Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/8t8nIuxn35uV1nK8R3V95bM2eOI.roa
File: 8t8nIuxn35uV1nK8R3V95bM2eOI.roa (raw, json)
Hash identifier: hoVzzyan9MV/7T9M8o82oxghJe0DC160Gyhp8kKOGVY=
Subject key identifier: F2:DF:27:22:EC:67:DF:9B:95:D6:72:BC:47:75:7D:E5:B3:36:78:E2
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 018CC4247846BAB1EA471D0605A4E323CC0B
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/8t8nIuxn35uV1nK8R3V95bM2eOI.roa
Signing time: Mon 01 Jan 2024 08:29:33 +0000
ROA not before: Mon 01 Jan 2024 08:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206617
IP address blocks: 188.241.251.0/24 maxlen: 24
195.2.218.0/23 maxlen: 23
193.178.224.0/23 maxlen: 23
185.18.24.0/22 maxlen: 24
31.14.184.0/21 maxlen: 24
188.213.16.0/24 maxlen: 24
188.241.186.0/24 maxlen: 24
188.213.40.0/21 maxlen: 22
93.114.170.0/24 maxlen: 24
188.240.42.0/24 maxlen: 24
188.240.44.0/23 maxlen: 23
188.241.153.0/24 maxlen: 24
93.114.245.0/24 maxlen: 24
93.115.210.0/24 maxlen: 24
185.167.52.0/22 maxlen: 24
89.40.234.0/23 maxlen: 23
89.32.152.0/23 maxlen: 23
2a03:f140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 01:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:78:46:ba:b1:ea:47:1d:06:05:a4:e3:23:cc:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Jan 1 08:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2df2722ec67df9b95d672bc47757de5b33678e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:31:1c:7a:af:24:e3:9e:4b:67:b5:7f:28:cb:
63:95:87:41:40:72:c9:7c:a6:bb:58:55:6d:49:45:
9e:24:6d:34:fd:64:49:ff:05:95:04:54:97:cb:0c:
57:02:e4:bb:0b:b5:d7:41:71:17:1e:0b:a3:e5:17:
9f:38:d5:f8:96:f2:20:06:81:41:06:b9:fc:76:5c:
e5:d1:cf:fe:e5:60:9a:b3:d8:71:46:3a:7c:8c:b7:
e8:5f:b8:ee:96:13:58:93:85:79:57:e5:c3:55:42:
a8:fd:88:3c:e6:6f:76:5a:26:18:96:08:9d:33:db:
53:a8:96:a6:c3:bf:3a:bc:6d:85:94:0a:e6:27:2f:
ef:6a:7e:bc:7a:56:03:d0:e6:2a:5d:a1:88:fb:f9:
ad:6c:80:0a:a8:4a:0f:db:02:d6:1b:7b:a9:c5:12:
ea:42:58:f1:09:a8:73:c4:42:cf:37:f4:42:28:9c:
6e:5e:49:0c:d0:21:59:16:be:a2:dd:06:50:01:b6:
e5:7e:ff:48:f2:c4:df:c2:e2:7d:4b:96:eb:36:ec:
38:65:91:c5:bf:34:9a:5b:3c:35:87:02:cf:30:34:
5a:35:40:b7:9a:6a:a9:af:bd:e2:d7:cf:6e:58:63:
fc:b5:15:ff:4e:d4:a0:1b:64:f7:2e:95:82:0f:e4:
b5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DF:27:22:EC:67:DF:9B:95:D6:72:BC:47:75:7D:E5:B3:36:78:E2
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/8t8nIuxn35uV1nK8R3V95bM2eOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.184.0/21
89.32.152.0/23
89.40.234.0/23
93.114.170.0/24
93.114.245.0/24
