Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/PJ8LbQ1PfHqEJdghLKapc7eVjB8.roa
File: PJ8LbQ1PfHqEJdghLKapc7eVjB8.roa (raw, json)
Hash identifier: JF2IoKgKvas+BaecaE3HeKNUDvzAdviT1Uv0x/N/TcI=
Subject key identifier: 3C:9F:0B:6D:0D:4F:7C:7A:84:25:D8:21:2C:A6:A9:73:B7:95:8C:1F
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 018CC64B6C13B9E99BBC031A886D90F86645
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/PJ8LbQ1PfHqEJdghLKapc7eVjB8.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20507
IP address blocks: 85.223.101.0/24 maxlen: 24
82.215.0.0/18 maxlen: 24
82.215.17.0/24 maxlen: 24
82.215.19.0/24 maxlen: 24
85.223.126.0/24 maxlen: 24
217.149.192.0/24 maxlen: 24
217.149.192.0/19 maxlen: 24
217.149.202.0/24 maxlen: 24
217.149.201.0/24 maxlen: 24
217.149.203.0/24 maxlen: 24
217.149.219.0/24 maxlen: 24
217.149.217.0/24 maxlen: 24
217.149.218.0/24 maxlen: 24
2a01:3a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 19:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6c:13:b9:e9:9b:bc:03:1a:88:6d:90:f8:66:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c9f0b6d0d4f7c7a8425d8212ca6a973b7958c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8e:93:f6:c5:e5:7a:58:09:c3:df:6c:05:3a:
b1:16:cb:bd:25:7e:b3:d4:f7:da:8d:ca:72:20:21:
42:06:b7:7f:5b:1e:bd:83:b0:cf:20:53:55:37:44:
0a:e2:f6:c0:cc:9d:7c:ca:8a:a7:12:83:91:d1:ff:
15:49:0a:dc:bd:7f:0e:72:b4:a8:16:a8:c1:25:fe:
24:86:ea:c1:ee:4c:c4:92:e2:3a:62:6f:e8:3d:10:
bc:2c:db:6a:2d:2a:d9:2f:0b:d6:b0:f0:b9:d7:e3:
10:5b:ba:c2:4b:f8:6d:b2:55:0d:e9:ac:49:c1:f2:
14:73:81:80:1b:3b:ed:8c:da:d6:92:c7:e3:d8:eb:
3e:82:2a:74:28:0e:48:6f:76:b0:44:6a:ab:e0:ca:
e7:94:3e:d6:b9:17:c9:b9:3d:16:15:28:93:b6:fe:
5a:27:14:b6:46:64:1c:b6:75:fb:d8:0e:56:57:0d:
14:a6:b1:a8:bf:84:d8:02:67:9f:43:20:ea:ed:4b:
bc:03:c0:d7:79:a7:fa:01:23:c3:bc:5d:d4:6e:87:
1c:56:41:49:3f:4c:dc:2a:31:d4:87:60:32:01:d1:
94:96:a3:a9:9d:ea:d7:e2:9c:e2:71:02:c4:7e:9e:
14:94:c7:5b:66:93:8c:93:6f:c2:e6:74:b1:5b:50:
bf:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9F:0B:6D:0D:4F:7C:7A:84:25:D8:21:2C:A6:A9:73:B7:95:8C:1F
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/PJ8LbQ1PfHqEJdghLKapc7eVjB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.215.0.0/18
85.223.101.0/24
85.223.126.0/24
217.149.192.0/19
IPv6:
2a01:3a8::/32
Signature Algorithm: sha256WithRSAEncryption
