Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/508ro2dqgD4UO-hE_fC3fApIhQo.roa
File: 508ro2dqgD4UO-hE_fC3fApIhQo.roa (raw, json)
Hash identifier: 3x2fBzArS6aiK+wpj8TjI4+AZV7aIHMvxwasZM04Yd0=
Subject key identifier: E7:4F:2B:A3:67:6A:80:3E:14:3B:E8:44:FD:F0:B7:7C:0A:48:85:0A
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 018CC5011CBCEC51FA7BB8A0C53A6F22D528
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/508ro2dqgD4UO-hE_fC3fApIhQo.roa
Signing time: Mon 01 Jan 2024 12:30:33 +0000
ROA not before: Mon 01 Jan 2024 12:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24685
IP address blocks: 80.92.224.0/24 maxlen: 32
80.92.226.0/24 maxlen: 32
212.110.152.0/23 maxlen: 32
80.92.231.0/24 maxlen: 32
80.92.233.0/24 maxlen: 32
80.92.235.0/24 maxlen: 32
80.92.234.0/24 maxlen: 32
82.117.229.0/24 maxlen: 32
193.111.48.0/23 maxlen: 32
92.60.179.0/24 maxlen: 32
92.60.178.0/24 maxlen: 32
92.60.178.0/23 maxlen: 32
82.117.244.0/24 maxlen: 32
185.38.208.0/24 maxlen: 32
185.38.209.0/24 maxlen: 32
185.39.196.0/24 maxlen: 32
128.0.170.0/24 maxlen: 32
128.0.172.0/24 maxlen: 32
193.111.0.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
31.172.136.0/23 maxlen: 32
31.172.140.0/23 maxlen: 32
85.90.223.0/24 maxlen: 32
2a01:6b0:7::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1c:bc:ec:51:fa:7b:b8:a0:c5:3a:6f:22:d5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jan 1 12:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e74f2ba3676a803e143be844fdf0b77c0a48850a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:08:41:5c:df:62:2c:76:0f:2b:49:a7:c5:
7b:5d:aa:48:49:e9:d8:f4:4b:4b:aa:bd:e9:28:79:
64:e3:6b:20:f3:12:75:3b:b6:7d:9d:e2:02:4f:a4:
c7:fd:8b:34:03:7c:38:fa:3d:59:16:12:a2:57:84:
84:2b:b1:aa:32:68:89:85:25:92:02:f5:47:4d:c0:
97:72:f0:46:da:8e:bf:99:ef:1c:59:92:94:9d:71:
97:e6:ef:bd:e5:08:19:b0:ae:f9:cf:bb:01:3f:c8:
c6:3f:79:5c:2b:47:81:5b:17:ce:1b:7a:ef:d2:02:
a7:9c:dd:d0:1c:42:11:27:20:eb:42:0a:92:bf:b1:
86:09:c7:7c:5f:9f:bc:bc:6b:bb:e3:ed:fc:07:22:
f7:6b:fb:d6:f0:5f:a9:aa:af:37:b6:1f:f5:dd:3e:
ff:66:e0:f7:c4:d3:c1:81:d4:60:c9:93:0e:32:d2:
3a:b6:25:47:b8:04:0d:8e:2f:ac:ae:c4:83:e1:e7:
a9:9e:e7:be:8c:dd:f0:83:1b:5c:37:07:94:fd:82:
7d:e7:ec:27:9d:be:94:57:2e:5d:78:12:9f:31:4f:
9e:d2:23:18:8a:09:2a:8e:4d:bd:12:77:de:e4:3c:
1a:5a:87:49:12:85:d0:b6:f1:e2:eb:95:02:29:11:
a0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:4F:2B:A3:67:6A:80:3E:14:3B:E8:44:FD:F0:B7:7C:0A:48:85:0A
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/508ro2dqgD4UO-hE_fC3fApIhQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/23
31.172.140.0/23
