Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/R0cze8X7BJgRfnebaEgBICQ9F9E.roa
File: R0cze8X7BJgRfnebaEgBICQ9F9E.roa (raw, json)
Hash identifier: ZurkyBBuTAKgVwTtFN6Cvl3CfLcGhjU2zJfPIhS/dCI=
Subject key identifier: 47:47:33:7B:C5:FB:04:98:11:7E:77:9B:68:48:01:20:24:3D:17:D1
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018CCA9940615F776A80E661C04544D8AB04
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/R0cze8X7BJgRfnebaEgBICQ9F9E.roa
Signing time: Tue 02 Jan 2024 14:34:50 +0000
ROA not before: Tue 02 Jan 2024 14:34:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57829
IP address blocks: 185.224.56.0/22 maxlen: 24
185.57.168.0/22 maxlen: 24
185.56.212.0/22 maxlen: 24
91.223.51.0/24 maxlen: 24
84.19.128.0/20 maxlen: 24
91.192.252.0/22 maxlen: 24
91.224.36.0/23 maxlen: 24
193.138.74.0/24 maxlen: 24
193.41.118.0/23 maxlen: 24
84.19.144.0/21 maxlen: 24
195.78.37.0/24 maxlen: 24
195.78.36.0/24 maxlen: 24
185.114.104.0/22 maxlen: 24
188.65.152.0/21 maxlen: 24
193.254.192.0/23 maxlen: 24
81.201.208.0/20 maxlen: 24
45.137.208.0/22 maxlen: 24
2a0b:fd80::/32 maxlen: 48
2a02:5120::/32 maxlen: 48
2a00:e900::/29 maxlen: 48
2a01:4400::/32 maxlen: 48
2a0b:fd82::/32 maxlen: 48
2a0b:fd81::/32 maxlen: 48
2a0b:fd87::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:40:61:5f:77:6a:80:e6:61:c0:45:44:d8:ab:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Jan 2 14:34:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4747337bc5fb0498117e779b68480120243d17d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a2:2b:00:c8:36:cb:0f:f5:51:2e:fa:f5:0b:
bb:75:34:97:6f:fe:6e:c5:bc:8e:d1:d5:5f:ec:17:
80:9b:0a:c8:b0:10:0a:b1:ca:1d:2a:39:e1:3b:cf:
d1:50:06:ec:ad:41:44:11:20:98:d9:27:15:ed:94:
67:98:37:a5:ec:cd:f5:06:2c:fe:f4:45:ae:1d:1c:
d8:12:da:c8:aa:77:36:1d:ed:2b:35:f6:95:4f:86:
1f:d4:58:b8:01:83:36:6b:ef:55:e2:1d:64:cd:9f:
53:60:f1:74:37:42:93:a9:6d:3c:a9:fe:d4:7f:8c:
2f:d0:82:3d:0a:40:b1:35:26:b8:1e:49:a9:3b:de:
9e:be:71:d6:50:6c:23:c4:00:5a:c4:1c:d0:e2:b1:
9e:f5:80:82:e5:bf:ad:33:e0:db:9c:da:cd:40:3b:
ff:70:48:00:23:b6:2b:44:b7:18:41:cd:bf:90:9d:
c7:0a:11:6e:72:b8:07:10:4e:f4:6c:e2:95:4b:13:
a1:65:9d:cc:76:45:82:4b:44:9e:26:f7:f6:db:0a:
82:54:d4:5c:6e:3c:cc:4a:7c:ad:a9:e0:ad:4b:a6:
31:7e:6b:a0:8d:73:fe:c8:8d:de:df:bc:49:d2:65:
ee:b7:8a:a4:b6:f7:22:27:5e:66:9b:8e:87:c2:42:
f1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:47:33:7B:C5:FB:04:98:11:7E:77:9B:68:48:01:20:24:3D:17:D1
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/R0cze8X7BJgRfnebaEgBICQ9F9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
81.201.208.0/20
84.19.128.0-84.19.151.255
91.192.252.0/22
91.223.51.0/24
91.224.36.0/23
