Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/DTmiPPiU2WHwcNqn_Z7oV3XIarY.roa
File: DTmiPPiU2WHwcNqn_Z7oV3XIarY.roa (raw, json)
Hash identifier: frsu4m4kMvx1QWuEX2tzbpyDc+A1k9++EJWLIKs+iBw=
Subject key identifier: 0D:39:A2:3C:F8:94:D9:61:F0:70:DA:A7:FD:9E:E8:57:75:C8:6A:B6
Certificate issuer: /CN=daf0a39cfadf910f6b132ad228e606561887a06c
Certificate serial: 018CC50071889F672282D5DB8C96DA7B2FCB
Authority key identifier: DA:F0:A3:9C:FA:DF:91:0F:6B:13:2A:D2:28:E6:06:56:18:87:A0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/DTmiPPiU2WHwcNqn_Z7oV3XIarY.roa
Signing time: Mon 01 Jan 2024 12:29:49 +0000
ROA not before: Mon 01 Jan 2024 12:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29413
IP address blocks: 185.91.48.0/22 maxlen: 24
213.149.80.0/20 maxlen: 24
213.178.16.0/20 maxlen: 24
31.187.80.0/22 maxlen: 24
31.187.88.0/22 maxlen: 24
217.72.208.0/20 maxlen: 24
185.31.60.0/22 maxlen: 24
46.31.216.0/21 maxlen: 24
88.133.224.0/21 maxlen: 24
91.217.176.0/24 maxlen: 24
37.156.80.0/20 maxlen: 24
88.133.160.0/20 maxlen: 24
2a02:2488::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 23:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:71:88:9f:67:22:82:d5:db:8c:96:da:7b:2f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daf0a39cfadf910f6b132ad228e606561887a06c
Validity
Not Before: Jan 1 12:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d39a23cf894d961f070daa7fd9ee85775c86ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:78:69:3d:d0:ee:c3:ae:d0:fb:eb:72:e9:53:
7d:c4:2a:7a:ab:e8:8e:52:77:8a:17:95:46:dc:d8:
58:64:74:c6:7f:a5:12:0b:cf:fe:1c:a0:15:88:a5:
cd:50:5a:89:35:0f:65:18:fd:de:9e:88:00:f8:10:
bd:6e:07:f8:60:8c:f4:30:e3:00:db:f9:49:77:66:
7c:b8:a5:01:25:74:bd:f8:6f:91:62:4b:e0:a5:4e:
b8:dc:79:99:8d:74:27:7f:ea:54:db:e9:c1:f7:13:
41:25:00:ae:eb:28:38:20:b9:ab:59:b7:f6:fa:34:
13:29:25:8c:16:ff:21:c1:45:db:79:ed:f1:cf:51:
6f:49:a7:4e:0c:72:4b:10:41:21:e2:15:32:86:98:
a4:3a:04:a9:ca:8c:1e:e0:4c:fe:40:83:96:bd:ec:
9e:4c:9f:e2:2d:93:ba:6b:a4:9a:39:63:a9:cc:47:
5d:16:07:1b:a8:9f:0a:37:0b:ab:a8:b5:4f:28:97:
38:3e:a7:68:49:39:a7:13:fc:7c:e2:c7:aa:37:12:
4c:a7:8c:e2:62:a5:66:2f:4c:c6:db:21:52:56:d5:
26:f0:13:3f:c3:10:df:79:ed:dd:70:e3:32:b4:24:
f0:77:31:36:98:9b:31:5c:d1:39:fa:d3:70:43:a6:
cc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:39:A2:3C:F8:94:D9:61:F0:70:DA:A7:FD:9E:E8:57:75:C8:6A:B6
X509v3 Authority Key Identifier:
keyid:DA:F0:A3:9C:FA:DF:91:0F:6B:13:2A:D2:28:E6:06:56:18:87:A0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/DTmiPPiU2WHwcNqn_Z7oV3XIarY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.80.0/22
31.187.88.0/22
37.156.80.0/20
46.31.216.0/21
88.133.160.0/20
88.133.224.0/21
91.217.176.0/24
185.31.60.0/22
185.91.48.0/22