91:94:9e:3a:83:f1:11:c8:ba:dd:d9:c9:82:d0:c2:f9:70:fe:
e5:7e:30:db:11:7c:6b:7f:5b:0e:ca:71:b6:13:71:57:e2:a6:
23:4c:b4:7a:df:32:21:05:00:ef:2c:ed:55:2f:ad:2e:a4:c0:
a0:8d:34:05:ee:01:7d:27:4f:2c:30:7a:fb:76:14:19:c7:49:
3e:95:c0:aa:33:fd:72:68:09:2d:c1:e5:06:dc:87:58:7c:7f:
bc:3d:99:91:73:fd:fd:14:81:7f:b2:1b:57:ae:bd:f5:80:48:
b7:93:92:10:91:06:5b:c9:47:fa:f3:c4:a0:c2:62:51:8b:97:
58:74:a0:ee:52:00:44:f0:9f:62:43:19:b9:40:b2:83:c2:3f:
2d:59:cd:b1:a0:c1:d1:86:16:fe:d6:7b:02:e1:08:4e:c5:6c:
4b:7f:c2:1a:bf:d8:b6:e0:04:0a:16:e1:f4:a9:a8:9e:86:21:
d0:20:60:eb:dc:f5:c2:8e:6d:d4:f2:a6:e1:16:2b:e1:86:8b:
57:2f:c9:19:5f:69:98:b1:9f:29:0e:29:b7:31:39:db:98:1b:
f4:49:92:33:56:cf:31:9f:d9:b1:e8:73:7c:71:bb:68:30:52:
07:20:a7:b5:68:82:fa:a2:e4:0f:e4:38:49:29:21:c8:cb:a0:
e7:82:06:9c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGS2wTuembvAMaiG2Q+GZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjUzNDQzNzUwMzY2ODgxNWFkZDkzY2QxN2QwYWQzZTFi
MWE4NzcwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlmMGI2ZDBkNGY3YzdhODQyNWQ4MjEyY2E2YTk3M2I3OTU4YzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk46T9sXlelgJw99sBTqxFsu9JX6z
1PfajcpyICFCBrd/Wx69g7DPIFNVN0QK4vbAzJ18yoqnEoOR0f8VSQrcvX8OcrSo
FqjBJf4khurB7kzEkuI6Ym/oPRC8LNtqLSrZLwvWsPC51+MQW7rCS/htslUN6axJ
wfIUc4GAGzvtjNrWksfj2Os+gip0KA5Ib3awRGqr4MrnlD7WuRfJuT0WFSiTtv5a
JxS2RmQctnX72A5WVw0UprGov4TYAmefQyDq7Uu8A8DXeaf6ASPDvF3UboccVkFJ
P0zcKjHUh2AyAdGUlqOpnerX4pzicQLEfp4UlMdbZpOMk2/C5nSxW1C/TQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDyfC20NT3x6hCXYISymqXO3lYwfMB8GA1UdIwQY
MBaAFGG1NEN1A2aIFa3ZPNF9CtPhsah3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYt
ZjU1NWUyZTY4YTEwLzEvUEo4TGJRMVBmSHFFSmRnaExLYXBjN2VWakI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYtZjU1NWUyZTY4YTEw
LzEvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGUtcAAwQA
Vd9lAwQAVd9+AwQF2ZXAMA0EAgACMAcDBQAqAQOoMA0GCSqGSIb3DQEBCwUAA4IB
AQCRlJ46g/ERyLrd2cmC0ML5cP7lfjDbEXxrf1sOynG2E3FX4qYjTLR63zIhBQDv
LO1VL60upMCgjTQF7gF9J08sMHr7dhQZx0k+lcCqM/1yaAktweUG3IdYfH+8PZmR
c/39FIF/shtXrr31gEi3k5IQkQZbyUf688SgwmJRi5dYdKDuUgBE8J9iQxm5QLKD
wj8tWc2xoMHRhhb+1nsC4QhOxWxLf8Iav9i24AQKFuH0qaiehiHQIGDr3PXCjm3U
8qbhFivhhotXL8kZX2mYsZ8pDim3MTnbmBv0SZIzVs8xn9mx6HN8cbtoMFIHIKe1
aIL6ouQP5DhJKSHIy6Dnggac
-----END CERTIFICATE-----
Generated at Fri Jun 21 04:46:54 2024 by rpki-client on console-ams.rpki-client.org