Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/qaDnhdP2nh8QJGqxynGj9SWyqbk.roa
File: qaDnhdP2nh8QJGqxynGj9SWyqbk.roa (raw, json)
Hash identifier: EIKHllwVtFTcFKm9BVqFSqqbydVQJdNfPTsY9S9fEUQ=
Subject key identifier: A9:A0:E7:85:D3:F6:9E:1F:10:24:6A:B1:CA:71:A3:F5:25:B2:A9:B9
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 018CC7277536A7AAD37131D60B16684E6EBE
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/qaDnhdP2nh8QJGqxynGj9SWyqbk.roa
Signing time: Mon 01 Jan 2024 22:31:40 +0000
ROA not before: Mon 01 Jan 2024 22:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207333
IP address blocks: 86.107.44.0/24 maxlen: 24
86.107.45.0/24 maxlen: 24
89.33.41.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
92.114.7.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.104.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
31.14.27.0/24 maxlen: 24
89.46.34.0/24 maxlen: 24
185.113.132.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
2a06:940::/48 maxlen: 48
2a06:942::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:75:36:a7:aa:d3:71:31:d6:0b:16:68:4e:6e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 22:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9a0e785d3f69e1f10246ab1ca71a3f525b2a9b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5c:49:44:5b:60:1b:b9:30:6d:3f:e5:69:97:
c3:96:81:89:7b:cd:e6:c9:71:11:8d:ee:41:dc:47:
83:f8:30:02:df:4b:8d:a9:39:3e:9c:49:fb:4e:b4:
34:a5:a8:74:0b:02:ec:3e:ac:2b:0e:5b:62:ca:ca:
64:f9:ca:c0:f0:8b:d9:13:8f:fb:b0:49:de:c8:b6:
6a:1a:42:94:cc:68:ed:f0:5d:ea:d3:83:5f:20:0b:
8d:2b:48:9a:14:59:69:b6:cd:25:7f:57:4b:b6:cd:
7b:69:c2:42:1a:10:21:cf:71:dd:70:4d:12:e2:c3:
79:f1:33:d3:ad:5b:ed:7d:49:2d:46:43:d5:19:24:
71:1a:bd:82:6c:1d:ae:17:b4:3c:44:be:df:55:83:
80:0b:d2:b7:8b:bc:cd:c9:19:81:d2:ad:69:b4:00:
37:d4:c7:68:d9:43:2a:e0:28:6b:66:3e:7f:3d:7d:
43:6c:44:ba:06:cf:39:c7:f6:29:44:49:e7:ca:40:
b3:e1:42:d2:03:87:ac:1b:a8:01:c6:2d:75:11:3e:
ad:32:2f:2a:b5:52:01:04:00:16:9a:70:4e:b1:4b:
af:6e:3d:29:d2:7a:39:be:91:bc:aa:71:cc:44:29:
30:a5:82:71:41:0e:0d:a8:df:30:86:d5:cf:ed:2a:
8a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A0:E7:85:D3:F6:9E:1F:10:24:6A:B1:CA:71:A3:F5:25:B2:A9:B9
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/qaDnhdP2nh8QJGqxynGj9SWyqbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.27.0/24
86.107.44.0/23
86.107.198.0/23
89.33.41.0/24
89.46.34.0/24
92.114.7.0/24
185.98.5.0-185.98.7.255
185.100.64.0/23
185.100.67.0/24
185.111.104.0/22
185.113.132.0/24
