Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/mGrQxZz2w6XrpnOO9skASmwoRP4.roa
File: mGrQxZz2w6XrpnOO9skASmwoRP4.roa (raw, json)
Hash identifier: ZffqA6bhiqs5voqqwTgwYLNPHyRdJSvPaSDKjUwq8vs=
Subject key identifier: 98:6A:D0:C5:9C:F6:C3:A5:EB:A6:73:8E:F6:C9:00:4A:6C:28:44:FE
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018DEF80C0056EC447DD1B3CC251C4CC1A62
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/mGrQxZz2w6XrpnOO9skASmwoRP4.roa
Signing time: Wed 28 Feb 2024 11:36:48 +0000
ROA not before: Wed 28 Feb 2024 11:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 82.140.129.0/24 maxlen: 24
84.46.204.0/24 maxlen: 24
84.46.207.0/24 maxlen: 24
86.38.26.0/24 maxlen: 24
86.38.36.0/24 maxlen: 24
86.38.154.0/24 maxlen: 24
86.38.222.0/24 maxlen: 24
86.38.234.0/24 maxlen: 24
86.38.236.0/24 maxlen: 24
89.116.14.0/24 maxlen: 24
89.116.71.0/24 maxlen: 24
89.116.77.0/24 maxlen: 24
89.116.78.0/24 maxlen: 24
89.116.90.0/24 maxlen: 24
89.116.93.0/24 maxlen: 24
89.116.97.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:80:c0:05:6e:c4:47:dd:1b:3c:c2:51:c4:cc:1a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Feb 28 11:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=986ad0c59cf6c3a5eba6738ef6c9004a6c2844fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:9a:84:34:85:33:2d:46:c9:37:1b:9e:4b:14:
a3:2a:fd:29:93:c5:7d:12:e8:6a:55:d0:b1:8d:a7:
b2:ad:ee:ee:73:55:ad:f5:1d:2c:2f:5b:8d:0d:f4:
19:be:b9:2c:39:f8:28:df:76:e1:8c:8f:00:ef:1a:
02:34:c3:d4:dc:54:5c:51:b7:8d:36:8a:a2:d8:17:
93:d1:0f:17:96:df:7b:ea:bc:9f:63:b4:26:cc:3d:
d5:a1:ae:9e:aa:bb:41:6c:59:de:43:c2:d3:37:03:
2a:0d:8f:7c:a0:22:76:d2:6c:f8:33:1e:e7:19:2b:
db:7f:02:c3:24:53:3c:95:d3:62:54:d1:fb:9f:f7:
ea:d4:f3:cc:da:5c:02:87:c5:3c:0b:4d:14:18:7b:
a5:5e:ac:71:f0:60:2e:02:b4:6e:19:3c:b0:b0:10:
b8:c3:36:38:7d:63:06:9d:33:f2:78:bc:2a:2e:65:
39:30:4b:33:7a:0b:47:a4:fa:95:96:96:f9:ef:d6:
f0:1c:2f:f6:a7:af:6a:b8:d3:3a:23:0b:a0:70:98:
a4:85:c9:32:5d:bf:94:9a:77:b8:3c:60:ca:58:65:
25:be:12:aa:f6:59:39:5d:c8:df:bb:83:ac:2c:44:
9a:5e:43:7b:86:0c:01:f8:ce:46:f2:a5:49:53:79:
d5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6A:D0:C5:9C:F6:C3:A5:EB:A6:73:8E:F6:C9:00:4A:6C:28:44:FE
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/mGrQxZz2w6XrpnOO9skASmwoRP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.129.0/24
84.46.204.0/24
84.46.207.0/24
86.38.26.0/24
86.38.36.0/24
86.38.154.0/24
86.38.222.0/24
86.38.234.0/24
