Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/RAfFQe5FrVG7RfVqJKNSvbChLok.roa
File: RAfFQe5FrVG7RfVqJKNSvbChLok.roa (raw, json)
Hash identifier: RnsyI8AXTLA067ijv8NQjSrCgBkkxLG61YvYj4Q32ks=
Subject key identifier: 44:07:C5:41:EE:45:AD:51:BB:45:F5:6A:24:A3:52:BD:B0:A1:2E:89
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 018CC5011BAB43D551045249220ABD6AC88D
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/RAfFQe5FrVG7RfVqJKNSvbChLok.roa
Signing time: Mon 01 Jan 2024 12:30:33 +0000
ROA not before: Mon 01 Jan 2024 12:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1820
IP address blocks: 80.92.224.0/20 maxlen: 32
212.110.144.0/21 maxlen: 32
212.110.152.0/22 maxlen: 32
92.119.220.0/22 maxlen: 32
82.117.229.0/24 maxlen: 32
193.111.48.0/22 maxlen: 32
82.117.244.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
212.110.128.0/20 maxlen: 32
128.0.168.0/21 maxlen: 32
193.111.0.0/23 maxlen: 32
85.90.211.0/24 maxlen: 32
31.172.136.0/21 maxlen: 32
85.90.223.0/24 maxlen: 32
217.20.160.0/19 maxlen: 32
2a01:6b0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jul 2024 18:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1b:ab:43:d5:51:04:52:49:22:0a:bd:6a:c8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jan 1 12:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4407c541ee45ad51bb45f56a24a352bdb0a12e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c1:cb:09:eb:35:9d:5a:8c:a4:e0:02:a9:bf:
45:8d:61:3e:29:06:8b:41:a2:13:c9:dc:6e:03:2a:
31:b6:7c:13:b5:af:4a:cc:d6:e0:7d:b9:ff:58:54:
3b:90:ba:5f:ea:23:2f:b2:84:48:66:ce:f2:10:5a:
2f:53:87:d4:b4:ae:d0:ab:bd:45:70:6b:31:f3:17:
30:f5:d1:9d:15:f0:76:ef:2d:f7:af:bb:2f:08:cd:
d7:31:84:38:46:83:fe:c8:e7:7d:59:a2:0b:13:7f:
35:d1:e2:7d:14:00:8a:9b:93:64:1d:5b:0c:1a:88:
1b:d8:cf:d8:e2:45:fb:5b:28:01:ad:84:17:2a:d4:
32:44:86:03:96:18:8a:88:50:0f:19:04:6c:80:a2:
2e:9e:86:44:16:17:87:33:95:17:7f:19:81:6a:42:
91:e1:cf:5d:08:00:f5:f1:c2:f3:ce:c8:3a:c9:ae:
f2:6f:d5:c8:90:41:30:f1:28:57:2b:c7:e0:4c:88:
82:d7:5e:57:c8:4a:e7:a9:18:dc:ac:c5:a5:f5:1a:
99:02:81:8b:4e:24:84:71:e9:ee:4f:91:63:d7:bf:
14:15:38:67:13:59:d7:46:d5:7f:3b:e0:0b:70:29:
a2:2f:66:cd:da:66:28:d4:76:dc:8d:8f:3b:5d:0f:
6f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:07:C5:41:EE:45:AD:51:BB:45:F5:6A:24:A3:52:BD:B0:A1:2E:89
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/RAfFQe5FrVG7RfVqJKNSvbChLok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
80.92.224.0/20
