Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/kMQuiIIcRsC1qn1LW1Gp-4ucjP8.roa
File: kMQuiIIcRsC1qn1LW1Gp-4ucjP8.roa (raw, json)
Hash identifier: BQ/BbRJ6zgCWegzGzLedq5IHUcEbJanE+G7w0P0R3h8=
Subject key identifier: 90:C4:2E:88:82:1C:46:C0:B5:AA:7D:4B:5B:51:A9:FB:8B:9C:8C:FF
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0191FFD5D376E60B8FFFF35D03227F22728C
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/kMQuiIIcRsC1qn1LW1Gp-4ucjP8.roa
Signing time: Tue 17 Sep 2024 11:54:48 +0000
ROA not before: Tue 17 Sep 2024 11:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 80.96.44.0/23 maxlen: 24
80.96.54.0/23 maxlen: 24
80.96.102.0/23 maxlen: 24
80.96.156.0/22 maxlen: 24
80.97.40.0/21 maxlen: 24
80.97.96.0/23 maxlen: 24
81.180.98.0/23 maxlen: 24
81.180.174.0/23 maxlen: 24
81.180.228.0/23 maxlen: 24
81.180.254.0/23 maxlen: 24
81.181.14.0/23 maxlen: 24
81.181.26.0/23 maxlen: 24
81.181.68.0/23 maxlen: 24
81.181.72.0/23 maxlen: 24
81.181.104.0/21 maxlen: 24
85.120.84.0/23 maxlen: 24
85.121.168.0/22 maxlen: 24
85.121.232.0/21 maxlen: 24
85.122.124.0/22 maxlen: 24
85.122.231.0/24 maxlen: 24
193.226.76.0/22 maxlen: 24
194.102.36.0/22 maxlen: 24
194.102.148.0/23 maxlen: 24
194.102.160.0/23 maxlen: 24
194.102.174.0/23 maxlen: 24
194.102.180.0/22 maxlen: 24
194.102.224.0/22 maxlen: 24
194.105.12.0/22 maxlen: 24
194.153.225.0/24 maxlen: 24
194.153.230.0/23 maxlen: 24
194.153.244.0/23 maxlen: 24
217.156.16.0/23 maxlen: 24
217.156.26.0/24 maxlen: 24
217.156.48.0/22 maxlen: 24
217.156.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:d5:d3:76:e6:0b:8f:ff:f3:5d:03:22:7f:22:72:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Sep 17 11:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90c42e88821c46c0b5aa7d4b5b51a9fb8b9c8cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:35:e2:79:03:e1:f6:32:c8:b6:c0:97:52:58:
b4:1c:7d:a9:76:69:a1:00:44:d5:da:6b:9a:28:22:
23:92:37:e9:ab:c8:7d:4c:e1:a6:60:e4:78:66:9f:
38:49:28:7a:19:e0:76:a3:76:fd:20:fd:c3:7e:c3:
72:64:5a:33:90:f6:7b:f1:72:00:91:fc:3e:01:11:
9e:69:63:14:2a:3d:2b:0b:4e:6f:48:a0:7c:19:76:
58:4c:4f:17:71:15:dd:78:64:4c:84:1b:f6:94:96:
1a:87:11:a4:4b:bf:b3:65:b1:5a:06:87:64:00:dc:
a4:a1:37:29:89:93:50:8a:a2:7b:52:f5:09:90:3a:
41:69:f2:0c:fe:62:4e:b6:47:d5:1c:ca:82:70:5b:
ea:c8:9d:7d:52:cc:0f:22:a4:03:5c:46:aa:c3:3b:
c5:b2:ff:41:3a:6b:36:4d:88:b3:d1:f0:87:f9:fa:
51:05:ab:23:8e:0a:c0:1b:f0:83:5b:f3:41:63:df:
85:eb:a3:7e:e3:f4:fb:22:c9:27:e3:6f:7d:d8:00:
5c:d1:8d:5b:39:dd:8d:84:8a:fc:08:33:89:a9:7e:
12:af:be:ed:15:98:20:42:64:b1:60:ab:05:27:a9:
84:3f:80:8d:bf:45:3d:c2:a1:c4:ff:92:a6:a8:62:
0e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C4:2E:88:82:1C:46:C0:B5:AA:7D:4B:5B:51:A9:FB:8B:9C:8C:FF
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/kMQuiIIcRsC1qn1LW1Gp-4ucjP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.44.0/23
80.96.54.0/23
80.96.102.0/23
80.96.156.0/22
80.97.40.0/21
80.97.96.0/23