213.149.80.0/20
213.178.16.0/20
217.72.208.0/20
IPv6:
2a02:2488::/32
Signature Algorithm: sha256WithRSAEncryption
88:76:59:ab:2d:b2:86:1d:7e:c7:91:3c:e3:9d:69:ae:f9:f4:
7e:6b:0c:ed:43:c7:9f:aa:58:82:dd:f4:0a:28:7c:07:4b:d5:
38:cf:1a:f9:c5:e0:f1:ad:4c:30:13:e8:31:b4:16:ff:cf:21:
f3:02:98:64:19:b3:f5:45:87:8e:d8:a3:fc:31:38:42:81:76:
a0:51:dc:a0:5a:d5:38:65:95:ad:09:ba:71:7b:95:b9:ee:7b:
f6:4b:53:df:64:e7:20:5c:0f:c2:74:45:a8:c1:00:03:0e:c0:
60:b7:30:2e:ca:a8:d9:b0:1c:1e:b8:eb:9f:42:75:e6:9c:f6:
de:b3:9d:83:3f:c4:2a:02:5d:b7:d4:44:4a:b6:5b:9e:26:cc:
e0:80:2e:e8:4f:4f:c9:46:61:3d:5b:0d:a9:8b:5c:07:31:14:
02:29:35:8d:ff:ac:38:63:9d:b4:0b:ad:32:b8:79:f0:cd:84:
3f:19:23:c2:e6:f9:6f:6c:ae:28:96:3e:f8:4b:02:5c:3d:f1:
80:c3:c6:1b:1b:de:70:05:a1:4a:af:c0:f4:86:90:a6:d9:88:
d9:59:3f:50:ec:ef:de:e9:fa:b1:e9:4a:b3:b0:49:e9:d1:23:
ba:fa:05:c1:e2:ef:5a:1a:8e:b3:57:78:2e:6a:eb:f6:d3:60:
6a:17:b5:52
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzFAHGIn2cigtXbjJbaey/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZjBhMzljZmFkZjkxMGY2YjEzMmFkMjI4ZTYwNjU2MTg4
N2EwNmMwHhcNMjQwMTAxMTIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDM5YTIzY2Y4OTRkOTYxZjA3MGRhYTdmZDllZTg1Nzc1Yzg2YWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3hpPdDuw67Q++ty6VN9xCp6q+iO
UneKF5VG3NhYZHTGf6USC8/+HKAViKXNUFqJNQ9lGP3enogA+BC9bgf4YIz0MOMA
2/lJd2Z8uKUBJXS9+G+RYkvgpU643HmZjXQnf+pU2+nB9xNBJQCu6yg4ILmrWbf2
+jQTKSWMFv8hwUXbee3xz1FvSadODHJLEEEh4hUyhpikOgSpyowe4Ez+QIOWveye
TJ/iLZO6a6SaOWOpzEddFgcbqJ8KNwurqLVPKJc4PqdoSTmnE/x84seqNxJMp4zi
YqVmL0zG2yFSVtUm8BM/wxDfee3dcOMytCTwdzE2mJsxXNE5+tNwQ6bMMQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFA05ojz4lNlh8HDap/2e6Fd1yGq2MB8GA1UdIwQY
MBaAFNrwo5z635EPaxMq0ijmBlYYh6BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZDam5QcmZrUTlyRXlyU0tPWUdWaGlIb0d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mZmE0NTctMzRjOC00OGMyLTllYmMt
OTJiMjA3ZjY0MWIxLzEvRFRtaVBQaVUyV0h3Y05xbl9aN29WM1hJYXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mZmE0NTctMzRjOC00OGMyLTllYmMtOTJiMjA3ZjY0MWIx
LzEvMnZDam5QcmZrUTlyRXlyU0tPWUdWaGlIb0d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCH7tQAwQC
H7tYAwQEJZxQAwQDLh/YAwQEWIWgAwQDWIXgAwQAW9mwAwQCuR88AwQCuVswAwQE
1ZVQAwQE1bIQAwQE2UjQMA0EAgACMAcDBQAqAiSIMA0GCSqGSIb3DQEBCwUAA4IB
AQCIdlmrLbKGHX7HkTzjnWmu+fR+awztQ8efqliC3fQKKHwHS9U4zxr5xeDxrUww
E+gxtBb/zyHzAphkGbP1RYeO2KP8MThCgXagUdygWtU4ZZWtCbpxe5W57nv2S1Pf
ZOcgXA/CdEWowQADDsBgtzAuyqjZsBweuOufQnXmnPbes52DP8QqAl231ERKtlue
JszggC7oT0/JRmE9Ww2pi1wHMRQCKTWN/6w4Y520C60yuHnwzYQ/GSPC5vlvbK4o
lj74SwJcPfGAw8YbG95wBaFKr8D0hpCm2YjZWT9Q7O/e6fqx6UqzsEnp0SO6+gXB
4u9aGo6zV3guauv202BqF7VS
-----END CERTIFICATE-----
Generated at Wed Nov 27 07:18:48 2024 by rpki-client on console-fra.rpki-client.org