Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/iUDIQb9djAnvzHwfZ860uS1iQ0k.roa
File: iUDIQb9djAnvzHwfZ860uS1iQ0k.roa (raw, json)
Hash identifier: Zq6+jMb3Lj7DctrDBuyWOwL6LCJ4eiQ5rhzeQ0WbBes=
Subject key identifier: 89:40:C8:41:BF:5D:8C:09:EF:CC:7C:1F:67:CE:B4:B9:2D:62:43:49
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 018CC801D94884DCB1039116816D431362C7
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/iUDIQb9djAnvzHwfZ860uS1iQ0k.roa
Signing time: Tue 02 Jan 2024 02:30:13 +0000
ROA not before: Tue 02 Jan 2024 02:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34659
IP address blocks: 83.136.160.0/21 maxlen: 25
5.104.192.0/21 maxlen: 24
193.36.52.0/22 maxlen: 24
185.153.96.0/22 maxlen: 24
178.21.176.0/21 maxlen: 24
77.247.104.0/22 maxlen: 24
213.41.240.0/21 maxlen: 24
185.45.228.0/22 maxlen: 24
194.169.176.0/22 maxlen: 24
194.104.16.0/22 maxlen: 24
85.31.168.0/22 maxlen: 24
185.83.236.0/22 maxlen: 24
185.185.4.0/22 maxlen: 24
185.185.8.0/22 maxlen: 24
185.96.156.0/22 maxlen: 24
2a07:8580::/29 maxlen: 48
2a00:1db8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d9:48:84:dc:b1:03:91:16:81:6d:43:13:62:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jan 2 02:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8940c841bf5d8c09efcc7c1f67ceb4b92d624349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c0:bc:4f:40:72:7c:32:2b:03:af:7a:8c:e6:
a1:44:97:a2:17:55:67:bb:50:12:c3:33:6f:80:83:
70:30:f2:ab:a7:3e:91:08:4a:5f:a0:94:03:29:f1:
f0:99:de:05:0a:f6:56:2c:15:45:52:ca:78:93:44:
7c:68:4f:f0:63:4b:fc:0a:c4:74:93:9a:7c:96:6b:
8e:3a:d6:08:07:5c:02:08:f2:a1:8c:91:1a:37:09:
b5:c0:db:b0:f6:cd:e7:40:57:f1:ec:dd:fa:19:a1:
fa:db:37:6c:27:68:8d:08:eb:0c:27:20:30:7d:b0:
35:1b:42:e5:22:c9:5c:31:20:f8:e8:d1:60:2b:41:
55:5b:0a:50:ab:6a:a1:06:8f:bd:fb:65:cf:ca:62:
c5:58:73:93:b7:a6:e9:70:7d:48:24:d0:ac:a3:da:
3e:a1:94:cc:f6:17:03:62:3c:1e:01:3d:8e:ab:81:
d2:57:11:6d:cf:87:19:9b:a7:a4:ea:96:57:6f:7c:
ea:80:b2:0a:04:3a:0e:99:73:82:ca:04:1d:aa:2e:
62:78:e7:ba:f4:46:ce:fa:c4:c6:a9:bf:36:d6:25:
ee:4f:13:b4:01:50:f4:1c:95:4a:78:ad:09:e6:59:
64:b2:03:7d:ba:6a:05:eb:9e:d9:2c:e3:89:50:06:
ed:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:40:C8:41:BF:5D:8C:09:EF:CC:7C:1F:67:CE:B4:B9:2D:62:43:49
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/iUDIQb9djAnvzHwfZ860uS1iQ0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.192.0/21
77.247.104.0/22
83.136.160.0/21
85.31.168.0/22
178.21.176.0/21
185.45.228.0/22
185.83.236.0/22
185.96.156.0/22
185.153.96.0/22
