Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/rsRQauB8xjpQRPD9VwkvKfC6SX4.roa
File: rsRQauB8xjpQRPD9VwkvKfC6SX4.roa (raw, json)
Hash identifier: 2/TuCyjVjKBlD+2VNvl0mAYhZs6m49rNq3T26qLpbjo=
Subject key identifier: AE:C4:50:6A:E0:7C:C6:3A:50:44:F0:FD:57:09:2F:29:F0:BA:49:7E
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE62D87FBE5C723BE7ECECEDC4BF407F1
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/rsRQauB8xjpQRPD9VwkvKfC6SX4.roa
Signing time: Tue 16 Apr 2024 09:12:07 +0000
ROA not before: Tue 16 Apr 2024 09:12:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41691
IP address blocks: 87.117.128.0/21 maxlen: 21
87.117.136.0/23 maxlen: 23
87.117.138.0/24 maxlen: 24
87.117.140.0/22 maxlen: 22
87.117.146.0/23 maxlen: 23
87.117.148.0/23 maxlen: 23
89.221.192.0/22 maxlen: 22
89.221.197.0/24 maxlen: 24
89.221.205.0/24 maxlen: 24
109.172.48.0/22 maxlen: 22
109.172.52.0/23 maxlen: 23
109.172.102.0/23 maxlen: 23
109.172.104.0/22 maxlen: 22
109.172.118.0/23 maxlen: 23
2a02:25e0:f00::/40 maxlen: 40
2a02:25e0:7700::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:2d:87:fb:e5:c7:23:be:7e:ce:ce:dc:4b:f4:07:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 16 09:12:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aec4506ae07cc63a5044f0fd57092f29f0ba497e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:13:11:a1:5a:7e:6d:4f:31:dc:66:c5:45:35:
d0:fd:0f:ce:41:6d:f8:5b:a8:76:17:01:bc:ca:fd:
df:16:58:51:6d:eb:00:b7:86:6d:92:f3:84:08:6f:
27:dd:c8:c6:4d:31:5d:82:f4:40:2c:a3:c0:98:f0:
d5:b4:9d:5f:3a:34:b1:36:1d:8e:ea:4e:bd:0d:6c:
80:e8:75:b1:a3:fd:10:fc:01:db:5e:4b:5b:3a:0a:
37:02:9e:df:df:7a:04:69:fd:9f:b6:55:78:52:50:
ec:25:a0:4c:2e:21:09:6f:ee:a5:c3:d6:a0:34:f0:
1a:7c:bd:db:3b:92:21:98:7a:83:19:cf:7d:cb:14:
59:83:ac:2b:09:02:f2:1f:37:b0:3e:53:be:89:b0:
c9:78:8c:3f:d2:d3:a5:16:53:c2:46:b1:a8:4c:b9:
41:68:78:62:c4:12:a5:00:5b:d7:97:bb:98:17:e2:
b0:3d:b1:a3:c4:38:3e:39:11:31:fb:a4:d2:55:ff:
e2:9b:bf:02:47:b3:db:88:0a:ee:5b:bf:1f:d9:e2:
3f:87:3d:1a:e6:73:ef:e3:ba:87:93:48:a7:e3:7e:
cb:7b:c4:22:20:34:81:6e:e5:d2:5c:9d:b5:8a:42:
dc:98:c9:20:25:c3:c5:e4:6b:41:2b:b8:46:c4:37:
5c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C4:50:6A:E0:7C:C6:3A:50:44:F0:FD:57:09:2F:29:F0:BA:49:7E
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/rsRQauB8xjpQRPD9VwkvKfC6SX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.117.128.0-87.117.138.255
87.117.140.0/22
87.117.146.0-87.117.149.255
89.221.192.0/22
89.221.197.0/24
