Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/tL2MGMEIyxRKsVnl7K9zNdR4oNM.roa
File: tL2MGMEIyxRKsVnl7K9zNdR4oNM.roa (raw, json)
Hash identifier: F5vljZ8wBOffopbhk/4ExBY6DYuprc78auGIbe2g+H0=
Subject key identifier: B4:BD:8C:18:C1:08:CB:14:4A:B1:59:E5:EC:AF:73:35:D4:78:A0:D3
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018F641482351D90D303A33A5AA250AC1842
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/tL2MGMEIyxRKsVnl7K9zNdR4oNM.roa
Signing time: Fri 10 May 2024 19:56:56 +0000
ROA not before: Fri 10 May 2024 19:56:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 89.19.57.0/24 maxlen: 24
89.19.58.0/24 maxlen: 24
89.19.59.0/24 maxlen: 24
185.68.245.0/24 maxlen: 24
185.79.51.0/24 maxlen: 24
185.79.79.0/24 maxlen: 24
185.81.172.0/24 maxlen: 24
185.81.173.0/24 maxlen: 24
185.81.174.0/23 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/23 maxlen: 24
185.81.186.0/23 maxlen: 24
185.89.40.0/24 maxlen: 24
185.89.108.0/22 maxlen: 24
185.95.100.0/23 maxlen: 24
185.95.102.0/23 maxlen: 24
185.96.80.0/24 maxlen: 24
185.96.83.0/24 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
185.104.151.0/24 maxlen: 24
185.112.56.0/23 maxlen: 24
185.175.224.0/24 maxlen: 24
185.175.225.0/24 maxlen: 24
185.185.147.0/24 maxlen: 24
193.221.215.0/24 maxlen: 24
213.170.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:64:14:82:35:1d:90:d3:03:a3:3a:5a:a2:50:ac:18:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: May 10 19:56:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4bd8c18c108cb144ab159e5ecaf7335d478a0d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b7:d0:e8:dc:cf:19:6e:f2:0e:8f:e1:51:f3:
f3:c0:b5:00:4b:d1:47:de:b9:92:dc:44:ed:39:b4:
1a:d3:6d:90:9e:8d:87:4a:dd:ba:e4:fb:a8:20:0c:
e2:36:a8:50:69:5f:12:a7:11:c1:57:91:fd:03:fd:
c6:fa:04:a1:91:2f:a7:b1:bb:69:be:95:7e:4b:56:
7c:a3:99:1a:31:99:58:ae:4f:36:c0:58:68:7d:7e:
0e:f8:5f:4f:59:48:57:c0:d4:f9:55:ce:70:89:8a:
1b:2a:ba:14:23:cf:76:e7:ca:36:60:f5:b0:fa:62:
c2:c8:ac:9f:cc:39:4c:b6:01:d0:7d:9b:9f:0d:77:
0c:0c:46:76:07:80:b3:4c:a8:b2:f8:bc:80:13:2f:
d4:be:ce:5b:30:d6:90:0e:e1:23:71:23:e7:91:5c:
38:4b:c5:85:62:1a:c0:08:d6:c5:33:f5:85:c8:6c:
25:b8:be:64:f6:3b:71:8f:02:08:7a:31:ff:a1:7d:
f3:0b:b6:07:50:15:19:08:7c:f1:16:f0:24:ba:79:
6e:d6:db:80:b4:ad:30:90:80:39:0d:46:24:a6:fe:
06:61:f3:dd:ad:11:97:08:a4:20:e0:4b:18:7a:ee:
4f:4b:35:d3:20:0e:b8:3a:68:c2:ec:b1:78:9c:dd:
df:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BD:8C:18:C1:08:CB:14:4A:B1:59:E5:EC:AF:73:35:D4:78:A0:D3
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/tL2MGMEIyxRKsVnl7K9zNdR4oNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.57.0-89.19.59.255
