Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/_9qcHln7zNVFTPIYF8M0x2dxbA8.roa
File: _9qcHln7zNVFTPIYF8M0x2dxbA8.roa (raw, json)
Hash identifier: lsyo5zjOlDDA2t7dNDp18HmTYG8irzmFER6lkY/uHsk=
Subject key identifier: FF:DA:9C:1E:59:FB:CC:D5:45:4C:F2:18:17:C3:34:C7:67:71:6C:0F
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 018D8DD7EF6F37FA50603D7BA33669FE6654
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/_9qcHln7zNVFTPIYF8M0x2dxbA8.roa
Signing time: Fri 09 Feb 2024 12:29:15 +0000
ROA not before: Fri 09 Feb 2024 12:29:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210021
IP address blocks: 31.14.228.0/22 maxlen: 22
31.14.228.0/24 maxlen: 24
31.14.229.0/24 maxlen: 24
31.14.230.0/24 maxlen: 24
31.14.231.0/24 maxlen: 24
86.105.144.0/24 maxlen: 24
86.105.145.0/24 maxlen: 24
86.105.146.0/24 maxlen: 24
86.105.147.0/24 maxlen: 24
185.206.80.0/22 maxlen: 22
185.206.80.0/24 maxlen: 24
185.206.81.0/24 maxlen: 24
185.206.82.0/24 maxlen: 24
185.206.83.0/24 maxlen: 24
185.206.172.0/22 maxlen: 22
185.206.172.0/24 maxlen: 24
185.206.173.0/24 maxlen: 24
185.206.174.0/24 maxlen: 24
185.206.175.0/24 maxlen: 24
2a05:27c0::/48 maxlen: 48
2a05:27c0:1::/48 maxlen: 48
2a05:27c0:2::/48 maxlen: 64
2a05:27c0:3::/48 maxlen: 64
2a05:27c0:4::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:d7:ef:6f:37:fa:50:60:3d:7b:a3:36:69:fe:66:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Feb 9 12:29:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffda9c1e59fbccd5454cf21817c334c767716c0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7e:fe:20:09:ce:11:5b:de:05:c6:94:98:4c:
ee:52:88:39:6f:7a:8c:2e:40:95:ac:53:18:14:af:
8d:62:4d:34:48:b3:c7:4e:2d:83:95:ce:26:8f:55:
e9:08:51:c3:59:9d:94:c9:31:38:ac:6b:5f:58:92:
36:ae:cd:93:77:aa:46:ed:7a:21:b0:25:5a:78:37:
38:6f:89:83:d1:f6:77:af:03:6a:d8:37:84:c8:ed:
94:9b:bb:22:96:64:87:08:db:db:a6:a3:dc:d9:62:
0a:59:51:17:0f:32:0c:7f:17:b3:2b:0c:40:92:aa:
9a:77:77:cd:08:fe:33:b8:4a:12:07:43:6b:57:24:
9f:6f:64:90:b8:dd:4c:86:12:28:fd:64:ba:44:19:
a4:82:d1:56:09:fc:79:60:bc:e5:3f:f4:18:b6:22:
45:b5:17:17:0a:f8:bf:52:d6:b7:b7:35:0d:84:c0:
d1:d8:d2:ea:cd:ae:5a:fd:fa:8a:34:54:60:56:5f:
b3:bd:66:4f:ff:be:9a:d9:10:1f:c5:30:71:18:5f:
77:8b:5d:f1:a4:f3:5e:fc:28:c5:4b:d7:e0:29:50:
b7:61:5a:15:3e:ca:c8:d2:2e:79:fe:f7:80:15:ae:
aa:83:df:d8:36:5b:25:5c:5e:b9:aa:6f:69:6b:eb:
3e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DA:9C:1E:59:FB:CC:D5:45:4C:F2:18:17:C3:34:C7:67:71:6C:0F
