Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/8QxX58LGwmGQ2m6v52VAVTsLIRM.roa
File: 8QxX58LGwmGQ2m6v52VAVTsLIRM.roa (raw, json)
Hash identifier: CByZ7tVcU3yONGO+TI9t+ETXK67Nhm/vsR6+y81aHKw=
Subject key identifier: F1:0C:57:E7:C2:C6:C2:61:90:DA:6E:AF:E7:65:40:55:3B:0B:21:13
Certificate issuer: /CN=89887de01d8b1cbd50b75dbac91339f6617a4d8a
Certificate serial: 018E9F47C6BF379B1ADCC8BC5FECD40C58A0
Authority key identifier: 89:88:7D:E0:1D:8B:1C:BD:50:B7:5D:BA:C9:13:39:F6:61:7A:4D:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYh94B2LHL1Qt126yRM59mF6TYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/8QxX58LGwmGQ2m6v52VAVTsLIRM.roa
Signing time: Tue 02 Apr 2024 14:47:45 +0000
ROA not before: Tue 02 Apr 2024 14:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47806
IP address blocks: 93.88.28.0/22 maxlen: 22
93.88.28.0/23 maxlen: 23
93.88.28.0/24 maxlen: 24
93.88.29.0/24 maxlen: 24
93.88.30.0/23 maxlen: 23
93.88.30.0/24 maxlen: 24
93.88.31.0/24 maxlen: 24
152.89.144.0/22 maxlen: 22
152.89.144.0/23 maxlen: 23
152.89.144.0/24 maxlen: 24
152.89.145.0/24 maxlen: 24
152.89.146.0/23 maxlen: 23
152.89.146.0/24 maxlen: 24
152.89.147.0/24 maxlen: 24
185.251.208.0/22 maxlen: 22
185.251.208.0/23 maxlen: 23
185.251.208.0/24 maxlen: 24
185.251.209.0/24 maxlen: 24
185.251.210.0/23 maxlen: 23
185.251.210.0/24 maxlen: 24
185.251.211.0/24 maxlen: 24
193.30.124.0/23 maxlen: 23
193.30.124.0/24 maxlen: 24
193.30.125.0/24 maxlen: 24
193.30.128.0/24 maxlen: 24
2a0c:1d40::/29 maxlen: 29
2a0c:5040::/30 maxlen: 30
2a0c:5044::/31 maxlen: 31
2a10:1540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/iYh94B2LHL1Qt126yRM59mF6TYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/iYh94B2LHL1Qt126yRM59mF6TYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/iYh94B2LHL1Qt126yRM59mF6TYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:47:c6:bf:37:9b:1a:dc:c8:bc:5f:ec:d4:0c:58:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89887de01d8b1cbd50b75dbac91339f6617a4d8a
Validity
Not Before: Apr 2 14:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f10c57e7c2c6c26190da6eafe76540553b0b2113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1b:79:46:05:36:10:41:84:bc:f9:6c:7a:37:
82:f4:67:6f:e0:33:5e:6f:79:de:25:72:4f:97:57:
9a:1e:78:e6:f2:0e:bb:bf:46:51:86:9f:30:d8:3f:
46:c5:fb:00:2f:f1:a2:04:33:8b:8d:7b:df:58:6c:
60:eb:50:3d:89:44:5a:0b:86:de:20:09:5c:22:4e:
f2:2b:9d:23:e5:db:5f:1e:d8:f4:d0:ed:5c:71:49:
cf:0d:ee:c1:58:a7:52:a3:4d:ee:33:c9:ba:ed:aa:
79:c6:f9:7f:59:2c:04:ce:3a:90:57:e7:3a:34:db:
95:78:0c:4c:a7:95:6c:d0:78:1f:a4:90:eb:51:2c:
69:08:d9:d5:70:a2:d5:61:4c:cd:b2:12:6b:4e:3c:
56:c9:9c:e2:57:df:80:3a:8c:9e:24:99:a7:2f:4b:
f2:00:13:a1:20:8c:b5:c7:95:6d:c1:74:19:3b:90:
9f:cd:61:31:c4:0e:6a:0f:ca:87:a6:be:45:18:16:
de:75:ec:33:51:ba:ea:9c:8e:35:d0:db:cc:17:a9:
c1:75:e4:78:54:94:ac:fb:25:80:9b:29:0c:84:b7:
ea:33:97:44:f0:03:27:6b:14:3f:72:56:fc:a3:bd:
0e:0a:6d:3c:24:79:03:9a:32:39:55:e5:f1:fa:7d:
2e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:0C:57:E7:C2:C6:C2:61:90:DA:6E:AF:E7:65:40:55:3B:0B:21:13
X509v3 Authority Key Identifier:
keyid:89:88:7D:E0:1D:8B:1C:BD:50:B7:5D:BA:C9:13:39:F6:61:7A:4D:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYh94B2LHL1Qt126yRM59mF6TYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/8QxX58LGwmGQ2m6v52VAVTsLIRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/iYh94B2LHL1Qt126yRM59mF6TYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.28.0/22
152.89.144.0/22
185.251.208.0/22
193.30.124.0/23
193.30.128.0/24
IPv6:
2a0c:1d40::/29
2a0c:5040::-2a0c:5045:ffff:ffff:ffff:ffff:ffff:ffff
2a10:1540::/29
Signature Algorithm: sha256WithRSAEncryption
11:58:43:65:46:39:2e:f9:61:b2:2c:c7:95:8c:3d:4b:a7:1c:
45:7c:9a:82:ac:94:e7:fe:b3:f2:2f:b1:75:2e:2a:62:c2:e8:
f0:9f:39:a5:31:b5:0f:9d:20:fd:da:e7:0a:84:d3:bc:a1:5d:
3f:05:b4:32:f0:39:25:03:8b:1a:1e:98:47:35:64:2c:9d:c2:
55:8b:2c:23:6f:2b:3f:da:55:2a:0e:e3:ea:9f:a0:e5:5d:7d:
27:cf:d4:0a:f4:e3:86:fb:ae:6a:f1:83:ca:1f:ad:6d:de:90:
ce:23:8e:0b:fe:7c:ec:ed:6d:01:35:1d:18:c1:62:39:fe:91:
a4:8b:d4:1e:c4:f7:71:51:c8:c5:c1:35:ad:a4:39:ef:21:2b:
98:f0:13:72:3b:7a:a8:39:4a:6d:e0:2f:81:50:91:09:6c:f3:
28:df:ee:85:be:9f:41:95:6b:93:dc:40:5e:a3:b5:b5:10:eb:
86:3e:f1:1a:90:b0:9e:a6:42:95:72:7b:d3:cb:9c:5e:12:00:
10:0a:f6:71:92:a6:68:63:c7:c9:1c:8b:85:8f:05:32:b0:59:
c3:bf:99:e0:65:b5:b1:fc:3b:2c:f6:38:65:f4:14:22:5d:94:
9d:0b:b1:77:57:e4:b3:85:4d:68:ba:8f:05:69:a5:86:0a:8c:
df:bc:74:46
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY6fR8a/N5sa3Mi8X+zUDFigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODg3ZGUwMWQ4YjFjYmQ1MGI3NWRiYWM5MTMzOWY2NjE3
YTRkOGEwHhcNMjQwNDAyMTQ0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTBjNTdlN2MyYzZjMjYxOTBkYTZlYWZlNzY1NDA1NTNiMGIyMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBt5RgU2EEGEvPlsejeC9Gdv4DNe
b3neJXJPl1eaHnjm8g67v0ZRhp8w2D9GxfsAL/GiBDOLjXvfWGxg61A9iURaC4be
IAlcIk7yK50j5dtfHtj00O1ccUnPDe7BWKdSo03uM8m67ap5xvl/WSwEzjqQV+c6
NNuVeAxMp5Vs0HgfpJDrUSxpCNnVcKLVYUzNshJrTjxWyZziV9+AOoyeJJmnL0vy
ABOhIIy1x5VtwXQZO5CfzWExxA5qD8qHpr5FGBbedewzUbrqnI410NvMF6nBdeR4
VJSs+yWAmykMhLfqM5dE8AMnaxQ/clb8o70OCm08JHkDmjI5VeXx+n0u1wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFPEMV+fCxsJhkNpur+dlQFU7CyETMB8GA1UdIwQY
MBaAFImIfeAdixy9ULdduskTOfZhek2KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVloOTRCMkxITDFRdDEyNnlSTTU5bUY2VFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS85Y2U3NDItMGM1ZC00YzM0LTg3NjUt
NWVkNTE1N2NlZDBhLzEvOFF4WDU4TEd3bUdRMm02djUyVkFWVHNMSVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS85Y2U3NDItMGM1ZC00YzM0LTg3NjUtNWVkNTE1N2NlZDBh
LzEvaVloOTRCMkxITDFRdDEyNnlSTTU5bUY2VFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAkBAIAATAeAwQCXVgcAwQC
mFmQAwQCufvQAwQBwR58AwQAwR6AMCQEAgACMB4DBQMqDB1AMA4DBQYqDFBAAwUB
KgxQRAMFAyoQFUAwDQYJKoZIhvcNAQELBQADggEBABFYQ2VGOS75YbIsx5WMPUun
HEV8moKslOf+s/IvsXUuKmLC6PCfOaUxtQ+dIP3a5wqE07yhXT8FtDLwOSUDixoe
mEc1ZCydwlWLLCNvKz/aVSoO4+qfoOVdfSfP1Ar044b7rmrxg8ofrW3ekM4jjgv+
fOztbQE1HRjBYjn+kaSL1B7E93FRyMXBNa2kOe8hK5jwE3I7eqg5Sm3gL4FQkQls
8yjf7oW+n0GVa5PcQF6jtbUQ64Y+8RqQsJ6mQpVye9PLnF4SABAK9nGSpmhjx8kc
i4WPBTKwWcO/meBltbH8Oyz2OGX0FCJdlJ0LsXdX5LOFTWi6jwVppYYKjN+8dEY=
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:04:51 2024 by rpki-client on console-fra.rpki-client.org