Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/IEic02OFLdeBe91PtXYwSEXFTc4.roa
File: IEic02OFLdeBe91PtXYwSEXFTc4.roa (raw, json)
Hash identifier: Qo1aooonh72rYybBi1V5luH4FStqQMrUx2qd2th0Oog=
Subject key identifier: 20:48:9C:D3:63:85:2D:D7:81:7B:DD:4F:B5:76:30:48:45:C5:4D:CE
Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial: 0191D5F843BB1F36B254B428B65B386C81E7
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/IEic02OFLdeBe91PtXYwSEXFTc4.roa
Signing time: Mon 09 Sep 2024 08:48:22 +0000
ROA not before: Mon 09 Sep 2024 08:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34397
IP address blocks: 79.172.128.0/18 maxlen: 18
85.129.128.0/17 maxlen: 17
85.129.164.0/22 maxlen: 22
88.213.0.0/18 maxlen: 18
88.213.6.0/24 maxlen: 24
88.213.64.0/18 maxlen: 18
88.213.64.0/21 maxlen: 21
88.213.64.0/22 maxlen: 22
88.213.72.0/21 maxlen: 21
88.213.78.0/24 maxlen: 24
88.213.126.0/23 maxlen: 23
89.4.0.0/15 maxlen: 15
89.5.220.0/23 maxlen: 23
89.5.220.0/24 maxlen: 24
93.98.0.0/16 maxlen: 16
93.98.127.0/24 maxlen: 24
212.71.32.0/19 maxlen: 19
212.71.32.0/24 maxlen: 24
212.71.33.0/24 maxlen: 24
212.71.35.0/24 maxlen: 24
212.71.37.0/24 maxlen: 24
212.71.41.0/24 maxlen: 24
212.71.42.0/24 maxlen: 24
212.71.51.0/24 maxlen: 24
212.71.53.0/24 maxlen: 24
212.107.96.0/19 maxlen: 19
212.107.97.0/24 maxlen: 24
212.107.99.0/24 maxlen: 24
212.107.103.0/24 maxlen: 24
212.107.105.0/24 maxlen: 24
212.107.106.0/24 maxlen: 24
212.118.96.0/19 maxlen: 19
212.118.100.0/24 maxlen: 24
212.118.102.0/24 maxlen: 24
212.118.106.0/24 maxlen: 24
212.118.107.0/24 maxlen: 24
212.118.108.0/22 maxlen: 22
212.118.115.0/24 maxlen: 24
212.118.117.0/24 maxlen: 24
212.118.119.0/24 maxlen: 24
212.118.122.0/24 maxlen: 24
212.118.124.0/24 maxlen: 24
212.119.64.0/20 maxlen: 20
212.119.64.0/24 maxlen: 24
212.119.69.0/24 maxlen: 24
212.119.74.0/24 maxlen: 24
212.119.80.0/21 maxlen: 21
212.119.81.0/24 maxlen: 24
212.119.82.0/24 maxlen: 24
212.119.88.0/22 maxlen: 22
212.119.92.0/23 maxlen: 23
212.119.92.0/24 maxlen: 24
212.119.93.0/24 maxlen: 24
213.181.160.0/19 maxlen: 19
213.181.190.0/24 maxlen: 24
213.210.192.0/18 maxlen: 18
213.210.195.0/24 maxlen: 24
213.210.196.0/24 maxlen: 24
213.210.216.0/24 maxlen: 24
213.210.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d5:f8:43:bb:1f:36:b2:54:b4:28:b6:5b:38:6c:81:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Validity
Not Before: Sep 9 08:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20489cd363852dd7817bdd4fb576304845c54dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:70:59:59:ce:a2:33:1e:5e:44:48:46:f7:e9:
5b:46:d0:5b:5b:97:5b:d9:7a:2a:f3:c2:7c:cf:b7:
fb:cb:6a:90:b8:0c:b0:65:d4:6d:6f:2a:df:2d:df:
a7:a8:39:dd:d1:df:9f:e4:e2:be:e5:44:63:b0:c2:
10:91:cc:44:35:e5:36:10:94:a3:61:21:f7:81:fa:
70:ae:d3:8f:fc:e2:66:71:ba:48:a9:30:27:ef:2a:
d1:66:8a:b4:ea:ba:c1:c0:6c:f1:16:4c:97:c6:7a:
52:51:16:fe:ac:40:20:4b:28:d8:a9:da:73:76:d0:
3d:71:de:f0:95:bf:c6:64:52:59:6e:49:60:25:2d:
3e:70:f2:b8:43:b0:4a:0f:ca:b4:b0:48:91:d1:75:
d6:a4:94:1b:f9:31:08:c1:bb:4a:4b:55:57:b7:27:
1b:5d:99:f9:5d:c1:5a:37:d6:74:bf:25:07:23:a2:
c3:b5:e4:e4:bf:c1:0c:74:98:d5:20:6c:85:c7:e0:
ba:8c:bd:08:6c:14:ed:9f:0d:8f:d8:91:37:cc:23:
aa:a9:d3:32:a7:dd:07:eb:74:09:f4:7b:b3:56:45:
fc:e8:c0:ff:73:7c:34:11:ec:49:27:f1:e0:4a:55:
03:f6:5a:53:d4:1a:0c:ef:d2:76:61:d6:34:4f:1f:
fd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:48:9C:D3:63:85:2D:D7:81:7B:DD:4F:B5:76:30:48:45:C5:4D:CE
X509v3 Authority Key Identifier:
keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/IEic02OFLdeBe91PtXYwSEXFTc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.128.0/18
85.129.128.0/17
88.213.0.0/17
89.4.0.0/15
93.98.0.0/16
212.71.32.0/19
212.107.96.0/19
212.118.96.0/19
212.119.64.0-212.119.93.255
213.181.160.0/19
213.210.192.0/18
Signature Algorithm: sha256WithRSAEncryption
50:c7:80:d0:8c:a8:eb:da:09:b7:b9:99:0a:7d:61:a5:ea:5d:
bb:dc:2c:2d:ea:0e:a9:34:29:83:c0:35:a7:49:82:c0:35:75:
48:b4:c3:2a:1e:0b:52:b3:03:eb:30:ea:12:cc:fe:10:40:d5:
85:a7:40:db:39:95:d6:8a:9c:fe:7b:11:b6:93:16:2c:73:af:
37:8c:6c:a5:47:fb:2d:aa:12:d2:c5:8d:00:26:5e:33:3a:72:
d4:ef:1d:5e:ab:77:24:26:8e:08:5b:25:e6:64:89:e0:7c:37:
2a:94:30:6c:7a:c3:1b:ca:86:44:d3:60:30:7d:cb:97:3e:f2:
c4:74:14:c5:a8:57:f4:ec:56:33:bc:8e:f7:65:8b:79:84:1c:
62:ce:b3:08:01:29:c1:33:db:22:aa:f5:a4:33:35:41:a8:42:
a5:69:52:ac:25:13:bf:a2:1e:ad:a8:71:ff:3b:2b:d1:27:34:
6e:d9:55:62:3d:9e:29:b7:8a:97:38:ed:78:8e:32:53:d4:3e:
e2:11:c0:02:2d:95:49:2f:dd:c6:28:c8:20:21:f1:74:8b:19:
b7:80:83:a5:16:8a:6d:99:86:36:d6:b1:82:67:59:51:6c:96:
02:22:99:15:ea:a9:a2:6a:fe:da:cd:a9:12:b6:1e:15:a7:46:
e8:b6:06:91
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZHV+EO7HzayVLQotls4bIHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjQwOTA5MDg0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQ4OWNkMzYzODUyZGQ3ODE3YmRkNGZiNTc2MzA0ODQ1YzU0ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXBZWc6iMx5eREhG9+lbRtBbW5db
2Xoq88J8z7f7y2qQuAywZdRtbyrfLd+nqDnd0d+f5OK+5URjsMIQkcxENeU2EJSj
YSH3gfpwrtOP/OJmcbpIqTAn7yrRZoq06rrBwGzxFkyXxnpSURb+rEAgSyjYqdpz
dtA9cd7wlb/GZFJZbklgJS0+cPK4Q7BKD8q0sEiR0XXWpJQb+TEIwbtKS1VXtycb
XZn5XcFaN9Z0vyUHI6LDteTkv8EMdJjVIGyFx+C6jL0IbBTtnw2P2JE3zCOqqdMy
p90H63QJ9HuzVkX86MD/c3w0EexJJ/HgSlUD9lpT1BoM79J2YdY0Tx/9owIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCBInNNjhS3XgXvdT7V2MEhFxU3OMB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvSUVpYzAyT0ZMZGVCZTkxUHRYWXdTRVhGVGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQGT6yAAwQH
VYGAAwQHWNUAAwMBWQQDAwBdYgMEBdRHIAMEBdRrYAMEBdR2YDAMAwQG1HdAAwQB
1HdcAwQF1bWgAwQG1dLAMA0GCSqGSIb3DQEBCwUAA4IBAQBQx4DQjKjr2gm3uZkK
fWGl6l273Cwt6g6pNCmDwDWnSYLANXVItMMqHgtSswPrMOoSzP4QQNWFp0DbOZXW
ipz+exG2kxYsc683jGylR/stqhLSxY0AJl4zOnLU7x1eq3ckJo4IWyXmZIngfDcq
lDBsesMbyoZE02AwfcuXPvLEdBTFqFf07FYzvI73ZYt5hBxizrMIASnBM9siqvWk
MzVBqEKlaVKsJRO/oh6tqHH/OyvRJzRu2VViPZ4pt4qXOO14jjJT1D7iEcACLZVJ
L93GKMggIfF0ixm3gIOlFoptmYY21rGCZ1lRbJYCIpkV6qmiav7azakSth4Vp0bo
tgaR
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:42:41 2024 by rpki-client on console-fra.rpki-client.org