Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/EVUD8nQLu-rj3XeWW5n32uBOS9s.roa
File: EVUD8nQLu-rj3XeWW5n32uBOS9s.roa (raw, json)
Hash identifier: LCHz7sZrwfqDqhSfWhUWtfkxuH5GNeCQQEW5bxvmV6M=
Subject key identifier: 11:55:03:F2:74:0B:BB:EA:E3:DD:77:96:5B:99:F7:DA:E0:4E:4B:DB
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018CC794206C1E538093B2D1032347777A3D
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/EVUD8nQLu-rj3XeWW5n32uBOS9s.roa
Signing time: Tue 02 Jan 2024 00:30:22 +0000
ROA not before: Tue 02 Jan 2024 00:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8764
IP address blocks: 88.119.0.0/18 maxlen: 24
85.206.176.0/20 maxlen: 24
195.12.160.0/19 maxlen: 24
88.118.192.0/18 maxlen: 24
194.176.32.0/19 maxlen: 24
85.206.128.0/19 maxlen: 24
85.206.244.0/22 maxlen: 24
85.206.248.0/21 maxlen: 24
213.190.32.0/19 maxlen: 24
88.119.128.0/19 maxlen: 24
188.69.0.0/16 maxlen: 24
85.206.192.0/19 maxlen: 24
88.119.64.0/18 maxlen: 24
85.206.224.0/20 maxlen: 24
212.47.96.0/19 maxlen: 24
212.59.0.0/19 maxlen: 24
88.118.0.0/17 maxlen: 24
88.119.184.0/21 maxlen: 24
88.119.192.0/18 maxlen: 24
78.56.0.0/13 maxlen: 24
195.22.160.0/19 maxlen: 24
82.135.128.0/17 maxlen: 24
81.7.64.0/18 maxlen: 24
62.212.192.0/19 maxlen: 24
85.206.0.0/17 maxlen: 24
88.118.128.0/18 maxlen: 24
2a00:1eb8::/32 maxlen: 48
2a02:118::/48 maxlen: 48
2a02:118:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:20:6c:1e:53:80:93:b2:d1:03:23:47:77:7a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 00:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=115503f2740bbbeae3dd77965b99f7dae04e4bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f8:c8:90:81:50:19:49:d6:0f:4a:fe:c1:44:
05:4a:64:06:58:15:81:00:11:9e:d5:77:e9:1a:ac:
81:50:77:c0:f0:72:f8:81:1c:ba:e0:13:40:01:7f:
d0:37:2b:06:ca:cf:4c:1e:8f:c2:e1:2b:43:fe:72:
ba:bc:d0:60:20:d4:87:7f:e0:41:bb:3f:9a:7b:66:
22:77:8d:17:49:61:22:2b:98:c0:be:ae:9e:8b:b4:
36:11:a6:2d:a6:74:80:c8:9f:33:71:cc:c0:ba:fd:
4d:1b:8b:37:a0:b0:2c:5e:1c:b7:91:25:e3:d0:e9:
2a:0a:df:8c:56:8e:14:0f:86:49:2e:fe:5f:47:5b:
4a:00:27:9b:10:0c:52:a6:a9:23:22:48:84:aa:ce:
5d:46:4f:45:25:b0:ba:c2:c9:04:8b:e7:a4:6c:54:
e0:be:35:1d:67:82:5b:ed:ed:cf:ea:00:d3:05:a2:
33:43:6d:71:84:9d:2e:14:94:5b:18:0b:88:25:cf:
ce:e2:4f:8c:3a:5c:58:31:64:bd:ff:ac:4f:c6:a1:
88:2e:85:3b:f7:fb:08:3e:dc:a0:60:90:a6:c6:fd:
40:ca:be:1a:e8:1f:8d:1d:64:c8:5d:c8:63:ea:fa:
52:2f:e2:3a:ac:6d:6f:67:64:a9:79:25:34:87:11:
2d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:55:03:F2:74:0B:BB:EA:E3:DD:77:96:5B:99:F7:DA:E0:4E:4B:DB
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/EVUD8nQLu-rj3XeWW5n32uBOS9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.212.192.0/19
78.56.0.0/13
81.7.64.0/18
