Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/OgYi4rvagr7xyJlLEyiqNVqz9hg.roa
File: OgYi4rvagr7xyJlLEyiqNVqz9hg.roa (raw, json)
Hash identifier: Dplv3Z4oFbztqYlV4fy5GwkDi2ZdlSWLlCmo3+ZsHss=
Subject key identifier: 3A:06:22:E2:BB:DA:82:BE:F1:C8:99:4B:13:28:AA:35:5A:B3:F6:18
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 018DC2A04D20E5C6C5ADCD2A796D2F551874
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/OgYi4rvagr7xyJlLEyiqNVqz9hg.roa
Signing time: Mon 19 Feb 2024 18:28:21 +0000
ROA not before: Mon 19 Feb 2024 18:28:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34636
IP address blocks: 88.135.40.0/22 maxlen: 22
88.135.40.0/23 maxlen: 23
88.135.40.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.42.0/23 maxlen: 23
88.135.42.0/24 maxlen: 24
88.135.43.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
88.135.46.0/24 maxlen: 24
88.135.47.0/24 maxlen: 24
185.67.100.0/22 maxlen: 22
185.67.100.0/24 maxlen: 24
185.67.101.0/24 maxlen: 24
185.67.102.0/24 maxlen: 24
185.67.103.0/24 maxlen: 24
185.132.80.0/22 maxlen: 22
185.132.80.0/23 maxlen: 23
185.132.80.0/24 maxlen: 24
185.132.81.0/24 maxlen: 24
185.132.82.0/23 maxlen: 23
185.132.83.0/24 maxlen: 24
185.189.120.0/22 maxlen: 22
185.189.120.0/23 maxlen: 23
185.189.120.0/24 maxlen: 24
185.189.121.0/24 maxlen: 24
185.189.122.0/23 maxlen: 23
185.189.122.0/24 maxlen: 24
185.189.123.0/24 maxlen: 24
185.233.12.0/22 maxlen: 22
185.233.12.0/24 maxlen: 24
185.233.13.0/24 maxlen: 24
185.233.14.0/24 maxlen: 24
185.233.15.0/24 maxlen: 24
185.237.8.0/22 maxlen: 22
185.237.8.0/24 maxlen: 24
185.237.9.0/24 maxlen: 24
185.237.10.0/24 maxlen: 24
185.237.11.0/24 maxlen: 24
2a04:f080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Jun 2024 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c2:a0:4d:20:e5:c6:c5:ad:cd:2a:79:6d:2f:55:18:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Feb 19 18:28:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a0622e2bbda82bef1c8994b1328aa355ab3f618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2e:c9:6a:e2:6a:c3:29:36:da:39:21:ed:27:
cb:17:99:00:e9:b3:4b:ee:dd:78:42:23:9b:34:69:
7c:48:7d:95:34:22:d1:dd:c1:35:52:ca:1b:c4:6f:
f2:f6:c4:4a:88:0d:3d:44:16:a9:69:2d:82:32:c4:
f3:49:e6:dd:cc:ee:a3:57:46:42:70:53:61:16:ee:
81:61:37:4a:2e:c6:d3:ec:0f:de:dc:78:65:bd:67:
c5:c0:15:17:78:e7:d5:c0:0e:b2:bf:81:bb:31:94:
16:58:08:06:9b:41:fe:e2:bc:4c:9b:a2:6e:ce:93:
30:38:25:bb:1d:2e:b5:c0:4f:d3:aa:ed:d3:89:bf:
fb:0f:6c:84:ca:95:a3:8b:a8:cc:e4:dc:72:c2:97:
5c:a4:92:a7:e8:63:ed:97:0d:d4:ae:77:56:4e:8f:
08:bc:0b:8a:49:a8:e1:21:d0:da:08:f2:bc:05:9a:
97:5e:44:ee:97:7a:98:41:3f:10:e0:35:71:9e:f0:
df:4d:5d:e6:d0:17:12:e9:8f:73:17:25:38:3e:90:
70:f9:47:4f:26:51:67:a3:24:02:84:f2:97:a9:19:
27:3a:8a:7d:de:b0:f0:f8:bc:53:d3:1f:8b:e5:13:
95:f5:07:11:90:25:e6:a2:c6:ee:4e:80:2c:4b:d1:
c1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:06:22:E2:BB:DA:82:BE:F1:C8:99:4B:13:28:AA:35:5A:B3:F6:18
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/OgYi4rvagr7xyJlLEyiqNVqz9hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0-88.135.44.255
88.135.46.0/23
185.67.100.0/22
185.132.80.0/22
185.189.120.0/22
185.233.12.0/22
185.237.8.0/22
IPv6:
2a04:f080::/29
Signature Algorithm: sha256WithRSAEncryption
8c:5e:94:b5:4a:ab:6a:e2:2c:d0:b5:59:92:46:f5:48:69:fc:
93:f5:a8:27:b2:c4:16:25:b8:2a:90:a3:ab:08:fa:56:2a:15:
8f:fa:12:00:d8:98:ad:a2:b6:36:5d:e1:9e:22:34:01:83:5f:
21:fe:9e:6b:ad:0a:a9:20:ab:31:e4:12:37:10:2e:53:43:3d:
b1:25:e3:10:ec:9b:c7:88:c9:39:3a:9b:99:16:aa:b2:71:95:
4f:85:e8:57:37:25:50:fa:a9:db:ec:21:c3:33:53:1f:87:2b:
21:6a:63:7d:09:eb:9d:e6:60:cc:00:61:94:2d:23:c7:cb:81:
a0:d5:3d:10:a2:9c:68:d0:f8:97:16:ae:41:3f:a6:83:27:06:
4d:9b:02:59:d6:f1:97:be:7f:ed:97:d0:97:b3:4d:1e:5f:21:
b5:8d:8c:e1:44:77:98:89:72:1f:ad:a9:ce:ca:4d:6c:f6:db:
d4:fb:be:ce:7c:a4:cd:15:dc:01:88:20:56:11:85:24:1a:b8:
f2:08:53:2d:bf:7c:e6:b9:b5:db:65:e8:c0:b5:fb:2c:db:c4:
08:ec:23:b8:d0:58:33:e5:a6:3c:71:6d:80:2b:6f:5f:30:ce:
7c:40:40:7e:94:0b:3a:3f:15:42:85:c7:6e:c3:6a:64:c4:5f:
19:fb:85:9d
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY3CoE0g5cbFrc0qeW0vVRh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjQwMjE5MTgyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTA2MjJlMmJiZGE4MmJlZjFjODk5NGIxMzI4YWEzNTVhYjNmNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAii7JauJqwyk22jkh7SfLF5kA6bNL
7t14QiObNGl8SH2VNCLR3cE1UsobxG/y9sRKiA09RBapaS2CMsTzSebdzO6jV0ZC
cFNhFu6BYTdKLsbT7A/e3HhlvWfFwBUXeOfVwA6yv4G7MZQWWAgGm0H+4rxMm6Ju
zpMwOCW7HS61wE/Tqu3Tib/7D2yEypWji6jM5NxywpdcpJKn6GPtlw3UrndWTo8I
vAuKSajhIdDaCPK8BZqXXkTul3qYQT8Q4DVxnvDfTV3m0BcS6Y9zFyU4PpBw+UdP
JlFnoyQChPKXqRknOop93rDw+LxT0x+L5ROV9QcRkCXmosbuToAsS9HBDQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFDoGIuK72oK+8ciZSxMoqjVas/YYMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvT2dZaTRydmFncjd4eUpsTEV5aXFOVnF6OWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyMAwDBANYhygD
BABYhywDBAFYhy4DBAK5Q2QDBAK5hFADBAK5vXgDBAK56QwDBAK57QgwDQQCAAIw
BwMFAyoE8IAwDQYJKoZIhvcNAQELBQADggEBAIxelLVKq2riLNC1WZJG9Uhp/JP1
qCeyxBYluCqQo6sI+lYqFY/6EgDYmK2itjZd4Z4iNAGDXyH+nmutCqkgqzHkEjcQ
LlNDPbEl4xDsm8eIyTk6m5kWqrJxlU+F6Fc3JVD6qdvsIcMzUx+HKyFqY30J653m
YMwAYZQtI8fLgaDVPRCinGjQ+JcWrkE/poMnBk2bAlnW8Ze+f+2X0JezTR5fIbWN
jOFEd5iJch+tqc7KTWz229T7vs58pM0V3AGIIFYRhSQauPIIUy2/fOa5tdtl6MC1
+yzbxAjsI7jQWDPlpjxxbYArb18wznxAQH6UCzo/FUKFx27DamTEXxn7hZ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 09:25:54 2024 by rpki-client on console-fra.rpki-client.org