Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/ci547t-pBxJybz21pEEwIIDQygU.roa
File: ci547t-pBxJybz21pEEwIIDQygU.roa (raw, json)
Hash identifier: O6pgY00hYBDKZWI485gedGvOU5DBQRfK8hwUghVHMFw=
Subject key identifier: 72:2E:78:EE:DF:A9:07:12:72:6F:3D:B5:A4:41:30:20:80:D0:CA:05
Certificate issuer: /CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Certificate serial: 018CC8DF26B29E22A9769C4CC1A931054260
Authority key identifier: 3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/ci547t-pBxJybz21pEEwIIDQygU.roa
Signing time: Tue 02 Jan 2024 06:31:56 +0000
ROA not before: Tue 02 Jan 2024 06:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25019
IP address blocks: 159.0.224.0/20 maxlen: 20
185.139.8.0/22 maxlen: 22
159.0.240.0/20 maxlen: 20
212.215.128.0/18 maxlen: 18
212.215.128.0/17 maxlen: 17
212.215.136.0/21 maxlen: 21
212.215.144.0/20 maxlen: 20
159.0.64.0/20 maxlen: 20
212.215.224.0/21 maxlen: 21
159.0.80.0/20 maxlen: 20
212.215.240.0/22 maxlen: 22
159.0.96.0/20 maxlen: 20
212.215.244.0/22 maxlen: 22
212.215.248.0/21 maxlen: 21
159.0.0.0/20 maxlen: 20
159.0.0.0/16 maxlen: 16
159.0.16.0/20 maxlen: 20
212.215.160.0/20 maxlen: 20
212.215.176.0/20 maxlen: 20
159.0.32.0/20 maxlen: 20
212.215.192.0/20 maxlen: 20
159.0.48.0/20 maxlen: 20
159.0.192.0/20 maxlen: 20
159.0.208.0/20 maxlen: 20
159.0.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.mft
rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:26:b2:9e:22:a9:76:9c:4c:c1:a9:31:05:42:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Validity
Not Before: Jan 2 06:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=722e78eedfa90712726f3db5a441302080d0ca05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f1:0e:54:2b:1e:e4:28:b4:8a:01:0e:ea:01:
1f:a5:36:df:ce:a4:e8:df:13:ae:96:66:8b:24:4e:
be:e2:21:50:2d:09:57:0f:21:bc:7a:df:ff:04:f4:
30:91:e1:ec:55:9b:dd:02:d3:fa:20:8b:3c:ad:18:
df:13:1e:85:64:a6:4c:ec:db:d1:ba:33:07:cd:55:
c4:ce:0c:49:2d:ce:dd:86:68:cf:f8:e5:c3:6c:70:
0b:12:a9:86:59:65:dd:23:bc:91:df:3b:59:74:7b:
da:2c:0a:a2:13:df:f0:03:46:4e:f2:01:fb:bc:30:
4d:25:65:9b:03:66:65:40:7b:6c:e1:d3:01:75:fa:
4b:ca:59:40:17:48:21:a9:58:b4:99:2d:6f:63:bd:
f7:e0:c3:87:86:ef:42:e5:b4:3b:82:81:23:2c:ab:
86:83:e1:31:4c:61:87:f9:aa:0e:f8:5f:77:ff:7a:
6f:58:b8:a3:e8:8c:2e:41:aa:bf:f4:1a:7b:45:52:
2d:3a:40:7e:da:b9:d0:0a:70:4f:e3:96:7f:60:f6:
dd:b7:0b:a3:a8:fd:aa:f0:13:d3:71:45:a3:c0:c2:
25:c7:0e:f8:b3:0c:57:5b:ca:68:dd:61:1d:94:bc:
c4:a7:29:c6:03:46:d7:10:7e:c8:2e:b1:63:0a:aa:
0a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:2E:78:EE:DF:A9:07:12:72:6F:3D:B5:A4:41:30:20:80:D0:CA:05
