Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/8FpdEn-l_hiolzNzzKTj8ttk4Hg.roa
File: 8FpdEn-l_hiolzNzzKTj8ttk4Hg.roa (raw, json)
Hash identifier: 8myazzM92zabo3pNlq4+VGmIqnp1nra4hTR3bbkhXqo=
Subject key identifier: F0:5A:5D:12:7F:A5:FE:18:A8:97:33:73:CC:A4:E3:F2:DB:64:E0:78
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 01941F8C31977AF1FA7ABD3D6AC6F78207F9
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/8FpdEn-l_hiolzNzzKTj8ttk4Hg.roa
Signing time: Wed 01 Jan 2025 01:47:48 +0000
ROA not before: Wed 01 Jan 2025 01:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 86.105.104.0/22 maxlen: 24
89.36.236.0/22 maxlen: 24
89.37.128.0/24 maxlen: 24
89.37.188.0/22 maxlen: 24
89.40.43.0/24 maxlen: 24
89.184.208.0/20 maxlen: 32
91.232.136.0/22 maxlen: 24
93.114.169.0/24 maxlen: 24
93.115.155.0/24 maxlen: 24
94.177.65.0/24 maxlen: 24
94.190.248.0/22 maxlen: 24
176.223.190.0/24 maxlen: 24
185.64.100.0/22 maxlen: 24
185.172.20.0/22 maxlen: 24
188.211.252.0/22 maxlen: 24
188.212.104.0/22 maxlen: 24
188.240.83.0/24 maxlen: 24
193.46.204.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:31:97:7a:f1:fa:7a:bd:3d:6a:c6:f7:82:07:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Jan 1 01:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f05a5d127fa5fe18a8973373cca4e3f2db64e078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:df:52:74:b3:b1:f9:a9:3f:9e:a1:71:94:3a:
9f:08:df:fa:c4:97:9e:1e:4d:67:05:46:ec:28:aa:
6a:83:fc:bc:15:21:77:e9:c2:0f:34:26:d2:9a:de:
7b:88:0f:fa:6d:e6:57:ee:c7:90:6e:b1:5a:b3:41:
15:5c:f8:9d:5d:5d:c7:65:5b:fb:47:b1:0f:0b:51:
d6:e4:8c:66:d6:dd:c1:8e:bf:dd:4f:c4:44:5d:08:
29:f5:78:4f:0b:fa:46:c9:a9:37:16:5f:40:06:5e:
f2:b7:be:e4:d4:94:ca:6e:0d:b7:bf:2d:fd:ee:c5:
57:e0:64:04:e9:9e:d0:61:6f:0d:63:ee:41:fe:03:
ba:ef:09:d0:8a:40:d1:48:ec:70:75:dd:21:1c:3d:
c9:59:8e:96:8b:10:ec:18:d0:84:ee:59:93:04:16:
44:1f:f4:2c:44:c8:97:93:18:d2:0f:60:85:a3:06:
55:23:5f:35:9f:dc:3d:d8:90:ca:ae:77:d5:7e:11:
9c:45:6d:0d:e5:44:71:3e:b4:03:07:d5:e5:c0:35:
bf:c1:f3:37:93:43:7e:98:8d:d1:e1:4d:7a:f9:22:
57:51:dd:81:e6:eb:6a:c4:90:de:2a:29:3b:e7:aa:
bf:97:3e:93:4c:33:7f:3c:93:c5:12:60:84:ca:52:
8a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:5A:5D:12:7F:A5:FE:18:A8:97:33:73:CC:A4:E3:F2:DB:64:E0:78
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/8FpdEn-l_hiolzNzzKTj8ttk4Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.104.0/22
89.36.236.0/22
89.37.128.0/24
89.37.188.0/22
89.40.43.0/24
89.184.208.0/20
91.232.136.0/22
93.114.169.0/24
