Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/j7IGzzvM2EBcSP-J9hPVJKA5XBQ.roa
File: j7IGzzvM2EBcSP-J9hPVJKA5XBQ.roa (raw, json)
Hash identifier: 8rd3LgO814XLlnk0GEZiU0her0DnjcwO3+3F5uwEEu4=
Subject key identifier: 8F:B2:06:CF:3B:CC:D8:40:5C:48:FF:89:F6:13:D5:24:A0:39:5C:14
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 018D9D82F51564CFB2167C077E8C71CA28A5
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/j7IGzzvM2EBcSP-J9hPVJKA5XBQ.roa
Signing time: Mon 12 Feb 2024 13:30:21 +0000
ROA not before: Mon 12 Feb 2024 13:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15580
IP address blocks: 91.206.86.0/24 maxlen: 24
185.55.192.0/24 maxlen: 24
193.8.188.0/24 maxlen: 24
193.58.216.0/24 maxlen: 24
193.58.222.0/23 maxlen: 23
193.58.222.0/24 maxlen: 24
193.58.223.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.12.0/22 maxlen: 22
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.4.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.9.64/27 maxlen: 27
194.127.9.224/27 maxlen: 27
194.127.10.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.16.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.19.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.26.0/23 maxlen: 23
194.127.26.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
194.127.29.0/24 maxlen: 24
194.127.30.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.32.0/22 maxlen: 24
194.127.64.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.mft
rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:82:f5:15:64:cf:b2:16:7c:07:7e:8c:71:ca:28:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Feb 12 13:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fb206cf3bccd8405c48ff89f613d524a0395c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0c:05:30:b0:27:c4:18:1a:b9:4b:44:77:fb:
84:40:17:63:6c:2a:07:b7:75:ab:6d:d9:4f:15:46:
4f:62:04:97:a8:f1:e4:81:9a:a5:52:7e:18:0b:3d:
d4:4d:79:88:07:cd:69:dc:2c:19:47:00:96:a4:89:
d9:a4:d9:26:9a:e3:76:a5:e0:b2:ef:3b:20:bc:87:
cf:c8:30:ec:fd:ff:fc:93:ca:79:db:2b:19:6e:f2:
70:f5:45:50:ee:f1:60:12:c6:03:ba:82:a4:57:c5:
80:e7:cf:01:05:13:1e:95:60:e4:a5:9b:d5:66:b2:
e5:10:fb:16:44:91:18:a3:73:c4:24:99:45:27:c4:
2e:2c:88:00:45:ae:2a:22:78:e5:c5:49:5a:a5:d1:
68:80:75:1b:ac:70:9e:b4:06:d7:fc:3a:df:a3:c8:
e7:17:fc:f7:80:97:74:63:4e:81:c9:5e:84:4e:88:
c7:c6:cd:a9:6e:45:18:10:a0:a6:65:04:24:a5:38:
b2:b1:6f:15:5a:ab:f2:2b:5c:da:95:ea:fe:3d:21:
c5:66:35:1e:79:c0:a6:1c:9f:6a:fe:34:a2:93:2b:
64:6f:99:08:93:0d:b2:76:e6:5c:f7:16:14:61:d6:
6e:6c:be:c4:9d:87:42:c2:a1:2c:bd:a6:67:84:2f:
6d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B2:06:CF:3B:CC:D8:40:5C:48:FF:89:F6:13:D5:24:A0:39:5C:14
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/j7IGzzvM2EBcSP-J9hPVJKA5XBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.86.0/24
185.55.192.0/24
193.8.188.0/24
193.58.216.0/24
193.58.222.0/23
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
ac:90:32:4a:33:25:d6:b8:95:67:5d:48:b4:c0:cf:30:df:df:
8c:2a:e6:a4:98:60:94:52:e4:2a:80:a2:b6:f1:64:2c:0f:35:
dc:bc:b4:b4:e4:78:ca:b1:62:71:88:ee:d9:7b:55:6b:2c:06:
8a:c5:2c:8f:9b:9f:ca:a2:45:0e:5d:e3:33:9d:ac:60:e5:fd:
32:62:26:9b:7b:6e:03:62:b3:31:e7:dd:fd:4b:36:72:0f:c7:
62:4d:fa:b0:e5:5d:26:07:ef:ea:36:b6:7e:75:99:cb:6d:1c:
84:4c:13:a4:ae:54:21:bc:32:15:ac:30:49:09:47:7c:82:14:
74:18:2e:e8:e6:e3:53:54:59:d8:35:8f:a4:95:7c:bc:37:f5:
22:8a:71:32:a1:80:c7:91:89:c7:14:3c:c2:5f:36:29:c1:da:
68:2e:48:17:f5:1f:41:e9:2c:fc:05:f4:2c:0f:9b:cd:68:a2:
da:12:b5:92:59:ee:98:85:49:45:f2:7b:8b:87:b2:d3:a2:35:
73:7b:d5:1d:a5:82:42:7c:d1:ea:8a:79:06:fa:db:37:64:17:
bd:63:0d:68:da:74:c0:6c:9a:bc:d1:fd:26:48:41:26:38:97:
c5:31:32:7e:66:1a:2e:6f:bb:6d:54:c2:ab:49:f9:14:60:13:
d5:a4:32:1e
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY2dgvUVZM+yFnwHfoxxyiilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjQwMjEyMTMzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmIyMDZjZjNiY2NkODQwNWM0OGZmODlmNjEzZDUyNGEwMzk1YzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAwFMLAnxBgauUtEd/uEQBdjbCoH
t3WrbdlPFUZPYgSXqPHkgZqlUn4YCz3UTXmIB81p3CwZRwCWpInZpNkmmuN2peCy
7zsgvIfPyDDs/f/8k8p52ysZbvJw9UVQ7vFgEsYDuoKkV8WA588BBRMelWDkpZvV
ZrLlEPsWRJEYo3PEJJlFJ8QuLIgARa4qInjlxUlapdFogHUbrHCetAbX/Drfo8jn
F/z3gJd0Y06ByV6ETojHxs2pbkUYEKCmZQQkpTiysW8VWqvyK1zaler+PSHFZjUe
ecCmHJ9q/jSikytkb5kIkw2yduZc9xYUYdZubL7EnYdCwqEsvaZnhC9t9QIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFI+yBs87zNhAXEj/ifYT1SSgOVwUMB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvajdJR3p6dk0yRUJjU1AtSjloUFZKS0E1WEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBZBAIAATBTAwQAW85WAwQA
uTfAAwQAwQi8AwQAwTrYAwQBwTreAwQBwcIGMAwDBAHBwgoDBATBwgAwCwMDAMJ/
AwQCwn9AMAwDBAPCf0gDBADCf0wDBATCf1AwDQQCAAIwBwMFACoBBvgwDQYJKoZI
hvcNAQELBQADggEBAKyQMkozJda4lWddSLTAzzDf34wq5qSYYJRS5CqAorbxZCwP
Ndy8tLTkeMqxYnGI7tl7VWssBorFLI+bn8qiRQ5d4zOdrGDl/TJiJpt7bgNiszHn
3f1LNnIPx2JN+rDlXSYH7+o2tn51mcttHIRME6SuVCG8MhWsMEkJR3yCFHQYLujm
41NUWdg1j6SVfLw39SKKcTKhgMeRiccUPMJfNinB2mguSBf1H0HpLPwF9CwPm81o
otoStZJZ7piFSUXye4uHstOiNXN71R2lgkJ80eqKeQb62zdkF71jDWjadMBsmrzR
/SZIQSY4l8UxMn5mGi5vu21UwqtJ+RRgE9WkMh4=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:57:57 2024 by rpki-client on console-ams.rpki-client.org