Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/kf7Ui_vK3iDlmlPKEmT-QGUHa90.roa
File: kf7Ui_vK3iDlmlPKEmT-QGUHa90.roa (raw, json)
Hash identifier: IDVCYL89gy3R4KqIeD/dhYzSp8jVizCWdYHbxBEVv7s=
Subject key identifier: 91:FE:D4:8B:FB:CA:DE:20:E5:9A:53:CA:12:64:FE:40:65:07:6B:DD
Certificate issuer: /CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Certificate serial: 0191A26CC3FD7361580553C8C3767B4D06EC
Authority key identifier: 2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/kf7Ui_vK3iDlmlPKEmT-QGUHa90.roa
Signing time: Fri 30 Aug 2024 08:35:22 +0000
ROA not before: Fri 30 Aug 2024 08:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41364
IP address blocks: 185.140.168.0/22 maxlen: 22
193.42.134.0/24 maxlen: 24
194.116.72.0/23 maxlen: 23
194.116.74.0/23 maxlen: 23
194.116.76.0/22 maxlen: 24
194.116.80.0/23 maxlen: 23
194.116.82.0/24 maxlen: 24
194.116.83.0/24 maxlen: 24
194.116.84.0/24 maxlen: 24
194.116.85.0/24 maxlen: 24
194.116.86.0/23 maxlen: 23
194.116.88.0/22 maxlen: 22
194.116.92.0/24 maxlen: 24
194.116.93.0/24 maxlen: 24
194.116.94.0/23 maxlen: 23
194.116.100.0/22 maxlen: 24
194.116.100.0/24 maxlen: 24
194.116.101.0/24 maxlen: 24
194.116.102.0/23 maxlen: 23
194.116.106.0/23 maxlen: 23
194.116.108.0/22 maxlen: 22
194.116.112.0/21 maxlen: 21
194.116.120.0/22 maxlen: 22
194.116.124.0/23 maxlen: 23
194.116.126.0/24 maxlen: 24
194.116.127.0/24 maxlen: 24
2a07:1ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:6c:c3:fd:73:61:58:05:53:c8:c3:76:7b:4d:06:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Validity
Not Before: Aug 30 08:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91fed48bfbcade20e59a53ca1264fe4065076bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2d:aa:9d:87:cd:d7:6c:b4:0a:c6:78:da:c3:
00:9b:58:84:be:21:3d:33:06:db:5a:c2:4e:25:ef:
27:5d:81:89:5e:9c:94:df:fd:bc:92:42:9e:af:37:
f5:ec:4d:ac:b3:da:3d:89:05:f7:cc:00:7c:95:24:
f6:7e:b8:3b:60:8a:7d:fe:11:20:60:6b:ca:89:7c:
5e:9f:fe:4b:42:16:0a:6b:5b:5b:e4:ef:d6:e2:b6:
ba:01:b0:7f:87:4f:ba:b4:1a:d4:79:ee:d1:09:f1:
bc:de:81:d1:20:3b:86:76:cc:e8:42:74:db:a8:8b:
ab:f2:47:36:4f:5b:bc:d9:96:09:3a:94:68:c9:e1:
16:2a:ff:5a:d7:b8:ba:28:77:7b:b9:27:f4:9f:1a:
71:cb:99:e2:df:d3:44:48:5a:2c:56:00:75:6a:11:
f4:0c:18:ab:1b:30:c3:79:bd:91:8b:5e:38:3f:e9:
b0:68:c5:f9:77:6b:f0:28:f5:b9:f5:f0:4c:ff:26:
8c:a6:dc:7f:e6:a6:ab:3a:4b:a8:0b:67:86:a7:14:
b0:7b:a3:a6:23:a1:39:ec:7d:1c:a0:7e:18:f6:6e:
59:9d:f3:67:6c:1d:74:82:a3:ce:3a:8e:b8:fd:c8:
a8:2b:09:1b:e1:c4:12:4e:eb:b6:03:32:b4:aa:a5:
23:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FE:D4:8B:FB:CA:DE:20:E5:9A:53:CA:12:64:FE:40:65:07:6B:DD
X509v3 Authority Key Identifier:
