Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/iXZOHA6PnId5_gFeR2sLaRMALSg.roa
File: iXZOHA6PnId5_gFeR2sLaRMALSg.roa (raw, json)
Hash identifier: b/N3GNLnZgJpmAKw0+FQ0ZDvremGQTnMV6lErjiYD1I=
Subject key identifier: 89:76:4E:1C:0E:8F:9C:87:79:FE:01:5E:47:6B:0B:69:13:00:2D:28
Certificate issuer: /CN=0f925691603903ef24485cb4bf35e28307867b83
Certificate serial: 019077C32F318A4DADC4A90CF0E639E0A80D
Authority key identifier: 0F:92:56:91:60:39:03:EF:24:48:5C:B4:BF:35:E2:83:07:86:7B:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5JWkWA5A-8kSFy0vzXigweGe4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/iXZOHA6PnId5_gFeR2sLaRMALSg.roa
Signing time: Wed 03 Jul 2024 08:43:18 +0000
ROA not before: Wed 03 Jul 2024 08:43:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29596
IP address blocks: 91.232.183.0/24 maxlen: 24
93.175.96.0/19 maxlen: 19
93.175.100.0/23 maxlen: 23
93.175.102.0/23 maxlen: 23
93.175.104.0/23 maxlen: 23
93.175.106.0/24 maxlen: 24
93.175.107.0/24 maxlen: 24
93.175.108.0/22 maxlen: 22
93.175.108.0/24 maxlen: 24
93.175.109.0/24 maxlen: 24
93.175.110.0/24 maxlen: 24
93.175.111.0/24 maxlen: 24
93.175.112.0/24 maxlen: 24
93.175.113.0/24 maxlen: 24
93.175.114.0/24 maxlen: 24
93.175.115.0/24 maxlen: 24
93.175.116.0/23 maxlen: 23
93.175.118.0/23 maxlen: 23
93.175.120.0/24 maxlen: 24
93.175.121.0/24 maxlen: 24
93.175.123.0/24 maxlen: 24
128.127.12.0/23 maxlen: 23
128.127.14.0/24 maxlen: 24
128.127.15.0/24 maxlen: 24
193.19.212.0/24 maxlen: 24
193.19.213.0/24 maxlen: 24
193.19.214.0/24 maxlen: 24
193.19.215.0/24 maxlen: 24
194.54.20.0/22 maxlen: 22
194.54.21.0/24 maxlen: 24
194.54.22.0/24 maxlen: 24
194.54.23.0/24 maxlen: 24
194.146.216.0/22 maxlen: 22
194.146.216.0/24 maxlen: 24
194.146.217.0/24 maxlen: 24
194.146.218.0/24 maxlen: 24
194.146.219.0/24 maxlen: 24
2a06:f4c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/D5JWkWA5A-8kSFy0vzXigweGe4M.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/D5JWkWA5A-8kSFy0vzXigweGe4M.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5JWkWA5A-8kSFy0vzXigweGe4M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 14:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:c3:2f:31:8a:4d:ad:c4:a9:0c:f0:e6:39:e0:a8:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f925691603903ef24485cb4bf35e28307867b83
Validity
Not Before: Jul 3 08:43:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89764e1c0e8f9c8779fe015e476b0b6913002d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b1:f1:5c:aa:c8:73:0c:91:0c:ae:2f:f1:5e:
53:31:9d:c2:a7:ca:24:13:95:4b:6c:ae:09:60:e8:
0f:7b:44:c6:ee:9f:01:49:41:5b:15:30:12:15:37:
f6:ce:7c:90:f4:08:1f:a8:9a:9e:d2:7b:f5:50:26:
60:fc:fc:7c:18:e0:6b:6e:25:34:7e:b2:c5:7d:37:
a8:df:0c:a6:cf:3c:28:5f:16:ec:7c:e7:cb:5b:04:
35:d8:e8:ca:91:89:70:a0:e4:bf:5f:80:29:23:ce:
e8:13:33:5d:09:ba:1c:ad:3f:35:b5:49:6e:4f:49:
98:7e:d9:f0:50:ac:69:30:50:46:cb:4e:8f:8e:4d:
bb:1d:eb:cb:0a:cb:cd:ff:f1:99:f1:8c:9a:68:69:
b9:00:a1:af:1d:1a:57:a9:20:38:78:41:0d:5f:76:
20:9e:33:2f:27:05:43:73:43:cb:22:c6:20:7b:ee:
fb:76:ba:90:a4:81:9d:70:58:f1:b8:56:ba:eb:e8:
1f:e1:73:dc:d8:af:c4:87:51:f1:3a:fd:a8:2e:6f:
29:c9:6a:6b:21:72:f8:3b:bc:23:6e:1d:e4:34:9a:
e6:b7:c8:5c:d4:43:88:bf:aa:9a:b9:9d:90:d8:15:
5f:a8:5f:b6:a7:d5:b9:4d:21:31:b9:66:9a:7a:b8:
