Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/0HA4iROkFbiM9gGw00h6yLZfbf0.roa
File: 0HA4iROkFbiM9gGw00h6yLZfbf0.roa (raw, json)
Hash identifier: WwfrQ9KyuUFOL3374CgPzvzJr92ZMVp2X7AFk4w2+xE=
Subject key identifier: D0:70:38:89:13:A4:15:B8:8C:F6:01:B0:D3:48:7A:C8:B6:5F:6D:FD
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 01900633C4D55FA538DD540D61331C22CE6C
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/0HA4iROkFbiM9gGw00h6yLZfbf0.roa
Signing time: Tue 11 Jun 2024 07:29:34 +0000
ROA not before: Tue 11 Jun 2024 07:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24852
IP address blocks: 79.132.160.0/19 maxlen: 19
84.55.32.0/24 maxlen: 24
84.55.33.0/24 maxlen: 24
84.55.34.0/23 maxlen: 23
84.55.36.0/23 maxlen: 23
84.55.48.0/21 maxlen: 21
84.55.56.0/23 maxlen: 23
84.55.58.0/23 maxlen: 23
84.55.60.0/23 maxlen: 23
84.55.62.0/23 maxlen: 23
88.223.0.0/18 maxlen: 18
88.223.96.0/22 maxlen: 22
88.223.104.0/21 maxlen: 21
88.223.112.0/20 maxlen: 20
88.223.128.0/22 maxlen: 22
88.223.144.0/21 maxlen: 21
88.223.152.0/24 maxlen: 24
88.223.153.0/24 maxlen: 24
88.223.160.0/20 maxlen: 20
88.223.192.0/19 maxlen: 19
95.173.32.0/19 maxlen: 19
185.104.176.0/22 maxlen: 22
213.164.112.0/22 maxlen: 22
213.164.116.0/23 maxlen: 23
213.164.118.0/24 maxlen: 24
217.147.34.0/24 maxlen: 24
217.147.35.0/24 maxlen: 24
217.147.36.0/23 maxlen: 23
217.147.38.0/24 maxlen: 24
217.147.40.0/24 maxlen: 24
217.147.41.0/24 maxlen: 24
217.147.44.0/23 maxlen: 23
217.147.46.0/24 maxlen: 24
217.147.47.0/24 maxlen: 24
2a01:7c80::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:33:c4:d5:5f:a5:38:dd:54:0d:61:33:1c:22:ce:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jun 11 07:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d070388913a415b88cf601b0d3487ac8b65f6dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bd:76:f5:f9:40:de:e2:e2:43:fa:e5:98:07:
d1:2d:46:a7:ab:91:2f:df:42:0f:b7:5f:b3:40:7f:
13:fe:66:3c:88:77:8b:3e:79:df:42:8e:64:40:1a:
73:bc:9f:9e:40:4a:84:77:fe:d3:63:c7:4b:ce:3d:
5d:c7:16:6b:35:94:29:c6:80:c5:e0:49:31:58:ea:
89:17:2d:5a:18:74:1a:ca:4d:33:58:a8:3a:70:66:
62:bc:85:bd:d4:68:b2:e7:7c:91:39:f3:1d:0f:6a:
ab:d3:c1:87:d8:b0:0c:0b:b2:88:6f:72:64:5b:39:
50:37:3f:c5:bd:27:14:14:09:0a:18:b9:15:2d:19:
5b:15:01:b8:0e:56:53:ce:1b:f2:7d:db:82:12:bf:
cf:d2:5e:63:bd:b0:d8:89:16:36:13:ed:65:89:ea:
49:0a:df:ce:d3:ac:ad:25:89:a4:94:a4:a7:9a:61:
23:3a:99:85:e5:f5:df:98:b9:b3:8c:13:8d:86:96:
cc:12:db:5c:66:ec:ae:3a:90:f9:55:de:9d:bb:cd:
dd:10:1c:3c:09:40:04:80:8f:55:28:79:ad:55:b2:
6a:38:dd:29:a4:fc:a6:d7:14:4a:60:df:64:58:28:
19:73:c4:f3:fe:18:ca:ff:48:1c:b5:24:cc:45:2f:
7d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:70:38:89:13:A4:15:B8:8C:F6:01:B0:D3:48:7A:C8:B6:5F:6D:FD
