Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/791640-c1ef-466a-96ae-0b07204bfb33/1/__8iGjbhYIOykJ_NH9Y8XXbhIgg.roa
File: __8iGjbhYIOykJ_NH9Y8XXbhIgg.roa (raw, json)
Hash identifier: G2Vks8D4NRI2oxUcmxjPOD8iJFPLjgkrswj73CKaMIM=
Subject key identifier: FF:FF:22:1A:36:E1:60:83:B2:90:9F:CD:1F:D6:3C:5D:76:E1:22:08
Certificate issuer: /CN=dfb543d0fc797d172aaa9c3d77f943265b3989ad
Certificate serial: 018CC3490B5613701D40746474AB781B5EC1
Authority key identifier: DF:B5:43:D0:FC:79:7D:17:2A:AA:9C:3D:77:F9:43:26:5B:39:89:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37VD0Px5fRcqqpw9d_lDJls5ia0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/791640-c1ef-466a-96ae-0b07204bfb33/1/__8iGjbhYIOykJ_NH9Y8XXbhIgg.roa
Signing time: Mon 01 Jan 2024 04:29:53 +0000
ROA not before: Mon 01 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207788
IP address blocks: 195.47.212.0/24 maxlen: 24
195.47.210.0/24 maxlen: 24
195.43.159.0/24 maxlen: 24
195.47.216.0/24 maxlen: 24
2a0f:b6c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/791640-c1ef-466a-96ae-0b07204bfb33/1/37VD0Px5fRcqqpw9d_lDJls5ia0.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/791640-c1ef-466a-96ae-0b07204bfb33/1/37VD0Px5fRcqqpw9d_lDJls5ia0.mft
rsync://rpki.ripe.net/repository/DEFAULT/37VD0Px5fRcqqpw9d_lDJls5ia0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 01:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0b:56:13:70:1d:40:74:64:74:ab:78:1b:5e:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb543d0fc797d172aaa9c3d77f943265b3989ad
Validity
Not Before: Jan 1 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffff221a36e16083b2909fcd1fd63c5d76e12208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:53:7d:69:63:98:42:d0:17:16:f7:2e:6d:c5:
87:4b:a3:a7:f9:3c:cf:04:9d:cf:f6:1e:6a:dd:88:
9a:01:c5:5c:cf:e9:76:2f:d9:49:70:19:81:d9:17:
d4:35:2b:d5:7c:af:88:c4:e7:40:fb:7f:a0:73:5d:
d5:96:7c:46:fe:51:55:6f:25:4b:6c:85:4f:ac:24:
1b:3b:b0:c8:e5:56:82:e9:f4:fa:1d:dc:a2:cf:fa:
5d:42:72:fe:98:6f:f5:e4:d1:b4:80:82:dc:75:c8:
39:7c:17:b4:f7:da:3d:92:31:4f:8e:a3:1c:39:8d:
75:ce:7f:67:1e:51:83:80:ae:0e:c6:43:61:a9:bc:
cf:8f:b1:1e:50:e8:38:86:38:c9:47:64:67:31:d6:
a6:68:e2:f1:4a:30:e1:c5:aa:a1:fb:96:7d:bd:7e:
9b:a4:b9:14:24:2e:1b:85:ad:2a:14:64:f9:51:ad:
31:bf:2d:dc:ec:0d:b3:23:17:2b:fb:6d:bc:f5:95:
58:2e:8f:22:66:18:8e:8e:9b:0b:8d:a8:86:c9:20:
b9:19:e9:ae:21:d1:48:d5:49:aa:43:89:2d:e3:c6:
aa:62:21:c0:01:00:f8:9f:b0:88:41:f9:7e:62:21:
9b:d8:ac:a4:eb:84:09:2a:21:29:77:fe:be:4d:d3:
c9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:FF:22:1A:36:E1:60:83:B2:90:9F:CD:1F:D6:3C:5D:76:E1:22:08
X509v3 Authority Key Identifier:
keyid:DF:B5:43:D0:FC:79:7D:17:2A:AA:9C:3D:77:F9:43:26:5B:39:89:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37VD0Px5fRcqqpw9d_lDJls5ia0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/791640-c1ef-466a-96ae-0b07204bfb33/1/__8iGjbhYIOykJ_NH9Y8XXbhIgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/791640-c1ef-466a-96ae-0b07204bfb33/1/37VD0Px5fRcqqpw9d_lDJls5ia0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.159.0/24