86.38.236.0/24
89.116.14.0/24
89.116.71.0/24
89.116.77.0-89.116.78.255
89.116.90.0/24
89.116.93.0/24
89.116.97.0/24
89.117.243.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:1f:1c:09:99:fa:80:62:5f:af:b5:e3:c0:11:c7:a8:bf:7b:
57:99:16:39:ef:db:fc:de:23:23:a6:b8:f9:f1:39:42:2b:8b:
3f:1f:be:db:47:3b:1d:7a:60:cc:4b:5c:0a:75:7f:54:9c:7e:
ec:27:46:f2:13:ab:fe:88:62:02:8d:f4:dc:5c:36:60:fb:48:
fb:8e:bf:8d:ba:2d:d7:9f:79:d2:eb:04:16:6c:07:c9:ce:8f:
f4:95:da:83:84:fc:48:eb:57:25:da:c5:51:8b:58:5c:2f:f5:
95:2f:04:43:41:1e:85:69:9d:9c:ee:47:d4:a6:9e:d9:06:24:
d1:77:dc:6f:dc:ed:7c:d3:39:53:a6:95:51:43:b4:f6:d0:48:
f1:d0:52:a2:13:ed:9e:10:cc:41:f9:c9:86:31:ad:68:50:6c:
63:37:62:a2:77:55:79:fa:02:0d:03:54:c6:5f:5b:a3:ca:70:
e9:44:3a:1a:c5:9f:65:5e:ac:55:30:94:34:4d:30:dc:fb:2c:
48:60:50:5c:48:93:63:f2:b8:b1:5c:6d:f0:12:31:5d:9c:16:
6c:f7:cd:c6:98:db:d7:bb:6a:ae:0e:75:fa:3a:8e:40:02:d0:
b9:e7:44:2e:88:53:3e:20:bf:07:ee:d5:b9:53:ff:32:18:1b:
8f:f4:83:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAY3vgMAFbsRH3Rs8wlHEzBpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwMjI4MTEzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODZhZDBjNTljZjZjM2E1ZWJhNjczOGVmNmM5MDA0YTZjMjg0NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65qENIUzLUbJNxueSxSjKv0pk8V9
EuhqVdCxjaeyre7uc1Wt9R0sL1uNDfQZvrksOfgo33bhjI8A7xoCNMPU3FRcUbeN
Noqi2BeT0Q8Xlt976ryfY7QmzD3Voa6eqrtBbFneQ8LTNwMqDY98oCJ20mz4Mx7n
GSvbfwLDJFM8ldNiVNH7n/fq1PPM2lwCh8U8C00UGHulXqxx8GAuArRuGTywsBC4
wzY4fWMGnTPyeLwqLmU5MEszegtHpPqVlpb579bwHC/2p69quNM6IwugcJikhcky
Xb+Umne4PGDKWGUlvhKq9lk5Xcjfu4OsLESaXkN7hgwB+M5G8qVJU3nVRQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFJhq0MWc9sOl66ZzjvbJAEpsKET+MB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvbUdyUXhaejJ3NlhycG5PTzlza0FTbXdvUlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFKMgQME
AFQuzAMEAFQuzwMEAFYmGgMEAFYmJAMEAFYmmgMEAFYm3gMEAFYm6gMEAFYm7AME
AFl0DgMEAFl0RzAMAwQAWXRNAwQAWXROAwQAWXRaAwQAWXRdAwQAWXRhAwQAWXXz
MA0GCSqGSIb3DQEBCwUAA4IBAQA+HxwJmfqAYl+vtePAEceov3tXmRY579v83iMj
prj58TlCK4s/H77bRzsdemDMS1wKdX9UnH7sJ0byE6v+iGICjfTcXDZg+0j7jr+N
ui3Xn3nS6wQWbAfJzo/0ldqDhPxI61cl2sVRi1hcL/WVLwRDQR6FaZ2c7kfUpp7Z
BiTRd9xv3O180zlTppVRQ7T20Ejx0FKiE+2eEMxB+cmGMa1oUGxjN2Kid1V5+gIN
A1TGX1ujynDpRDoaxZ9lXqxVMJQ0TTDc+yxIYFBcSJNj8rixXG3wEjFdnBZs983G
mNvXu2quDnX6Oo5AAtC550QuiFM+IL8H7tW5U/8yGBuP9IOv
-----END CERTIFICATE-----
Generated at Fri May 3 03:35:04 2024 by rpki-client on console-ams.rpki-client.org