Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/iFiyzREZBTLAX6t_7g2p6UVQFvo.roa
File: iFiyzREZBTLAX6t_7g2p6UVQFvo.roa (raw, json)
Hash identifier: cHpJ3Gg361JiRWUOSv+SmXQ0wcC9J5E53l7ws5BXGkA=
Subject key identifier: 88:58:B2:CD:11:19:05:32:C0:5F:AB:7F:EE:0D:A9:E9:45:50:16:FA
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 018CC56E1B1F5AF657E52C6985786B733B1B
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/iFiyzREZBTLAX6t_7g2p6UVQFvo.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3339
IP address blocks: 213.181.68.0/23 maxlen: 23
213.181.66.0/23 maxlen: 23
89.29.186.0/23 maxlen: 23
213.181.82.0/23 maxlen: 23
89.29.188.0/23 maxlen: 23
213.181.95.0/24 maxlen: 24
89.29.212.0/22 maxlen: 22
89.29.208.0/22 maxlen: 22
89.29.216.0/22 maxlen: 22
89.29.220.0/22 maxlen: 22
185.64.241.0/24 maxlen: 24
176.57.102.0/23 maxlen: 23
176.57.100.0/23 maxlen: 23
213.181.64.0/24 maxlen: 24
89.29.230.0/24 maxlen: 24
89.29.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1b:1f:5a:f6:57:e5:2c:69:85:78:6b:73:3b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8858b2cd11190532c05fab7fee0da9e9455016fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b6:bd:89:67:a8:c1:ac:bd:5e:e9:97:ae:56:
cb:04:ae:6e:8e:45:95:f6:8e:55:b4:4a:05:0c:87:
41:52:5c:2a:88:40:b1:8b:68:6a:ee:78:fd:ee:f9:
71:e4:06:58:91:b9:39:50:28:72:c0:33:64:3f:03:
0d:6e:4b:1d:ce:fb:61:1a:13:47:b0:0d:8d:85:55:
3a:b9:7b:3e:a4:52:7a:b3:e2:54:79:ca:ae:38:69:
24:74:bd:22:30:e1:6f:c0:1f:90:3d:8d:0e:b8:82:
7b:9c:bd:5e:45:aa:31:75:99:f5:40:19:ee:70:be:
cc:83:7f:81:63:43:15:90:90:06:c1:a2:1d:52:e6:
fa:c0:d9:e6:f5:2b:de:74:7c:bf:15:62:37:c3:89:
b5:aa:a8:61:fe:26:ad:ca:91:39:ae:41:5b:4a:1b:
47:9d:25:ec:38:f1:2e:dd:45:61:77:78:66:b9:53:
95:60:c9:7a:ba:0c:16:ec:7a:1e:2e:ae:78:92:6f:
2a:47:35:c1:b1:df:d5:aa:f1:8c:f8:df:e6:3c:e0:
17:64:3e:b5:1d:ff:69:8c:60:4a:42:39:80:c6:ac:
95:d0:d7:c6:27:43:92:5d:27:a7:8e:b3:ae:23:fd:
77:98:47:7a:0f:d4:e2:b6:ae:1b:c1:ea:88:e3:e2:
53:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:58:B2:CD:11:19:05:32:C0:5F:AB:7F:EE:0D:A9:E9:45:50:16:FA
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/iFiyzREZBTLAX6t_7g2p6UVQFvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.186.0-89.29.189.255
89.29.208.0/20
89.29.230.0/24
89.29.240.0/22
176.57.100.0/22
185.64.241.0/24
213.181.64.0/24
213.181.66.0-213.181.69.255
213.181.82.0/23
213.181.95.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:e9:8e:76:19:a2:76:79:96:77:87:de:e3:7d:b4:b4:bf:b3:
8b:e8:01:19:f6:21:c3:ad:80:5f:2f:df:04:50:3d:a8:17:76:
4a:f8:7e:58:f3:39:35:b1:ab:5c:91:96:6e:af:89:5e:14:f8:
66:95:50:ad:8a:66:34:1a:09:ea:ef:67:eb:85:7d:96:52:13:
68:9f:9c:71:65:99:1d:01:c4:25:30:2a:6d:6f:42:1f:f3:83:
c1:98:7e:09:36:bf:f1:c8:33:e3:df:56:17:96:c0:ab:5a:0b:
b0:81:20:be:87:13:5a:86:4b:a7:b4:56:32:72:7f:b0:93:ca:
6d:d6:92:ce:f9:47:04:bd:e6:88:d3:ab:0a:ee:9a:72:6c:b7:
7a:b9:f4:2b:67:ce:e9:5e:46:89:e4:2a:0f:14:43:08:f8:60:
33:fb:ee:95:9a:61:36:82:7c:26:1d:3d:06:80:1d:b9:55:14:
05:7c:03:30:48:3f:e7:85:00:96:ef:8a:51:ec:82:98:7a:38:
a1:b8:03:d1:3a:f5:71:3c:3b:fe:58:c3:bb:1b:7f:7a:53:50:
8b:fa:91:9e:c5:5f:d6:05:3f:55:77:87:c1:76:df:b8:62:20:
85:10:b2:29:56:d6:1c:5b:de:05:9b:38:6e:e5:b0:7e:12:d4:
ac:06:4c:ba
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzFbhsfWvZX5SxphXhrczsbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODU4YjJjZDExMTkwNTMyYzA1ZmFiN2ZlZTBkYTllOTQ1NTAxNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7a9iWeoway9XumXrlbLBK5ujkWV
9o5VtEoFDIdBUlwqiECxi2hq7nj97vlx5AZYkbk5UChywDNkPwMNbksdzvthGhNH
sA2NhVU6uXs+pFJ6s+JUecquOGkkdL0iMOFvwB+QPY0OuIJ7nL1eRaoxdZn1QBnu
cL7Mg3+BY0MVkJAGwaIdUub6wNnm9SvedHy/FWI3w4m1qqhh/iatypE5rkFbShtH
nSXsOPEu3UVhd3hmuVOVYMl6ugwW7HoeLq54km8qRzXBsd/VqvGM+N/mPOAXZD61
Hf9pjGBKQjmAxqyV0NfGJ0OSXSenjrOuI/13mEd6D9Titq4bweqI4+JTkwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIhYss0RGQUywF+rf+4NqelFUBb6MB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvaUZpeXpSRVpCVExBWDZ0XzdnMnA2VVZRRnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAFZHboD
BAFZHbwDBARZHdADBABZHeYDBAJZHfADBAKwOWQDBAC5QPEDBADVtUAwDAMEAdW1
QgMEAdW1RAMEAdW1UgMEANW1XzANBgkqhkiG9w0BAQsFAAOCAQEAzumOdhmidnmW
d4fe4320tL+zi+gBGfYhw62AXy/fBFA9qBd2Svh+WPM5NbGrXJGWbq+JXhT4ZpVQ
rYpmNBoJ6u9n64V9llITaJ+ccWWZHQHEJTAqbW9CH/ODwZh+CTa/8cgz499WF5bA
q1oLsIEgvocTWoZLp7RWMnJ/sJPKbdaSzvlHBL3miNOrCu6acmy3ern0K2fO6V5G
ieQqDxRDCPhgM/vulZphNoJ8Jh09BoAduVUUBXwDMEg/54UAlu+KUeyCmHo4obgD
0Tr1cTw7/ljDuxt/elNQi/qRnsVf1gU/VXeHwXbfuGIghRCyKVbWHFveBZs4buWw
fhLUrAZMug==
-----END CERTIFICATE-----
Generated at Sat May 25 19:03:08 2024 by rpki-client on console-fra.rpki-client.org