2LVMLMVx8FAK/S8pyZ4RWOBoXtJG283Ne
-----END CERTIFICATE-----
Generated at Sat Sep 28 13:04:29 2024 by rpki-client on console-fra.rpki-client.org