185.56.212.0/22
185.57.168.0/22
185.114.104.0/22
185.224.56.0/22
188.65.152.0/21
193.41.118.0/23
193.138.74.0/24
193.254.192.0/23
195.78.36.0/23
IPv6:
2a00:e900::/29
2a01:4400::/32
2a02:5120::/32
2a0b:fd80::-2a0b:fd82:ffff:ffff:ffff:ffff:ffff:ffff
2a0b:fd87::/32
Signature Algorithm: sha256WithRSAEncryption
5c:67:bd:1b:6f:56:6d:0a:ba:67:28:31:4e:fa:ac:91:19:2f:
7d:ac:c6:cc:55:98:c1:75:57:15:5b:fa:e8:8c:3d:05:be:ae:
aa:74:2a:b8:1a:d8:35:d3:33:79:96:3b:78:40:27:f3:8f:12:
11:1e:e8:96:83:42:a6:0e:a7:38:54:89:fc:7b:36:f8:0c:5c:
82:ec:1b:4a:4f:9a:60:ab:eb:bc:cd:e3:8b:9c:5b:4e:98:31:
2a:49:a3:e2:9c:55:af:36:f0:f9:c1:e7:6a:85:6b:28:90:0e:
fa:c7:20:32:d9:57:a7:89:f5:b4:98:8e:31:8f:7e:7c:13:6e:
81:e8:78:dc:cb:e2:d1:57:ec:bd:f9:17:2b:cf:24:5b:1f:81:
d7:a6:2b:51:8d:7b:de:70:43:c7:dc:07:b8:75:ca:17:44:c2:
a9:81:5f:74:5b:e9:0e:bd:67:90:0f:7b:67:1f:26:fd:c3:81:
65:9d:6c:50:42:04:ff:18:94:8a:b8:5b:e0:f7:58:00:58:fd:
87:7c:65:94:90:e8:03:62:50:24:f5:ae:56:d5:6a:03:92:de:
ba:b1:c7:05:af:32:83:f0:3c:dc:27:21:52:c2:ca:74:ed:3f:
50:00:18:51:03:f5:15:c9:13:a9:bd:16:d5:6d:fb:c4:a9:17:
fb:33:9c:34
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYzKmUBhX3dqgOZhwEVE2KsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjQwMTAyMTQzNDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQ3MzM3YmM1ZmIwNDk4MTE3ZTc3OWI2ODQ4MDEyMDI0M2QxN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqIrAMg2yw/1US769Qu7dTSXb/5u
xbyO0dVf7BeAmwrIsBAKscodKjnhO8/RUAbsrUFEESCY2ScV7ZRnmDel7M31Biz+
9EWuHRzYEtrIqnc2He0rNfaVT4Yf1Fi4AYM2a+9V4h1kzZ9TYPF0N0KTqW08qf7U
f4wv0II9CkCxNSa4HkmpO96evnHWUGwjxABaxBzQ4rGe9YCC5b+tM+DbnNrNQDv/
cEgAI7YrRLcYQc2/kJ3HChFucrgHEE70bOKVSxOhZZ3MdkWCS0SeJvf22wqCVNRc
bjzMSnytqeCtS6YxfmugjXP+yI3e37xJ0mXut4qktvciJ15mm46HwkLxswIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFEdHM3vF+wSYEX53m2hIASAkPRfRMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvUjBjemU4WDdCSmdSZm5lYmFFZ0JJQ1E5RjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjBoBAIAATBiAwQCLYnQ
AwQEUcnQMAwDBAdUE4ADBANUE5ADBAJbwPwDBABb3zMDBAFb4CQDBAK5ONQDBAK5
OagDBAK5cmgDBAK54DgDBAO8QZgDBAHBKXYDBADBikoDBAHB/sADBAHDTiQwMgQC
AAIwLAMFAyoA6QADBQAqAUQAAwUAKgJRIDAOAwUHKgv9gAMFACoL/YIDBQAqC/2H
MA0GCSqGSIb3DQEBCwUAA4IBAQBcZ70bb1ZtCrpnKDFO+qyRGS99rMbMVZjBdVcV
W/rojD0Fvq6qdCq4Gtg10zN5ljt4QCfzjxIRHuiWg0KmDqc4VIn8ezb4DFyC7BtK
T5pgq+u8zeOLnFtOmDEqSaPinFWvNvD5wedqhWsokA76xyAy2VenifW0mI4xj358
E26B6Hjcy+LRV+y9+RcrzyRbH4HXpitRjXvecEPH3Ae4dcoXRMKpgV90W+kOvWeQ
D3tnHyb9w4FlnWxQQgT/GJSKuFvg91gAWP2HfGWUkOgDYlAk9a5W1WoDkt66sccF
rzKD8DzcJyFSwsp07T9QABhRA/UVyROpvRbVbfvEqRf7M5w0
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:05:59 2024 by rpki-client on console-fra.rpki-client.org