Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/8nA7X48cCVV25XzK6M2nEYJouK4.roa
File: 8nA7X48cCVV25XzK6M2nEYJouK4.roa (raw, json)
Hash identifier: gzwDV0JYnvKFgbY4jVTTKsQd7B5k7mSXzcXMCf7CL/M=
Subject key identifier: F2:70:3B:5F:8F:1C:09:55:76:E5:7C:CA:E8:CD:A7:11:82:68:B8:AE
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 018CC56E28EF6CC32F0975E140191F0183AD
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/8nA7X48cCVV25XzK6M2nEYJouK4.roa
Signing time: Mon 01 Jan 2024 14:29:40 +0000
ROA not before: Mon 01 Jan 2024 14:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7393
IP address blocks: 62.106.81.0/24 maxlen: 24
146.19.149.0/24 maxlen: 24
185.230.246.0/24 maxlen: 24
91.246.36.0/24 maxlen: 24
176.116.10.0/24 maxlen: 24
188.244.125.0/24 maxlen: 24
193.243.186.0/24 maxlen: 24
212.18.119.0/24 maxlen: 24
194.150.79.0/24 maxlen: 24
213.173.38.0/24 maxlen: 24
77.75.229.0/24 maxlen: 24
79.110.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:28:ef:6c:c3:2f:09:75:e1:40:19:1f:01:83:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Jan 1 14:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2703b5f8f1c095576e57ccae8cda7118268b8ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0b:f6:0d:62:b3:a0:e6:ec:8a:c8:aa:7c:35:
eb:cd:57:dc:0b:29:4a:a7:57:2d:eb:4f:37:4b:6b:
24:9d:d0:ae:68:66:b6:e3:a6:17:c2:92:95:10:d2:
f8:8d:00:da:03:b6:c0:fb:a9:a8:c8:86:d0:15:5c:
a7:28:83:80:ce:13:a3:92:9b:6f:56:00:58:c1:19:
84:5a:8a:26:fb:3b:11:cc:2a:31:56:df:c5:8a:1a:
d6:54:be:c5:66:18:af:51:bc:6b:75:95:8a:7d:84:
cd:66:49:2d:d5:29:c7:4a:9f:10:ce:33:ea:71:07:
92:87:36:32:c8:2b:7b:41:95:40:ac:ff:6c:b8:9a:
05:12:15:4d:01:b6:bb:64:07:79:a2:be:e5:d0:b9:
9a:ef:90:fc:d7:3a:af:d3:21:eb:b0:f9:29:db:29:
3c:1a:c4:87:e9:05:3e:ca:de:12:51:a6:fe:4a:8a:
8c:39:88:81:d1:79:76:a0:19:46:2f:5a:de:be:1a:
e8:7e:c7:45:64:37:02:5a:18:72:87:35:86:42:db:
ad:67:91:34:08:d4:04:fc:49:f0:18:57:f4:9e:6c:
82:e1:a3:01:7d:57:93:ae:d5:e2:a0:c5:69:e1:6e:
42:f8:db:8e:df:5f:e4:a2:ab:6f:40:81:ae:ee:c0:
14:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:70:3B:5F:8F:1C:09:55:76:E5:7C:CA:E8:CD:A7:11:82:68:B8:AE
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/8nA7X48cCVV25XzK6M2nEYJouK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.81.0/24
77.75.229.0/24
79.110.224.0/24
91.246.36.0/24
146.19.149.0/24
176.116.10.0/24
185.230.246.0/24
