Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/AJ-KqDwgZF6vDdZ3nncPiQdzaIo.roa
File: AJ-KqDwgZF6vDdZ3nncPiQdzaIo.roa (raw, json)
Hash identifier: kYAkquzLITdVUCnOvGix+V3kaLRGsYO2CO7zOVIYVok=
Subject key identifier: 00:9F:8A:A8:3C:20:64:5E:AF:0D:D6:77:9E:77:0F:89:07:73:68:8A
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 019078F5E24544A674F9848DB661152456C1
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/AJ-KqDwgZF6vDdZ3nncPiQdzaIo.roa
Signing time: Wed 03 Jul 2024 14:18:18 +0000
ROA not before: Wed 03 Jul 2024 14:18:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24685
IP address blocks: 31.172.136.0/23 maxlen: 32
31.172.140.0/23 maxlen: 32
80.92.224.0/24 maxlen: 32
80.92.226.0/24 maxlen: 32
80.92.231.0/24 maxlen: 32
80.92.233.0/24 maxlen: 32
80.92.234.0/24 maxlen: 32
80.92.235.0/24 maxlen: 32
82.117.229.0/24 maxlen: 32
82.117.244.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
85.90.223.0/24 maxlen: 32
92.60.178.0/23 maxlen: 32
92.60.178.0/24 maxlen: 32
92.60.179.0/24 maxlen: 32
128.0.170.0/24 maxlen: 32
128.0.172.0/24 maxlen: 32
128.0.174.0/24 maxlen: 32
185.38.208.0/24 maxlen: 32
185.38.209.0/24 maxlen: 32
185.39.196.0/24 maxlen: 32
193.111.0.0/24 maxlen: 32
193.111.48.0/23 maxlen: 32
212.110.152.0/23 maxlen: 32
2a01:6b0:7::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jul 2024 18:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:f5:e2:45:44:a6:74:f9:84:8d:b6:61:15:24:56:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jul 3 14:18:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=009f8aa83c20645eaf0dd6779e770f890773688a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:06:32:09:fb:69:77:d0:3f:78:0a:3a:05:97:
71:f1:0e:c2:77:a3:06:43:8a:7c:16:4c:21:fb:17:
76:28:47:16:48:5c:3f:ca:ba:99:0d:d7:13:9a:3b:
46:b4:3b:0c:d1:0b:f5:98:0b:42:f6:cd:d6:e6:79:
d7:f2:34:3c:51:0a:8b:49:79:d6:34:c8:41:48:12:
db:a7:6c:b2:69:f3:45:aa:d4:6f:d7:9d:ac:ef:7d:
78:86:a2:79:15:74:f7:2e:68:ad:01:e8:56:44:b2:
d8:5c:8b:da:30:c3:2c:c5:85:68:7c:d8:de:20:3a:
f8:2f:cb:5d:f9:ab:07:f2:c2:0b:f8:90:66:6a:e0:
84:28:59:6e:66:8d:3c:76:9f:55:54:82:03:a3:8a:
5f:57:70:8d:62:52:73:e1:62:82:e3:3b:48:8c:ef:
db:5c:35:a0:b7:4c:ab:86:76:b9:ab:01:c1:9e:19:
a7:90:b2:26:02:32:00:6f:33:3b:89:08:fa:2e:8b:
d9:d4:c0:9b:9f:22:b3:2f:0c:b5:75:ca:55:52:72:
ae:1f:cd:dd:b2:d6:bb:f0:ee:5d:93:09:2d:40:35:
04:9d:8b:96:48:f9:8d:7e:28:ee:be:17:d0:58:be:
f4:31:16:e0:8a:05:c3:0a:f6:da:8c:9f:21:e7:88:
95:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9F:8A:A8:3C:20:64:5E:AF:0D:D6:77:9E:77:0F:89:07:73:68:8A
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/AJ-KqDwgZF6vDdZ3nncPiQdzaIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/23
