Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/1-VGt9HI4qmVcmYfXoYfbXB7Fz8.roa
File: 1-VGt9HI4qmVcmYfXoYfbXB7Fz8.roa (raw, json)
Hash identifier: /iy+FZ1lhX6hD5v/VkzRyiRTHT+Nfy6N1w6LFHc56wY=
Subject key identifier: D7:E5:46:B7:D1:C8:E2:A9:95:72:66:1F:5E:86:1F:6D:70:7B:17:3F
Certificate issuer: /CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Certificate serial: 018CC4939A259343228DF5B0E86A81CE22E5
Authority key identifier: B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/1-VGt9HI4qmVcmYfXoYfbXB7Fz8.roa
Signing time: Mon 01 Jan 2024 10:30:56 +0000
ROA not before: Mon 01 Jan 2024 10:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39442
IP address blocks: 188.247.32.0/19 maxlen: 19
217.149.176.0/22 maxlen: 22
217.149.176.0/20 maxlen: 20
217.149.181.0/24 maxlen: 24
217.149.184.0/21 maxlen: 21
213.234.0.0/20 maxlen: 20
213.234.0.0/24 maxlen: 24
213.234.1.0/24 maxlen: 24
213.234.5.0/24 maxlen: 24
213.234.6.0/24 maxlen: 24
213.234.8.0/24 maxlen: 24
213.234.10.0/24 maxlen: 24
213.234.11.0/24 maxlen: 24
213.234.16.0/22 maxlen: 22
213.234.16.0/24 maxlen: 24
213.234.18.0/23 maxlen: 23
213.234.20.0/24 maxlen: 24
213.234.21.0/24 maxlen: 24
213.234.22.0/24 maxlen: 24
188.247.44.0/24 maxlen: 24
188.247.44.0/22 maxlen: 22
188.247.40.0/24 maxlen: 24
185.183.48.0/22 maxlen: 22
188.247.55.0/24 maxlen: 24
188.247.56.0/21 maxlen: 21
185.125.72.0/22 maxlen: 22
92.39.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:9a:25:93:43:22:8d:f5:b0:e8:6a:81:ce:22:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Validity
Not Before: Jan 1 10:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7e546b7d1c8e2a99572661f5e861f6d707b173f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1c:51:8f:96:fc:8d:b7:f7:95:a3:7c:b6:d9:
75:03:50:e6:a2:14:31:50:8d:23:81:23:b2:da:04:
12:a0:5a:cb:e6:f5:8f:40:10:c7:11:82:67:c1:ae:
b9:11:7d:a4:fc:57:2b:71:df:6e:ab:67:8b:eb:05:
ea:25:67:e0:a3:7f:1b:62:c8:ba:7c:bd:15:4f:be:
84:39:68:e9:00:05:97:68:c6:da:eb:c4:f2:1d:03:
11:32:8d:69:36:03:fd:e3:98:f7:77:67:17:13:87:
23:44:53:4a:75:89:27:77:e7:1f:36:58:fe:ab:fe:
de:d5:e1:96:30:8e:d5:7f:b6:46:e2:79:39:79:df:
d1:34:e7:e3:ec:83:b0:d2:44:3f:97:48:e7:e3:88:
12:e6:56:67:75:54:d3:55:25:9e:d9:cf:ff:c1:cd:
ac:ef:56:76:b5:d4:f1:e6:a9:1c:31:38:2e:d3:e9:
7b:3c:ef:33:95:67:24:48:2c:50:f9:05:9c:19:62:
aa:0c:86:1d:7b:c2:64:da:19:8d:c3:7c:06:67:3a:
de:ac:16:fa:f8:12:01:3a:6e:79:8f:cf:33:35:16:
ef:1c:af:de:35:ef:84:50:a4:a1:8b:eb:a6:35:4c:
17:ff:9c:cb:1f:1d:79:62:b0:b8:9c:f3:4e:a6:8b:
4e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E5:46:B7:D1:C8:E2:A9:95:72:66:1F:5E:86:1F:6D:70:7B:17:3F
X509v3 Authority Key Identifier:
keyid:B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/1-VGt9HI4qmVcmYfXoYfbXB7Fz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.39.104.0/21
185.125.72.0/22
185.183.48.0/22
188.247.32.0/19
213.234.0.0-213.234.22.255
217.149.176.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:b6:16:7d:fa:79:ad:5f:e7:3a:b2:b3:6e:31:e4:6b:13:7f:
14:cd:57:ec:5e:ae:3e:cf:65:60:82:df:c1:f1:36:9e:96:40:
a9:04:21:16:2b:39:73:2a:02:f0:da:7f:36:e8:26:b4:86:3c:
c8:b6:10:22:b3:89:78:10:77:fb:f1:4c:8c:d8:7a:43:c7:65:
68:3b:6a:52:e2:a7:fd:0f:c5:9f:e9:11:21:6e:2a:01:a5:b8:
3c:73:ed:81:cd:63:ba:da:26:ae:ed:02:be:61:9e:88:80:22:
27:b1:c0:b9:bd:c8:9a:08:5c:82:42:41:51:6c:ac:5c:29:56:
7c:45:4b:b8:5b:23:a3:15:3d:13:f1:6f:ea:ac:3e:b9:81:30:
34:da:97:da:96:d6:3f:e7:39:69:d0:f1:f3:1b:7a:39:d5:bd:
da:e7:01:e8:dd:b4:b8:b3:28:37:89:0a:d5:a6:08:aa:78:d9:
28:94:ac:d2:8c:fd:8b:bc:04:a7:d7:50:2b:2f:f6:49:cb:f9:
d8:57:39:fe:4e:ef:a1:93:35:ef:14:3c:c4:29:6c:98:06:c3:
25:b4:82:68:ab:eb:0b:da:7d:f6:86:ea:42:8b:bb:18:ce:74:
5d:1f:f2:c7:e9:0e:a1:13:05:9d:8a:20:55:6c:87:6f:22:0f:
32:d8:88:0b
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzEk5olk0MijfWw6GqBziLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjgxMzk5OTNiZTY2NWYzYjVkMGY2OTA5ZWYwNThmYThm
OTc5MjIwHhcNMjQwMTAxMTAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U1NDZiN2QxYzhlMmE5OTU3MjY2MWY1ZTg2MWY2ZDcwN2IxNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxxRj5b8jbf3laN8ttl1A1DmohQx
UI0jgSOy2gQSoFrL5vWPQBDHEYJnwa65EX2k/Fcrcd9uq2eL6wXqJWfgo38bYsi6
fL0VT76EOWjpAAWXaMba68TyHQMRMo1pNgP945j3d2cXE4cjRFNKdYknd+cfNlj+
q/7e1eGWMI7Vf7ZG4nk5ed/RNOfj7IOw0kQ/l0jn44gS5lZndVTTVSWe2c//wc2s
71Z2tdTx5qkcMTgu0+l7PO8zlWckSCxQ+QWcGWKqDIYde8Jk2hmNw3wGZzrerBb6
+BIBOm55j88zNRbvHK/eNe+EUKShi+umNUwX/5zLHx15YrC4nPNOpotOJQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFNflRrfRyOKplXJmH16GH21wexc/MB8GA1UdIwQY
MBaAFLm4E5mTvmZfO10PaQnvBY+o+XkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEt
N2JjNzNlZWUxNDQ3LzEvMS1WR3Q5SEk0cW1WY21ZZlhvWWZiWEI3Rno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEtN2JjNzNlZWUxNDQ3
LzEvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArAwQDXCdoAwQC
uX1IAwQCubcwAwQFvPcgMAsDAwHV6gMEANXqFgMEBNmVsDANBgkqhkiG9w0BAQsF
AAOCAQEAmrYWffp5rV/nOrKzbjHkaxN/FM1X7F6uPs9lYILfwfE2npZAqQQhFis5
cyoC8Np/NugmtIY8yLYQIrOJeBB3+/FMjNh6Q8dlaDtqUuKn/Q/Fn+kRIW4qAaW4
PHPtgc1jutomru0CvmGeiIAiJ7HAub3ImghcgkJBUWysXClWfEVLuFsjoxU9E/Fv
6qw+uYEwNNqX2pbWP+c5adDx8xt6OdW92ucB6N20uLMoN4kK1aYIqnjZKJSs0oz9
i7wEp9dQKy/2Scv52Fc5/k7voZM17xQ8xClsmAbDJbSCaKvrC9p99obqQou7GM50
XR/yx+kOoRMFnYogVWyHbyIPMtiICw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:21:16 2024 by rpki-client on console-fra.rpki-client.org