Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/viOMnPef6y-ekawdQ3EPWtedl9g.roa
File: viOMnPef6y-ekawdQ3EPWtedl9g.roa (raw, json)
Hash identifier: RV3xandxJrGMmzrluA56zC/oLHoLYsls/VNAOcJUVz0=
Subject key identifier: BE:23:8C:9C:F7:9F:EB:2F:9E:91:AC:1D:43:71:0F:5A:D7:9D:97:D8
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 018CC56EFC9EB4F4626A7887EB96F7117649
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/viOMnPef6y-ekawdQ3EPWtedl9g.roa
Signing time: Mon 01 Jan 2024 14:30:34 +0000
ROA not before: Mon 01 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8262
IP address blocks: 194.12.224.0/19 maxlen: 19
194.12.231.0/24 maxlen: 24
194.12.234.0/24 maxlen: 24
194.12.249.0/24 maxlen: 24
194.12.254.0/24 maxlen: 24
82.119.92.0/24 maxlen: 24
82.119.94.0/24 maxlen: 24
185.92.132.0/22 maxlen: 22
82.119.64.0/19 maxlen: 19
82.119.68.0/24 maxlen: 24
82.119.69.0/24 maxlen: 24
82.119.84.0/24 maxlen: 24
82.119.83.0/24 maxlen: 24
82.119.80.0/21 maxlen: 21
89.252.223.0/24 maxlen: 24
89.252.241.0/24 maxlen: 24
89.252.246.0/24 maxlen: 24
89.252.192.0/18 maxlen: 18
85.14.36.0/24 maxlen: 24
85.14.44.0/24 maxlen: 24
85.14.49.0/24 maxlen: 24
85.14.47.0/24 maxlen: 24
176.67.233.0/24 maxlen: 24
85.14.0.0/23 maxlen: 23
85.14.0.0/18 maxlen: 18
176.67.234.0/24 maxlen: 24
85.14.12.0/24 maxlen: 24
85.14.13.0/24 maxlen: 24
85.14.24.0/24 maxlen: 24
2001:1ae0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft
rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fc:9e:b4:f4:62:6a:78:87:eb:96:f7:11:76:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be238c9cf79feb2f9e91ac1d43710f5ad79d97d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fb:b3:b6:57:7f:61:47:37:33:a6:2a:d2:a7:
31:1a:2b:c6:87:a2:33:58:c0:75:92:83:a6:2c:02:
72:78:de:c6:7e:f1:c5:bc:e8:cb:95:54:f9:87:be:
76:01:09:a4:d7:55:2b:77:1f:b6:c7:b7:e2:30:39:
25:93:6a:ec:e2:f0:3d:82:0a:0b:05:b4:bb:5c:43:
0d:5b:e7:ab:9b:92:58:77:d2:0b:4d:b7:1d:0c:18:
51:07:99:9d:2c:42:ea:59:66:9e:14:dc:c3:5a:4d:
1a:fa:5f:82:7b:5e:c8:9a:32:a9:d3:e0:80:63:a3:
82:72:4f:08:1a:16:5d:89:b0:2f:16:72:6e:92:d0:
89:70:e4:0b:c2:97:b0:58:ce:05:ec:47:90:eb:07:
51:9c:e4:8d:86:93:a6:27:04:37:ca:c0:b1:d0:a3:
7c:34:37:1f:f0:f6:f6:d1:fe:cd:33:a9:3b:00:52:
6f:55:22:27:64:6b:e9:57:fe:55:a2:55:20:57:62:
05:d1:17:d5:1a:ee:59:93:29:b3:2c:29:00:84:6b:
ba:42:2a:c1:71:0a:b9:d0:64:1a:92:ae:99:64:6e:
cb:17:49:48:68:ea:56:90:9d:2e:f7:2d:7e:13:1e:
c8:88:59:fb:bf:36:f4:1e:e6:db:e9:0a:93:0d:be:
df:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:23:8C:9C:F7:9F:EB:2F:9E:91:AC:1D:43:71:0F:5A:D7:9D:97:D8
