Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/7MBZP4USFz5hPGotD8N5VTxiCh4.roa
File: 7MBZP4USFz5hPGotD8N5VTxiCh4.roa (raw, json)
Hash identifier: xrZIN20uzCUHnquaIR7JyCpdhy6O1fXdg0ZyfCtPx1A=
Subject key identifier: EC:C0:59:3F:85:12:17:3E:61:3C:6A:2D:0F:C3:79:55:3C:62:0A:1E
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 019422FB3DE1AC3BEC503E9ED0C1F7E34ADF
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/7MBZP4USFz5hPGotD8N5VTxiCh4.roa
Signing time: Wed 01 Jan 2025 17:47:58 +0000
ROA not before: Wed 01 Jan 2025 17:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57391
IP address blocks: 88.135.40.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.42.0/24 maxlen: 24
88.135.43.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
88.135.45.0/24 maxlen: 24
88.135.46.0/23 maxlen: 23
88.135.46.0/24 maxlen: 24
88.135.47.0/24 maxlen: 24
185.67.101.0/24 maxlen: 24
185.132.80.0/24 maxlen: 24
185.132.82.0/24 maxlen: 24
185.233.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 16:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:3d:e1:ac:3b:ec:50:3e:9e:d0:c1:f7:e3:4a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Jan 1 17:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecc0593f8512173e613c6a2d0fc379553c620a1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:25:2c:03:a2:52:b8:3d:d1:00:8e:be:95:f8:
a9:8b:5f:c7:30:3b:c4:04:2c:b1:c2:3e:bf:b4:78:
60:b1:fb:e2:06:4d:64:1b:84:bd:e8:6f:f2:1c:2b:
67:1e:18:e3:5f:24:b3:4b:98:95:26:c7:19:19:d6:
88:2f:8c:be:5e:52:20:1a:ef:66:7c:f8:48:9e:cf:
d6:5c:e1:33:66:13:14:ae:c2:89:8e:a9:24:9c:14:
ce:80:81:64:31:78:b2:b0:78:2e:12:25:a7:1f:02:
4c:04:2a:3b:f2:7f:57:1f:44:cf:87:4d:5d:fb:86:
4e:38:aa:cf:80:37:86:f9:3c:90:18:b2:bf:9d:db:
40:80:7f:c1:19:ed:a3:82:0d:72:91:23:32:a7:cb:
12:dc:80:c5:99:d5:53:6d:4d:ad:3b:86:4f:d3:ab:
d7:f4:98:5e:43:b5:3d:af:53:65:c8:9e:af:09:bd:
d5:22:62:c8:4c:74:22:c5:ab:d2:5d:17:3d:48:b5:
c6:b2:62:0d:f6:77:33:07:60:df:58:b1:2a:30:82:
33:47:9d:e0:bd:df:dd:80:17:e6:44:fd:07:c3:3a:
ce:26:d2:21:65:92:17:ee:6b:65:90:13:6a:55:80:
94:a7:50:b9:7f:1b:b3:df:0f:c1:eb:88:15:6c:24:
e5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C0:59:3F:85:12:17:3E:61:3C:6A:2D:0F:C3:79:55:3C:62:0A:1E
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/7MBZP4USFz5hPGotD8N5VTxiCh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0/21
185.67.101.0/24
185.132.80.0/24
185.132.82.0/24
185.233.14.0/24
Signature Algorithm: sha256WithRSAEncryption
05:86:23:1b:cd:6b:eb:f8:db:4c:6d:89:4e:7c:e3:14:74:f1:
5a:ff:e4:15:93:8b:5b:3f:cf:99:90:3c:0a:3a:dd:bc:c4:c2:
1d:a3:21:07:8a:62:ea:94:eb:77:d7:09:08:c1:9c:a0:14:a4:
c3:21:1b:6d:aa:05:c5:6b:c3:31:5c:89:22:60:e0:54:97:51:
e0:31:cc:18:2d:16:9c:f5:cc:0f:d5:ac:7b:8b:77:41:af:0b:
19:76:72:3b:68:2d:92:6d:2d:b1:9d:2d:a7:60:14:01:72:c2:
b0:a5:4d:3a:76:7d:6d:b7:80:eb:7a:2e:90:ee:52:fe:74:ab:
65:b3:95:62:90:52:80:be:49:5b:ad:41:59:95:88:fc:f0:86:
0d:e1:c1:4b:7e:bf:36:dd:b2:a1:2f:f6:1d:85:b1:09:72:10:
47:40:a8:6c:86:b0:ac:33:22:59:71:e7:23:a6:c4:d1:28:13:
f3:a3:e9:a5:48:03:3a:6f:13:10:11:95:d9:33:4e:f4:97:f8:
fa:31:98:7a:3a:82:4a:0b:b9:80:d8:f0:f5:6b:dc:27:89:2c:
c9:4f:72:ad:7d:e8:01:b3:e0:52:8b:79:67:a4:05:5a:05:10:
c3:f4:5f:f6:08:cd:bb:8c:33:f3:6c:a4:48:c7:d4:31:9b:b4:
11:b7:c5:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQi+z3hrDvsUD6e0MH340rfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjUwMTAxMTc0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2MwNTkzZjg1MTIxNzNlNjEzYzZhMmQwZmMzNzk1NTNjNjIwYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiUsA6JSuD3RAI6+lfipi1/HMDvE
BCyxwj6/tHhgsfviBk1kG4S96G/yHCtnHhjjXySzS5iVJscZGdaIL4y+XlIgGu9m
fPhIns/WXOEzZhMUrsKJjqkknBTOgIFkMXiysHguEiWnHwJMBCo78n9XH0TPh01d
+4ZOOKrPgDeG+TyQGLK/ndtAgH/BGe2jgg1ykSMyp8sS3IDFmdVTbU2tO4ZP06vX
9JheQ7U9r1NlyJ6vCb3VImLITHQixavSXRc9SLXGsmIN9nczB2DfWLEqMIIzR53g
vd/dgBfmRP0HwzrOJtIhZZIX7mtlkBNqVYCUp1C5fxuz3w/B64gVbCTlfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOzAWT+FEhc+YTxqLQ/DeVU8YgoeMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvN01CWlA0VVNGejVoUEdvdEQ4TjVWVHhpQ2g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDWIcoAwQA
uUNlAwQAuYRQAwQAuYRSAwQAuekOMA0GCSqGSIb3DQEBCwUAA4IBAQAFhiMbzWvr
+NtMbYlOfOMUdPFa/+QVk4tbP8+ZkDwKOt28xMIdoyEHimLqlOt31wkIwZygFKTD
IRttqgXFa8MxXIkiYOBUl1HgMcwYLRac9cwP1ax7i3dBrwsZdnI7aC2SbS2xnS2n
YBQBcsKwpU06dn1tt4Drei6Q7lL+dKtls5VikFKAvklbrUFZlYj88IYN4cFLfr82
3bKhL/YdhbEJchBHQKhshrCsMyJZcecjpsTRKBPzo+mlSAM6bxMQEZXZM070l/j6
MZh6OoJKC7mA2PD1a9wniSzJT3KtfegBs+BSi3lnpAVaBRDD9F/2CM27jDPzbKRI
x9Qxm7QRt8WZ
-----END CERTIFICATE-----
Generated at Thu Apr 10 01:28:24 2025 by rpki-client