Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/p4rMOu2Autf_iBhlyZRoW9DPEZY.roa
File: p4rMOu2Autf_iBhlyZRoW9DPEZY.roa (raw, json)
Hash identifier: soRZTTQotY8M+JS01dQdHTDBTScoDgITtD7fIzl9ltE=
Subject key identifier: A7:8A:CC:3A:ED:80:BA:D7:FF:88:18:65:C9:94:68:5B:D0:CF:11:96
Certificate issuer: /CN=8f368feb9e553bdd131562584a3353b1d7555c50
Certificate serial: 019112715C2FBA40CF1C2764B5D54DE14382
Authority key identifier: 8F:36:8F:EB:9E:55:3B:DD:13:15:62:58:4A:33:53:B1:D7:55:5C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzaP655VO90TFWJYSjNTsddVXFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/p4rMOu2Autf_iBhlyZRoW9DPEZY.roa
Signing time: Fri 02 Aug 2024 09:35:04 +0000
ROA not before: Fri 02 Aug 2024 09:35:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201565
IP address blocks: 89.35.206.0/24 maxlen: 24
89.35.207.0/24 maxlen: 24
185.11.232.0/22 maxlen: 22
185.59.96.0/22 maxlen: 22
185.62.248.0/24 maxlen: 24
185.62.249.0/24 maxlen: 24
185.62.250.0/24 maxlen: 24
185.62.251.0/24 maxlen: 24
185.91.148.0/24 maxlen: 24
185.91.149.0/24 maxlen: 24
185.91.150.0/24 maxlen: 24
185.91.151.0/24 maxlen: 24
2a03:7e40::/36 maxlen: 36
2a03:7e40:1000::/36 maxlen: 36
2a03:7e40:2000::/36 maxlen: 36
2a03:7e40:3000::/36 maxlen: 36
2a03:7e40:4000::/36 maxlen: 36
2a03:7e40:5000::/36 maxlen: 36
2a03:7e40:6000::/36 maxlen: 36
2a03:7e40:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/jzaP655VO90TFWJYSjNTsddVXFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/jzaP655VO90TFWJYSjNTsddVXFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/jzaP655VO90TFWJYSjNTsddVXFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 18:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:71:5c:2f:ba:40:cf:1c:27:64:b5:d5:4d:e1:43:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f368feb9e553bdd131562584a3353b1d7555c50
Validity
Not Before: Aug 2 09:35:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a78acc3aed80bad7ff881865c994685bd0cf1196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8a:e9:cd:08:33:8d:47:94:50:f2:c9:78:45:
44:62:de:a2:f7:df:dc:27:e6:cc:37:3b:b0:d3:d6:
76:48:fe:f0:5e:1a:ae:79:43:78:9d:47:19:0e:92:
26:6a:37:65:a9:6d:55:c6:c0:1c:13:1f:7a:92:e5:
92:25:06:4f:09:4e:13:9a:b9:9b:bb:77:b5:8d:22:
fd:2c:c0:d0:68:53:d4:0f:64:d4:6c:76:bf:b2:70:
6f:78:5f:b8:9f:65:64:11:74:5e:9f:91:8e:dd:f8:
1e:3f:38:0e:67:54:93:e5:f7:91:da:0f:94:ca:d7:
a9:63:2b:17:ac:c7:b8:73:7f:b4:51:76:b5:3b:83:
91:e1:b8:ad:1b:34:d8:f0:74:1d:3c:0a:2c:9c:41:
21:0a:bf:e3:ef:42:d8:f0:95:d9:6b:f0:ab:9f:e1:
76:e5:a5:b2:0d:0e:28:5e:6b:e2:cc:77:c0:43:94:
a3:60:38:d2:ce:49:cb:d6:1f:2c:e3:93:c3:00:34:
e3:96:71:67:43:89:fa:6d:9d:4f:bb:e2:42:36:61:
38:94:66:b0:22:ea:c0:98:27:59:01:59:a7:bf:e3:
cf:ec:a2:69:63:55:bd:27:9b:28:b2:6c:5a:82:35:
3b:87:8f:fd:8e:a9:52:38:b9:3b:32:25:e5:16:6f:
3e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8A:CC:3A:ED:80:BA:D7:FF:88:18:65:C9:94:68:5B:D0:CF:11:96
X509v3 Authority Key Identifier:
keyid:8F:36:8F:EB:9E:55:3B:DD:13:15:62:58:4A:33:53:B1:D7:55:5C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzaP655VO90TFWJYSjNTsddVXFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/p4rMOu2Autf_iBhlyZRoW9DPEZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/jzaP655VO90TFWJYSjNTsddVXFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.206.0/23
185.11.232.0/22
185.59.96.0/22
185.62.248.0/22
185.91.148.0/22
IPv6:
2a03:7e40::/33
Signature Algorithm: sha256WithRSAEncryption
3a:f5:97:35:8f:a1:22:c5:d3:03:4e:06:d3:ec:cb:4a:1b:62:
a5:55:2b:80:d6:82:fb:13:13:27:3b:97:a7:cf:0b:29:59:0f:
cd:9d:ac:59:2e:5b:e1:f1:be:98:93:47:b0:3b:94:51:28:9e:
bf:a9:cc:43:47:8f:c6:36:fb:80:7e:b0:45:40:e2:88:c7:31:
d8:ec:17:7a:b6:81:60:9d:a0:a8:e6:0e:cd:e2:75:83:ba:e6:
7e:4a:a2:e3:ef:96:52:46:dc:ee:a4:a2:8b:1e:f3:f1:f9:c1:
ec:ce:c4:c3:4f:ec:26:2b:b7:8d:3b:f7:9c:67:40:bf:36:68:
80:84:05:fd:92:ff:3c:e4:bc:d7:1d:d9:3c:35:b7:92:33:14:
73:2f:15:15:3e:51:91:dc:42:d7:44:9f:09:96:25:d7:a5:f7:
c1:a2:bd:24:98:68:9b:5b:7c:0f:d0:9b:34:81:f5:a4:22:15:
0a:05:ee:12:b3:aa:4c:9d:69:6d:bd:f2:15:a5:f1:3d:e3:23:
93:be:81:96:ce:cd:61:4f:38:28:04:99:40:5b:85:c6:24:cc:
d7:2f:67:8e:7f:cf:82:2b:3f:6f:83:8f:f4:a3:58:35:9e:3c:
9c:e6:c0:07:8d:ce:18:3e:94:35:2c:9b:b5:0d:71:92:fa:72:
b2:78:58:02
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZEScVwvukDPHCdktdVN4UOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzY4ZmViOWU1NTNiZGQxMzE1NjI1ODRhMzM1M2IxZDc1
NTVjNTAwHhcNMjQwODAyMDkzNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhhY2MzYWVkODBiYWQ3ZmY4ODE4NjVjOTk0Njg1YmQwY2YxMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0orpzQgzjUeUUPLJeEVEYt6i99/c
J+bMNzuw09Z2SP7wXhqueUN4nUcZDpImajdlqW1VxsAcEx96kuWSJQZPCU4Tmrmb
u3e1jSL9LMDQaFPUD2TUbHa/snBveF+4n2VkEXRen5GO3fgePzgOZ1ST5feR2g+U
ytepYysXrMe4c3+0UXa1O4OR4bitGzTY8HQdPAosnEEhCr/j70LY8JXZa/Crn+F2
5aWyDQ4oXmvizHfAQ5SjYDjSzknL1h8s45PDADTjlnFnQ4n6bZ1Pu+JCNmE4lGaw
IurAmCdZAVmnv+PP7KJpY1W9J5sosmxagjU7h4/9jqlSOLk7MiXlFm8+hQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKeKzDrtgLrX/4gYZcmUaFvQzxGWMB8GA1UdIwQY
MBaAFI82j+ueVTvdExViWEozU7HXVVxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanphUDY1NVZPOTBURldKWVNqTlRzZGRWWEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8wNTQ3Y2ItYzVkYy00ZTJmLWFmZjct
M2VjYTdkZjJhZTU3LzEvcDRyTU91MkF1dGZfaUJobHlaUm9XOURQRVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8wNTQ3Y2ItYzVkYy00ZTJmLWFmZjctM2VjYTdkZjJhZTU3
LzEvanphUDY1NVZPOTBURldKWVNqTlRzZGRWWEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQBWSPOAwQC
uQvoAwQCuTtgAwQCuT74AwQCuVuUMA4EAgACMAgDBgcqA35AADANBgkqhkiG9w0B
AQsFAAOCAQEAOvWXNY+hIsXTA04G0+zLShtipVUrgNaC+xMTJzuXp88LKVkPzZ2s
WS5b4fG+mJNHsDuUUSiev6nMQ0ePxjb7gH6wRUDiiMcx2OwXeraBYJ2gqOYOzeJ1
g7rmfkqi4++WUkbc7qSiix7z8fnB7M7Ew0/sJiu3jTv3nGdAvzZogIQF/ZL/POS8
1x3ZPDW3kjMUcy8VFT5RkdxC10SfCZYl16X3waK9JJhom1t8D9CbNIH1pCIVCgXu
ErOqTJ1pbb3yFaXxPeMjk76Bls7NYU84KASZQFuFxiTM1y9njn/Pgis/b4OP9KNY
NZ48nObAB43OGD6UNSybtQ1xkvpysnhYAg==
-----END CERTIFICATE-----
Generated at Thu Sep 19 22:51:47 2024 by rpki-client on console-fra.rpki-client.org