5e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:76:4E:1C:0E:8F:9C:87:79:FE:01:5E:47:6B:0B:69:13:00:2D:28
X509v3 Authority Key Identifier:
keyid:0F:92:56:91:60:39:03:EF:24:48:5C:B4:BF:35:E2:83:07:86:7B:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5JWkWA5A-8kSFy0vzXigweGe4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/iXZOHA6PnId5_gFeR2sLaRMALSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ff9252-3db4-455f-b20f-e3e302005d8f/1/D5JWkWA5A-8kSFy0vzXigweGe4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.183.0/24
93.175.96.0/19
128.127.12.0/22
193.19.212.0/22
194.54.20.0/22
194.146.216.0/22
IPv6:
2a06:f4c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:d4:7b:4f:43:44:db:ba:17:60:a1:9a:1f:53:5c:c3:9b:a5:
ac:3c:70:d1:eb:28:ae:fe:e7:60:ec:57:06:9e:44:f1:a1:e1:
49:21:e5:bd:77:9c:b0:6d:91:f2:dd:dc:3b:80:ba:8e:29:61:
8b:2f:57:f2:5e:3e:25:eb:14:92:6b:25:c5:27:1c:e3:c3:4f:
42:4c:c1:f6:ce:99:0b:1d:41:3d:8a:e3:b6:ae:b2:f5:ae:a4:
e5:d7:4e:cd:f0:c1:d7:77:8a:b7:d2:8a:05:3c:8f:08:a6:29:
31:0c:f7:eb:40:0a:6c:34:0c:d2:65:66:16:6a:ce:5b:87:c7:
2d:cb:aa:a2:59:d6:6c:2e:c7:f2:5d:26:97:af:97:38:f6:58:
9b:b9:c3:e7:ec:a0:61:c4:e1:88:67:23:8a:3a:62:e4:d6:28:
32:af:cc:91:b1:d1:48:a8:7d:89:bb:82:ff:08:c5:5c:4b:67:
b0:aa:3c:99:5d:7c:cc:f0:5f:16:6d:af:de:c1:c4:b1:46:04:
22:be:2d:66:eb:98:c1:c1:31:e0:81:cd:c2:76:2f:33:11:9c:
63:33:bd:64:ff:f1:f3:74:e0:33:27:49:c7:11:d3:3c:48:68:
59:4f:2e:dd:98:c1:25:6a:d6:b6:f5:e9:8e:8c:b3:ee:47:50:
99:47:b1:1f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZB3wy8xik2txKkM8OY54KgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOTI1NjkxNjAzOTAzZWYyNDQ4NWNiNGJmMzVlMjgzMDc4
NjdiODMwHhcNMjQwNzAzMDg0MzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc2NGUxYzBlOGY5Yzg3NzlmZTAxNWU0NzZiMGI2OTEzMDAyZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bHxXKrIcwyRDK4v8V5TMZ3Cp8ok
E5VLbK4JYOgPe0TG7p8BSUFbFTASFTf2znyQ9AgfqJqe0nv1UCZg/Px8GOBrbiU0
frLFfTeo3wymzzwoXxbsfOfLWwQ12OjKkYlwoOS/X4ApI87oEzNdCbocrT81tUlu
T0mYftnwUKxpMFBGy06Pjk27HevLCsvN//GZ8YyaaGm5AKGvHRpXqSA4eEENX3Yg
njMvJwVDc0PLIsYge+77drqQpIGdcFjxuFa66+gf4XPc2K/Eh1HxOv2oLm8pyWpr
IXL4O7wjbh3kNJrmt8hc1EOIv6qauZ2Q2BVfqF+2p9W5TSExuWaaerhe8wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIl2ThwOj5yHef4BXkdrC2kTAC0oMB8GA1UdIwQY
MBaAFA+SVpFgOQPvJEhctL814oMHhnuDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVKV2tXQTVBLThrU0Z5MHZ6WGlnd2VHZTRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9mZjkyNTItM2RiNC00NTVmLWIyMGYt
ZTNlMzAyMDA1ZDhmLzEvaVhaT0hBNlBuSWQ1X2dGZVIyc0xhUk1BTFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9mZjkyNTItM2RiNC00NTVmLWIyMGYtZTNlMzAyMDA1ZDhm
LzEvRDVKV2tXQTVBLThrU0Z5MHZ6WGlnd2VHZTRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW+i3AwQF
Xa9gAwQCgH8MAwQCwRPUAwQCwjYUAwQCwpLYMA0EAgACMAcDBQMqBvTAMA0GCSqG
SIb3DQEBCwUAA4IBAQBp1HtPQ0TbuhdgoZofU1zDm6WsPHDR6yiu/udg7FcGnkTx
oeFJIeW9d5ywbZHy3dw7gLqOKWGLL1fyXj4l6xSSayXFJxzjw09CTMH2zpkLHUE9
iuO2rrL1rqTl107N8MHXd4q30ooFPI8IpikxDPfrQApsNAzSZWYWas5bh8cty6qi
WdZsLsfyXSaXr5c49libucPn7KBhxOGIZyOKOmLk1igyr8yRsdFIqH2Ju4L/CMVc
S2ewqjyZXXzM8F8Wba/ewcSxRgQivi1m65jBwTHggc3Cdi8zEZxjM71k//HzdOAz
J0nHEdM8SGhZTy7dmMElata29emOjLPuR1CZR7Ef
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:40:16 2024 by rpki-client on console-ams.rpki-client.org