93.115.210.0/24
185.18.24.0/22
185.167.52.0/22
188.213.16.0/24
188.213.40.0/21
188.240.42.0/24
188.240.44.0/23
188.241.153.0/24
188.241.186.0/24
188.241.251.0/24
193.178.224.0/23
195.2.218.0/23
IPv6:
2a03:f140::/32
Signature Algorithm: sha256WithRSAEncryption
41:c8:f9:fb:eb:a9:69:57:e3:4b:5f:6e:16:15:ad:1c:ed:70:
34:94:20:3f:8f:f6:20:1f:f3:2c:4d:f1:ef:07:38:ee:20:0e:
c0:3f:41:0e:98:2e:6b:1c:e0:b6:5c:8f:46:71:d3:f5:0f:4a:
85:5c:df:30:95:8c:d5:9b:50:af:60:b7:6b:87:07:ea:cf:1d:
03:68:2a:2d:e1:5e:4f:de:2f:8c:33:67:40:4d:2e:9c:0e:09:
e3:27:cb:cc:30:ce:39:90:74:d6:1f:57:90:f7:1d:98:21:4c:
99:a0:9f:32:eb:99:c8:7e:1d:56:d3:4e:6b:10:b8:8b:20:e0:
c8:60:39:bf:77:cd:61:54:73:c0:14:bf:7c:7e:67:ef:de:35:
4e:4e:40:13:55:ae:6d:9e:0b:9e:12:41:b8:e1:04:14:3e:4f:
68:a9:06:ae:83:f5:dd:68:81:79:32:b3:a4:5f:a1:ba:6b:ed:
4c:4d:7f:aa:81:c7:b8:30:e4:82:ed:98:4e:28:d8:77:a0:2a:
b1:55:02:b0:84:39:8f:25:cb:53:37:c9:56:d4:e7:78:c6:59:
7b:d0:bf:8f:c5:e7:4e:36:79:ee:19:f0:6b:18:f7:60:f4:53:
42:14:72:6e:3d:05:98:94:88:98:a1:59:62:1b:58:6a:60:71:
92:b2:c8:9f
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzEJHhGurHqRx0GBaTjI8wLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjQwMTAxMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRmMjcyMmVjNjdkZjliOTVkNjcyYmM0Nzc1N2RlNWIzMzY3OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TEceq8k455LZ7V/KMtjlYdBQHLJ
fKa7WFVtSUWeJG00/WRJ/wWVBFSXywxXAuS7C7XXQXEXHguj5RefONX4lvIgBoFB
Brn8dlzl0c/+5WCas9hxRjp8jLfoX7julhNYk4V5V+XDVUKo/Yg85m92WiYYlgid
M9tTqJamw786vG2FlArmJy/van68elYD0OYqXaGI+/mtbIAKqEoP2wLWG3upxRLq
QljxCahzxELPN/RCKJxuXkkM0CFZFr6i3QZQAbblfv9I8sTfwuJ9S5brNuw4ZZHF
vzSaWzw1hwLPMDRaNUC3mmqpr73i189uWGP8tRX/TtSgG2T3LpWCD+S1pwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFPLfJyLsZ9+bldZyvEd1feWzNnjiMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvOHQ4bkl1eG4zNXVWMW5LOFIzVjk1Yk0yZU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAx8OuAME
AVkgmAMEAVko6gMEAF1yqgMEAF1y9QMEAF1z0gMEArkSGAMEArmnNAMEALzVEAME
A7zVKAMEALzwKgMEAbzwLAMEALzxmQMEALzxugMEALzx+wMEAcGy4AMEAcMC2jAN
BAIAAjAHAwUAKgPxQDANBgkqhkiG9w0BAQsFAAOCAQEAQcj5++upaVfjS19uFhWt
HO1wNJQgP4/2IB/zLE3x7wc47iAOwD9BDpguaxzgtlyPRnHT9Q9KhVzfMJWM1ZtQ
r2C3a4cH6s8dA2gqLeFeT94vjDNnQE0unA4J4yfLzDDOOZB01h9XkPcdmCFMmaCf
MuuZyH4dVtNOaxC4iyDgyGA5v3fNYVRzwBS/fH5n7941Tk5AE1WubZ4LnhJBuOEE
FD5PaKkGroP13WiBeTKzpF+humvtTE1/qoHHuDDkgu2YTijYd6AqsVUCsIQ5jyXL
UzfJVtTneMZZe9C/j8XnTjZ57hnwaxj3YPRTQhRybj0FmJSImKFZYhtYamBxkrLI
nw==
-----END CERTIFICATE-----
Generated at Sun Jun 2 06:18:14 2024 by rpki-client on console-ams.rpki-client.org