Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/Bp8t3rH-D-ONNdL_4aqtJSGuTQA.roa
File: Bp8t3rH-D-ONNdL_4aqtJSGuTQA.roa (raw, json)
Hash identifier: MBzdk4LTMOfnH5bWpUwaeBZ5UAEC3mJJ8CviLtp0cmY=
Subject key identifier: 06:9F:2D:DE:B1:FE:0F:E3:8D:35:D2:FF:E1:AA:AD:25:21:AE:4D:00
Certificate issuer: /CN=908a7ea712801e4c8feb85b3f078d05ba101aae1
Certificate serial: 018CC94E3992A31A23350B52D679172D5C7D
Authority key identifier: 90:8A:7E:A7:12:80:1E:4C:8F:EB:85:B3:F0:78:D0:5B:A1:01:AA:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kIp-pxKAHkyP64Wz8HjQW6EBquE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/Bp8t3rH-D-ONNdL_4aqtJSGuTQA.roa
Signing time: Tue 02 Jan 2024 08:33:16 +0000
ROA not before: Tue 02 Jan 2024 08:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41820
IP address blocks: 194.39.224.0/22 maxlen: 22
194.39.224.0/24 maxlen: 24
194.39.225.0/24 maxlen: 24
194.39.226.0/24 maxlen: 24
194.39.227.0/24 maxlen: 24
31.41.88.0/24 maxlen: 24
31.41.90.0/24 maxlen: 24
31.41.91.0/24 maxlen: 24
31.41.88.0/21 maxlen: 21
31.41.89.0/24 maxlen: 24
31.41.94.0/24 maxlen: 24
31.41.95.0/24 maxlen: 24
31.41.92.0/24 maxlen: 24
31.41.93.0/24 maxlen: 24
193.34.172.0/23 maxlen: 23
193.34.172.0/24 maxlen: 24
193.34.173.0/24 maxlen: 24
176.118.41.0/24 maxlen: 24
176.118.42.0/24 maxlen: 24
176.118.40.0/21 maxlen: 21
176.118.40.0/24 maxlen: 24
176.118.43.0/24 maxlen: 24
176.118.44.0/24 maxlen: 24
176.118.45.0/24 maxlen: 24
176.118.46.0/24 maxlen: 24
176.118.47.0/24 maxlen: 24
91.195.172.0/23 maxlen: 23
91.195.172.0/24 maxlen: 24
91.195.173.0/24 maxlen: 24
2a0f:6680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/kIp-pxKAHkyP64Wz8HjQW6EBquE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/kIp-pxKAHkyP64Wz8HjQW6EBquE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kIp-pxKAHkyP64Wz8HjQW6EBquE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:39:92:a3:1a:23:35:0b:52:d6:79:17:2d:5c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=908a7ea712801e4c8feb85b3f078d05ba101aae1
Validity
Not Before: Jan 2 08:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=069f2ddeb1fe0fe38d35d2ffe1aaad2521ae4d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8a:f3:a5:1f:ad:ad:53:38:2d:16:ec:9f:1c:
60:d1:a8:3c:32:5b:c8:48:f9:6a:d3:41:8f:c2:df:
ad:7b:5f:d2:91:ba:fb:1e:24:7d:87:9b:8b:e5:86:
dc:5f:84:3d:e7:f8:f5:91:62:37:cd:a0:8c:ba:54:
6e:6d:6a:fa:18:90:f9:92:e4:82:b1:fa:c1:b8:b7:
6a:9a:73:c2:11:c2:dc:2b:70:1f:77:0d:d1:44:db:
c0:6f:f4:58:d2:fc:30:2f:bf:9e:45:4c:48:f2:2b:
f5:8b:6c:ab:05:5a:69:19:ab:98:90:0e:6b:2d:27:
9c:89:83:38:70:62:db:7a:b2:5f:ac:f7:39:d9:da:
e3:20:a5:ea:50:d3:22:7d:86:b0:2a:81:59:85:1a:
ee:1c:60:00:f3:78:dd:68:d2:66:85:78:8f:99:e2:
15:71:8e:df:57:0c:4d:a2:a0:d6:22:ab:5b:59:38:
4d:72:7f:c2:80:5c:b9:78:55:7c:b0:16:82:c5:c8:
14:6f:54:2e:8b:61:0f:80:60:1a:11:7d:50:dc:2e:
74:36:77:a1:f4:59:2e:22:3a:f0:e3:08:ca:84:dc:
ff:68:e1:73:65:19:0e:5d:cf:d6:e0:c1:7c:4c:fa:
19:cf:b9:7a:f9:14:6d:7a:1e:f8:15:89:90:4a:1b:
71:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9F:2D:DE:B1:FE:0F:E3:8D:35:D2:FF:E1:AA:AD:25:21:AE:4D:00
