Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/ki8uh741YEF7GQWy4NzLviOiXrY.roa
File: ki8uh741YEF7GQWy4NzLviOiXrY.roa (raw, json)
Hash identifier: Et6+/MYfuVV4hDCRIT2ZwtgJO1R3R+KGAq3cLJGAPHw=
Subject key identifier: 92:2F:2E:87:BE:35:60:41:7B:19:05:B2:E0:DC:CB:BE:23:A2:5E:B6
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018E25D882DC1A3953E8E55928CCE53D3619
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/ki8uh741YEF7GQWy4NzLviOiXrY.roa
Signing time: Sun 10 Mar 2024 00:52:10 +0000
ROA not before: Sun 10 Mar 2024 00:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 84.46.165.0/24 maxlen: 24
84.46.174.0/24 maxlen: 24
86.38.2.0/24 maxlen: 24
86.38.44.0/24 maxlen: 24
86.38.91.0/24 maxlen: 24
86.38.157.0/24 maxlen: 24
86.38.206.0/24 maxlen: 24
86.38.207.0/24 maxlen: 24
86.38.224.0/24 maxlen: 24
86.38.231.0/24 maxlen: 24
89.116.0.0/24 maxlen: 24
89.116.18.0/24 maxlen: 24
89.116.40.0/24 maxlen: 24
89.116.55.0/24 maxlen: 24
89.116.57.0/24 maxlen: 24
89.116.79.0/24 maxlen: 24
89.116.94.0/24 maxlen: 24
89.116.95.0/24 maxlen: 24
89.116.98.0/24 maxlen: 24
89.116.142.0/24 maxlen: 24
89.116.145.0/24 maxlen: 24
89.116.194.0/24 maxlen: 24
89.116.195.0/24 maxlen: 24
89.116.196.0/24 maxlen: 24
89.116.197.0/24 maxlen: 24
89.116.199.0/24 maxlen: 24
89.116.201.0/24 maxlen: 24
89.116.204.0/24 maxlen: 24
89.116.205.0/24 maxlen: 24
89.116.206.0/24 maxlen: 24
89.116.207.0/24 maxlen: 24
89.116.216.0/24 maxlen: 24
89.116.217.0/24 maxlen: 24
89.116.219.0/24 maxlen: 24
89.116.222.0/24 maxlen: 24
89.116.251.0/24 maxlen: 24
89.116.254.0/24 maxlen: 24
89.117.4.0/24 maxlen: 24
89.117.34.0/24 maxlen: 24
89.117.131.0/24 maxlen: 24
89.117.189.0/24 maxlen: 24
89.117.191.0/24 maxlen: 24
89.117.230.0/24 maxlen: 24
89.117.231.0/24 maxlen: 24
89.117.244.0/24 maxlen: 24
217.9.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:25:d8:82:dc:1a:39:53:e8:e5:59:28:cc:e5:3d:36:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Mar 10 00:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=922f2e87be3560417b1905b2e0dccbbe23a25eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c8:06:b4:a3:53:b4:9e:93:00:11:ac:82:f3:
aa:45:b5:0d:44:b7:70:bb:b5:b4:91:70:6b:f1:82:
92:73:83:4f:00:eb:99:26:06:b2:05:e5:1b:b7:0a:
37:d0:cd:03:db:a8:4c:98:75:6b:e7:de:89:59:38:
9e:6f:c7:02:71:c9:b8:e3:67:85:65:55:b5:20:2a:
cb:8b:e7:a0:ac:0c:14:76:7d:bf:e3:1d:c1:bf:28:
91:29:4b:b0:61:ac:83:da:ba:db:dd:de:3f:33:db:
1c:c3:49:46:f9:f2:19:4f:36:a1:1a:76:1c:44:af:
33:ac:07:f2:d8:26:c3:eb:d1:61:ef:68:54:ae:b9:
75:c7:17:b9:26:7f:a0:12:1d:ad:13:1b:82:4e:f0:
d0:76:e8:12:2d:44:c9:18:25:e1:15:f0:26:fa:77:
66:d2:bb:5e:4c:fc:f2:77:7b:ac:4c:ff:06:ba:f4:
86:1b:5c:78:4f:12:ee:4b:58:bf:80:95:35:30:64:
46:25:97:01:f3:08:b7:d5:54:42:e5:3e:b0:66:70:
e0:ed:a0:6e:a4:e6:8d:e5:25:66:1d:e8:1a:93:5d:
71:5e:98:1b:68:95:2b:f0:2a:88:f1:42:07:e7:14:
53:46:da:68:9f:21:f1:8e:35:c1:b6:53:32:31:9d:
05:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:2F:2E:87:BE:35:60:41:7B:19:05:B2:E0:DC:CB:BE:23:A2:5E:B6
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/ki8uh741YEF7GQWy4NzLviOiXrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.165.0/24