185.68.245.0/24
185.79.51.0/24
185.79.79.0/24
185.81.172.0/22
185.81.184.0/22
185.89.40.0/24
185.89.108.0/22
185.95.100.0/22
185.96.80.0/24
185.96.83.0/24
185.97.1.0/24
185.97.3.0/24
185.104.151.0/24
185.112.56.0/23
185.175.224.0/23
185.185.147.0/24
193.221.215.0/24
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:6f:17:61:d4:19:99:a5:45:d7:b9:ba:ac:73:34:a1:70:c2:
04:aa:82:d4:f4:aa:68:ba:3d:8a:2d:3a:96:c4:ad:19:97:cc:
c7:7f:4f:c1:69:e2:59:af:8a:0a:d1:45:4b:df:09:d6:a6:2a:
44:b1:20:ec:9c:da:3c:85:03:1e:f5:0f:03:c7:de:2f:42:30:
31:ee:68:bb:69:61:d9:e3:ee:96:50:29:0b:aa:16:24:ca:e6:
00:f0:a5:74:32:14:db:d8:ed:8c:1f:ef:cf:5c:9e:67:58:c7:
d3:e1:b9:1f:2d:ad:e4:d8:34:c2:ce:b6:4a:c1:c7:30:06:27:
7b:22:1a:6b:d8:58:28:65:31:bd:92:31:af:c8:bd:ba:a0:01:
41:6c:8c:fd:96:a7:c2:12:7c:0b:88:04:c7:06:b9:cf:ab:f1:
82:68:d1:91:8a:0a:d6:93:2b:e2:66:1f:1c:28:1f:9a:fc:cf:
67:e0:d1:98:5a:07:c1:b6:c0:95:d0:90:bd:93:b6:a1:d1:37:
69:52:4f:65:b9:bf:c6:c2:ea:c5:7f:c1:a9:2d:ec:3b:9c:16:
97:12:71:62:a9:86:e5:bb:3b:b1:49:89:3e:8b:32:ad:41:73:
6f:d0:64:04:0d:82:07:0a:23:b9:51:cb:03:4f:a3:82:9f:07:
e0:71:3a:49
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY9kFII1HZDTA6M6WqJQrBhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwNTEwMTk1NjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJkOGMxOGMxMDhjYjE0NGFiMTU5ZTVlY2FmNzMzNWQ0NzhhMGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLfQ6NzPGW7yDo/hUfPzwLUAS9FH
3rmS3ETtObQa022Qno2HSt265PuoIAziNqhQaV8SpxHBV5H9A/3G+gShkS+nsbtp
vpV+S1Z8o5kaMZlYrk82wFhofX4O+F9PWUhXwNT5Vc5wiYobKroUI89258o2YPWw
+mLCyKyfzDlMtgHQfZufDXcMDEZ2B4CzTKiy+LyAEy/Uvs5bMNaQDuEjcSPnkVw4
S8WFYhrACNbFM/WFyGwluL5k9jtxjwIIejH/oX3zC7YHUBUZCHzxFvAkunlu1tuA
tK0wkIA5DUYkpv4GYfPdrRGXCKQg4EsYeu5PSzXTIA64OmjC7LF4nN3f3wIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFLS9jBjBCMsUSrFZ5eyvczXUeKDTMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdEwyTUdNRUl5eFJLc1ZubDdLOXpOZFI0b05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejAMAwQA
WRM5AwQCWRM4AwQAuUT1AwQAuU8zAwQAuU9PAwQCuVGsAwQCuVG4AwQAuVkoAwQC
uVlsAwQCuV9kAwQAuWBQAwQAuWBTAwQAuWEBAwQAuWEDAwQAuWiXAwQBuXA4AwQB
ua/gAwQAubmTAwQAwd3XAwQA1arfMA0GCSqGSIb3DQEBCwUAA4IBAQB9bxdh1BmZ
pUXXubqsczShcMIEqoLU9Kpouj2KLTqWxK0Zl8zHf0/BaeJZr4oK0UVL3wnWpipE
sSDsnNo8hQMe9Q8Dx94vQjAx7mi7aWHZ4+6WUCkLqhYkyuYA8KV0MhTb2O2MH+/P
XJ5nWMfT4bkfLa3k2DTCzrZKwccwBid7Ihpr2FgoZTG9kjGvyL26oAFBbIz9lqfC
EnwLiATHBrnPq/GCaNGRigrWkyviZh8cKB+a/M9n4NGYWgfBtsCV0JC9k7ah0Tdp
Uk9lub/GwurFf8GpLew7nBaXEnFiqYbluzuxSYk+izKtQXNv0GQEDYIHCiO5UcsD
T6OCnwfgcTpJ
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:10:34 2024 by rpki-client on console-fra.rpki-client.org