82.135.128.0/17
85.206.0.0-85.206.159.255
85.206.176.0-85.206.239.255
85.206.244.0-85.206.255.255
88.118.0.0-88.119.159.255
88.119.184.0-88.119.255.255
188.69.0.0/16
194.176.32.0/19
195.12.160.0/19
195.22.160.0/19
212.47.96.0/19
212.59.0.0/19
213.190.32.0/19
IPv6:
2a00:1eb8::/32
2a02:118::/47
Signature Algorithm: sha256WithRSAEncryption
21:c8:e1:51:47:d5:3e:e4:22:a8:af:99:37:03:ac:ab:82:80:
9b:8f:e2:c4:7d:f7:69:f5:bb:6f:42:4a:26:8e:fa:39:cf:f4:
cd:e1:ba:b8:a2:f2:f8:2f:5e:18:a7:d4:a8:08:f1:f6:25:0a:
95:ab:ef:d0:e1:51:23:c1:99:0a:5d:1f:f7:98:90:ce:8f:8b:
a8:ad:90:a6:3b:aa:5d:87:2e:01:5f:9f:05:91:e8:f5:f0:d4:
7d:f1:38:8c:5e:4d:4b:28:e3:1b:11:6a:52:ce:0f:f3:2f:fa:
37:32:be:d0:10:50:87:1f:18:2f:3b:20:13:e5:86:39:45:c6:
0c:4c:d2:11:08:9a:6a:61:26:59:6c:30:2d:7c:82:10:bd:d5:
fa:35:49:ab:a0:0c:4d:0e:c5:3e:c3:f7:7d:38:dc:48:c8:6a:
d5:66:05:bc:83:05:5b:1e:54:82:05:8f:aa:3d:4f:1f:73:fa:
55:c6:8d:bf:af:4d:9e:88:93:f1:25:cf:ac:de:4d:98:a9:51:
55:20:0a:2e:37:5f:72:5d:e1:e0:1c:e4:45:b5:7d:0c:8e:e1:
2d:70:5b:f4:12:20:d2:6c:ca:4b:22:f9:52:4c:20:d3:0e:0a:
fc:07:31:e1:60:49:28:17:20:ef:20:bf:4f:3c:f1:ef:fa:7f:
1e:7b:07:51
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYzHlCBsHlOAk7LRAyNHd3o9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjQwMTAyMDAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTU1MDNmMjc0MGJiYmVhZTNkZDc3OTY1Yjk5ZjdkYWUwNGU0YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvjIkIFQGUnWD0r+wUQFSmQGWBWB
ABGe1XfpGqyBUHfA8HL4gRy64BNAAX/QNysGys9MHo/C4StD/nK6vNBgINSHf+BB
uz+ae2Yid40XSWEiK5jAvq6ei7Q2EaYtpnSAyJ8zcczAuv1NG4s3oLAsXhy3kSXj
0OkqCt+MVo4UD4ZJLv5fR1tKACebEAxSpqkjIkiEqs5dRk9FJbC6wskEi+ekbFTg
vjUdZ4Jb7e3P6gDTBaIzQ21xhJ0uFJRbGAuIJc/O4k+MOlxYMWS9/6xPxqGILoU7
9/sIPtygYJCmxv1Ayr4a6B+NHWTIXchj6vpSL+I6rG1vZ2SpeSU0hxEtTQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFBFVA/J0C7vq4913lluZ99rgTkvbMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL0VWVUQ4blFMdS1yajNYZVdXNW4zMnVCT1M5cy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgbcGCCsGAQUFBwEHAQH/BIGnMIGkMIGJBAIAATCBggME
BT7UwAMDA044AwQGUQdAAwQHUoeAMAsDAwFVzgMEBVXOgDAMAwQEVc6wAwQEVc7g
MAsDBAJVzvQDAwBVzjALAwMBWHYDBAVYd4AwCwMEA1h3uAMDA1hwAwMAvEUDBAXC
sCADBAXDDKADBAXDFqADBAXUL2ADBAXUOwADBAXVviAwFgQCAAIwEAMFACoAHrgD
BwEqAgEYAAAwDQYJKoZIhvcNAQELBQADggEBACHI4VFH1T7kIqivmTcDrKuCgJuP
4sR992n1u29CSiaO+jnP9M3hurii8vgvXhin1KgI8fYlCpWr79DhUSPBmQpdH/eY
kM6Pi6itkKY7ql2HLgFfnwWR6PXw1H3xOIxeTUso4xsRalLOD/Mv+jcyvtAQUIcf
GC87IBPlhjlFxgxM0hEImmphJllsMC18ghC91fo1SaugDE0OxT7D93043EjIatVm
BbyDBVseVIIFj6o9Tx9z+lXGjb+vTZ6Ik/Elz6zeTZipUVUgCi43X3Jd4eAc5EW1
fQyO4S1wW/QSINJsyksi+VJMINMOCvwHMeFgSSgXIO8gv0888e/6fx57B1E=
-----END CERTIFICATE-----
Generated at Wed May 22 23:46:46 2024 by rpki-client on console-ams.rpki-client.org