185.113.134.0/23
185.121.80.0/22
185.125.89.0/24
185.129.48.0/24
185.129.50.0/23
188.241.216.0/23
IPv6:
2a06:940::/48
2a06:942::/48
Signature Algorithm: sha256WithRSAEncryption
a6:bd:f8:bc:17:92:29:af:90:e1:60:ac:6a:bb:5c:f8:26:4d:
64:40:1c:61:40:2e:8b:07:a7:01:b5:ca:15:38:59:23:63:72:
20:84:48:f5:5b:81:b1:b9:47:9e:d1:e4:8c:53:cd:bb:75:aa:
ef:ee:14:ee:1f:d7:ec:b0:b8:99:25:4f:72:7d:7d:1c:4b:6f:
3a:20:77:e3:94:0c:f2:46:90:84:7f:3b:8a:69:ea:89:5b:ac:
da:3b:e3:2e:28:d4:1e:79:b6:11:cf:9f:04:4d:c0:f8:db:08:
a3:90:9c:b8:01:fc:1b:ed:41:b5:83:3b:81:85:dc:6a:6f:b9:
a4:b2:01:a2:82:e7:27:bf:c4:58:43:c3:12:2d:e9:38:9a:04:
59:ed:c4:b7:a1:78:ed:b7:ea:c5:f0:08:01:ff:2b:24:5c:c4:
19:af:c4:31:8c:2d:8a:68:73:1f:5f:c9:bf:ac:32:6a:67:ec:
41:7f:c7:b4:c9:80:c2:a1:27:12:04:10:c5:d7:27:d7:9f:79:
bc:1b:fd:37:63:77:16:90:81:71:5f:3b:18:8e:33:7d:04:ea:
57:2c:6c:46:09:c5:c0:91:8c:29:22:46:e4:a6:09:1c:da:ed:
e4:ea:81:1a:74:ee:5a:f8:f6:35:5e:53:d4:45:eb:e2:fb:8f:
a6:da:8d:c5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYzHJ3U2p6rTcTHWCxZoTm6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjQwMTAxMjIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWEwZTc4NWQzZjY5ZTFmMTAyNDZhYjFjYTcxYTNmNTI1YjJhOWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFxJRFtgG7kwbT/laZfDloGJe83m
yXERje5B3EeD+DAC30uNqTk+nEn7TrQ0pah0CwLsPqwrDltiyspk+crA8IvZE4/7
sEneyLZqGkKUzGjt8F3q04NfIAuNK0iaFFlpts0lf1dLts17acJCGhAhz3HdcE0S
4sN58TPTrVvtfUktRkPVGSRxGr2CbB2uF7Q8RL7fVYOAC9K3i7zNyRmB0q1ptAA3
1Mdo2UMq4ChrZj5/PX1DbES6Bs85x/YpREnnykCz4ULSA4esG6gBxi11ET6tMi8q
tVIBBAAWmnBOsUuvbj0p0no5vpG8qnHMRCkwpYJxQQ4NqN8whtXP7SqKwwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFKmg54XT9p4fECRqscpxo/Ulsqm5MB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvcWFEbmhkUDJuaDhRSkdxeHluR2o5U1d5cWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB0BAIAATBuAwQAHw4b
AwQBVmssAwQBVmvGAwQAWSEpAwQAWS4iAwQAXHIHMAwDBAC5YgUDBAO5YgADBAG5
ZEADBAC5ZEMDBAK5b2gDBAC5cYQDBAG5cYYDBAK5eVADBAC5fVkDBAC5gTADBAG5
gTIDBAG88dgwGAQCAAIwEgMHACoGCUAAAAMHACoGCUIAADANBgkqhkiG9w0BAQsF
AAOCAQEApr34vBeSKa+Q4WCsartc+CZNZEAcYUAuiwenAbXKFThZI2NyIIRI9VuB
sblHntHkjFPNu3Wq7+4U7h/X7LC4mSVPcn19HEtvOiB345QM8kaQhH87imnqiVus
2jvjLijUHnm2Ec+fBE3A+NsIo5CcuAH8G+1BtYM7gYXcam+5pLIBooLnJ7/EWEPD
Ei3pOJoEWe3Et6F47bfqxfAIAf8rJFzEGa/EMYwtimhzH1/Jv6wyamfsQX/HtMmA
wqEnEgQQxdcn1595vBv9N2N3FpCBcV87GI4zfQTqVyxsRgnFwJGMKSJG5KYJHNrt
5OqBGnTuWvj2NV5T1EXr4vuPptqNxQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:40:02 2024 by rpki-client on console-ams.rpki-client.org