keyid:2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/kf7Ui_vK3iDlmlPKEmT-QGUHa90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.168.0/22
193.42.134.0/24
194.116.72.0-194.116.95.255
194.116.100.0/22
194.116.106.0-194.116.127.255
IPv6:
2a07:1ec0::/29
Signature Algorithm: sha256WithRSAEncryption
1f:98:91:56:72:76:30:4d:07:6a:76:0e:9f:a4:44:bf:f7:a2:
7a:ce:9d:7d:bb:54:0d:e6:5e:96:fd:39:9a:6a:24:00:90:48:
68:18:a1:7a:59:2a:6e:b6:e1:9c:f3:3e:3b:96:a7:9d:73:eb:
03:45:a8:3b:32:38:f5:1f:e1:7b:0c:df:79:a6:18:0a:61:53:
c2:b5:10:25:9a:bf:2c:0e:f2:27:1a:85:6f:e6:ec:cb:6b:d8:
b6:e6:3a:51:ec:ce:9b:b9:09:85:44:34:5a:d4:f0:58:a3:01:
59:b7:11:51:0b:c8:09:16:42:7d:ff:77:46:b8:d9:11:93:b1:
5f:ee:6f:21:fd:7a:97:8b:44:36:e6:4a:a0:ad:51:0b:64:de:
69:69:a5:d2:2e:4c:34:cf:15:f0:ea:e5:ac:67:30:14:b2:2c:
85:a0:61:76:25:68:08:63:f0:5b:f6:21:d1:39:17:7a:4d:fc:
4d:1c:04:53:a7:16:35:85:b3:14:8d:ea:f1:8e:05:89:d0:3e:
9f:a3:0c:32:39:fd:3f:2c:8b:44:ec:40:88:82:6e:9f:a2:76:
f5:63:51:9f:80:cf:4e:5a:01:aa:3f:9f:24:0c:a9:17:6d:cb:
5e:bf:0c:c9:66:2e:ca:c9:77:be:23:13:37:c8:77:6a:d2:ff:
3c:8c:29:02
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZGibMP9c2FYBVPIw3Z7TQbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODg3MzAyZDFlNzQwZjVmOTg0ODFmYjRiN2E0NjE2OTZi
ZmU1YzEwHhcNMjQwODMwMDgzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZlZDQ4YmZiY2FkZTIwZTU5YTUzY2ExMjY0ZmU0MDY1MDc2YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy2qnYfN12y0CsZ42sMAm1iEviE9
MwbbWsJOJe8nXYGJXpyU3/28kkKerzf17E2ss9o9iQX3zAB8lST2frg7YIp9/hEg
YGvKiXxen/5LQhYKa1tb5O/W4ra6AbB/h0+6tBrUee7RCfG83oHRIDuGdszoQnTb
qIur8kc2T1u82ZYJOpRoyeEWKv9a17i6KHd7uSf0nxpxy5ni39NESFosVgB1ahH0
DBirGzDDeb2Ri144P+mwaMX5d2vwKPW59fBM/yaMptx/5qarOkuoC2eGpxSwe6Om
I6E57H0coH4Y9m5ZnfNnbB10gqPOOo64/cioKwkb4cQSTuu2AzK0qqUj1wIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFJH+1Iv7yt4g5ZpTyhJk/kBlB2vdMB8GA1UdIwQY
MBaAFCyIcwLR50D1+YSB+0t6RhaWv+XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQt
YzAyOGQ5MWViYzljLzEva2Y3VWlfdkszaURsbWxQS0VtVC1RR1VIYTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQtYzAyOGQ5MWViYzlj
LzEvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTA0BAIAATAuAwQCuYyoAwQA
wSqGMAwDBAPCdEgDBAXCdEADBALCdGQwDAMEAcJ0agMEB8J0ADANBAIAAjAHAwUD
KgcewDANBgkqhkiG9w0BAQsFAAOCAQEAH5iRVnJ2ME0HanYOn6REv/eies6dfbtU
DeZelv05mmokAJBIaBihelkqbrbhnPM+O5annXPrA0WoOzI49R/hewzfeaYYCmFT
wrUQJZq/LA7yJxqFb+bsy2vYtuY6UezOm7kJhUQ0WtTwWKMBWbcRUQvICRZCff93
RrjZEZOxX+5vIf16l4tENuZKoK1RC2TeaWml0i5MNM8V8OrlrGcwFLIshaBhdiVo
CGPwW/Yh0TkXek38TRwEU6cWNYWzFI3q8Y4FidA+n6MMMjn9PyyLROxAiIJun6J2
9WNRn4DPTloBqj+fJAypF23LXr8MyWYuysl3viMTN8h3atL/PIwpAg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:51:46 2024 by rpki-client on console-fra.rpki-client.org