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/_9qcHln7zNVFTPIYF8M0x2dxbA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
185.206.80.0/22
185.206.172.0/22
IPv6:
2a05:27c0::-2a05:27c0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
00:68:fe:22:dc:80:20:71:99:a2:65:6e:c3:2f:89:22:b6:a8:
95:70:b6:38:4a:7c:bf:91:8b:b2:59:a8:c6:da:90:13:91:3b:
d0:f3:fc:1c:13:52:73:58:05:be:cc:cd:03:f8:0e:42:be:06:
e0:2b:22:6f:ad:0f:56:97:82:63:01:c4:d9:e7:33:13:e0:14:
87:c5:b3:b3:94:fe:86:5e:df:2c:27:7d:a9:1c:ca:ad:f8:e9:
36:07:03:a6:11:e3:9a:d4:f8:6d:f4:7e:73:2f:39:ad:f0:47:
81:e3:76:fb:d1:fc:74:cd:1f:19:e1:0c:1f:da:56:d8:71:10:
a8:6e:e0:9c:f0:21:9e:f9:34:5f:68:78:7c:7b:d4:2a:90:72:
99:c2:d6:dc:31:08:a2:fb:77:cf:14:e0:ea:6f:e5:9d:73:d8:
cd:2f:5f:a3:e2:ed:f2:da:6d:16:87:07:1f:83:84:bd:23:e3:
a7:9f:f3:b8:a5:73:7a:ab:0a:73:b5:49:a0:92:e5:0b:46:14:
9b:36:8a:6d:ba:dd:3d:fc:88:d8:80:aa:3f:74:89:56:82:33:
e1:1e:72:e8:69:b3:c6:d4:93:f0:be:cc:7a:23:3c:9a:2d:e2:
dd:e3:1e:67:ae:c0:bb:75:06:a0:7a:a1:60:92:ea:1d:05:ab:
89:db:6f:f3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY2N1+9vN/pQYD17ozZp/mZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjQwMjA5MTIyOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRhOWMxZTU5ZmJjY2Q1NDU0Y2YyMTgxN2MzMzRjNzY3NzE2YzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhX7+IAnOEVveBcaUmEzuUog5b3qM
LkCVrFMYFK+NYk00SLPHTi2Dlc4mj1XpCFHDWZ2UyTE4rGtfWJI2rs2Td6pG7Xoh
sCVaeDc4b4mD0fZ3rwNq2DeEyO2Um7silmSHCNvbpqPc2WIKWVEXDzIMfxezKwxA
kqqad3fNCP4zuEoSB0NrVySfb2SQuN1MhhIo/WS6RBmkgtFWCfx5YLzlP/QYtiJF
tRcXCvi/Uta3tzUNhMDR2NLqza5a/fqKNFRgVl+zvWZP/76a2RAfxTBxGF93i13x
pPNe/CjFS9fgKVC3YVoVPsrI0i55/veAFa6qg9/YNlslXF65qm9pa+s++wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFP/anB5Z+8zVRUzyGBfDNMdncWwPMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvXzlxY0hsbjd6TlZGVFBJWUY4TTB4MmR4YkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQCHw7kAwQC
VmmQAwQCuc5QAwQCuc6sMBgEAgACMBIwEAMFBioFJ8ADBwAqBSfAAAQwDQYJKoZI
hvcNAQELBQADggEBAABo/iLcgCBxmaJlbsMviSK2qJVwtjhKfL+Ri7JZqMbakBOR
O9Dz/BwTUnNYBb7MzQP4DkK+BuArIm+tD1aXgmMBxNnnMxPgFIfFs7OU/oZe3ywn
fakcyq346TYHA6YR45rU+G30fnMvOa3wR4HjdvvR/HTNHxnhDB/aVthxEKhu4Jzw
IZ75NF9oeHx71CqQcpnC1twxCKL7d88U4Opv5Z1z2M0vX6Pi7fLabRaHBx+DhL0j
46ef87ilc3qrCnO1SaCS5QtGFJs2im263T38iNiAqj90iVaCM+Eecuhps8bUk/C+
zHojPJot4t3jHmeuwLt1BqB6oWCS6h0Fq4nbb/M=
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:32:44 2024 by rpki-client on console-fra.rpki-client.org