Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/scf8AujPKB1SJkvKL_Tr0l65TYc.roa
File: scf8AujPKB1SJkvKL_Tr0l65TYc.roa (raw, json)
Hash identifier: +YsKGTIq4hamJB4ZirWJjR8oE5JB3lVuJeE1gLTi8Lc=
Subject key identifier: B1:C7:FC:02:E8:CF:28:1D:52:26:4B:CA:2F:F4:EB:D2:5E:B9:4D:87
Certificate issuer: /CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Certificate serial: 018CC86F0DC5245AEEF18C3FB779483A845D
Authority key identifier: FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/scf8AujPKB1SJkvKL_Tr0l65TYc.roa
Signing time: Tue 02 Jan 2024 04:29:30 +0000
ROA not before: Tue 02 Jan 2024 04:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42300
IP address blocks: 194.15.248.0/24 maxlen: 24
194.15.248.0/22 maxlen: 22
77.240.240.0/22 maxlen: 22
77.240.240.0/24 maxlen: 24
77.240.241.0/24 maxlen: 24
77.240.242.0/24 maxlen: 24
77.240.243.0/24 maxlen: 24
178.236.200.0/24 maxlen: 24
178.236.201.0/24 maxlen: 24
178.236.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/_L5iN4u1gK9O1wv6NavIQJRdeAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/_L5iN4u1gK9O1wv6NavIQJRdeAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 19:03:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:0d:c5:24:5a:ee:f1:8c:3f:b7:79:48:3a:84:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Validity
Not Before: Jan 2 04:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1c7fc02e8cf281d52264bca2ff4ebd25eb94d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8a:f1:8a:26:d7:dc:fe:3d:84:58:73:c6:f0:
6a:40:e5:3f:7d:f3:4a:fa:21:d4:f4:95:80:62:6a:
47:55:a2:12:a3:59:1f:26:2e:4a:81:4d:ba:a8:b7:
e1:37:e8:5c:c5:fe:ad:aa:4f:33:b0:84:e7:c0:7a:
e1:3d:34:e6:97:58:ad:49:30:dc:39:58:23:78:22:
07:55:a5:4e:02:66:b2:4c:8f:90:d3:f0:bb:7b:e0:
27:ee:6c:3f:8a:39:6c:64:cb:de:4b:d4:23:5a:31:
02:7a:c0:6c:fa:0c:06:fe:ca:99:69:1b:a8:44:92:
fa:66:44:c7:c0:be:dc:72:5e:a9:d6:82:23:d4:16:
89:2f:92:4c:b9:7f:76:c7:a6:a8:40:ca:06:36:22:
12:df:11:05:ea:a9:76:10:b7:65:ca:dc:47:d6:88:
08:37:2c:46:42:4d:30:87:25:a3:5d:00:5b:00:f4:
f0:ce:44:aa:ac:5f:6f:d3:57:81:17:ff:cb:03:bd:
6b:2d:db:4c:27:f0:88:3a:e5:82:89:00:a4:aa:66:
db:2e:6e:57:31:6c:97:34:af:1d:bd:53:6d:88:bb:
5c:7e:9f:52:f0:9d:56:d8:96:02:63:10:23:d0:5d:
2f:6d:d5:7b:c5:c3:dd:71:31:64:cf:49:0a:ea:2f:
f0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C7:FC:02:E8:CF:28:1D:52:26:4B:CA:2F:F4:EB:D2:5E:B9:4D:87
X509v3 Authority Key Identifier:
keyid:FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/scf8AujPKB1SJkvKL_Tr0l65TYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/_L5iN4u1gK9O1wv6NavIQJRdeAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.240.0/22
