Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/8_summtSR7k6iruuWvnibQnIrZ0.roa
File: 8_summtSR7k6iruuWvnibQnIrZ0.roa (raw, json)
Hash identifier: w6UhYZ5ecYndoqrP+CzoxXJgRzgjpoToCF7YHfDH9c4=
Subject key identifier: F3:FB:2E:9A:6B:52:47:B9:3A:8A:BB:AE:5A:F9:E2:6D:09:C8:AD:9D
Certificate issuer: /CN=da0389d85ea126e0efbebc5d8459ef709fb895cb
Certificate serial: 018CC56EB977A0A441E8505E03DB30879B89
Authority key identifier: DA:03:89:D8:5E:A1:26:E0:EF:BE:BC:5D:84:59:EF:70:9F:B8:95:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gOJ2F6hJuDvvrxdhFnvcJ-4lcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/8_summtSR7k6iruuWvnibQnIrZ0.roa
Signing time: Mon 01 Jan 2024 14:30:17 +0000
ROA not before: Mon 01 Jan 2024 14:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60446
IP address blocks: 185.112.74.0/24 maxlen: 24
2a10:5540::/33 maxlen: 48
2a10:5540:1::/48 maxlen: 48
2a10:5540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/2gOJ2F6hJuDvvrxdhFnvcJ-4lcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/2gOJ2F6hJuDvvrxdhFnvcJ-4lcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gOJ2F6hJuDvvrxdhFnvcJ-4lcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b9:77:a0:a4:41:e8:50:5e:03:db:30:87:9b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0389d85ea126e0efbebc5d8459ef709fb895cb
Validity
Not Before: Jan 1 14:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3fb2e9a6b5247b93a8abbae5af9e26d09c8ad9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:40:c6:5d:83:4e:f1:31:ea:c0:d0:c7:21:
0e:f2:74:44:8c:91:54:5d:b0:6a:ac:d9:a3:9c:4a:
46:e3:ff:37:65:8d:6e:8f:08:f1:59:e5:e6:1a:06:
cb:ac:20:96:eb:f4:d3:f8:18:c3:1b:95:17:a0:d8:
88:64:a2:00:e5:2f:60:c8:2d:52:a9:20:c4:4f:ce:
75:bc:79:2a:ab:81:9f:44:13:aa:4f:87:2b:58:d5:
c7:4e:52:4e:0b:42:74:3d:2b:1b:c6:77:0e:3d:47:
88:fd:d1:ca:b9:34:0c:3e:81:c9:3f:c3:c4:0b:5a:
8b:fe:6e:45:21:08:78:9b:b8:7f:ea:57:ca:0e:83:
83:32:db:ec:eb:d6:65:5f:6e:86:6c:65:9e:bd:f8:
05:26:41:98:dc:5b:34:e0:55:d0:71:51:2d:74:78:
2d:fd:6a:ff:83:46:9d:53:49:98:79:7c:bd:bd:36:
00:62:f8:5c:80:3d:25:41:02:85:fd:58:75:ea:7f:
c2:bc:56:85:57:64:55:e3:35:9d:88:8f:aa:c6:e6:
cb:96:f7:9d:ee:c1:e3:e5:2d:3a:9a:e6:5a:0b:e4:
fc:22:04:98:dc:fd:d2:7d:db:ad:fc:c2:22:27:bf:
82:24:63:3b:f8:ab:96:75:87:94:09:cb:43:d9:3a:
ee:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:FB:2E:9A:6B:52:47:B9:3A:8A:BB:AE:5A:F9:E2:6D:09:C8:AD:9D
X509v3 Authority Key Identifier:
keyid:DA:03:89:D8:5E:A1:26:E0:EF:BE:BC:5D:84:59:EF:70:9F:B8:95:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gOJ2F6hJuDvvrxdhFnvcJ-4lcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/8_summtSR7k6iruuWvnibQnIrZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/27585c-b866-4962-80fd-ea6134706a40/1/2gOJ2F6hJuDvvrxdhFnvcJ-4lcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.74.0/24