X509v3 Authority Key Identifier:
keyid:3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/ci547t-pBxJybz21pEEwIIDQygU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.0.0.0/16
185.139.8.0/22
212.215.128.0/17
Signature Algorithm: sha256WithRSAEncryption
9e:dc:00:10:d6:3d:1d:6f:c9:b7:db:b4:81:46:7e:3a:87:a3:
b4:3a:ac:4f:ab:af:40:84:1c:8e:01:0f:96:1d:47:6c:4d:31:
8a:4a:52:8e:17:54:eb:89:36:7c:be:ec:ea:18:03:5c:ab:87:
b8:72:54:97:f3:26:86:da:cf:9c:ff:9a:d0:f5:88:9c:2c:23:
60:e9:62:c6:cf:58:00:b4:49:80:9c:ed:ab:1f:d4:0d:58:ca:
f3:d9:ce:10:ee:bb:ad:3a:da:21:1f:0f:4e:46:0e:d9:92:d7:
ff:ab:fc:a6:9c:8c:23:9a:a5:77:51:ff:16:f0:04:24:b6:67:
fb:47:5e:3b:85:02:04:2a:03:71:c2:e1:36:2b:a8:65:24:af:
6b:0c:de:bd:ab:71:a6:12:32:59:ea:26:5f:65:74:21:11:b5:
59:5d:27:30:a4:ae:0c:ca:13:04:4d:37:d0:ea:5b:f7:3b:0b:
2c:0d:80:c0:b8:69:ba:7b:9b:82:71:a2:1b:b7:be:f1:57:b9:
ca:52:0d:f4:b1:ee:9b:f0:e6:29:ad:ba:36:0c:24:b4:3e:15:
3c:30:5a:57:47:70:d0:68:af:23:56:4f:b7:69:c0:a9:9d:61:
5a:48:0c:96:f1:2d:ee:12:71:fa:fd:69:eb:c7:8e:03:e2:e4:
73:c9:73:27
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzI3yayniKpdpxMwakxBUJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2NiYzcwZTE4YjZjNjllNTNlZjUyYTVlOTI1ZTVmNGYw
Y2RjYzEwHhcNMjQwMTAyMDYzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjJlNzhlZWRmYTkwNzEyNzI2ZjNkYjVhNDQxMzAyMDgwZDBjYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfEOVCse5Ci0igEO6gEfpTbfzqTo
3xOulmaLJE6+4iFQLQlXDyG8et//BPQwkeHsVZvdAtP6IIs8rRjfEx6FZKZM7NvR
ujMHzVXEzgxJLc7dhmjP+OXDbHALEqmGWWXdI7yR3ztZdHvaLAqiE9/wA0ZO8gH7
vDBNJWWbA2ZlQHts4dMBdfpLyllAF0ghqVi0mS1vY7334MOHhu9C5bQ7goEjLKuG
g+ExTGGH+aoO+F93/3pvWLij6IwuQaq/9Bp7RVItOkB+2rnQCnBP45Z/YPbdtwuj
qP2q8BPTcUWjwMIlxw74swxXW8po3WEdlLzEpynGA0bXEH7ILrFjCqoK/wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFHIueO7fqQcScm89taRBMCCA0MoFMB8GA1UdIwQY
MBaAFDvMvHDhi2xp5T71Kl6SXl9PDNzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgt
YmJlNjBlYTIyMmM1LzEvY2k1NDd0LXBCeEp5YnoyMXBFRXdJSURReWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgtYmJlNjBlYTIyMmM1
LzEvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAnwADBAK5
iwgDBAfU14AwDQYJKoZIhvcNAQELBQADggEBAJ7cABDWPR1vybfbtIFGfjqHo7Q6
rE+rr0CEHI4BD5YdR2xNMYpKUo4XVOuJNny+7OoYA1yrh7hyVJfzJobaz5z/mtD1
iJwsI2DpYsbPWAC0SYCc7asf1A1YyvPZzhDuu6062iEfD05GDtmS1/+r/KacjCOa
pXdR/xbwBCS2Z/tHXjuFAgQqA3HC4TYrqGUkr2sM3r2rcaYSMlnqJl9ldCERtVld
JzCkrgzKEwRNN9DqW/c7CywNgMC4abp7m4Jxohu3vvFXucpSDfSx7pvw5imtujYM
JLQ+FTwwWldHcNBoryNWT7dpwKmdYVpIDJbxLe4Scfr9aevHjgPi5HPJcyc=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:58:29 2024 by rpki-client on console-ams.rpki-client.org