Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/kR7BXpYVla1tqIZcm1dPkv1U8co.roa
File: kR7BXpYVla1tqIZcm1dPkv1U8co.roa (raw, json)
Hash identifier: WZKTR1WPc3HlWGcf756dsjN+OXpXohWAUfnCSMmn3xo=
Subject key identifier: 91:1E:C1:5E:96:15:95:AD:6D:A8:86:5C:9B:57:4F:92:FD:54:F1:CA
Certificate issuer: /CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Certificate serial: 0191B686F14F756D4935F502F9B02BBB92DD
Authority key identifier: BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/kR7BXpYVla1tqIZcm1dPkv1U8co.roa
Signing time: Tue 03 Sep 2024 06:16:22 +0000
ROA not before: Tue 03 Sep 2024 06:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30815
IP address blocks: 88.209.128.0/22 maxlen: 22
88.209.128.0/24 maxlen: 24
88.209.130.0/24 maxlen: 24
88.209.132.0/22 maxlen: 22
88.209.132.0/24 maxlen: 24
88.209.135.0/24 maxlen: 24
88.209.136.0/24 maxlen: 24
88.209.137.0/24 maxlen: 24
88.209.160.0/21 maxlen: 21
88.209.160.0/22 maxlen: 22
88.209.160.0/24 maxlen: 24
88.209.161.0/24 maxlen: 24
88.209.162.0/24 maxlen: 24
88.209.163.0/24 maxlen: 24
88.209.164.0/22 maxlen: 22
88.209.164.0/23 maxlen: 23
88.209.164.0/24 maxlen: 24
88.209.165.0/24 maxlen: 24
88.209.166.0/24 maxlen: 24
88.209.167.0/24 maxlen: 24
88.209.190.0/24 maxlen: 24
88.209.191.0/24 maxlen: 24
93.189.96.0/21 maxlen: 21
93.189.96.0/23 maxlen: 23
93.189.96.0/24 maxlen: 24
93.189.97.0/24 maxlen: 24
93.189.98.0/23 maxlen: 23
93.189.98.0/24 maxlen: 24
93.189.99.0/24 maxlen: 24
93.189.100.0/23 maxlen: 23
93.189.100.0/24 maxlen: 24
93.189.101.0/24 maxlen: 24
93.189.102.0/23 maxlen: 23
93.189.102.0/24 maxlen: 24
93.189.103.0/24 maxlen: 24
185.63.232.0/22 maxlen: 22
185.63.232.0/23 maxlen: 23
185.63.232.0/24 maxlen: 24
185.63.233.0/24 maxlen: 24
185.63.234.0/24 maxlen: 24
185.63.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:86:f1:4f:75:6d:49:35:f5:02:f9:b0:2b:bb:92:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Validity
Not Before: Sep 3 06:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=911ec15e961595ad6da8865c9b574f92fd54f1ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:e6:5e:6d:20:5d:d0:9c:02:16:6a:45:c6:
60:2f:8b:32:77:cf:e2:c0:6e:f6:94:b8:eb:33:a1:
d2:5c:1d:35:41:02:15:06:2a:a3:36:66:a8:25:77:
ce:56:c3:2e:dc:bc:54:70:67:14:ac:c2:e4:3b:87:
3c:a3:60:a2:8f:9f:4c:7b:53:d6:ee:f4:9e:7d:1a:
f3:91:30:0d:e3:dd:bc:06:53:f2:4d:3b:d0:ab:3d:
bb:61:1b:2e:c2:df:7d:2a:81:8f:5e:64:c1:dc:be:
39:4c:46:e0:01:41:03:dd:de:5c:db:fb:54:0a:d3:
62:e6:71:d0:4b:69:b2:87:6c:cf:1d:3c:b3:6e:41:
62:94:fd:af:51:6c:dc:4d:eb:03:87:4e:28:02:5b:
cb:78:5e:6d:9c:f5:23:01:e9:4a:cf:25:1b:6d:bf:
75:db:d5:b1:5c:df:48:7d:d6:91:aa:a1:e3:f1:5f:
3e:0f:cc:b4:07:5e:0f:b0:f7:d4:ec:9d:6d:62:95:
af:55:99:47:7f:1b:3a:af:cf:1b:84:f2:f9:cd:80:
42:c6:1d:4a:61:5c:33:fc:9c:ba:a1:d4:e4:e5:2d:
39:69:a4:fa:bb:d7:24:45:4f:97:ad:e0:9b:de:52:
28:3e:83:17:4d:a1:68:77:08:d7:48:3a:91:32:93:
16:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1E:C1:5E:96:15:95:AD:6D:A8:86:5C:9B:57:4F:92:FD:54:F1:CA
X509v3 Authority Key Identifier:
keyid:BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/kR7BXpYVla1tqIZcm1dPkv1U8co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.128.0-88.209.137.255
88.209.160.0/21
88.209.190.0/23
93.189.96.0/21
185.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:77:b8:b2:14:56:f3:19:86:88:68:59:bc:b5:af:2e:e7:35:
57:8a:df:46:d0:f8:be:97:8a:b5:b8:c0:83:a3:31:15:fa:74:
fa:3a:09:e3:cd:c4:25:bc:09:01:66:55:0a:71:1a:31:49:09:
45:7c:30:86:08:f1:f9:ae:67:f7:43:c9:f6:43:2b:ad:6b:68:
b9:c0:b5:aa:49:eb:ab:b1:a0:4c:46:8d:d2:f7:c2:21:9b:03:
6b:a3:7e:18:9b:e5:16:e2:e7:e1:b2:60:71:02:06:02:69:e1:
68:21:5e:ee:ca:cd:fa:60:95:2e:cc:2a:aa:f4:18:83:a8:cc:
ea:b0:23:b2:d8:0e:83:af:ea:1e:96:eb:b0:d4:5d:20:86:03:
14:83:d8:6d:4e:4c:7a:b7:b9:a3:bb:63:95:53:c8:39:9c:fa:
0d:c0:5f:7f:7c:3b:88:42:53:2b:67:5c:5f:24:97:b4:46:90:
36:99:47:75:d5:c8:02:e6:f8:e9:b6:7a:df:67:85:b3:5f:23:
ac:fd:3c:0b:47:13:45:16:04:de:22:0a:2f:9b:fe:dc:81:35:
95:64:77:51:eb:f1:7f:ad:75:9c:c8:d9:e2:0b:3c:08:01:41:
74:b5:b9:b1:70:d7:d2:be:c7:d6:1a:37:23:9a:1b:a7:0b:1c:
6d:18:ca:c4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZG2hvFPdW1JNfUC+bAru5LdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE2NGNkMjljOTRjY2RlMTQ0NDhmNjFhMTcyYzc2M2Ix
ZTQwNTAwHhcNMjQwOTAzMDYxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFlYzE1ZTk2MTU5NWFkNmRhODg2NWM5YjU3NGY5MmZkNTRmMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKfmXm0gXdCcAhZqRcZgL4syd8/i
wG72lLjrM6HSXB01QQIVBiqjNmaoJXfOVsMu3LxUcGcUrMLkO4c8o2Cij59Me1PW
7vSefRrzkTAN4928BlPyTTvQqz27YRsuwt99KoGPXmTB3L45TEbgAUED3d5c2/tU
CtNi5nHQS2myh2zPHTyzbkFilP2vUWzcTesDh04oAlvLeF5tnPUjAelKzyUbbb91
29WxXN9IfdaRqqHj8V8+D8y0B14PsPfU7J1tYpWvVZlHfxs6r88bhPL5zYBCxh1K
YVwz/Jy6odTk5S05aaT6u9ckRU+XreCb3lIoPoMXTaFodwjXSDqRMpMWTQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJEewV6WFZWtbaiGXJtXT5L9VPHKMB8GA1UdIwQY
MBaAFLqqZM0pyUzN4URI9hoXLHY7HkBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUt
OGZjYWE2OTM2YzZjLzEva1I3QlhwWVZsYTF0cUlaY20xZFBrdjFVOGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUtOGZjYWE2OTM2YzZj
LzEvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAdY0YAD
BAFY0YgDBANY0aADBAFY0b4DBANdvWADBAK5P+gwDQYJKoZIhvcNAQELBQADggEB
AKN3uLIUVvMZhohoWby1ry7nNVeK30bQ+L6XirW4wIOjMRX6dPo6CePNxCW8CQFm
VQpxGjFJCUV8MIYI8fmuZ/dDyfZDK61raLnAtapJ66uxoExGjdL3wiGbA2ujfhib
5Rbi5+GyYHECBgJp4WghXu7KzfpglS7MKqr0GIOozOqwI7LYDoOv6h6W67DUXSCG
AxSD2G1OTHq3uaO7Y5VTyDmc+g3AX398O4hCUytnXF8kl7RGkDaZR3XVyALm+Om2
et9nhbNfI6z9PAtHE0UWBN4iCi+b/tyBNZVkd1Hr8X+tdZzI2eILPAgBQXS1ubFw
19K+x9YaNyOaG6cLHG0YysQ=
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:04:06 2024 by rpki-client on console-fra.rpki-client.org