84.46.174.0/24
86.38.2.0/24
86.38.44.0/24
86.38.91.0/24
86.38.157.0/24
86.38.206.0/23
86.38.224.0/24
86.38.231.0/24
89.116.0.0/24
89.116.18.0/24
89.116.40.0/24
89.116.55.0/24
89.116.57.0/24
89.116.79.0/24
89.116.94.0/23
89.116.98.0/24
89.116.142.0/24
89.116.145.0/24
89.116.194.0-89.116.197.255
89.116.199.0/24
89.116.201.0/24
89.116.204.0/22
89.116.216.0/23
89.116.219.0/24
89.116.222.0/24
89.116.251.0/24
89.116.254.0/24
89.117.4.0/24
89.117.34.0/24
89.117.131.0/24
89.117.189.0/24
89.117.191.0/24
89.117.230.0/23
89.117.244.0/24
217.9.253.0/24
Signature Algorithm: sha256WithRSAEncryption
28:17:35:e2:f1:c5:57:19:9a:ee:cb:a5:8d:37:01:6c:85:6a:
ee:c7:86:3e:24:20:55:ce:ce:dd:05:3d:a6:f6:e2:c7:f8:be:
c8:60:65:24:82:5e:c5:81:76:d0:d3:bd:38:02:24:ca:ca:5f:
b1:e6:25:ba:d5:80:a3:d1:d7:c7:f5:73:42:f1:21:01:89:f5:
9c:d5:fa:68:9b:7c:00:b8:5d:f0:f0:2c:da:82:79:cd:11:0e:
11:af:49:ff:e8:6c:b2:30:41:67:25:3a:73:4c:bb:93:b2:3b:
84:a1:8d:e0:6e:4e:4d:4a:5f:07:b3:37:81:bf:6e:ce:46:96:
c9:f4:f1:a8:0f:b7:64:70:db:4e:34:f0:47:53:fc:ce:6c:1a:
46:51:3c:1f:13:3a:95:39:0f:bb:b0:e1:3e:60:d9:2a:6d:91:
d5:d5:4e:e5:ed:98:c3:54:af:34:02:55:29:b0:df:04:74:78:
7e:f2:58:bb:ce:92:38:13:df:6e:7f:15:43:3a:54:9e:3a:0e:
79:5d:2f:57:6f:f2:4e:35:a5:e1:ad:49:a8:ff:03:e7:27:8f:
4a:f9:48:d2:6b:75:bf:84:f9:ac:fd:34:8a:51:83:6c:66:e0:
13:da:5e:c7:a0:60:e6:a8:0c:0e:d7:67:ef:8c:15:c3:fe:f9:
18:34:4b:30
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAY4l2ILcGjlT6OVZKMzlPTYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwMzEwMDA1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJmMmU4N2JlMzU2MDQxN2IxOTA1YjJlMGRjY2JiZTIzYTI1ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8gGtKNTtJ6TABGsgvOqRbUNRLdw
u7W0kXBr8YKSc4NPAOuZJgayBeUbtwo30M0D26hMmHVr596JWTieb8cCccm442eF
ZVW1ICrLi+egrAwUdn2/4x3BvyiRKUuwYayD2rrb3d4/M9scw0lG+fIZTzahGnYc
RK8zrAfy2CbD69Fh72hUrrl1xxe5Jn+gEh2tExuCTvDQdugSLUTJGCXhFfAm+ndm
0rteTPzyd3usTP8GuvSGG1x4TxLuS1i/gJU1MGRGJZcB8wi31VRC5T6wZnDg7aBu
pOaN5SVmHegak11xXpgbaJUr8CqI8UIH5xRTRtponyHxjjXBtlMyMZ0FFQIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFJIvLoe+NWBBexkFsuDcy74jol62MB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEva2k4dWg3NDFZRUY3R1FXeTROekx2aU9pWHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBABU
LqUDBABULq4DBABWJgIDBABWJiwDBABWJlsDBABWJp0DBAFWJs4DBABWJuADBABW
JucDBABZdAADBABZdBIDBABZdCgDBABZdDcDBABZdDkDBABZdE8DBAFZdF4DBABZ
dGIDBABZdI4DBABZdJEwDAMEAVl0wgMEAVl0xAMEAFl0xwMEAFl0yQMEAll0zAME
AVl02AMEAFl02wMEAFl03gMEAFl0+wMEAFl0/gMEAFl1BAMEAFl1IgMEAFl1gwME
AFl1vQMEAFl1vwMEAVl15gMEAFl19AMEANkJ/TANBgkqhkiG9w0BAQsFAAOCAQEA
KBc14vHFVxma7suljTcBbIVq7seGPiQgVc7O3QU9pvbix/i+yGBlJIJexYF20NO9
OAIkyspfseYlutWAo9HXx/VzQvEhAYn1nNX6aJt8ALhd8PAs2oJ5zREOEa9J/+hs
sjBBZyU6c0y7k7I7hKGN4G5OTUpfB7M3gb9uzkaWyfTxqA+3ZHDbTjTwR1P8zmwa
RlE8HxM6lTkPu7DhPmDZKm2R1dVO5e2Yw1SvNAJVKbDfBHR4fvJYu86SOBPfbn8V
QzpUnjoOeV0vV2/yTjWl4a1JqP8D5yePSvlI0mt1v4T5rP00ilGDbGbgE9pex6Bg
5qgMDtdn74wVw/75GDRLMA==
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:03:26 2024 by rpki-client on console-fra.rpki-client.org