Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/8uxKFQLV3HV7vEx1lvVuKvBpyf4.roa
File: 8uxKFQLV3HV7vEx1lvVuKvBpyf4.roa (raw, json)
Hash identifier: oZJmpkuuIunIB8+2Ss2UVVZCnn33Xx3obI2MsnwpRQU=
Subject key identifier: F2:EC:4A:15:02:D5:DC:75:7B:BC:4C:75:96:F5:6E:2A:F0:69:C9:FE
Certificate issuer: /CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Certificate serial: 018CC6B925C62CC2493E185B2C6F875242A9
Authority key identifier: 7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/8uxKFQLV3HV7vEx1lvVuKvBpyf4.roa
Signing time: Mon 01 Jan 2024 20:31:11 +0000
ROA not before: Mon 01 Jan 2024 20:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44881
IP address blocks: 185.117.30.0/23 maxlen: 23
185.117.28.0/22 maxlen: 22
93.94.232.0/21 maxlen: 21
109.68.208.0/22 maxlen: 22
2a05:ce80::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:25:c6:2c:c2:49:3e:18:5b:2c:6f:87:52:42:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Validity
Not Before: Jan 1 20:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2ec4a1502d5dc757bbc4c7596f56e2af069c9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c8:ed:0e:d5:c6:70:39:6b:5f:0b:b7:c9:9e:
d2:21:41:1a:75:4e:02:94:c3:fc:91:cf:f1:dd:53:
eb:e8:a5:c5:7a:82:be:dc:85:bb:0c:82:55:d7:16:
a4:d2:8e:32:91:61:bf:e2:ed:ae:bf:da:08:9b:4b:
5a:d5:50:b1:d9:f0:01:12:af:24:8a:c2:40:95:ad:
5e:0e:b3:8c:a5:97:62:0c:a9:bf:bf:ae:c2:2e:51:
6f:c4:94:d0:16:fb:d2:e0:5c:d7:59:5d:2e:95:aa:
5b:85:34:b1:9f:ed:f9:ab:28:4e:9e:4f:cf:83:31:
78:11:8c:46:58:04:0c:e9:45:7f:80:6b:13:4d:e1:
c7:56:92:03:1f:6d:26:b5:1d:96:66:14:26:0b:27:
aa:9b:79:6f:1f:b9:c9:ee:95:88:d9:77:a8:1f:f0:
86:5b:b7:1c:b6:29:b0:1a:e7:ce:e5:f9:d9:80:26:
a5:83:39:b8:bb:fd:d8:cf:e7:4e:fe:07:31:a7:b2:
37:7e:7b:11:fc:e1:22:71:47:93:95:63:49:64:b9:
f4:76:ef:16:a7:21:b9:c3:48:a0:d2:b8:43:4f:35:
3d:19:9f:85:ec:8d:58:43:75:57:cf:e0:4f:04:87:
c1:41:24:0c:21:6f:18:8e:c2:53:3b:6a:23:43:1e:
a9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EC:4A:15:02:D5:DC:75:7B:BC:4C:75:96:F5:6E:2A:F0:69:C9:FE
X509v3 Authority Key Identifier:
keyid:7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/8uxKFQLV3HV7vEx1lvVuKvBpyf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.232.0/21
109.68.208.0/22
185.117.28.0/22
IPv6:
2a05:ce80::/36
Signature Algorithm: sha256WithRSAEncryption
89:2e:1f:21:b2:df:7a:04:66:f1:8a:96:b9:d0:83:6f:65:c4:
0f:6e:f2:50:31:02:c0:85:3f:56:11:40:05:f8:9b:2d:df:f3:
3f:a9:57:85:2f:14:fe:06:11:c7:4a:61:eb:e2:d5:35:99:a5:
a5:3f:67:cd:85:eb:07:d2:13:cf:64:78:9c:72:0e:7c:62:2c:
36:c1:1a:82:15:7f:73:7b:50:2b:42:21:e9:4b:c3:62:59:56:
0f:3a:6a:97:ee:81:8e:b2:e4:25:f0:92:03:2d:c2:fd:97:d9:
25:a3:0d:89:3b:66:84:52:4a:c5:c0:68:d0:fa:19:d6:43:b7:
67:09:bc:36:4a:4b:b2:12:c3:6b:2a:81:b1:35:48:26:13:ab:
24:0a:8e:3a:db:8b:4b:f4:89:6d:5f:d5:fb:43:55:2a:c2:75:
c6:31:0e:db:68:b5:9c:b7:c1:74:9d:1a:0f:87:fb:3a:d0:49:
2b:ec:b6:cb:b2:e3:77:91:fa:c5:bb:4b:6d:b1:4c:e6:1d:af:
5a:8b:74:11:8e:42:42:17:04:03:a5:ff:db:00:f0:f3:82:98:
19:6f:b0:e9:c2:a7:ca:d8:db:99:d3:ea:75:ff:cd:70:a8:ae:
c2:0a:65:43:31:dd:6c:ba:87:d8:6c:7a:6c:20:08:cf:4a:9d:
47:b1:87:07
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGuSXGLMJJPhhbLG+HUkKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTVjMGY5NWFiN2JlOGI4NWY3MTFmYTQzMzY2NWMxNGU2
ZTkzNTkwHhcNMjQwMTAxMjAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmVjNGExNTAyZDVkYzc1N2JiYzRjNzU5NmY1NmUyYWYwNjljOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8jtDtXGcDlrXwu3yZ7SIUEadU4C
lMP8kc/x3VPr6KXFeoK+3IW7DIJV1xak0o4ykWG/4u2uv9oIm0ta1VCx2fABEq8k
isJAla1eDrOMpZdiDKm/v67CLlFvxJTQFvvS4FzXWV0ulapbhTSxn+35qyhOnk/P
gzF4EYxGWAQM6UV/gGsTTeHHVpIDH20mtR2WZhQmCyeqm3lvH7nJ7pWI2XeoH/CG
W7cctimwGufO5fnZgCalgzm4u/3Yz+dO/gcxp7I3fnsR/OEicUeTlWNJZLn0du8W
pyG5w0ig0rhDTzU9GZ+F7I1YQ3VXz+BPBIfBQSQMIW8YjsJTO2ojQx6p3wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPLsShUC1dx1e7xMdZb1birwacn+MB8GA1UdIwQY
MBaAFH7lwPlat76LhfcR+kM2ZcFObpNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEt
OTAxOTRiZDY4NDI4LzEvOHV4S0ZRTFYzSFY3dkV4MWx2VnVLdkJweWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEtOTAxOTRiZDY4NDI4
LzEvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDXV7oAwQC
bUTQAwQCuXUcMA4EAgACMAgDBgQqBc6AADANBgkqhkiG9w0BAQsFAAOCAQEAiS4f
IbLfegRm8YqWudCDb2XED27yUDECwIU/VhFABfibLd/zP6lXhS8U/gYRx0ph6+LV
NZmlpT9nzYXrB9ITz2R4nHIOfGIsNsEaghV/c3tQK0Ih6UvDYllWDzpql+6BjrLk
JfCSAy3C/ZfZJaMNiTtmhFJKxcBo0PoZ1kO3Zwm8NkpLshLDayqBsTVIJhOrJAqO
OtuLS/SJbV/V+0NVKsJ1xjEO22i1nLfBdJ0aD4f7OtBJK+y2y7Ljd5H6xbtLbbFM
5h2vWot0EY5CQhcEA6X/2wDw84KYGW+w6cKnytjbmdPqdf/NcKiuwgplQzHdbLqH
2Gx6bCAIz0qdR7GHBw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:39:15 2024 by rpki-client on console-ams.rpki-client.org