93.115.155.0/24
94.177.65.0/24
94.190.248.0/22
176.223.190.0/24
185.64.100.0/22
185.172.20.0/22
188.211.252.0/22
188.212.104.0/22
188.240.83.0/24
193.46.204.0/24
193.46.211.0/24
194.213.10.0/24
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
07:29:37:c9:40:57:c9:99:34:a3:4c:09:13:06:11:64:c5:f8:
61:ec:ba:01:56:84:fe:af:ff:b4:63:ae:9b:c9:bb:5b:c5:e3:
95:c4:c4:ac:45:c2:61:d2:c6:b0:2b:29:7a:46:9a:18:24:dc:
37:58:3d:fb:67:51:bf:f5:a1:66:80:a3:a5:10:54:2d:1a:b2:
7e:71:71:e4:b2:88:d9:d4:ea:4b:d2:f2:c4:ae:f5:3f:99:51:
13:ad:e2:f1:d8:2f:51:3d:93:5b:43:53:f8:30:34:a1:7c:9a:
02:ea:01:28:2c:23:69:92:d3:09:e5:05:4a:8b:87:29:5e:c3:
b6:7d:d8:c7:c2:95:36:7d:8b:d4:8b:05:e9:e3:31:f0:65:9c:
43:3d:71:77:60:98:e4:a2:c2:f2:74:85:7e:e3:95:90:6e:64:
23:7f:3a:4b:da:30:d0:55:5c:ec:9e:cc:c1:3e:d7:98:86:ac:
07:c6:4a:c8:08:54:14:f2:a6:43:26:d0:e8:3e:7b:f8:13:ff:
84:c8:94:6d:68:c1:4a:1c:23:8e:72:ea:d8:91:fd:da:65:85:
c8:9f:a9:ab:a8:3e:40:a0:ce:53:17:41:d3:d6:35:17:0a:1b:
5d:96:a0:8c:60:af:08:86:e4:50:79:b7:82:1c:f7:d9:a5:fa:
d0:ef:1e:3e
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQfjDGXevH6er09asb3ggf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjUwMTAxMDE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDVhNWQxMjdmYTVmZTE4YTg5NzMzNzNjY2E0ZTNmMmRiNjRlMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkt9SdLOx+ak/nqFxlDqfCN/6xJee
Hk1nBUbsKKpqg/y8FSF36cIPNCbSmt57iA/6beZX7seQbrFas0EVXPidXV3HZVv7
R7EPC1HW5Ixm1t3Bjr/dT8REXQgp9XhPC/pGyak3Fl9ABl7yt77k1JTKbg23vy39
7sVX4GQE6Z7QYW8NY+5B/gO67wnQikDRSOxwdd0hHD3JWY6WixDsGNCE7lmTBBZE
H/QsRMiXkxjSD2CFowZVI181n9w92JDKrnfVfhGcRW0N5URxPrQDB9XlwDW/wfM3
k0N+mI3R4U16+SJXUd2B5utqxJDeKik756q/lz6TTDN/PJPFEmCEylKKdwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFPBaXRJ/pf4YqJczc8yk4/LbZOB4MB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvOEZwZEVuLWxfaGlvbHpOenpLVGo4dHRrNEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAlZp
aAMEAlkk7AMEAFklgAMEAlklvAMEAFkoKwMEBFm40AMEAlvoiAMEAF1yqQMEAF1z
mwMEAF6xQQMEAl6++AMEALDfvgMEArlAZAMEArmsFAMEArzT/AMEArzUaAMEALzw
UwMEAMEuzAMEAMEu0wMEAMLVCgMEAcLyHDANBgkqhkiG9w0BAQsFAAOCAQEAByk3
yUBXyZk0o0wJEwYRZMX4Yey6AVaE/q//tGOum8m7W8XjlcTErEXCYdLGsCspekaa
GCTcN1g9+2dRv/WhZoCjpRBULRqyfnFx5LKI2dTqS9LyxK71P5lRE63i8dgvUT2T
W0NT+DA0oXyaAuoBKCwjaZLTCeUFSouHKV7Dtn3Yx8KVNn2L1IsF6eMx8GWcQz1x
d2CY5KLC8nSFfuOVkG5kI386S9ow0FVc7J7MwT7XmIasB8ZKyAhUFPKmQybQ6D57
+BP/hMiUbWjBShwjjnLq2JH92mWFyJ+pq6g+QKDOUxdB09Y1FwobXZagjGCvCIbk
UHm3ghz32aX60O8ePg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:38 2025 by rpki-client