IPv6:
2a10:5540::/29
Signature Algorithm: sha256WithRSAEncryption
0b:dc:89:51:81:8d:1d:d6:9a:01:86:28:6c:06:8e:17:cf:64:
6d:a0:17:4c:ca:25:0d:7a:d9:d6:df:fa:c2:af:46:6b:86:2e:
6d:53:17:81:1f:ca:41:98:b6:1b:9b:5a:67:1e:44:9d:fe:45:
bc:40:4e:86:ad:1f:80:22:fc:0f:6f:86:04:45:22:42:85:fd:
35:30:d0:b2:fd:2c:c0:02:32:1f:b4:6d:19:25:1b:54:5e:5f:
7f:6e:65:10:3c:96:dd:f4:36:32:fd:5c:c4:4d:df:4c:95:78:
21:1f:99:39:49:f7:63:84:54:27:07:bd:92:35:2a:a3:40:3d:
40:f9:4e:38:a8:54:c9:c0:e6:7e:1d:ad:c6:1f:63:75:8f:d4:
2a:9b:ff:fc:c0:54:cc:d9:7e:ea:bd:8a:32:b9:24:76:84:f3:
09:d8:59:96:d1:c6:ef:71:95:0d:3b:7d:b2:ff:20:ae:6c:35:
26:9c:8b:92:3e:bc:8f:23:6a:d3:a5:cb:71:fe:99:79:38:c7:
fc:5a:af:14:c0:69:17:f7:e7:62:3e:39:46:4e:36:88:18:37:
ec:71:16:10:0b:28:ad:90:43:57:58:83:8b:ef:eb:4e:ee:3b:
f4:3c:64:4e:f4:30:b3:e6:f1:cc:e5:22:0a:9b:f1:6c:6b:a6:
72:f9:5c:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbrl3oKRB6FBeA9swh5uJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDM4OWQ4NWVhMTI2ZTBlZmJlYmM1ZDg0NTllZjcwOWZi
ODk1Y2IwHhcNMjQwMTAxMTQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2ZiMmU5YTZiNTI0N2I5M2E4YWJiYWU1YWY5ZTI2ZDA5YzhhZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt09Axl2DTvEx6sDQxyEO8nREjJFU
XbBqrNmjnEpG4/83ZY1ujwjxWeXmGgbLrCCW6/TT+BjDG5UXoNiIZKIA5S9gyC1S
qSDET851vHkqq4GfRBOqT4crWNXHTlJOC0J0PSsbxncOPUeI/dHKuTQMPoHJP8PE
C1qL/m5FIQh4m7h/6lfKDoODMtvs69ZlX26GbGWevfgFJkGY3Fs04FXQcVEtdHgt
/Wr/g0adU0mYeXy9vTYAYvhcgD0lQQKF/Vh16n/CvFaFV2RV4zWdiI+qxubLlved
7sHj5S06muZaC+T8IgSY3P3Sfdut/MIiJ7+CJGM7+KuWdYeUCctD2Tru4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPP7LpprUke5Ooq7rlr54m0JyK2dMB8GA1UdIwQY
MBaAFNoDidheoSbg7768XYRZ73CfuJXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdPSjJGNmhKdUR2dnJ4ZGhGbnZjSi00bGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yNzU4NWMtYjg2Ni00OTYyLTgwZmQt
ZWE2MTM0NzA2YTQwLzEvOF9zdW1tdFNSN2s2aXJ1dVd2bmliUW5JclowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yNzU4NWMtYjg2Ni00OTYyLTgwZmQtZWE2MTM0NzA2YTQw
LzEvMmdPSjJGNmhKdUR2dnJ4ZGhGbnZjSi00bGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXBKMA0E
AgACMAcDBQMqEFVAMA0GCSqGSIb3DQEBCwUAA4IBAQAL3IlRgY0d1poBhihsBo4X
z2RtoBdMyiUNetnW3/rCr0Zrhi5tUxeBH8pBmLYbm1pnHkSd/kW8QE6GrR+AIvwP
b4YERSJChf01MNCy/SzAAjIftG0ZJRtUXl9/bmUQPJbd9DYy/VzETd9MlXghH5k5
SfdjhFQnB72SNSqjQD1A+U44qFTJwOZ+Ha3GH2N1j9Qqm//8wFTM2X7qvYoyuSR2
hPMJ2FmW0cbvcZUNO32y/yCubDUmnIuSPryPI2rTpctx/pl5OMf8Wq8UwGkX9+di
PjlGTjaIGDfscRYQCyitkENXWIOL7+tO7jv0PGRO9DCz5vHM5SIKm/Fsa6Zy+Vw1
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:35:11 2024 by rpki-client on console-fra.rpki-client.org