89.221.205.0/24
109.172.48.0-109.172.53.255
109.172.102.0-109.172.107.255
109.172.118.0/23
IPv6:
2a02:25e0:f00::/40
2a02:25e0:7700::/40
Signature Algorithm: sha256WithRSAEncryption
37:6c:72:9c:16:f0:5e:29:3e:aa:7d:e6:84:39:74:7e:ea:33:
66:db:66:a2:91:57:43:fe:bd:05:e9:b4:7c:cb:56:a4:b7:0a:
d9:5e:27:22:53:98:ef:66:70:b9:2e:e0:66:ea:42:a1:db:45:
c8:02:d2:5f:a0:34:91:5e:85:d9:43:68:2a:6c:98:fd:04:63:
e9:a7:87:db:0d:11:cd:26:68:2e:da:d6:de:18:b9:2a:52:93:
6e:a1:5d:0e:d6:95:b0:fc:b7:2b:09:4d:65:dc:c6:53:e4:77:
41:d8:fc:89:b6:fa:54:66:c3:04:82:8e:2e:5c:75:76:0e:15:
92:06:2a:2b:9a:66:6a:24:65:8d:a7:d9:3c:a9:b2:cb:e6:c3:
64:c4:6f:d1:38:1d:cb:78:f2:a9:73:4f:e3:a4:2b:eb:a2:21:
69:3e:25:34:56:32:dc:dd:0e:29:99:4f:90:c3:63:25:c5:68:
09:7e:07:a0:cd:32:42:5c:18:07:12:93:d7:e7:86:ed:2b:d8:
5a:83:a7:fc:28:0b:1a:8b:b6:3a:70:4b:fd:96:6c:7a:10:cb:
5b:66:da:c9:61:ec:78:80:eb:78:12:5b:07:52:2c:31:21:22:
0e:d6:6a:ea:66:94:a9:2c:5d:c8:56:ff:68:d2:b4:41:b5:7a:
92:1e:fd:e4
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY7mLYf75ccjvn7OztxL9AfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE2MDkxMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM0NTA2YWUwN2NjNjNhNTA0NGYwZmQ1NzA5MmYyOWYwYmE0OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBMRoVp+bU8x3GbFRTXQ/Q/OQW34
W6h2FwG8yv3fFlhRbesAt4ZtkvOECG8n3cjGTTFdgvRALKPAmPDVtJ1fOjSxNh2O
6k69DWyA6HWxo/0Q/AHbXktbOgo3Ap7f33oEaf2ftlV4UlDsJaBMLiEJb+6lw9ag
NPAafL3bO5IhmHqDGc99yxRZg6wrCQLyHzewPlO+ibDJeIw/0tOlFlPCRrGoTLlB
aHhixBKlAFvXl7uYF+KwPbGjxDg+OREx+6TSVf/im78CR7PbiAruW78f2eI/hz0a
5nPv47qHk0in437Le8QiIDSBbuXSXJ21ikLcmMkgJcPF5GtBK7hGxDdcSwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFK7EUGrgfMY6UETw/VcJLynwukl+MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcnNSUWF1Qjh4anBRUlBEOVZ3a3ZLZkM2U1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXAQCAAEwVjAMAwQHV3WA
AwQAV3WKAwQCV3WMMAwDBAFXdZIDBAFXdZQDBAJZ3cADBABZ3cUDBABZ3c0wDAME
BG2sMAMEAW2sNDAMAwQBbaxmAwQCbaxoAwQBbax2MBYEAgACMBADBgAqAiXgDwMG
ACoCJeB3MA0GCSqGSIb3DQEBCwUAA4IBAQA3bHKcFvBeKT6qfeaEOXR+6jNm22ai
kVdD/r0F6bR8y1aktwrZXiciU5jvZnC5LuBm6kKh20XIAtJfoDSRXoXZQ2gqbJj9
BGPpp4fbDRHNJmgu2tbeGLkqUpNuoV0O1pWw/LcrCU1l3MZT5HdB2PyJtvpUZsME
go4uXHV2DhWSBiormmZqJGWNp9k8qbLL5sNkxG/ROB3LePKpc0/jpCvroiFpPiU0
VjLc3Q4pmU+Qw2MlxWgJfgegzTJCXBgHEpPX54btK9hag6f8KAsai7Y6cEv9lmx6
EMtbZtrJYex4gOt4ElsHUiwxISIO1mrqZpSpLF3IVv9o0rRBtXqSHv3k
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:49:03 2024 by rpki-client on console-fra.rpki-client.org