178.236.200.0-178.236.202.255
194.15.248.0/22
Signature Algorithm: sha256WithRSAEncryption
47:9d:c7:e0:50:00:1b:24:05:1e:5c:ef:72:08:5f:db:44:44:
eb:76:f2:c8:c1:04:44:d7:70:8b:40:bc:b1:fd:04:6d:b5:1c:
cf:d2:c9:78:6b:e2:6c:0b:4f:5e:d5:e3:4b:88:64:b4:14:a8:
6a:ba:0a:c6:ba:98:2f:c8:d3:4f:75:92:11:7d:a3:cf:a5:ce:
1e:57:94:b8:b6:d1:99:1f:09:f8:52:43:23:1a:92:ba:6b:e9:
4d:6d:19:cc:c6:02:27:6c:e9:6b:06:c0:2f:97:4b:f2:58:5b:
77:24:10:6f:55:61:85:97:6d:b7:39:b3:15:0c:d9:65:95:cd:
62:9e:1b:0a:8c:5d:45:26:a7:1d:8f:18:0a:1d:ba:84:6b:98:
e9:e2:45:00:4f:66:06:63:0e:60:90:59:32:b0:31:7c:99:39:
2a:39:03:2f:c8:2e:ac:2f:86:fb:f4:80:ad:fa:91:4b:12:39:
d8:18:91:e8:a6:4e:b3:aa:42:46:07:a9:ed:d8:b4:c2:0e:92:
aa:b1:3e:e9:f6:d2:08:5c:66:93:c3:e3:20:66:80:ea:45:ca:
86:46:2f:7e:66:b9:af:be:38:ad:57:d7:5f:b7:1d:4d:34:dd:
ae:aa:5c:e3:69:e8:f1:9c:85:96:2e:5f:3d:92:6d:e6:00:37:
ec:32:12:90
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIbw3FJFru8Yw/t3lIOoRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYmU2MjM3OGJiNTgwYWY0ZWQ3MGJmYTM1YWJjODQwOTQ1
ZDc4MDMwHhcNMjQwMTAyMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWM3ZmMwMmU4Y2YyODFkNTIyNjRiY2EyZmY0ZWJkMjVlYjk0ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYrxiibX3P49hFhzxvBqQOU/ffNK
+iHU9JWAYmpHVaISo1kfJi5KgU26qLfhN+hcxf6tqk8zsITnwHrhPTTml1itSTDc
OVgjeCIHVaVOAmayTI+Q0/C7e+An7mw/ijlsZMveS9QjWjECesBs+gwG/sqZaRuo
RJL6ZkTHwL7ccl6p1oIj1BaJL5JMuX92x6aoQMoGNiIS3xEF6ql2ELdlytxH1ogI
NyxGQk0whyWjXQBbAPTwzkSqrF9v01eBF//LA71rLdtMJ/CIOuWCiQCkqmbbLm5X
MWyXNK8dvVNtiLtcfp9S8J1W2JYCYxAj0F0vbdV7xcPdcTFkz0kK6i/wZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLHH/ALozygdUiZLyi/069JeuU2HMB8GA1UdIwQY
MBaAFPy+YjeLtYCvTtcL+jWryECUXXgDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0w1aU40dTFnSzlPMXd2Nk5hdklRSlJkZUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9iOGQyOWMtMzMzMy00OTNjLTk3Mzkt
ZGY1NmVjNjcwZGU3LzEvc2NmOEF1alBLQjFTSmt2S0xfVHIwbDY1VFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9iOGQyOWMtMzMzMy00OTNjLTk3MzktZGY1NmVjNjcwZGU3
LzEvX0w1aU40dTFnSzlPMXd2Nk5hdklRSlJkZUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTfDwMAwD
BAOy7MgDBACy7MoDBALCD/gwDQYJKoZIhvcNAQELBQADggEBAEedx+BQABskBR5c
73IIX9tEROt28sjBBETXcItAvLH9BG21HM/SyXhr4mwLT17V40uIZLQUqGq6Csa6
mC/I0091khF9o8+lzh5XlLi20ZkfCfhSQyMakrpr6U1tGczGAids6WsGwC+XS/JY
W3ckEG9VYYWXbbc5sxUM2WWVzWKeGwqMXUUmpx2PGAoduoRrmOniRQBPZgZjDmCQ
WTKwMXyZOSo5Ay/ILqwvhvv0gK36kUsSOdgYkeimTrOqQkYHqe3YtMIOkqqxPun2
0ghcZpPD4yBmgOpFyoZGL35mua++OK1X11+3HU003a6qXONp6PGchZYuXz2SbeYA
N+wyEpA=
-----END CERTIFICATE-----
Generated at Fri Jun 21 04:26:54 2024 by rpki-client on console-ams.rpki-client.org