31.172.140.0/23
80.92.224.0/24
80.92.226.0/24
80.92.231.0/24
80.92.233.0-80.92.235.255
82.117.229.0/24
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
92.60.178.0/23
128.0.170.0/24
128.0.172.0/24
128.0.174.0/24
185.38.208.0/23
185.39.196.0/24
193.111.0.0/24
193.111.48.0/23
212.110.152.0/23
IPv6:
2a01:6b0:7::/48
Signature Algorithm: sha256WithRSAEncryption
95:0f:7a:7a:35:4e:42:a0:5c:2a:61:56:f3:a2:9b:0e:1c:be:
7c:d6:75:6c:04:bb:41:68:bd:8e:52:5a:71:02:c6:f3:42:bb:
76:fb:84:d9:01:5e:86:07:92:3e:e9:6d:b9:95:a9:cb:01:22:
4f:4e:25:4e:77:23:b6:7e:70:3c:b0:41:5e:88:a1:1e:44:64:
f3:f2:7c:07:34:a9:fb:5a:21:17:f3:74:d3:26:da:9f:b7:55:
d8:e6:92:98:26:b2:36:54:c6:13:fb:84:a4:a8:13:ee:c4:c7:
4d:7b:30:bd:fe:96:f9:d8:da:50:4b:cf:c6:3e:e3:54:a6:b1:
a2:56:1e:aa:15:82:b6:64:37:04:73:6b:0d:75:c7:16:d4:52:
9e:b6:d3:d8:50:25:10:2a:dd:41:3c:02:80:39:c1:f7:0a:c0:
21:d3:eb:9a:d1:8d:8c:5e:9d:3b:7b:f3:a7:91:3d:0c:1a:ec:
6b:63:19:27:18:5d:fd:69:27:76:8a:b2:f9:ed:9e:29:c5:21:
7d:12:47:fb:63:71:e3:e8:67:a1:68:d4:f0:41:6d:5c:d9:90:
4d:da:e3:5f:f5:7a:af:41:ac:b9:68:5d:0e:63:d1:08:01:ce:
89:5f:05:1c:75:85:7d:dd:e8:52:c9:e6:ad:26:d9:26:12:fa:
b7:6f:ee:6b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZB49eJFRKZ0+YSNtmEVJFbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjQwNzAzMTQxODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDlmOGFhODNjMjA2NDVlYWYwZGQ2Nzc5ZTc3MGY4OTA3NzM2ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgYyCftpd9A/eAo6BZdx8Q7Cd6MG
Q4p8Fkwh+xd2KEcWSFw/yrqZDdcTmjtGtDsM0Qv1mAtC9s3W5nnX8jQ8UQqLSXnW
NMhBSBLbp2yyafNFqtRv152s7314hqJ5FXT3LmitAehWRLLYXIvaMMMsxYVofNje
IDr4L8td+asH8sIL+JBmauCEKFluZo08dp9VVIIDo4pfV3CNYlJz4WKC4ztIjO/b
XDWgt0yrhna5qwHBnhmnkLImAjIAbzM7iQj6LovZ1MCbnyKzLwy1dcpVUnKuH83d
sta78O5dkwktQDUEnYuWSPmNfijuvhfQWL70MRbgigXDCvbajJ8h54iVHQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFACfiqg8IGRerw3Wd553D4kHc2iKMB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvQUotS3FEd2daRjZ2RGRaM25uY1BpUWR6YUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBgAQCAAEwegMEAR+s
iAMEAR+sjAMEAFBc4AMEAFBc4gMEAFBc5zAMAwQAUFzpAwQCUFzoAwQAUnXlAwQA
UnX0AwQAVVrTAwQAVVrfAwQBXDyyAwQAgACqAwQAgACsAwQAgACuAwQBuSbQAwQA
uSfEAwQAwW8AAwQBwW8wAwQB1G6YMA8EAgACMAkDBwAqAQawAAcwDQYJKoZIhvcN
AQELBQADggEBAJUPeno1TkKgXCphVvOimw4cvnzWdWwEu0FovY5SWnECxvNCu3b7
hNkBXoYHkj7pbbmVqcsBIk9OJU53I7Z+cDywQV6IoR5EZPPyfAc0qftaIRfzdNMm
2p+3VdjmkpgmsjZUxhP7hKSoE+7Ex017ML3+lvnY2lBLz8Y+41SmsaJWHqoVgrZk
NwRzaw11xxbUUp6209hQJRAq3UE8AoA5wfcKwCHT65rRjYxenTt786eRPQwa7Gtj
GScYXf1pJ3aKsvntninFIX0SR/tjcePoZ6Fo1PBBbVzZkE3a41/1eq9BrLloXQ5j
0QgBzolfBRx1hX3d6FLJ5q0m2SYS+rdv7ms=
-----END CERTIFICATE-----
Generated at Thu Jul 4 03:40:44 2024 by rpki-client on console.sobornost.net