185.185.4.0-185.185.11.255
193.36.52.0/22
194.104.16.0/22
194.169.176.0/22
213.41.240.0/21
IPv6:
2a00:1db8::/29
2a07:8580::/29
Signature Algorithm: sha256WithRSAEncryption
5a:24:69:e2:7d:6b:9c:dd:57:85:e7:44:35:0d:3d:ba:89:8e:
b4:74:15:08:f8:c0:5a:2b:5f:b0:6a:59:86:a0:58:2f:64:99:
8a:89:17:b2:00:4a:52:a7:64:92:55:3d:db:06:f8:6e:d8:77:
08:1f:83:50:b9:49:ca:17:c0:8f:b6:78:14:31:5e:d6:d8:c5:
f4:6b:c5:b1:3a:5e:47:23:21:13:ed:7d:7d:82:58:f4:49:c4:
35:b3:f4:9f:64:1b:99:03:6e:a8:39:aa:77:e2:ef:c6:48:79:
c9:04:df:72:d2:e2:30:09:ed:50:5d:cf:eb:ee:70:ee:2b:4f:
39:46:29:c1:80:4b:7b:99:19:c7:02:bd:57:19:08:01:f1:b4:
f1:b8:8c:1d:56:0b:c5:f7:6d:7d:64:ad:06:f2:ce:9e:59:71:
12:40:18:1e:65:9c:bc:16:3f:e0:2f:d6:bf:58:8b:8d:68:4a:
db:08:54:18:a9:02:47:be:32:3e:6e:b4:0c:5a:f0:a7:a3:40:
b3:d0:1c:75:c5:68:08:63:36:fe:77:f0:51:a7:d2:0f:a9:66:
49:8f:56:84:56:91:b4:ab:61:d7:b9:04:14:07:3a:e1:48:0b:
fa:12:3b:66:0e:8f:b0:b8:b3:f5:dd:a1:67:ed:e8:68:7f:65:
c9:e7:21:68
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYzIAdlIhNyxA5EWgW1DE2LHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjQwMTAyMDIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQwYzg0MWJmNWQ4YzA5ZWZjYzdjMWY2N2NlYjRiOTJkNjI0MzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcC8T0ByfDIrA696jOahRJeiF1Vn
u1ASwzNvgINwMPKrpz6RCEpfoJQDKfHwmd4FCvZWLBVFUsp4k0R8aE/wY0v8CsR0
k5p8lmuOOtYIB1wCCPKhjJEaNwm1wNuw9s3nQFfx7N36GaH62zdsJ2iNCOsMJyAw
fbA1G0LlIslcMSD46NFgK0FVWwpQq2qhBo+9+2XPymLFWHOTt6bpcH1IJNCso9o+
oZTM9hcDYjweAT2Oq4HSVxFtz4cZm6ek6pZXb3zqgLIKBDoOmXOCygQdqi5ieOe6
9EbO+sTGqb821iXuTxO0AVD0HJVKeK0J5llksgN9umoF657ZLOOJUAbtKQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFIlAyEG/XYwJ78x8H2fOtLktYkNJMB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvaVVESVFiOWRqQW52ekh3Zlo4NjB1UzFpUTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi
LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXAMEAwVowAME
Ak33aAMEA1OIoAMEAlUfqAMEA7IVsAMEArkt5AMEArlT7AMEArlgnAMEArmZYDAM
AwQCubkEAwQCubkIAwQCwSQ0AwQCwmgQAwQCwqmwAwQD1SnwMBQEAgACMA4DBQMq
AB24AwUDKgeFgDANBgkqhkiG9w0BAQsFAAOCAQEAWiRp4n1rnN1XhedENQ09uomO
tHQVCPjAWitfsGpZhqBYL2SZiokXsgBKUqdkklU92wb4bth3CB+DULlJyhfAj7Z4
FDFe1tjF9GvFsTpeRyMhE+19fYJY9EnENbP0n2QbmQNuqDmqd+Lvxkh5yQTfctLi
MAntUF3P6+5w7itPOUYpwYBLe5kZxwK9VxkIAfG08biMHVYLxfdtfWStBvLOnllx
EkAYHmWcvBY/4C/Wv1iLjWhK2whUGKkCR74yPm60DFrwp6NAs9AcdcVoCGM2/nfw
UafSD6lmSY9WhFaRtKth17kEFAc64UgL+hI7Zg6PsLiz9d2hZ+3oaH9lyechaA==
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:58:08 2024 by rpki-client on console-fra.rpki-client.org