Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/R-IjmQieGCeiJQh8MNYmPBvnvps.roa
File: R-IjmQieGCeiJQh8MNYmPBvnvps.roa (raw, json)
Hash identifier: z+RpcdDIMW1emphg8X9ZvqSSPudXxWzO8U6EzPoxxCU=
Subject key identifier: 47:E2:23:99:08:9E:18:27:A2:25:08:7C:30:D6:26:3C:1B:E7:BE:9B
Certificate issuer: /CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Certificate serial: 018CC64B006909C110B83B1ECA7F695BCBD5
Authority key identifier: 21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/R-IjmQieGCeiJQh8MNYmPBvnvps.roa
Signing time: Mon 01 Jan 2024 18:30:53 +0000
ROA not before: Mon 01 Jan 2024 18:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9063
IP address blocks: 91.184.160.0/19 maxlen: 19
109.75.80.0/20 maxlen: 20
185.231.252.0/22 maxlen: 22
185.194.151.0/24 maxlen: 24
212.88.128.0/19 maxlen: 19
37.230.0.0/19 maxlen: 19
176.126.64.0/23 maxlen: 23
176.126.71.0/24 maxlen: 24
176.126.68.0/23 maxlen: 23
176.126.75.0/24 maxlen: 24
176.126.76.0/24 maxlen: 24
176.126.72.0/23 maxlen: 23
185.168.11.0/24 maxlen: 24
185.168.8.0/24 maxlen: 24
217.24.224.0/20 maxlen: 20
185.186.144.0/23 maxlen: 23
212.82.48.0/20 maxlen: 20
185.203.123.0/24 maxlen: 24
185.222.139.0/24 maxlen: 24
194.35.184.0/23 maxlen: 23
194.35.188.0/23 maxlen: 23
176.126.82.0/24 maxlen: 24
185.166.190.0/23 maxlen: 23
185.166.189.0/24 maxlen: 24
176.126.80.0/23 maxlen: 23
176.126.79.0/24 maxlen: 24
185.35.109.0/24 maxlen: 24
185.35.110.0/23 maxlen: 23
185.161.200.0/23 maxlen: 23
93.186.0.0/20 maxlen: 20
2a02:5a0::/29 maxlen: 29
2a02:5a0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:00:69:09:c1:10:b8:3b:1e:ca:7f:69:5b:cb:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Validity
Not Before: Jan 1 18:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47e22399089e1827a225087c30d6263c1be7be9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:98:99:af:45:4d:9a:4c:e4:14:2c:dc:82:cd:
2b:17:2c:4e:a0:79:5a:12:f4:d2:a1:12:b7:45:70:
d0:5d:34:fa:8b:0c:f9:06:32:6a:37:dd:e3:77:18:
5d:8c:79:2c:2f:59:ef:88:41:4e:16:0d:7c:77:96:
ae:11:bf:a2:d5:31:25:c8:09:82:f4:4f:81:a8:c4:
4e:60:40:95:8c:b6:73:26:47:ab:0f:b7:63:2d:f0:
cf:58:52:8e:df:a8:56:94:3c:8b:2a:24:4d:06:77:
1c:53:ff:87:26:f2:59:5f:da:5e:50:89:85:9f:27:
34:e7:d2:bb:3a:24:f1:26:ff:1d:96:31:a2:d5:30:
26:6d:75:a2:65:c4:ee:a8:3c:be:da:20:96:96:5c:
30:ab:6d:0f:9a:79:0f:19:38:18:03:6b:0c:07:ff:
78:aa:32:af:98:0e:e5:66:d6:33:2e:f3:74:d9:2b:
f1:42:0d:79:4b:06:8c:4e:58:dc:6b:c2:f1:2f:10:
bb:0f:8c:28:b3:4c:87:c0:2c:e6:a7:6a:5b:f3:9a:
a1:8c:54:cc:01:d2:6f:9d:8e:c3:4f:1f:b3:e0:0e:
33:79:20:7f:db:de:73:f9:13:c0:2c:8c:66:a7:f8:
49:0b:da:c8:c7:68:45:9d:cc:33:ab:98:f6:91:55:
5b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E2:23:99:08:9E:18:27:A2:25:08:7C:30:D6:26:3C:1B:E7:BE:9B
X509v3 Authority Key Identifier:
keyid:21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/R-IjmQieGCeiJQh8MNYmPBvnvps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.0.0/19
91.184.160.0/19
93.186.0.0/20
109.75.80.0/20
176.126.64.0/23
176.126.68.0/23
176.126.71.0-176.126.73.255