81.180.98.0/23
81.180.174.0/23
81.180.228.0/23
81.180.254.0/23
81.181.14.0/23
81.181.26.0/23
81.181.68.0/23
81.181.72.0/23
81.181.104.0/21
85.120.84.0/23
85.121.168.0/22
85.121.232.0/21
85.122.124.0/22
85.122.231.0/24
193.226.76.0/22
194.102.36.0/22
194.102.148.0/23
194.102.160.0/23
194.102.174.0/23
194.102.180.0/22
194.102.224.0/22
194.105.12.0/22
194.153.225.0/24
194.153.230.0/23
194.153.244.0/23
217.156.16.0/23
217.156.26.0/24
217.156.48.0/22
217.156.94.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:96:47:aa:43:9e:bf:bc:24:d1:ea:59:e7:6f:f3:14:3a:a7:
e2:af:42:01:cf:17:2e:0d:8c:b7:56:b6:ed:80:34:9f:81:ab:
86:89:28:77:27:3f:56:69:3d:b2:93:11:63:6d:98:66:da:a5:
e3:50:29:7c:78:63:d4:57:be:f4:11:18:f0:64:68:2a:8e:54:
7d:5f:b8:c9:42:4a:e2:e6:2f:d9:11:b5:35:91:4c:3d:a5:41:
8c:64:b2:50:3e:7a:44:b7:e0:64:14:09:ff:af:9e:cf:61:9c:
a2:27:46:70:98:eb:c6:20:b5:c9:a9:f9:99:b2:7d:10:00:95:
2b:ce:75:59:8f:f9:cc:c6:8f:0e:19:cb:09:e4:33:1d:cb:2e:
1e:0e:87:53:49:3c:60:3e:7c:a8:6d:2e:3c:88:d6:a5:d4:1a:
70:d2:e2:32:a6:eb:39:92:48:02:8f:2c:d7:4c:f2:35:e3:25:
33:8f:96:7b:53:c3:f1:87:07:5f:73:96:d6:93:39:c3:e9:a3:
8f:87:da:89:7f:47:b6:fb:27:1e:3e:f5:62:ac:12:02:cc:78:
f7:02:c0:de:4a:9e:d2:1a:35:96:b3:72:15:7f:4f:75:d0:87:
61:ab:7d:ff:b9:c8:be:a8:7b:34:7a:6f:76:cd:56:37:25:06:
15:2b:f0:c6
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZH/1dN25guP//NdAyJ/InKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwOTE3MTE1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM0MmU4ODgyMWM0NmMwYjVhYTdkNGI1YjUxYTlmYjhiOWM4Y2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTXieQPh9jLItsCXUli0HH2pdmmh
AETV2muaKCIjkjfpq8h9TOGmYOR4Zp84SSh6GeB2o3b9IP3DfsNyZFozkPZ78XIA
kfw+ARGeaWMUKj0rC05vSKB8GXZYTE8XcRXdeGRMhBv2lJYahxGkS7+zZbFaBodk
ANykoTcpiZNQiqJ7UvUJkDpBafIM/mJOtkfVHMqCcFvqyJ19UswPIqQDXEaqwzvF
sv9BOms2TYiz0fCH+fpRBasjjgrAG/CDW/NBY9+F66N+4/T7Iskn42992ABc0Y1b
Od2NhIr8CDOJqX4Sr77tFZggQmSxYKsFJ6mEP4CNv0U9wqHE/5KmqGIOcQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFJDELoiCHEbAtap9S1tRqfuLnIz/MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEva01RdWlJSWNSc0MxcW4xTFcxR3AtNHVjalA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBAFQ
YCwDBAFQYDYDBAFQYGYDBAJQYJwDBANQYSgDBAFQYWADBAFRtGIDBAFRtK4DBAFR
tOQDBAFRtP4DBAFRtQ4DBAFRtRoDBAFRtUQDBAFRtUgDBANRtWgDBAFVeFQDBAJV
eagDBANVeegDBAJVenwDBABVeucDBALB4kwDBALCZiQDBAHCZpQDBAHCZqADBAHC
Zq4DBALCZrQDBALCZuADBALCaQwDBADCmeEDBAHCmeYDBAHCmfQDBAHZnBADBADZ
nBoDBALZnDADBAHZnF4wDQYJKoZIhvcNAQELBQADggEBAE2WR6pDnr+8JNHqWedv
8xQ6p+KvQgHPFy4NjLdWtu2ANJ+Bq4aJKHcnP1ZpPbKTEWNtmGbapeNQKXx4Y9RX
vvQRGPBkaCqOVH1fuMlCSuLmL9kRtTWRTD2lQYxkslA+ekS34GQUCf+vns9hnKIn
RnCY68Ygtcmp+ZmyfRAAlSvOdVmP+czGjw4ZywnkMx3LLh4Oh1NJPGA+fKhtLjyI
1qXUGnDS4jKm6zmSSAKPLNdM8jXjJTOPlntTw/GHB19zltaTOcPpo4+H2ol/R7b7
Jx4+9WKsEgLMePcCwN5KntIaNZazchV/T3XQh2Grff+5yL6oezR6b3bNVjclBhUr
8MY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:27:38 2024 by rpki-client on console-fra.rpki-client.org