Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/fjZ44mI1WegJ06urnuSbAiWErW8.roa
File: fjZ44mI1WegJ06urnuSbAiWErW8.roa (raw, json)
Hash identifier: +4qWDrpy56GqczNokVnwCwBArSwZEHpwE4B4Pcz4dSI=
Subject key identifier: 7E:36:78:E2:62:35:59:E8:09:D3:AB:AB:9E:E4:9B:02:25:84:AD:6F
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 018CC7949E981A86D03C4F7A039673C42AC0
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/fjZ44mI1WegJ06urnuSbAiWErW8.roa
Signing time: Tue 02 Jan 2024 00:30:55 +0000
ROA not before: Tue 02 Jan 2024 00:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24589
IP address blocks: 176.103.176.0/20 maxlen: 20
176.103.184.0/24 maxlen: 24
176.103.192.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
185.47.11.0/24 maxlen: 24
185.47.10.0/24 maxlen: 24
87.99.64.0/24 maxlen: 24
87.99.64.0/19 maxlen: 19
87.99.67.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.238.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.236.0/24 maxlen: 24
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/24 maxlen: 24
194.9.212.0/22 maxlen: 22
91.233.214.0/23 maxlen: 23
31.42.80.0/20 maxlen: 20
176.106.96.0/21 maxlen: 21
195.69.88.0/22 maxlen: 22
87.99.95.0/24 maxlen: 24
91.90.255.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
185.220.196.0/22 maxlen: 22
91.90.252.64/29 maxlen: 29
109.229.192.0/19 maxlen: 19
213.110.64.0/19 maxlen: 19
88.135.128.0/19 maxlen: 19
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
83.243.88.0/21 maxlen: 21
176.106.160.0/20 maxlen: 20
171.25.218.0/23 maxlen: 23
176.106.176.0/21 maxlen: 21
2a01:8ca0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 06:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:9e:98:1a:86:d0:3c:4f:7a:03:96:73:c4:2a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 00:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e3678e2623559e809d3abab9ee49b022584ad6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c6:16:cd:54:26:f1:98:bc:e2:53:82:d9:c2:
54:36:a2:cb:64:fb:c0:46:69:e1:44:b5:71:7b:96:
5a:20:a6:e8:9b:22:65:77:fc:1f:4c:9f:15:18:a8:
3f:f4:3e:9b:1c:b6:43:b4:68:a5:b4:d9:0f:be:bc:
44:29:de:98:26:70:b1:bc:c5:ad:98:ad:8c:43:b9:
f0:90:07:13:92:21:eb:14:03:53:18:c5:b1:b8:02:
21:11:a8:ee:85:41:fd:79:12:36:a0:e0:2a:ea:9a:
d7:1c:48:b9:5e:df:3f:34:52:b8:78:8c:e8:5b:fa:
d4:a8:16:aa:e6:a2:2b:85:90:50:19:55:b4:b6:76:
d1:dc:c3:10:64:3f:77:33:1f:bb:8f:10:8a:0b:a4:
a9:3d:2c:65:f1:91:83:6f:9a:cf:4c:53:b9:f9:82:
96:57:5f:9c:5c:f2:ab:58:de:5c:24:a3:30:95:90:
d6:66:01:93:7d:0f:b9:de:06:26:58:87:2e:ac:36:
e7:53:3f:a6:ed:1c:6f:13:82:b1:60:bf:70:eb:90:
8a:e7:ce:ee:87:a3:19:dc:54:43:b8:f7:0b:95:92:
d3:35:3b:0d:b3:e6:00:47:f1:01:bf:ae:10:94:16:
d0:07:65:2a:fe:fa:0c:24:0e:cb:10:e8:20:a2:88:
0f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:36:78:E2:62:35:59:E8:09:D3:AB:AB:9E:E4:9B:02:25:84:AD:6F
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/fjZ44mI1WegJ06urnuSbAiWErW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0-176.103.199.255
176.106.48.0/20
176.106.96.0/21
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:b8:9f:99:7d:1c:37:73:ac:fc:55:d1:59:49:8d:d9:74:6a:
1e:63:64:e5:80:55:6d:12:17:76:86:18:f6:ca:93:80:cb:31:
38:db:d8:aa:96:db:6d:06:82:eb:80:52:74:6b:83:f8:e9:4a:
44:76:81:26:97:cd:dd:d8:56:bc:8e:05:d4:da:c2:15:13:3f:
2b:45:01:eb:d4:af:47:05:3e:42:df:10:c5:b1:56:fe:7b:84:
85:27:b4:72:9d:24:b0:02:b4:7e:66:a3:22:50:b7:98:e2:9e:
c8:fa:a3:20:0e:db:42:f0:ce:54:30:70:31:0a:0e:20:04:de:
65:9a:58:33:39:cd:69:51:ab:7e:27:7c:7a:86:26:f6:d8:39:
b2:39:08:95:f4:ee:0b:2e:0e:30:f4:a9:8c:ea:e4:30:4c:28:
ea:fc:7c:bc:6c:bb:57:0a:76:6d:55:f4:59:fc:cb:dc:57:33:
0c:24:2d:c0:ba:64:0e:96:b7:e1:f1:82:9b:f4:3c:2b:98:77:
f8:1d:c4:bb:83:ed:fc:ee:cb:83:33:0c:db:9c:ed:83:5b:88:
d1:9d:7a:20:43:96:12:1e:01:26:9c:15:3b:c1:51:57:2e:6a:
d9:97:5d:4f:25:3c:0c:ef:f2:9e:a4:d7:b9:7f:95:2c:3b:60:
3f:75:cf:30
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYzHlJ6YGobQPE96A5ZzxCrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjQwMTAyMDAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTM2NzhlMjYyMzU1OWU4MDlkM2FiYWI5ZWU0OWIwMjI1ODRhZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcYWzVQm8Zi84lOC2cJUNqLLZPvA
RmnhRLVxe5ZaIKbomyJld/wfTJ8VGKg/9D6bHLZDtGiltNkPvrxEKd6YJnCxvMWt
mK2MQ7nwkAcTkiHrFANTGMWxuAIhEajuhUH9eRI2oOAq6prXHEi5Xt8/NFK4eIzo
W/rUqBaq5qIrhZBQGVW0tnbR3MMQZD93Mx+7jxCKC6SpPSxl8ZGDb5rPTFO5+YKW
V1+cXPKrWN5cJKMwlZDWZgGTfQ+53gYmWIcurDbnUz+m7RxvE4KxYL9w65CK587u
h6MZ3FRDuPcLlZLTNTsNs+YAR/EBv64QlBbQB2Uq/voMJA7LEOggoogPlwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFH42eOJiNVnoCdOrq57kmwIlhK1vMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvZmpaNDRtSTFXZWdKMDZ1cm51U2JBaVdFclc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAQf
KlADBANT81gDBANUJogDBAVXY0ADBAVYh4ADBAVbWuADBAFb6dYDBANtxdADBAVt
5cADBAGrGdowDAMEBLBnsAMEA7BnwAMEBLBqMAMEA7BqYDAMAwQFsGqgAwQDsGqw
AwQBuS8KAwQCudzEAwQCwW/0MAwDBALB7tQDBAXB7sADBALCCdQDBALDRVgDBAXV
bkAwDQQCAAIwBwMFACoBjKAwDQYJKoZIhvcNAQELBQADggEBAG64n5l9HDdzrPxV
0VlJjdl0ah5jZOWAVW0SF3aGGPbKk4DLMTjb2KqW220GguuAUnRrg/jpSkR2gSaX
zd3YVryOBdTawhUTPytFAevUr0cFPkLfEMWxVv57hIUntHKdJLACtH5moyJQt5ji
nsj6oyAO20LwzlQwcDEKDiAE3mWaWDM5zWlRq34nfHqGJvbYObI5CJX07gsuDjD0
qYzq5DBMKOr8fLxsu1cKdm1V9Fn8y9xXMwwkLcC6ZA6Wt+Hxgpv0PCuYd/gdxLuD
7fzuy4MzDNuc7YNbiNGdeiBDlhIeASacFTvBUVcuatmXXU8lPAzv8p6k17l/lSw7
YD91zzA=
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:26:57 2024 by rpki-client on console-fra.rpki-client.org