80.92.224.0/24
80.92.226.0/24
80.92.231.0/24
80.92.233.0-80.92.235.255
82.117.229.0/24
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
92.60.178.0/23
128.0.170.0/24
128.0.172.0/24
185.38.208.0/23
185.39.196.0/24
193.111.0.0/24
193.111.48.0/23
212.110.152.0/23
IPv6:
2a01:6b0:7::/48
Signature Algorithm: sha256WithRSAEncryption
c3:28:a9:d3:bd:10:69:98:ea:ae:ef:d5:c0:65:53:f8:31:f3:
2b:ca:f1:5f:8e:c9:42:37:89:13:3f:29:01:fc:3b:e7:03:39:
42:33:0b:21:7a:d5:ca:8b:0e:5f:78:09:3c:03:21:91:ec:5b:
91:10:75:7f:e4:42:30:33:e0:eb:ed:e2:05:d2:26:df:59:5a:
58:74:86:3b:82:8c:d8:19:8b:c3:76:e1:f9:82:96:58:a9:3b:
d1:68:e8:04:f5:e3:42:f4:22:2b:91:ed:e2:47:90:a5:c3:73:
7c:ba:0c:b6:e1:40:2e:33:4c:4f:a0:f5:09:3c:45:37:0c:0e:
b9:e9:67:bf:5f:c7:6c:bf:57:d9:9d:bd:02:8d:22:cf:d5:69:
c5:36:ed:d3:53:d3:d6:d6:cd:97:d5:ad:b6:48:9a:18:d9:47:
87:90:d8:7f:c8:c3:71:9b:ef:da:e2:18:e9:a5:15:fd:b6:27:
b9:93:8c:54:63:23:5a:39:dd:96:cc:a3:ee:a5:d2:b3:2d:ca:
8f:a5:ea:24:d3:28:5c:4d:5e:10:75:e2:19:bb:75:92:d3:91:
6b:a9:f2:d9:86:cb:c4:b5:9c:e9:d7:d8:ad:1c:bc:45:14:16:
37:29:bf:58:11:ae:43:9c:cc:33:fd:f1:5c:72:3e:9f:cc:b2:
1b:30:0c:e8
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYzFARy87FH6e7igxTpvItUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzRmMmJhMzY3NmE4MDNlMTQzYmU4NDRmZGYwYjc3YzBhNDg4NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZgIQVzfYix2DytJp8V7XapISenY
9EtLqr3pKHlk42sg8xJ1O7Z9neICT6TH/Ys0A3w4+j1ZFhKiV4SEK7GqMmiJhSWS
AvVHTcCXcvBG2o6/me8cWZKUnXGX5u+95QgZsK75z7sBP8jGP3lcK0eBWxfOG3rv
0gKnnN3QHEIRJyDrQgqSv7GGCcd8X5+8vGu74+38ByL3a/vW8F+pqq83th/13T7/
ZuD3xNPBgdRgyZMOMtI6tiVHuAQNji+srsSD4eepnue+jN3wgxtcNweU/YJ95+wn
nb6UVy5deBKfMU+e0iMYigkqjk29Enfe5DwaWodJEoXQtvHi65UCKRGgNQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFOdPK6NnaoA+FDvoRP3wt3wKSIUKMB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvNTA4cm8yZHFnRDRVTy1oRV9mQzNmQXBJaFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB6BAIAATB0AwQBH6yI
AwQBH6yMAwQAUFzgAwQAUFziAwQAUFznMAwDBABQXOkDBAJQXOgDBABSdeUDBABS
dfQDBABVWtMDBABVWt8DBAFcPLIDBACAAKoDBACAAKwDBAG5JtADBAC5J8QDBADB
bwADBAHBbzADBAHUbpgwDwQCAAIwCQMHACoBBrAABzANBgkqhkiG9w0BAQsFAAOC
AQEAwyip070QaZjqru/VwGVT+DHzK8rxX47JQjeJEz8pAfw75wM5QjMLIXrVyosO
X3gJPAMhkexbkRB1f+RCMDPg6+3iBdIm31laWHSGO4KM2BmLw3bh+YKWWKk70Wjo
BPXjQvQiK5Ht4keQpcNzfLoMtuFALjNMT6D1CTxFNwwOuelnv1/HbL9X2Z29Ao0i
z9VpxTbt01PT1tbNl9WttkiaGNlHh5DYf8jDcZvv2uIY6aUV/bYnuZOMVGMjWjnd
lsyj7qXSsy3Kj6XqJNMoXE1eEHXiGbt1ktORa6ny2YbLxLWc6dfYrRy8RRQWNym/
WBGuQ5zMM/3xXHI+n8yyGzAM6A==
-----END CERTIFICATE-----
Generated at Sat May 18 13:59:30 2024 by rpki-client on console-fra.rpki-client.org