X509v3 Authority Key Identifier:
keyid:90:8A:7E:A7:12:80:1E:4C:8F:EB:85:B3:F0:78:D0:5B:A1:01:AA:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kIp-pxKAHkyP64Wz8HjQW6EBquE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/Bp8t3rH-D-ONNdL_4aqtJSGuTQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/kIp-pxKAHkyP64Wz8HjQW6EBquE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.88.0/21
91.195.172.0/23
176.118.40.0/21
193.34.172.0/23
194.39.224.0/22
IPv6:
2a0f:6680::/29
Signature Algorithm: sha256WithRSAEncryption
87:b6:35:3e:b8:16:e4:7a:bf:a0:6b:d9:39:55:1f:4c:c8:4a:
c5:48:64:ca:80:95:10:e7:c8:f4:d6:08:f3:0c:b8:44:80:c6:
c5:5f:aa:cf:f4:6e:4f:10:4d:95:95:68:a3:20:d8:0f:3a:43:
fc:e1:76:0e:c6:7c:ff:37:a4:01:f6:6a:42:eb:15:f8:6a:d7:
8a:ac:d5:0d:20:f6:03:af:52:6a:cf:cf:a7:ef:dd:c8:26:9f:
fa:69:88:64:65:e8:d4:99:4b:fe:8d:4e:10:07:b2:a0:6c:30:
28:16:ff:e5:24:2b:de:3b:c9:f9:c8:3b:4c:23:36:e1:19:69:
6a:23:38:ae:56:fa:16:e7:d4:ae:d8:c5:1a:a9:69:90:e7:d7:
f3:fb:b0:6c:c4:63:88:13:0b:4a:6c:72:7d:96:22:72:3d:2e:
25:2e:51:d3:e0:fc:74:38:af:ff:b4:5a:32:1b:fe:2b:58:ef:
bc:93:11:bc:eb:92:b4:9b:f8:0b:cc:c4:75:16:b2:13:97:d5:
98:ea:17:46:29:df:74:c4:29:91:d5:ef:88:c5:2f:d6:c6:14:
38:63:71:a1:18:b5:e8:5f:b3:2f:bb:1d:a5:4e:45:70:00:50:
cd:02:b4:60:28:93:9a:93:38:19:59:9c:33:4c:76:7c:52:11:
7a:5a:f4:39
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzJTjmSoxojNQtS1nkXLVx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwOGE3ZWE3MTI4MDFlNGM4ZmViODViM2YwNzhkMDViYTEw
MWFhZTEwHhcNMjQwMTAyMDgzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjlmMmRkZWIxZmUwZmUzOGQzNWQyZmZlMWFhYWQyNTIxYWU0ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIrzpR+trVM4LRbsnxxg0ag8MlvI
SPlq00GPwt+te1/Skbr7HiR9h5uL5YbcX4Q95/j1kWI3zaCMulRubWr6GJD5kuSC
sfrBuLdqmnPCEcLcK3Afdw3RRNvAb/RY0vwwL7+eRUxI8iv1i2yrBVppGauYkA5r
LSeciYM4cGLberJfrPc52drjIKXqUNMifYawKoFZhRruHGAA83jdaNJmhXiPmeIV
cY7fVwxNoqDWIqtbWThNcn/CgFy5eFV8sBaCxcgUb1Qui2EPgGAaEX1Q3C50Nneh
9FkuIjrw4wjKhNz/aOFzZRkOXc/W4MF8TPoZz7l6+RRteh74FYmQShtxfwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAafLd6x/g/jjTXS/+GqrSUhrk0AMB8GA1UdIwQY
MBaAFJCKfqcSgB5Mj+uFs/B40FuhAarhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0lwLXB4S0FIa3lQNjRXejhIalFXNkVCcXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NjA1ZTYtZDlmNC00YzMyLWI0ZDEt
MWExMmNjMGIwNDA2LzEvQnA4dDNySC1ELU9OTmRMXzRhcXRKU0d1VFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NjA1ZTYtZDlmNC00YzMyLWI0ZDEtMWExMmNjMGIwNDA2
LzEva0lwLXB4S0FIa3lQNjRXejhIalFXNkVCcXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHylYAwQB
W8OsAwQDsHYoAwQBwSKsAwQCwifgMA0EAgACMAcDBQMqD2aAMA0GCSqGSIb3DQEB
CwUAA4IBAQCHtjU+uBbker+ga9k5VR9MyErFSGTKgJUQ58j01gjzDLhEgMbFX6rP
9G5PEE2VlWijINgPOkP84XYOxnz/N6QB9mpC6xX4ateKrNUNIPYDr1Jqz8+n793I
Jp/6aYhkZejUmUv+jU4QB7KgbDAoFv/lJCveO8n5yDtMIzbhGWlqIziuVvoW59Su
2MUaqWmQ59fz+7BsxGOIEwtKbHJ9liJyPS4lLlHT4Px0OK//tFoyG/4rWO+8kxG8
65K0m/gLzMR1FrITl9WY6hdGKd90xCmR1e+IxS/WxhQ4Y3GhGLXoX7Mvux2lTkVw
AFDNArRgKJOakzgZWZwzTHZ8UhF6WvQ5
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:42:16 2024 by rpki-client on console-ams.rpki-client.org