82.117.229.0/24
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.38.208.0/23
185.39.196.0/22
193.111.0.0/23
193.111.48.0/22
212.110.128.0-212.110.155.255
217.20.160.0/19
IPv6:
2a01:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
05:4f:ab:8e:7b:0d:65:81:6d:cc:96:fb:2d:db:bd:87:53:00:
c1:e8:df:16:75:72:b0:9a:7c:f1:a4:4f:ad:6b:d0:f9:31:ab:
d5:07:20:1b:26:16:99:ce:10:68:42:bd:19:6b:12:b4:34:a9:
c4:51:af:d1:0f:75:22:4d:bd:e8:5f:43:29:c9:cc:e1:7d:95:
2d:21:57:cb:df:78:0e:10:64:40:0d:00:ee:79:26:62:7f:12:
1c:03:27:89:d2:72:20:eb:0c:b1:4d:fe:6b:bb:75:0d:42:a7:
92:32:df:03:7d:e1:51:51:62:5e:ae:f1:f7:6d:db:0e:01:7a:
78:21:bd:12:e7:88:e4:0c:17:19:37:e2:f5:02:77:6a:45:7d:
58:4a:c6:d5:81:fc:65:d4:3a:81:03:0d:11:b5:2d:d0:e0:9f:
f4:20:21:5b:56:f5:ed:d3:7c:fd:c3:8b:18:d2:12:6b:28:e3:
70:9b:36:f7:b3:8d:3f:0a:e5:5f:cb:ea:8e:b1:5d:e0:63:f8:
73:ce:71:bb:60:2b:73:44:e4:06:51:5a:38:70:22:70:2b:35:
b2:03:fe:5f:3a:7d:33:b8:7b:5e:a5:5a:e4:5a:75:8f:ee:73:
22:fc:21:31:83:be:9c:c0:7e:55:4b:06:85:6c:2d:82:ab:5f:
09:d0:14:e1
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYzFARurQ9VRBFJJIgq9asiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDA3YzU0MWVlNDVhZDUxYmI0NWY1NmEyNGEzNTJiZGIwYTEyZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8HLCes1nVqMpOACqb9FjWE+KQaL
QaITydxuAyoxtnwTta9KzNbgfbn/WFQ7kLpf6iMvsoRIZs7yEFovU4fUtK7Qq71F
cGsx8xcw9dGdFfB27y33r7svCM3XMYQ4RoP+yOd9WaILE3810eJ9FACKm5NkHVsM
Gogb2M/Y4kX7WygBrYQXKtQyRIYDlhiKiFAPGQRsgKIunoZEFheHM5UXfxmBakKR
4c9dCAD18cLzzsg6ya7yb9XIkEEw8ShXK8fgTIiC115XyErnqRjcrMWl9RqZAoGL
TiSEcenuT5Fj178UFThnE1nXRtV/O+ALcCmiL2bN2mYo1HbcjY87XQ9vSwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFEQHxUHuRa1Ru0X1aiSjUr2woS6JMB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvUkFmRlFlNUZyVkc3UmZWcUpLTlN2YkNoTG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAx+siAME
BFBc4AMEAFJ15QMEAFJ19AMEAFVa0wMEAFVa3wMEBFw8sAMEAlx33AMEA4AAqAME
Abkm0AMEArknxAMEAcFvAAMEAsFvMDAMAwQH1G6AAwQC1G6YAwQF2RSgMA0EAgAC
MAcDBQAqAQawMA0GCSqGSIb3DQEBCwUAA4IBAQAFT6uOew1lgW3Mlvst272HUwDB
6N8WdXKwmnzxpE+ta9D5MavVByAbJhaZzhBoQr0ZaxK0NKnEUa/RD3UiTb3oX0Mp
yczhfZUtIVfL33gOEGRADQDueSZifxIcAyeJ0nIg6wyxTf5ru3UNQqeSMt8DfeFR
UWJervH3bdsOAXp4Ib0S54jkDBcZN+L1AndqRX1YSsbVgfxl1DqBAw0RtS3Q4J/0
ICFbVvXt03z9w4sY0hJrKONwmzb3s40/CuVfy+qOsV3gY/hzznG7YCtzROQGUVo4
cCJwKzWyA/5fOn0zuHtepVrkWnWP7nMi/CExg76cwH5VSwaFbC2Cq18J0BTh
-----END CERTIFICATE-----
Generated at Thu Jul 4 03:40:44 2024 by rpki-client on console.sobornost.net