176.126.75.0-176.126.76.255
176.126.79.0-176.126.82.255
185.35.109.0-185.35.111.255
185.161.200.0/23
185.166.189.0-185.166.191.255
185.168.8.0/24
185.168.11.0/24
185.186.144.0/23
185.194.151.0/24
185.203.123.0/24
185.222.139.0/24
185.231.252.0/22
194.35.184.0/23
194.35.188.0/23
212.82.48.0/20
212.88.128.0/19
217.24.224.0/20
IPv6:
2a02:5a0::/29
Signature Algorithm: sha256WithRSAEncryption
52:08:42:f1:ae:20:1a:bc:8b:dc:a3:ca:d0:5f:51:92:2b:a8:
30:f9:07:d2:98:e8:26:75:35:91:f3:51:0b:53:41:a4:75:92:
c7:f4:ef:d5:b6:73:bb:c8:1b:28:5a:a3:04:2e:34:18:28:ee:
09:d1:9d:e8:0d:d7:12:46:49:73:88:d0:e0:a1:ca:c0:59:92:
70:83:73:c0:d8:d6:42:92:e0:49:6f:c6:37:d3:eb:c6:5b:f4:
3e:72:c4:a9:9a:8e:1f:09:a9:84:c5:ee:86:f1:85:21:26:19:
c8:a8:54:62:93:e8:47:a2:3f:c8:65:10:a4:ca:db:f4:f7:68:
2b:5e:02:14:68:3f:1d:70:8c:e9:d4:a3:97:e6:93:9b:87:56:
ca:22:38:1a:7b:05:ec:fc:79:44:bf:14:68:69:30:53:46:df:
ff:56:f2:04:a6:46:c6:35:65:4b:e2:4b:d9:01:8a:02:2f:c4:
2f:86:be:b7:b6:7f:ef:b9:9a:23:96:e6:fd:87:00:6c:73:aa:
33:0c:3a:b3:f5:2c:42:db:94:31:98:dd:fe:93:2f:2d:0d:e3:
b9:0c:55:21:7e:f0:68:bf:4e:3b:06:1c:c2:84:9b:f0:b3:d3:
4e:1b:59:84:b9:8d:d1:d2:68:fd:7c:a0:42:af:79:b6:41:a0:
85:df:88:32
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYzGSwBpCcEQuDseyn9pW8vVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMmJlMGVhNzFjZjQzN2UwOGVmZGYzZmU3OThlYWY5ODQx
MzFjNDYwHhcNMjQwMTAxMTgzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2UyMjM5OTA4OWUxODI3YTIyNTA4N2MzMGQ2MjYzYzFiZTdiZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZiZr0VNmkzkFCzcgs0rFyxOoHla
EvTSoRK3RXDQXTT6iwz5BjJqN93jdxhdjHksL1nviEFOFg18d5auEb+i1TElyAmC
9E+BqMROYECVjLZzJkerD7djLfDPWFKO36hWlDyLKiRNBnccU/+HJvJZX9peUImF
nyc059K7OiTxJv8dljGi1TAmbXWiZcTuqDy+2iCWllwwq20PmnkPGTgYA2sMB/94
qjKvmA7lZtYzLvN02SvxQg15SwaMTljca8LxLxC7D4wos0yHwCzmp2pb85qhjFTM
AdJvnY7DTx+z4A4zeSB/295z+RPALIxmp/hJC9rIx2hFncwzq5j2kVVbrwIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFEfiI5kInhgnoiUIfDDWJjwb576bMB8GA1UdIwQY
MBaAFCEr4Opxz0N+CO/fP+eY6vmEExxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAt
NzI1NjhmMDZmZTEwLzEvUi1Jam1RaWVHQ2VpSlFoOE1OWW1QQnZudnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAtNzI1NjhmMDZmZTEw
LzEvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBvwQCAAEwgbgDBAUl
5gADBAVbuKADBARdugADBARtS1ADBAGwfkADBAGwfkQwDAMEALB+RwMEAbB+SDAM
AwQAsH5LAwQAsH5MMAwDBACwfk8DBACwflIwDAMEALkjbQMEBLkjYAMEAbmhyDAM
AwQAuaa9AwQGuaaAAwQAuagIAwQAuagLAwQBubqQAwQAucKXAwQAuct7AwQAud6L
AwQCuef8AwQBwiO4AwQBwiO8AwQE1FIwAwQF1FiAAwQE2RjgMA0EAgACMAcDBQMq
AgWgMA0GCSqGSIb3DQEBCwUAA4IBAQBSCELxriAavIvco8rQX1GSK6gw+QfSmOgm
dTWR81ELU0GkdZLH9O/VtnO7yBsoWqMELjQYKO4J0Z3oDdcSRklziNDgocrAWZJw
g3PA2NZCkuBJb8Y30+vGW/Q+csSpmo4fCamExe6G8YUhJhnIqFRik+hHoj/IZRCk
ytv092grXgIUaD8dcIzp1KOX5pObh1bKIjgaewXs/HlEvxRoaTBTRt//VvIEpkbG
NWVL4kvZAYoCL8Qvhr63tn/vuZojlub9hwBsc6ozDDqz9SxC25QxmN3+ky8tDeO5
DFUhfvBov047BhzChJvws9NOG1mEuY3R0mj9fKBCr3m2QaCF34gy
-----END CERTIFICATE-----
Generated at Sat May 18 02:40:59 2024 by rpki-client on console-fra.rpki-client.org