Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/8tqsGFUj1zv4xp6EHyzHjsnokdA.roa
File: 8tqsGFUj1zv4xp6EHyzHjsnokdA.roa (raw, json)
Hash identifier: 2tsgE8OVdzDHofpIgIfP6jVr3QMLyKNG8NqG72dSpfI=
Subject key identifier: F2:DA:AC:18:55:23:D7:3B:F8:C6:9E:84:1F:2C:C7:8E:C9:E8:91:D0
Certificate issuer: /CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Certificate serial: 018CC8DF2561C17459ABFC28E1C5DB6ACF58
Authority key identifier: 90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/8tqsGFUj1zv4xp6EHyzHjsnokdA.roa
Signing time: Tue 02 Jan 2024 06:31:56 +0000
ROA not before: Tue 02 Jan 2024 06:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47447
IP address blocks: 185.88.212.0/22 maxlen: 22
159.48.12.0/22 maxlen: 22
194.6.208.0/22 maxlen: 22
109.71.72.0/22 maxlen: 22
2a05:cc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:25:61:c1:74:59:ab:fc:28:e1:c5:db:6a:cf:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Validity
Not Before: Jan 2 06:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2daac185523d73bf8c69e841f2cc78ec9e891d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:33:22:c3:b9:71:83:3b:dc:4e:3d:95:d4:7d:
f2:a2:f0:ce:16:34:52:34:cd:a7:08:81:0b:1d:dd:
fd:e0:40:e1:ee:fe:92:93:f7:67:3e:e4:4a:74:c9:
bc:73:1b:60:42:7c:30:39:88:e3:c8:95:d6:9b:3c:
33:a4:20:cd:8b:bc:c4:0a:30:9c:6e:ba:66:51:de:
3c:63:94:1f:b6:67:14:6d:81:38:b6:d4:57:73:a3:
7b:1b:bf:3e:53:44:fa:d0:63:52:1e:ff:e3:62:45:
69:9a:ec:4c:4b:0a:02:67:12:91:ce:ec:56:c5:c4:
a1:f4:9b:62:55:f7:33:02:e2:dc:bf:8d:b6:20:71:
c1:fc:80:bd:59:bc:15:32:5c:45:99:a6:12:68:6e:
bc:b8:c1:1f:81:13:c4:0e:3e:1b:57:e6:fc:a6:f4:
b9:a7:97:06:fd:4e:22:1c:63:69:cf:11:c5:f0:b3:
f8:34:a6:aa:bf:36:4e:05:7c:1d:01:70:29:a4:fb:
0c:97:36:86:03:95:92:30:6d:82:c4:7e:04:cb:fd:
3c:2a:3a:42:e5:03:e8:ff:f8:91:d6:b4:a8:d8:e0:
b4:a2:58:66:21:66:3d:0b:0e:f0:4b:d9:12:53:df:
db:3b:dc:39:f4:a9:f1:6a:81:a3:bb:0b:c3:0e:89:
ac:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DA:AC:18:55:23:D7:3B:F8:C6:9E:84:1F:2C:C7:8E:C9:E8:91:D0
X509v3 Authority Key Identifier:
keyid:90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/8tqsGFUj1zv4xp6EHyzHjsnokdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.72.0/22
159.48.12.0/22
185.88.212.0/22
194.6.208.0/22
IPv6:
2a05:cc00::/29
Signature Algorithm: sha256WithRSAEncryption
6b:17:5f:af:3e:0f:2b:fc:07:aa:1d:ce:5d:11:71:d0:77:d3:
19:67:2f:8d:1c:4c:b4:8a:0b:fb:2f:e1:bc:ee:4c:36:98:7d:
b8:47:67:24:8a:92:d4:fc:2b:d1:bc:7d:f9:f8:3c:e6:d0:60:
75:66:0e:92:dc:aa:b5:5f:ec:a6:8d:37:dc:e0:99:a1:a4:b1:
07:6e:5f:c4:b6:3d:b4:ac:e5:e0:e6:6f:8d:ac:77:e5:20:7c:
5e:f2:5d:23:7c:b9:ed:4e:40:3f:fc:b7:2c:1e:a3:b9:1c:c6:
a7:72:36:8d:dc:22:d6:bd:0b:63:67:6c:1e:29:66:c6:04:dd:
a9:40:60:dd:cc:b3:e8:ec:5a:23:2f:25:c6:e9:3c:2f:c8:96:
5f:43:d5:7b:a0:37:c3:9c:92:d4:fd:b8:71:05:5f:4f:d8:72:
c3:e2:4b:52:36:70:64:22:9c:12:db:19:7b:e8:61:af:3f:96:
c7:df:a4:fe:1b:df:6a:34:14:3a:c2:61:7f:c6:1b:aa:48:25:
16:94:99:fc:06:92:fe:de:c1:9c:2f:7e:74:49:2d:a3:21:f2:
d2:eb:96:ae:b9:50:a9:bf:3e:d2:6f:69:02:59:0e:75:01:4a:
ba:49:df:5c:0f:c3:a3:8d:5d:aa:6c:74:d9:e8:32:18:89:2b:
2c:24:91:2b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI3yVhwXRZq/wo4cXbas9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNDQ0YjA3OWRmMDA4YTdjN2NiZTI4ZmNiYTVkYmUwNjIw
ZThlMTcwHhcNMjQwMTAyMDYzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRhYWMxODU1MjNkNzNiZjhjNjllODQxZjJjYzc4ZWM5ZTg5MWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTMiw7lxgzvcTj2V1H3yovDOFjRS
NM2nCIELHd394EDh7v6Sk/dnPuRKdMm8cxtgQnwwOYjjyJXWmzwzpCDNi7zECjCc
brpmUd48Y5QftmcUbYE4ttRXc6N7G78+U0T60GNSHv/jYkVpmuxMSwoCZxKRzuxW
xcSh9JtiVfczAuLcv422IHHB/IC9WbwVMlxFmaYSaG68uMEfgRPEDj4bV+b8pvS5
p5cG/U4iHGNpzxHF8LP4NKaqvzZOBXwdAXAppPsMlzaGA5WSMG2CxH4Ey/08KjpC
5QPo//iR1rSo2OC0olhmIWY9Cw7wS9kSU9/bO9w59KnxaoGjuwvDDomszwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPLarBhVI9c7+MaehB8sx47J6JHQMB8GA1UdIwQY
MBaAFJBESwed8Ainx8vij8ul2+BiDo4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMt
OTkxNDk4NjdkYmY3LzEvOHRxc0dGVWoxenY0eHA2RUh5ekhqc25va2RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMtOTkxNDk4NjdkYmY3
LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCbUdIAwQC
nzAMAwQCuVjUAwQCwgbQMA0EAgACMAcDBQMqBcwAMA0GCSqGSIb3DQEBCwUAA4IB
AQBrF1+vPg8r/AeqHc5dEXHQd9MZZy+NHEy0igv7L+G87kw2mH24R2ckipLU/CvR
vH35+Dzm0GB1Zg6S3Kq1X+ymjTfc4JmhpLEHbl/Etj20rOXg5m+NrHflIHxe8l0j
fLntTkA//LcsHqO5HMancjaN3CLWvQtjZ2weKWbGBN2pQGDdzLPo7FojLyXG6Twv
yJZfQ9V7oDfDnJLU/bhxBV9P2HLD4ktSNnBkIpwS2xl76GGvP5bH36T+G99qNBQ6
wmF/xhuqSCUWlJn8BpL+3sGcL350SS2jIfLS65auuVCpvz7Sb2kCWQ51AUq6Sd9c
D8OjjV2qbHTZ6DIYiSssJJEr
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:34:05 2024 by rpki-client on console-fra.rpki-client.org