Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/h2j9vtSlQ7YfKQQ0U_1LuTXMdrg.roa
File: h2j9vtSlQ7YfKQQ0U_1LuTXMdrg.roa (raw, json)
Hash identifier: 8kHWvhzWZEJndm1Q3iaTlRTIyR6Nd3QMGXqpS/eUaNU=
Subject key identifier: 87:68:FD:BE:D4:A5:43:B6:1F:29:04:34:53:FD:4B:B9:35:CC:76:B8
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802C48C4F4E0A428FEAAB6C7F754C9F
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/h2j9vtSlQ7YfKQQ0U_1LuTXMdrg.roa
Signing time: Tue 02 Jan 2024 02:31:13 +0000
ROA not before: Tue 02 Jan 2024 02:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33977
IP address blocks: 86.106.79.0/24 maxlen: 24
185.244.108.0/22 maxlen: 22
86.106.86.0/24 maxlen: 24
93.118.45.0/24 maxlen: 24
84.247.30.0/24 maxlen: 24
89.39.253.0/24 maxlen: 24
77.81.180.0/24 maxlen: 24
86.107.24.0/23 maxlen: 23
77.81.123.0/24 maxlen: 24
86.105.17.0/24 maxlen: 24
85.204.110.0/23 maxlen: 23
89.33.130.0/23 maxlen: 23
31.14.58.0/23 maxlen: 23
31.14.57.0/24 maxlen: 24
93.113.157.0/24 maxlen: 24
85.204.52.0/23 maxlen: 23
86.105.180.0/24 maxlen: 24
86.104.7.0/24 maxlen: 24
93.114.251.0/24 maxlen: 24
86.104.16.0/24 maxlen: 24
77.81.87.0/24 maxlen: 24
188.214.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:c4:8c:4f:4e:0a:42:8f:ea:ab:6c:7f:75:4c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8768fdbed4a543b61f29043453fd4bb935cc76b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a9:59:bc:35:07:dc:a9:03:6f:fb:55:fa:6b:
0b:3e:3a:a2:c7:53:f6:d0:8c:ec:41:49:75:70:d9:
72:f6:fc:d4:6c:f7:59:13:ed:98:d9:d0:1d:95:20:
b7:da:bc:f2:ef:14:1b:74:9e:7c:b6:c9:f3:df:81:
bd:db:02:c3:1a:44:7e:b0:55:84:41:fc:30:aa:a2:
68:a5:b0:57:b0:20:4b:29:82:5a:c4:be:80:b1:4f:
e4:e4:54:bb:c3:39:49:12:a2:63:9b:d3:ca:db:07:
d2:42:dd:d0:b1:8f:43:66:bb:89:9a:5f:5a:45:7d:
d9:6f:de:05:c8:4b:11:e7:45:a0:c7:4d:e9:e1:b9:
66:98:4b:ed:d7:85:96:01:fb:ef:6a:69:44:50:e1:
34:5a:fe:fd:02:4e:36:ca:af:44:76:5b:49:37:13:
35:7f:c0:44:2c:b1:98:6b:0d:a8:ef:9b:94:b4:c1:
ec:a9:cd:0c:8e:9a:64:0c:72:16:9f:66:61:4b:37:
1a:2c:97:49:c9:b3:1b:3d:d9:25:ce:78:2f:96:ce:
bd:f5:c4:ad:14:8e:9c:d6:51:ac:5e:be:cd:60:6d:
7c:ae:47:af:18:e6:8d:6d:1c:be:47:50:b0:4e:28:
0b:13:28:5b:9c:fc:c2:47:f8:b0:25:ac:c3:f4:82:
09:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:68:FD:BE:D4:A5:43:B6:1F:29:04:34:53:FD:4B:B9:35:CC:76:B8
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/h2j9vtSlQ7YfKQQ0U_1LuTXMdrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.57.0-31.14.59.255
77.81.87.0/24
77.81.123.0/24
77.81.180.0/24
84.247.30.0/24
85.204.52.0/23
