Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/f4-nGFpiPPiV5Qiatx6QJAoVIck.roa
File: f4-nGFpiPPiV5Qiatx6QJAoVIck.roa (raw, json)
Hash identifier: sbuG8eCydt72Ft74PJQMOfIHyMxYmeWu9pPrZcHgUrQ=
Subject key identifier: 7F:8F:A7:18:5A:62:3C:F8:95:E5:08:9A:B7:1E:90:24:0A:15:21:C9
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018E420B1002958A3B67DF9F3BFC8DFF5305
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/f4-nGFpiPPiV5Qiatx6QJAoVIck.roa
Signing time: Fri 15 Mar 2024 12:16:44 +0000
ROA not before: Fri 15 Mar 2024 12:16:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
85.117.124.0/24 maxlen: 24
85.117.125.0/24 maxlen: 24
85.117.126.0/24 maxlen: 24
85.117.127.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.64.0/24 maxlen: 24
217.76.65.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:27::/48 maxlen: 48
2a03:32c0:300a::/48 maxlen: 48
2a03:32c0:300b::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
2a03:32c0:3010::/48 maxlen: 48
2a03:32c0:3011::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:0b:10:02:95:8a:3b:67:df:9f:3b:fc:8d:ff:53:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Mar 15 12:16:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f8fa7185a623cf895e5089ab71e90240a1521c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:01:08:6c:a1:be:3b:55:c5:61:a7:9d:6d:90:
ac:74:8c:d3:93:ed:e8:64:47:bf:ab:bb:1a:48:2f:
70:91:36:35:07:f4:59:da:f8:cd:b9:d3:96:38:41:
f9:15:6e:d3:80:ef:1c:35:31:ce:13:6e:36:90:d2:
b0:78:7c:d5:f2:36:1c:39:7b:78:7d:f7:2d:d2:c3:
ca:d4:b0:9f:df:64:2f:f6:c7:8a:ee:30:09:a0:f7:
6a:af:d4:0f:5f:8b:e3:a1:88:f4:0e:28:9c:83:be:
70:a0:be:c7:a6:8f:ad:5b:23:93:ec:e4:bb:76:3b:
73:44:c5:37:13:c7:d8:7b:9e:97:1f:05:c6:e5:37:
bd:4c:7a:80:c8:66:66:41:76:74:bf:90:3a:ed:f9:
d5:f0:df:c4:a3:f8:f6:9b:64:bf:01:3f:f8:ca:7d:
fb:ca:2a:73:04:00:07:3d:fe:19:9c:91:80:ac:5b:
4e:83:7b:a3:be:7c:5b:5e:ce:e9:38:50:1f:7a:a4:
c7:61:33:de:5a:8e:f0:4f:83:79:a6:1e:fd:7f:bf:
1d:6c:31:29:6f:20:5e:98:eb:83:bf:d1:b4:7d:ea:
25:0b:94:ac:78:c2:8b:aa:7c:d1:da:51:d6:78:d2:
27:08:76:ce:0c:3f:95:18:f6:17:fd:e6:ad:cc:80:
c3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:8F:A7:18:5A:62:3C:F8:95:E5:08:9A:B7:1E:90:24:0A:15:21:C9
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/f4-nGFpiPPiV5Qiatx6QJAoVIck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/19
185.57.72.0/22
217.76.64.0/23
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:27::/48
2a03:32c0:300a::/47
2a03:32c0:300e::-2a03:32c0:3011:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
35:87:5b:df:06:b8:3d:28:1f:a3:30:f8:30:3c:fd:0a:96:a8:
4f:e9:6f:23:a8:e7:50:be:a8:a9:0a:c6:d1:a3:be:7d:d2:82:
13:bd:22:0c:d8:3f:e3:46:fb:c8:db:69:94:6a:4d:dc:5b:cb:
67:2a:c8:c4:04:3e:1f:a9:d0:16:12:90:68:a7:f2:8b:c6:20:
28:47:b8:ab:22:30:6b:2b:e6:c4:46:32:fa:3b:ac:af:d4:0a:
83:a0:14:20:07:97:d9:79:10:90:ec:b8:95:92:b1:3a:31:5f:
c8:ef:8e:3e:fa:a7:74:f8:fa:90:bd:ea:ca:47:44:58:27:df:
51:a9:23:64:a0:a4:23:73:32:a0:6c:41:74:c9:dc:53:cc:f0:
5a:25:ef:0a:d0:d0:60:bf:81:14:9c:37:47:b2:de:39:70:9b:
9b:ee:44:9b:04:66:0b:7a:e0:e2:fc:30:3f:2b:54:5e:a9:da:
29:93:59:ed:a7:48:5d:92:b6:0a:eb:09:c5:f4:2b:7c:cf:5b:
54:6b:49:96:9c:51:36:a3:2c:65:7f:b1:6d:f8:df:53:81:b4:
f2:00:33:da:0f:0c:e9:c2:d7:65:d0:80:a0:bb:62:14:64:9b:
c1:eb:2e:ba:c7:22:e7:69:45:3e:96:7b:cf:7e:4f:dd:3e:53:
e4:3d:39:61
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAY5CCxAClYo7Z9+fO/yN/1MFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMzE1MTIxNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjhmYTcxODVhNjIzY2Y4OTVlNTA4OWFiNzFlOTAyNDBhMTUyMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwEIbKG+O1XFYaedbZCsdIzTk+3o
ZEe/q7saSC9wkTY1B/RZ2vjNudOWOEH5FW7TgO8cNTHOE242kNKweHzV8jYcOXt4
ffct0sPK1LCf32Qv9seK7jAJoPdqr9QPX4vjoYj0Diicg75woL7Hpo+tWyOT7OS7
djtzRMU3E8fYe56XHwXG5Te9THqAyGZmQXZ0v5A67fnV8N/Eo/j2m2S/AT/4yn37
yipzBAAHPf4ZnJGArFtOg3ujvnxbXs7pOFAfeqTHYTPeWo7wT4N5ph79f78dbDEp
byBemOuDv9G0feolC5SseMKLqnzR2lHWeNInCHbODD+VGPYX/eatzIDD9QIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFH+PpxhaYjz4leUImrcekCQKFSHJMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvZjQtbkdGcGlQUGlWNVFpYXR4NlFKQW9WSWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjA6BAIAATA0AwQFVXVg
AwQCuTlIAwQB2UxAAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDBU
BAIAAjBOMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGAMH
ACoDMsAAJwMHASoDMsAwCjASAwcBKgMywDAOAwcBKgMywDAQMA0GCSqGSIb3DQEB
CwUAA4IBAQA1h1vfBrg9KB+jMPgwPP0KlqhP6W8jqOdQvqipCsbRo7590oITvSIM
2D/jRvvI22mUak3cW8tnKsjEBD4fqdAWEpBop/KLxiAoR7irIjBrK+bERjL6O6yv
1AqDoBQgB5fZeRCQ7LiVkrE6MV/I744++qd0+PqQverKR0RYJ99RqSNkoKQjczKg
bEF0ydxTzPBaJe8K0NBgv4EUnDdHst45cJub7kSbBGYLeuDi/DA/K1Reqdopk1nt
p0hdkrYK6wnF9Ct8z1tUa0mWnFE2oyxlf7Ft+N9TgbTyADPaDwzpwtdl0ICgu2IU
ZJvB6y66xyLnaUU+lnvPfk/dPlPkPTlh
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:48:49 2024 by rpki-client on console-ams.rpki-client.org