Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/mU11R3tWxvKv6U2PxkeCr5kDKwI.roa
File: mU11R3tWxvKv6U2PxkeCr5kDKwI.roa (raw, json)
Hash identifier: ke7KaUCZCZnxluqIKxkmVxr4uhhyyAUXarim9ELLa04=
Subject key identifier: 99:4D:75:47:7B:56:C6:F2:AF:E9:4D:8F:C6:47:82:AF:99:03:2B:02
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018F802A9668F23932161F1B3386A94C90DA
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/mU11R3tWxvKv6U2PxkeCr5kDKwI.roa
Signing time: Thu 16 May 2024 06:50:25 +0000
ROA not before: Thu 16 May 2024 06:50:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 262287
IP address blocks: 85.198.32.0/24 maxlen: 24
85.198.33.0/24 maxlen: 24
85.198.37.0/24 maxlen: 24
85.198.40.0/24 maxlen: 24
85.198.44.0/24 maxlen: 24
85.198.45.0/24 maxlen: 24
85.198.47.0/24 maxlen: 24
91.123.8.0/24 maxlen: 24
91.123.10.0/24 maxlen: 24
91.123.11.0/24 maxlen: 24
190.106.183.0/24 maxlen: 24
206.195.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:2a:96:68:f2:39:32:16:1f:1b:33:86:a9:4c:90:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: May 16 06:50:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=994d75477b56c6f2afe94d8fc64782af99032b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:6e:7c:8e:e1:d9:3d:f5:32:c0:08:5e:eb:0e:
86:0e:a0:0c:a1:12:5f:96:3c:fa:d5:89:08:86:51:
c8:14:1a:04:e7:99:cb:cf:75:40:fa:6f:18:7c:12:
46:17:d4:50:8a:a7:97:a5:2f:7d:61:91:04:56:0f:
63:5d:7b:a5:86:2b:e0:2f:27:b8:af:fd:38:77:dd:
c6:9e:b4:72:34:4c:3c:b3:2c:98:7f:42:49:7c:c4:
56:0f:4d:6b:52:b7:d0:54:63:c2:6d:1a:4f:b3:fe:
b3:91:c2:09:7d:bf:c1:c2:39:85:0c:4e:d3:ca:03:
f0:14:b2:22:bb:55:a3:f8:e0:81:d3:34:54:c0:86:
d2:d0:33:5c:ec:b6:f3:5c:92:93:62:33:76:23:7e:
3c:9f:d1:9c:ae:92:cd:e3:a0:b9:26:39:d4:55:d0:
18:72:09:ba:f2:86:2e:a4:00:05:c1:2f:4b:16:94:
65:6f:d0:d5:da:d0:05:89:8a:2a:ff:94:08:23:52:
de:f4:95:97:3a:46:27:4b:83:50:70:0c:42:e3:36:
46:64:76:f4:de:a1:51:1f:3a:d6:f0:c6:fb:0d:82:
5b:7c:f1:f0:c1:fe:41:72:c7:85:93:9c:ea:91:95:
5d:cd:98:42:fe:a4:a2:4c:04:d6:8a:c9:e8:31:6d:
be:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4D:75:47:7B:56:C6:F2:AF:E9:4D:8F:C6:47:82:AF:99:03:2B:02
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/mU11R3tWxvKv6U2PxkeCr5kDKwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.32.0/23
85.198.37.0/24
85.198.40.0/24
85.198.44.0/23
85.198.47.0/24
91.123.8.0/24
91.123.10.0/23
190.106.183.0/24
206.195.140.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:82:9f:3e:e4:57:fb:d2:19:c6:a7:77:93:f7:82:c3:c5:e0:
91:4f:5b:57:31:ea:ff:6c:54:31:3f:f6:b6:b8:c4:3e:2a:25:
e8:4d:e7:f5:b2:05:3e:f3:20:43:e3:00:ae:76:e1:31:94:57:
c6:52:3e:39:88:50:38:e3:bc:0b:63:0d:59:a0:0d:f2:88:7c:
7b:d5:fb:a9:14:60:a7:df:0a:86:cd:cd:92:4d:5e:14:7f:c0:
f7:02:4f:b6:51:c2:ff:02:7a:24:e3:3e:a8:1e:5c:69:f0:3e:
2c:48:e9:a5:54:f6:ec:2d:91:af:52:85:d8:02:6a:d0:aa:ad:
e5:6b:37:a2:99:64:2f:fe:ea:5d:c3:1a:2a:f2:73:ac:1d:70:
6d:b2:24:67:cf:1a:4b:67:e5:83:da:1b:c1:2b:d6:39:45:b5:
bd:28:1e:2d:6c:cd:18:0f:74:81:27:8f:79:4b:ea:81:35:6d:
95:9d:d0:cf:d1:ec:c1:fd:02:b7:d4:2d:a5:4d:a4:5e:04:8f:
34:0a:49:9c:20:6e:eb:16:33:54:4d:4d:8e:ba:2e:6b:42:47:
6f:37:2f:b8:d3:39:cf:8a:8b:08:2d:4e:2d:65:ee:af:2a:26:
82:b4:2b:9e:c5:e4:49:19:f6:8e:f6:9a:7e:f8:cb:a7:00:e9:
25:9b:3e:b2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY+AKpZo8jkyFh8bM4apTJDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjQwNTE2MDY1MDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTRkNzU0NzdiNTZjNmYyYWZlOTRkOGZjNjQ3ODJhZjk5MDMyYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8m58juHZPfUywAhe6w6GDqAMoRJf
ljz61YkIhlHIFBoE55nLz3VA+m8YfBJGF9RQiqeXpS99YZEEVg9jXXulhivgLye4
r/04d93GnrRyNEw8syyYf0JJfMRWD01rUrfQVGPCbRpPs/6zkcIJfb/BwjmFDE7T
ygPwFLIiu1Wj+OCB0zRUwIbS0DNc7LbzXJKTYjN2I348n9GcrpLN46C5JjnUVdAY
cgm68oYupAAFwS9LFpRlb9DV2tAFiYoq/5QII1Le9JWXOkYnS4NQcAxC4zZGZHb0
3qFRHzrW8Mb7DYJbfPHwwf5BcseFk5zqkZVdzZhC/qSiTATWisnoMW2+NQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJlNdUd7Vsbyr+lNj8ZHgq+ZAysCMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvbVUxMVIzdFd4dkt2NlUyUHhrZUNyNWtES3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBVcYgAwQA
VcYlAwQAVcYoAwQBVcYsAwQAVcYvAwQAW3sIAwQBW3sKAwQAvmq3AwQAzsOMMA0G
CSqGSIb3DQEBCwUAA4IBAQBNgp8+5Ff70hnGp3eT94LDxeCRT1tXMer/bFQxP/a2
uMQ+KiXoTef1sgU+8yBD4wCuduExlFfGUj45iFA447wLYw1ZoA3yiHx71fupFGCn
3wqGzc2STV4Uf8D3Ak+2UcL/Anok4z6oHlxp8D4sSOmlVPbsLZGvUoXYAmrQqq3l
azeimWQv/updwxoq8nOsHXBtsiRnzxpLZ+WD2hvBK9Y5RbW9KB4tbM0YD3SBJ495
S+qBNW2VndDP0ezB/QK31C2lTaReBI80CkmcIG7rFjNUTU2Oui5rQkdvNy+40znP
iosILU4tZe6vKiaCtCuexeRJGfaO9pp++MunAOklmz6y
-----END CERTIFICATE-----
Generated at Sun Nov 24 16:02:57 2024 by rpki-client on console-fra.rpki-client.org