85.204.110.0/23
86.104.7.0/24
86.104.16.0/24
86.105.17.0/24
86.105.180.0/24
86.106.79.0/24
86.106.86.0/24
86.107.24.0/23
89.33.130.0/23
89.39.253.0/24
93.113.157.0/24
93.114.251.0/24
93.118.45.0/24
185.244.108.0/22
188.214.126.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:80:7b:ee:0a:8e:77:ef:7c:d4:f8:0a:4d:f1:7c:38:3f:d0:
4b:f7:13:74:2d:25:0a:e8:99:5c:60:da:78:34:be:4c:ed:d9:
4f:3c:77:d1:97:d7:e4:be:71:e1:92:c5:41:3b:6b:a3:b1:4d:
37:13:fc:5a:0b:d2:5c:6f:5e:5e:39:cf:32:d4:82:fd:49:c6:
a2:f2:e8:39:0e:5e:bf:3b:6d:04:e6:02:2f:33:a2:9f:e5:01:
87:6d:d3:ee:6d:6b:2b:f3:3b:c6:56:ae:09:a7:ee:37:f8:15:
1f:a9:d1:7a:1a:bf:3a:64:65:ee:07:f3:27:ef:ed:df:d4:5b:
41:93:df:d6:03:7b:ac:6c:49:18:61:c8:0c:f4:99:41:f9:74:
2f:ec:f3:40:de:e7:5f:e9:cf:42:7e:c6:1a:5c:48:ee:20:97:
ec:33:0f:d2:49:d2:b3:66:43:5f:28:95:dd:c6:9e:a3:03:7a:
b2:0d:1f:eb:e1:ea:7f:ac:80:3d:2a:25:3f:70:cb:69:80:9c:
ff:05:2c:de:29:a9:eb:2f:66:8d:5d:f2:ea:51:cb:53:51:6a:
36:12:f1:11:55:f7:8f:86:c5:7a:70:47:e1:9b:5b:e3:01:e9:
84:82:2b:f4:5d:97:a4:b3:81:52:48:8f:56:c1:45:d5:6e:07:
86:96:d0:09
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYzIAsSMT04KQo/qq2x/dUyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY4ZmRiZWQ0YTU0M2I2MWYyOTA0MzQ1M2ZkNGJiOTM1Y2M3NmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKlZvDUH3KkDb/tV+msLPjqix1P2
0IzsQUl1cNly9vzUbPdZE+2Y2dAdlSC32rzy7xQbdJ58tsnz34G92wLDGkR+sFWE
QfwwqqJopbBXsCBLKYJaxL6AsU/k5FS7wzlJEqJjm9PK2wfSQt3QsY9DZruJml9a
RX3Zb94FyEsR50Wgx03p4blmmEvt14WWAfvvamlEUOE0Wv79Ak42yq9EdltJNxM1
f8BELLGYaw2o75uUtMHsqc0MjppkDHIWn2ZhSzcaLJdJybMbPdklzngvls699cSt
FI6c1lGsXr7NYG18rkevGOaNbRy+R1CwTigLEyhbnPzCR/iwJazD9IIJ1wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFIdo/b7UpUO2HykENFP9S7k1zHa4MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvaDJqOXZ0U2xRN1lmS1FRMFVfMUx1VFhNZHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYwDAME
AB8OOQMEAh8OOAMEAE1RVwMEAE1RewMEAE1RtAMEAFT3HgMEAVXMNAMEAVXMbgME
AFZoBwMEAFZoEAMEAFZpEQMEAFZptAMEAFZqTwMEAFZqVgMEAVZrGAMEAVkhggME
AFkn/QMEAF1xnQMEAF1y+wMEAF12LQMEArn0bAMEALzWfjANBgkqhkiG9w0BAQsF
AAOCAQEAbYB77gqOd+981PgKTfF8OD/QS/cTdC0lCuiZXGDaeDS+TO3ZTzx30ZfX
5L5x4ZLFQTtro7FNNxP8WgvSXG9eXjnPMtSC/UnGovLoOQ5evzttBOYCLzOin+UB
h23T7m1rK/M7xlauCafuN/gVH6nRehq/OmRl7gfzJ+/t39RbQZPf1gN7rGxJGGHI
DPSZQfl0L+zzQN7nX+nPQn7GGlxI7iCX7DMP0knSs2ZDXyiV3caeowN6sg0f6+Hq
f6yAPSolP3DLaYCc/wUs3imp6y9mjV3y6lHLU1FqNhLxEVX3j4bFenBH4Ztb4wHp
hIIr9F2XpLOBUkiPVsFF1W4HhpbQCQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:29 2024 by rpki-client on console-ams.rpki-client.org