Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/8pwyYVwwHITRAu3flllvfeK1OBE.roa
File: 8pwyYVwwHITRAu3flllvfeK1OBE.roa (raw, json)
Hash identifier: 1PMCS1vPBg/47nosHPKhQMBj01Cm3M0opVEs/O+pqiI=
Subject key identifier: F2:9C:32:61:5C:30:1C:84:D1:02:ED:DF:96:59:6F:7D:E2:B5:38:11
Certificate issuer: /CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Certificate serial: 018CC500545B52D4A32477F41146C1ADA159
Authority key identifier: 44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/8pwyYVwwHITRAu3flllvfeK1OBE.roa
Signing time: Mon 01 Jan 2024 12:29:42 +0000
ROA not before: Mon 01 Jan 2024 12:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34950
IP address blocks: 193.192.54.0/23 maxlen: 23
185.222.176.0/22 maxlen: 22
193.41.168.0/23 maxlen: 23
193.8.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.mft
rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:54:5b:52:d4:a3:24:77:f4:11:46:c1:ad:a1:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Validity
Not Before: Jan 1 12:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f29c32615c301c84d102eddf96596f7de2b53811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ae:77:20:48:75:d6:00:82:1c:00:e8:f2:ac:
b3:d2:dd:75:54:16:2b:e0:bf:57:e0:55:b8:24:02:
de:2d:92:0b:8f:e2:bb:b2:2d:a4:3d:c0:bd:80:98:
cd:18:56:f7:ef:62:0e:67:23:6b:a6:62:2f:aa:d0:
74:4d:e3:ac:d3:97:ba:b0:be:00:4a:76:dd:32:e8:
62:62:17:d1:3f:22:77:29:e3:b3:c3:6c:2a:4c:b7:
bd:68:9c:4a:10:50:d4:df:f5:2a:e2:2b:73:26:77:
36:fc:b7:a6:3b:f0:d3:d7:c7:e0:6b:5c:bb:75:19:
3a:b0:2d:bc:33:fb:50:6f:88:a5:86:87:fa:37:45:
19:d3:4d:91:01:4b:a8:7c:dc:27:e0:8c:e1:cc:05:
33:41:3f:10:c5:42:2c:01:1b:f2:8a:50:9c:72:52:
2a:48:8a:f3:a6:a8:8e:82:a9:2b:06:22:9a:cd:f7:
61:00:83:4b:09:51:ac:7c:f5:ac:e9:fe:cc:38:c7:
c7:66:79:2a:1d:74:25:c3:bb:e8:bb:c5:ec:64:c1:
b5:a6:1e:92:7c:f6:3e:85:2a:de:94:be:9a:9e:6b:
c6:81:3e:4a:66:81:a1:4b:4c:df:8f:60:ef:7e:34:
f5:c3:f6:89:09:9c:f8:a2:51:5b:3e:18:59:1b:d5:
8d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9C:32:61:5C:30:1C:84:D1:02:ED:DF:96:59:6F:7D:E2:B5:38:11
X509v3 Authority Key Identifier:
keyid:44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/8pwyYVwwHITRAu3flllvfeK1OBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.176.0/22
193.8.32.0/22
193.41.168.0/23
193.192.54.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:9c:2f:a7:37:f7:27:09:2a:0a:10:a2:a7:e2:1f:16:0f:39:
51:7c:4d:c4:10:c1:5e:8e:a6:b8:13:39:c8:ad:e5:93:28:94:
4b:70:35:32:f9:c0:3f:eb:38:ff:b9:bf:32:80:0b:46:41:b8:
68:c8:44:3c:45:e0:91:fe:64:46:5e:9c:fa:af:a8:bb:5e:61:
09:bc:28:ba:70:86:fe:29:24:51:aa:62:19:b2:30:e5:4d:50:
a2:c1:08:42:58:49:f8:4c:58:fb:72:e4:48:c8:18:f7:6c:2b:
47:40:a1:60:9d:62:cc:02:c1:f6:e6:e1:a5:28:92:b9:84:8d:
f1:57:0a:38:d9:98:f6:c2:1c:47:4e:8c:95:17:cd:d3:12:4e:
98:e8:6a:30:1d:ba:8f:b1:0c:7b:8f:7b:95:b1:13:03:c1:bd:
53:93:6b:50:ea:52:02:b3:47:90:56:06:48:bd:5d:a9:56:10:
eb:32:8f:f7:a8:1b:a7:35:34:48:e0:b8:14:0f:8d:ab:14:5e:
8c:5f:d3:ca:11:9e:de:9a:3c:de:a7:45:63:a5:e0:38:0f:1e:
10:ec:2d:b0:86:a2:ea:3e:1a:07:f8:a0:dc:28:f6:92:02:eb:
e0:ac:26:be:89:90:d9:7c:0b:a0:ac:be:46:60:4f:c8:80:50:
59:29:75:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFAFRbUtSjJHf0EUbBraFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTdlNWEzM2Q5YzVhOTY1ZDlmYmZkZWVjZGM4NzFhZjBh
NWQ0ZjgwHhcNMjQwMTAxMTIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjljMzI2MTVjMzAxYzg0ZDEwMmVkZGY5NjU5NmY3ZGUyYjUzODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK53IEh11gCCHADo8qyz0t11VBYr
4L9X4FW4JALeLZILj+K7si2kPcC9gJjNGFb372IOZyNrpmIvqtB0TeOs05e6sL4A
SnbdMuhiYhfRPyJ3KeOzw2wqTLe9aJxKEFDU3/Uq4itzJnc2/LemO/DT18fga1y7
dRk6sC28M/tQb4ilhof6N0UZ002RAUuofNwn4IzhzAUzQT8QxUIsARvyilCcclIq
SIrzpqiOgqkrBiKazfdhAINLCVGsfPWs6f7MOMfHZnkqHXQlw7vou8XsZMG1ph6S
fPY+hSrelL6anmvGgT5KZoGhS0zfj2DvfjT1w/aJCZz4olFbPhhZG9WNHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPKcMmFcMByE0QLt35ZZb33itTgRMB8GA1UdIwQY
MBaAFESn5aM9nFqWXZ+/3uzchxrwpdT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYt
MjFjZjU2Y2JjZTEyLzEvOHB3eVlWd3dISVRSQXUzZmxsbHZmZUsxT0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYtMjFjZjU2Y2JjZTEy
LzEvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCud6wAwQC
wQggAwQBwSmoAwQBwcA2MA0GCSqGSIb3DQEBCwUAA4IBAQAMnC+nN/cnCSoKEKKn
4h8WDzlRfE3EEMFejqa4EznIreWTKJRLcDUy+cA/6zj/ub8ygAtGQbhoyEQ8ReCR
/mRGXpz6r6i7XmEJvCi6cIb+KSRRqmIZsjDlTVCiwQhCWEn4TFj7cuRIyBj3bCtH
QKFgnWLMAsH25uGlKJK5hI3xVwo42Zj2whxHToyVF83TEk6Y6GowHbqPsQx7j3uV
sRMDwb1Tk2tQ6lICs0eQVgZIvV2pVhDrMo/3qBunNTRI4LgUD42rFF6MX9PKEZ7e
mjzep0VjpeA4Dx4Q7C2whqLqPhoH+KDcKPaSAuvgrCa+iZDZfAugrL5GYE/IgFBZ
KXVv
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:37:00 2024 by rpki-client on console-ams.rpki-client.org