188.244.125.0/24
193.243.186.0/24
194.150.79.0/24
212.18.119.0/24
213.173.38.0/24
Signature Algorithm: sha256WithRSAEncryption
52:8f:2b:95:60:02:58:a7:7c:94:ee:95:6b:8f:70:7d:1d:07:
d1:5a:84:db:d4:a1:2d:7f:2b:36:f2:6c:bc:25:be:16:36:fa:
4e:89:26:fa:55:86:ce:75:64:ed:d8:22:52:c7:fe:fb:7b:63:
21:e8:d2:40:1f:26:bb:9a:c1:bc:a2:d0:c3:e6:5d:38:7b:4a:
8a:17:12:ab:34:31:a8:e4:be:c0:f6:18:b3:90:1f:3b:28:5e:
8e:58:f8:1a:c3:5b:c6:c7:e6:62:94:ed:a6:85:ab:88:cd:57:
ae:e7:ba:a1:88:5d:2b:c0:7e:09:62:03:e1:76:90:99:08:61:
90:bb:8f:22:32:13:5b:8b:83:c5:5c:67:20:3f:ca:ab:80:6b:
de:43:56:3f:d7:57:de:94:c9:7b:cf:ac:44:2e:9e:6b:0d:3d:
37:ec:bc:65:b6:76:a1:09:46:e9:53:cc:a7:9e:fb:0a:45:9a:
2e:7f:c4:1c:b2:6a:1e:3b:ff:5e:c8:13:a0:f6:d7:78:4c:02:
55:9d:06:00:af:90:bb:03:f9:55:cc:39:75:32:6e:39:35:c4:
51:cd:1c:3b:9e:eb:10:e1:86:e8:2d:a7:c3:c4:a9:cd:92:b9:
c5:a5:cc:e4:07:1b:d2:39:9f:b3:01:ba:79:73:3f:72:48:f8:
26:19:45:70
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzFbijvbMMvCXXhQBkfAYOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjQwMTAxMTQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjcwM2I1ZjhmMWMwOTU1NzZlNTdjY2FlOGNkYTcxMTgyNjhiOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswv2DWKzoObsisiqfDXrzVfcCylK
p1ct6083S2skndCuaGa246YXwpKVENL4jQDaA7bA+6moyIbQFVynKIOAzhOjkptv
VgBYwRmEWoom+zsRzCoxVt/FihrWVL7FZhivUbxrdZWKfYTNZkkt1SnHSp8QzjPq
cQeShzYyyCt7QZVArP9suJoFEhVNAba7ZAd5or7l0Lma75D81zqv0yHrsPkp2yk8
GsSH6QU+yt4SUab+SoqMOYiB0Xl2oBlGL1revhrofsdFZDcCWhhyhzWGQtutZ5E0
CNQE/EnwGFf0nmyC4aMBfVeTrtXioMVp4W5C+NuO31/koqtvQIGu7sAUkwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPJwO1+PHAlVduV8yujNpxGCaLiuMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvOG5BN1g0OGNDVlYyNVh6SzZNMm5FWUpvdUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAPmpRAwQA
TUvlAwQAT27gAwQAW/YkAwQAkhOVAwQAsHQKAwQAueb2AwQAvPR9AwQAwfO6AwQA
wpZPAwQA1BJ3AwQA1a0mMA0GCSqGSIb3DQEBCwUAA4IBAQBSjyuVYAJYp3yU7pVr
j3B9HQfRWoTb1KEtfys28my8Jb4WNvpOiSb6VYbOdWTt2CJSx/77e2Mh6NJAHya7
msG8otDD5l04e0qKFxKrNDGo5L7A9hizkB87KF6OWPgaw1vGx+ZilO2mhauIzVeu
57qhiF0rwH4JYgPhdpCZCGGQu48iMhNbi4PFXGcgP8qrgGveQ1Y/11felMl7z6xE
Lp5rDT037LxltnahCUbpU8ynnvsKRZouf8QcsmoeO/9eyBOg9td4TAJVnQYAr5C7
A/lVzDl1Mm45NcRRzRw7nusQ4YboLafDxKnNkrnFpczkBxvSOZ+zAbp5cz9ySPgm
GUVw
-----END CERTIFICATE-----
Generated at Sun May 19 05:50:11 2024 by rpki-client on console-fra.rpki-client.org