Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/n0Qi8cUadEH69SvPtrDLo4MiUjI.roa
File: n0Qi8cUadEH69SvPtrDLo4MiUjI.roa (raw, json)
Hash identifier: HpmZS1AxDeu2sVPfe9ZrKEF4SP6lpQfw0nx7P0GzvOY=
Subject key identifier: 9F:44:22:F1:C5:1A:74:41:FA:F5:2B:CF:B6:B0:CB:A3:83:22:52:32
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 018FC9C7D4F68B54C3234BD9EB1645D5A7A9
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/n0Qi8cUadEH69SvPtrDLo4MiUjI.roa
Signing time: Thu 30 May 2024 13:54:27 +0000
ROA not before: Thu 30 May 2024 13:54:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200088
IP address blocks: 78.40.216.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
185.247.16.0/24 maxlen: 24
188.225.14.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c9:c7:d4:f6:8b:54:c3:23:4b:d9:eb:16:45:d5:a7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: May 30 13:54:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f4422f1c51a7441faf52bcfb6b0cba383225232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bb:54:0a:cc:e2:5d:42:60:c4:dd:8c:9a:13:
2b:60:cc:94:5e:7d:86:b5:95:c3:2c:ef:6b:7d:b3:
86:55:df:d9:88:86:23:1b:44:f9:fa:b8:19:40:76:
b6:12:5a:b0:da:9c:e4:41:4d:89:72:81:b1:96:de:
42:2d:0e:a7:9e:63:5c:40:9d:85:92:93:af:cf:73:
c8:cd:78:0b:c6:d7:bf:97:41:8c:17:ee:d7:36:8e:
86:67:3f:e0:91:c2:e9:81:9d:42:28:3d:8d:d6:ca:
e3:05:de:58:95:62:94:c6:4b:1d:2a:d2:14:b4:4d:
38:06:1d:cc:54:43:aa:a9:be:67:a1:aa:6d:50:e8:
37:ab:34:09:df:65:1d:0c:7e:9f:20:19:73:62:77:
71:3a:43:30:07:f8:72:6d:fb:50:07:f1:6e:aa:85:
e4:9b:77:30:1e:30:bd:45:55:c5:47:31:c3:0a:cb:
6a:27:6b:ec:b7:95:e0:d1:0c:c6:5e:19:8a:5b:57:
f7:30:cd:46:5b:a4:ae:cd:37:8a:50:09:3c:5b:53:
81:38:84:f9:02:75:23:4b:b4:38:51:25:fd:ab:2e:
7a:8b:bc:af:bb:f3:37:27:33:35:98:d4:df:df:b1:
9c:52:52:51:98:41:e8:6b:86:17:3c:aa:a2:89:a6:
d3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:44:22:F1:C5:1A:74:41:FA:F5:2B:CF:B6:B0:CB:A3:83:22:52:32
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/n0Qi8cUadEH69SvPtrDLo4MiUjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
185.247.16.0/24
188.225.14.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
55:00:aa:b9:b4:23:ce:9f:f2:be:1d:8a:52:c3:c6:83:6c:9e:
9b:11:3e:cc:ab:90:0b:0d:75:ea:7c:d6:9a:c8:9f:4e:b5:db:
c2:77:61:52:18:4b:8b:81:60:f0:27:67:96:4b:4e:3b:42:c5:
56:e1:60:c3:a2:25:df:df:05:a4:39:18:bf:86:c9:ba:6c:b7:
a4:0a:86:c0:bc:9e:f4:46:4f:30:3b:28:22:c8:b2:04:a2:b7:
54:42:b7:62:26:cb:50:36:92:0f:c1:33:e7:53:bb:22:fa:63:
d8:21:cf:92:9a:ea:1b:3f:c2:2a:07:26:3a:61:d8:44:3f:65:
fe:68:11:a5:80:b2:87:9c:78:cf:51:a0:02:89:5c:04:c4:34:
4f:7c:25:21:da:ad:59:7b:42:17:7d:c0:be:8f:e6:2d:0f:0e:
31:fc:fe:fc:cb:c8:5e:3f:27:ae:2d:7d:95:af:55:89:f7:97:
ca:eb:7e:4c:11:cf:f4:55:4d:77:85:9a:3a:d9:51:89:65:a8:
2e:5a:30:91:24:e9:e4:79:3f:95:bf:55:f6:8b:00:b5:f6:15:
2b:35:4f:4a:0b:48:d5:a6:ec:ae:df:7c:3e:fe:07:62:38:86:
79:89:3e:7a:d9:f0:ee:39:ff:56:43:9f:a7:d3:3d:72:87:1b:
bf:1c:33:a7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAY/Jx9T2i1TDI0vZ6xZF1aepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjQwNTMwMTM1NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQ0MjJmMWM1MWE3NDQxZmFmNTJiY2ZiNmIwY2JhMzgzMjI1MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rtUCsziXUJgxN2MmhMrYMyUXn2G
tZXDLO9rfbOGVd/ZiIYjG0T5+rgZQHa2Elqw2pzkQU2JcoGxlt5CLQ6nnmNcQJ2F
kpOvz3PIzXgLxte/l0GMF+7XNo6GZz/gkcLpgZ1CKD2N1srjBd5YlWKUxksdKtIU
tE04Bh3MVEOqqb5noaptUOg3qzQJ32UdDH6fIBlzYndxOkMwB/hybftQB/FuqoXk
m3cwHjC9RVXFRzHDCstqJ2vst5Xg0QzGXhmKW1f3MM1GW6SuzTeKUAk8W1OBOIT5
AnUjS7Q4USX9qy56i7yvu/M3JzM1mNTf37GcUlJRmEHoa4YXPKqiiabTswIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFJ9EIvHFGnRB+vUrz7awy6ODIlIyMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvbjBRaThjVWFkRUg2OVN2UHRyRExvNE1pVWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB+BAIAATB4AwQATijY
AwQBVcFcAwQAVcFfAwQAV/kyAwQAWb/kAwQAWpzkAwQAWpznAwQAXuR6AwQAsDnd
AwQAuWhwAwQAuWhzAwQAufcQAwQAvOEOAwQAvOE8AwQAwclzAwQCwiN0AwQA2Rlb
AwQA2RlfAwQA2ZflAwQA2ZfnMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcNAQEL
BQADggEBAFUAqrm0I86f8r4dilLDxoNsnpsRPsyrkAsNdep81prIn06128J3YVIY
S4uBYPAnZ5ZLTjtCxVbhYMOiJd/fBaQ5GL+Gybpst6QKhsC8nvRGTzA7KCLIsgSi
t1RCt2Imy1A2kg/BM+dTuyL6Y9ghz5Ka6hs/wioHJjph2EQ/Zf5oEaWAsoeceM9R
oAKJXATENE98JSHarVl7Qhd9wL6P5i0PDjH8/vzLyF4/J64tfZWvVYn3l8rrfkwR
z/RVTXeFmjrZUYllqC5aMJEk6eR5P5W/VfaLALX2FSs1T0oLSNWm7K7ffD7+B2I4
hnmJPnrZ8O45/1ZDn6fTPXKHG78cM6c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:11:51 2024 by rpki-client on console-ams.rpki-client.org