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/0HA4iROkFbiM9gGw00h6yLZfbf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.160.0/19
84.55.32.0-84.55.37.255
84.55.48.0/20
88.223.0.0/18
88.223.96.0/22
88.223.104.0-88.223.131.255
88.223.144.0-88.223.153.255
88.223.160.0/20
88.223.192.0/19
95.173.32.0/19
185.104.176.0/22
213.164.112.0-213.164.118.255
217.147.34.0-217.147.38.255
217.147.40.0/23
217.147.44.0/22
IPv6:
2a01:7c80::/33
Signature Algorithm: sha256WithRSAEncryption
09:7f:4a:e7:6d:15:ab:6f:b7:5a:47:51:29:9a:5e:46:37:e3:
2f:8e:f2:57:13:fe:c1:73:e3:ad:41:2d:6c:4c:2a:b7:3f:33:
bd:ff:9e:e8:f1:51:c8:e2:a7:d5:8f:91:7f:68:05:d8:2d:3c:
0d:f4:81:d4:09:1a:2a:76:6b:86:ac:f6:c8:d2:86:09:6e:d9:
45:2d:40:14:21:e4:e8:8f:39:74:9d:99:c2:5e:8a:b9:61:97:
ee:52:65:8f:3d:f8:80:dc:91:c7:bd:94:d9:ce:8e:33:c2:f4:
ea:60:cc:ca:22:c6:8e:05:51:83:a0:53:6c:f0:17:ef:99:08:
c8:9b:0c:bd:6d:73:9c:ff:5e:6e:a6:b1:6f:bd:40:70:99:0e:
71:fb:15:31:8a:a8:91:62:57:b3:06:a3:f9:aa:75:6b:11:55:
70:a8:97:63:59:a9:a1:48:0b:8e:c0:7f:62:fb:be:98:e9:b5:
ce:38:8f:1e:54:3f:66:41:fd:9a:da:63:92:c8:98:01:d3:8c:
27:31:30:d1:54:eb:58:61:30:6a:73:05:67:0d:2c:e3:00:97:
d7:d6:1e:b7:14:25:f1:2a:45:a9:55:ef:bd:eb:1f:55:af:5a:
d8:30:ce:e8:9d:f9:2d:d9:ba:72:86:ea:82:48:4b:01:05:b8:
fa:92:46:02
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZAGM8TVX6U43VQNYTMcIs5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQwNjExMDcyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDcwMzg4OTEzYTQxNWI4OGNmNjAxYjBkMzQ4N2FjOGI2NWY2ZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7129flA3uLiQ/rlmAfRLUanq5Ev
30IPt1+zQH8T/mY8iHeLPnnfQo5kQBpzvJ+eQEqEd/7TY8dLzj1dxxZrNZQpxoDF
4EkxWOqJFy1aGHQayk0zWKg6cGZivIW91Giy53yROfMdD2qr08GH2LAMC7KIb3Jk
WzlQNz/FvScUFAkKGLkVLRlbFQG4DlZTzhvyfduCEr/P0l5jvbDYiRY2E+1liepJ
Ct/O06ytJYmklKSnmmEjOpmF5fXfmLmzjBONhpbMEttcZuyuOpD5Vd6du83dEBw8
CUAEgI9VKHmtVbJqON0ppPym1xRKYN9kWCgZc8Tz/hjK/0gctSTMRS998QIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFNBwOIkTpBW4jPYBsNNIesi2X239MB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvMEhBNGlST2tGYmlNOWdHdzAwaDZ5TFpmYmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBiQQCAAEwgYIDBAVP
hKAwDAMEBVQ3IAMEAVQ3JAMEBFQ3MAMEBljfAAMEAljfYDAMAwQDWN9oAwQCWN+A
MAwDBARY35ADBAFY35gDBARY36ADBAVY38ADBAVfrSADBAK5aLAwDAMEBNWkcAME
ANWkdjAMAwQB2ZMiAwQA2ZMmAwQB2ZMoAwQC2ZMsMA4EAgACMAgDBgcqAXyAADAN
BgkqhkiG9w0BAQsFAAOCAQEACX9K520Vq2+3WkdRKZpeRjfjL47yVxP+wXPjrUEt
bEwqtz8zvf+e6PFRyOKn1Y+Rf2gF2C08DfSB1AkaKnZrhqz2yNKGCW7ZRS1AFCHk
6I85dJ2Zwl6KuWGX7lJljz34gNyRx72U2c6OM8L06mDMyiLGjgVRg6BTbPAX75kI
yJsMvW1znP9ebqaxb71AcJkOcfsVMYqokWJXswaj+ap1axFVcKiXY1mpoUgLjsB/
Yvu+mOm1zjiPHlQ/ZkH9mtpjksiYAdOMJzEw0VTrWGEwanMFZw0s4wCX19YetxQl
8SpFqVXvvesfVa9a2DDO6J35Ldm6cobqgkhLAQW4+pJGAg==
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:52:25 2024 by rpki-client on console-ams.rpki-client.org