195.47.210.0/24
195.47.212.0/24
195.47.216.0/24
IPv6:
2a0f:b6c0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:01:4c:fd:0f:2b:5b:2f:2e:fb:2a:c7:e7:f0:92:dc:12:ba:
36:fb:0f:33:51:3d:8c:cf:45:83:d5:ef:c3:4c:c9:69:98:f1:
7e:7c:d9:5c:20:8c:de:64:f3:5d:77:a0:09:a2:0a:d6:d9:b8:
d5:1e:86:b5:c8:ee:25:f5:70:c8:da:f4:f2:f1:2b:6c:0c:f3:
e6:c4:e0:96:66:53:ab:db:cc:c5:f0:7d:d4:83:36:c0:c6:79:
55:b9:e4:4e:f7:a3:9a:9d:75:b6:0b:bf:5c:89:ea:c5:22:ee:
d3:6e:f1:2e:5a:6c:3f:40:8f:4d:47:cf:41:d9:6f:13:9b:fb:
72:cd:d4:42:7a:7d:a8:a9:1e:4e:f4:f3:2d:f1:66:93:29:ad:
70:ac:a2:8b:ef:cb:a5:cd:e3:90:cd:8a:ea:d5:fe:ba:d8:b6:
ff:1a:21:e0:34:d1:9e:55:96:dc:5a:45:cf:01:95:aa:86:8b:
e4:4d:08:cc:89:1f:ac:2d:3b:ad:8f:68:ed:0e:dc:f6:5e:13:
df:8a:5e:57:51:40:5f:7c:b1:5f:3b:c0:41:91:98:eb:b1:5b:
ea:39:83:40:ce:87:31:b6:10:c6:9d:99:4b:15:42:94:23:91:
4c:3a:0b:60:19:a5:07:7d:23:7c:51:80:c3:6c:2e:df:19:73:
e8:37:c5:6f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSQtWE3AdQHRkdKt4G17BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjU0M2QwZmM3OTdkMTcyYWFhOWMzZDc3Zjk0MzI2NWIz
OTg5YWQwHhcNMjQwMTAxMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmZmMjIxYTM2ZTE2MDgzYjI5MDlmY2QxZmQ2M2M1ZDc2ZTEyMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslN9aWOYQtAXFvcubcWHS6On+TzP
BJ3P9h5q3YiaAcVcz+l2L9lJcBmB2RfUNSvVfK+IxOdA+3+gc13VlnxG/lFVbyVL
bIVPrCQbO7DI5VaC6fT6Hdyiz/pdQnL+mG/15NG0gILcdcg5fBe099o9kjFPjqMc
OY11zn9nHlGDgK4OxkNhqbzPj7EeUOg4hjjJR2RnMdamaOLxSjDhxaqh+5Z9vX6b
pLkUJC4bha0qFGT5Ua0xvy3c7A2zIxcr+2289ZVYLo8iZhiOjpsLjaiGySC5Gemu
IdFI1UmqQ4kt48aqYiHAAQD4n7CIQfl+YiGb2Kyk64QJKiEpd/6+TdPJAwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFP//Iho24WCDspCfzR/WPF124SIIMB8GA1UdIwQY
MBaAFN+1Q9D8eX0XKqqcPXf5QyZbOYmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdWRDBQeDVmUmNxcXB3OWRfbERKbHM1aWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi83OTE2NDAtYzFlZi00NjZhLTk2YWUt
MGIwNzIwNGJmYjMzLzEvX184aUdqYmhZSU95a0pfTkg5WThYWGJoSWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi83OTE2NDAtYzFlZi00NjZhLTk2YWUtMGIwNzIwNGJmYjMz
LzEvMzdWRDBQeDVmUmNxcXB3OWRfbERKbHM1aWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwyufAwQA
wy/SAwQAwy/UAwQAwy/YMA0EAgACMAcDBQMqD7bAMA0GCSqGSIb3DQEBCwUAA4IB
AQB6AUz9DytbLy77Ksfn8JLcEro2+w8zUT2Mz0WD1e/DTMlpmPF+fNlcIIzeZPNd
d6AJogrW2bjVHoa1yO4l9XDI2vTy8StsDPPmxOCWZlOr28zF8H3UgzbAxnlVueRO
96OanXW2C79cierFIu7TbvEuWmw/QI9NR89B2W8Tm/tyzdRCen2oqR5O9PMt8WaT
Ka1wrKKL78ulzeOQzYrq1f662Lb/GiHgNNGeVZbcWkXPAZWqhovkTQjMiR+sLTut
j2jtDtz2XhPfil5XUUBffLFfO8BBkZjrsVvqOYNAzocxthDGnZlLFUKUI5FMOgtg
GaUHfSN8UYDDbC7fGXPoN8Vv
-----END CERTIFICATE-----
Generated at Sat Jun 22 08:33:53 2024 by rpki-client on console-fra.rpki-client.org