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/viOMnPef6y-ekawdQ3EPWtedl9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.64.0/19
85.14.0.0/18
89.252.192.0/18
176.67.233.0-176.67.234.255
185.92.132.0/22
194.12.224.0/19
IPv6:
2001:1ae0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:dd:df:c2:9f:1f:ec:d6:53:8e:db:9e:53:f2:df:af:68:06:
0a:6d:45:ab:44:be:c2:4b:64:43:ad:d0:cd:f3:65:f2:bd:40:
a2:62:6b:5e:d1:fb:75:87:95:f5:b5:38:52:15:b7:f8:d7:d7:
c0:95:32:32:50:6a:5d:86:3a:18:89:59:49:56:28:8b:3d:cd:
a5:a8:39:ec:a5:c8:a9:71:38:90:56:9c:c2:11:78:59:bb:52:
cb:ab:61:aa:43:85:8e:5e:6d:ee:a3:86:13:31:b4:c9:63:4e:
2e:be:63:5f:e2:d5:05:af:3b:8c:e8:ef:b0:33:1b:d5:15:38:
70:ca:17:50:87:33:09:ce:9b:f2:7a:99:65:ce:ab:7c:bb:86:
03:48:90:dd:37:41:c7:24:96:6e:f0:23:fe:1b:90:ea:d3:82:
2f:b4:8d:b9:e8:76:66:2c:9e:a8:51:d2:39:03:ac:b7:7a:ac:
55:d4:fc:37:46:1b:ce:46:d4:f1:bc:5f:85:f6:27:df:87:74:
33:34:f3:e8:18:d7:0a:7c:f2:a6:95:da:cd:5e:58:c2:c7:0e:
44:3e:49:2d:52:84:e3:6f:26:d6:de:b0:ff:1b:10:6c:43:76:
89:0c:06:0c:0e:ed:66:7b:97:67:00:c6:0b:01:73:ad:6e:aa:
25:e6:0f:cd
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzFbvyetPRianiH65b3EXZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTIzOGM5Y2Y3OWZlYjJmOWU5MWFjMWQ0MzcxMGY1YWQ3OWQ5N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPuztld/YUc3M6Yq0qcxGivGh6Iz
WMB1koOmLAJyeN7GfvHFvOjLlVT5h752AQmk11Urdx+2x7fiMDklk2rs4vA9ggoL
BbS7XEMNW+erm5JYd9ILTbcdDBhRB5mdLELqWWaeFNzDWk0a+l+Ce17ImjKp0+CA
Y6OCck8IGhZdibAvFnJuktCJcOQLwpewWM4F7EeQ6wdRnOSNhpOmJwQ3ysCx0KN8
NDcf8Pb20f7NM6k7AFJvVSInZGvpV/5VolUgV2IF0RfVGu5ZkymzLCkAhGu6QirB
cQq50GQakq6ZZG7LF0lIaOpWkJ0u9y1+Ex7IiFn7vzb0Hubb6QqTDb7fsQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFL4jjJz3n+svnpGsHUNxD1rXnZfYMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvdmlPTW5QZWY2eS1la2F3ZFEzRVBXdGVkbDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQFUndAAwQG
VQ4AAwQGWfzAMAwDBACwQ+kDBACwQ+oDBAK5XIQDBAXCDOAwDQQCAAIwBwMFACAB
GuAwDQYJKoZIhvcNAQELBQADggEBAArd38KfH+zWU47bnlPy369oBgptRatEvsJL
ZEOt0M3zZfK9QKJia17R+3WHlfW1OFIVt/jX18CVMjJQal2GOhiJWUlWKIs9zaWo
OeylyKlxOJBWnMIReFm7UsurYapDhY5ebe6jhhMxtMljTi6+Y1/i1QWvO4zo77Az
G9UVOHDKF1CHMwnOm/J6mWXOq3y7hgNIkN03Qccklm7wI/4bkOrTgi+0jbnodmYs
nqhR0jkDrLd6rFXU/DdGG85G1PG8X4X2J9+HdDM08+gY1wp88qaV2s1eWMLHDkQ+
SS1ShONvJtbesP8bEGxDdokMBgwO7WZ7l2cAxgsBc61uqiXmD80=
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:23:05 2024 by rpki-client on console-ams.rpki-client.org