Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/b8C8VLBvzUtNs_G2mLmmye6z5co.roa
File: b8C8VLBvzUtNs_G2mLmmye6z5co.roa (raw, json)
Hash identifier: ey8a4l8+3bngOATZrvaiBqwNQmI1PX0ZWavwmMjYlxE=
Subject key identifier: 6F:C0:BC:54:B0:6F:CD:4B:4D:B3:F1:B6:98:B9:A6:C9:EE:B3:E5:CA
Certificate issuer: /CN=8c77013e488a09c709b632246d9405da458c5538
Certificate serial: 018CC79375B4936B205B94AA00997340FEA7
Authority key identifier: 8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/b8C8VLBvzUtNs_G2mLmmye6z5co.roa
Signing time: Tue 02 Jan 2024 00:29:38 +0000
ROA not before: Tue 02 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51184
IP address blocks: 185.17.12.0/22 maxlen: 24
178.251.64.0/21 maxlen: 24
185.128.244.0/22 maxlen: 24
116.204.196.0/22 maxlen: 24
185.68.248.0/22 maxlen: 24
185.129.172.0/22 maxlen: 24
217.116.176.0/20 maxlen: 24
91.206.8.0/23 maxlen: 24
193.238.236.0/22 maxlen: 24
2a02:1748::/32 maxlen: 48
2a0c:ad40::/29 maxlen: 48
2a06:d500::/29 maxlen: 48
2001:1b98::/32 maxlen: 48
2a06:d180::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 00:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:75:b4:93:6b:20:5b:94:aa:00:99:73:40:fe:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c77013e488a09c709b632246d9405da458c5538
Validity
Not Before: Jan 2 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fc0bc54b06fcd4b4db3f1b698b9a6c9eeb3e5ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:22:6f:f9:aa:53:3a:73:74:85:bb:85:17:59:
23:a6:2d:00:d6:a4:b1:e7:0b:fd:8d:3a:3b:7e:6a:
db:3b:89:5f:8d:1d:9e:23:ec:a1:e4:89:69:da:e8:
65:25:3f:20:14:76:f0:62:d2:1b:cc:b2:cd:2c:a4:
ee:df:9e:f3:2e:e3:4c:6e:d5:14:13:7b:bc:f8:7e:
d2:03:dc:e5:60:14:4a:bc:40:67:18:66:3c:ad:d5:
5d:0a:ae:93:67:c6:c0:e1:ec:9e:b6:b0:f8:ee:d1:
b4:a2:bb:71:d1:da:6a:b9:aa:e0:9a:81:b8:43:23:
5b:fe:25:3e:6e:67:b4:c9:a3:2d:d5:0b:3c:12:90:
98:ec:50:78:3c:42:91:3f:b1:a4:d3:6e:da:80:88:
3c:48:5a:d9:95:89:f6:56:fc:6f:f6:ea:8d:1c:95:
90:b1:63:c4:78:c6:c0:38:45:b0:c2:e3:9f:df:3d:
d1:dd:ae:15:83:4b:7d:27:63:5b:d9:79:5a:77:82:
25:28:c4:48:34:94:3a:8b:96:ba:6c:46:16:91:ce:
32:8b:41:42:05:38:85:6a:35:c2:4e:85:90:77:4d:
ae:38:33:ff:d2:cb:3a:38:0f:3e:ec:2a:02:89:3d:
00:4b:ae:48:99:1a:7c:f7:f2:54:25:e3:53:1f:db:
4d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C0:BC:54:B0:6F:CD:4B:4D:B3:F1:B6:98:B9:A6:C9:EE:B3:E5:CA
X509v3 Authority Key Identifier:
keyid:8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/b8C8VLBvzUtNs_G2mLmmye6z5co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.8.0/23
116.204.196.0/22
178.251.64.0/21
185.17.12.0/22
185.68.248.0/22
185.128.244.0/22
185.129.172.0/22
193.238.236.0/22
217.116.176.0/20
IPv6:
2001:1b98::/32
2a02:1748::/32
2a06:d180::/29
2a06:d500::/29
2a0c:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
08:5c:e6:2c:c4:0f:88:df:1e:bc:6e:88:d1:5d:1c:ef:28:1c:
08:59:4b:d2:29:14:48:16:a3:e0:9c:54:83:23:5a:0a:c6:a5:
13:38:01:a0:5f:99:f0:53:ff:32:dd:90:27:eb:1f:d5:f7:0c:
34:06:22:81:31:e6:26:b3:1e:e5:7c:a4:99:91:bc:c2:bd:10:
46:2c:67:2e:ac:e0:de:0d:1c:b7:50:9a:29:46:06:2b:00:52:
13:b7:29:c1:48:70:62:53:a9:bc:dc:2e:bb:0c:93:af:1e:fc:
82:0a:f2:4e:fe:cf:ba:dc:ac:45:6d:ff:78:40:f3:8b:9a:ee:
91:91:cf:5e:1c:cd:a6:a6:90:ff:07:11:ca:23:50:2a:0c:8c:
f3:c7:11:b2:f7:94:7b:45:12:87:72:ba:30:7d:ca:4d:e4:02:
32:a8:1f:dc:56:a1:74:b5:b6:e3:22:40:b2:cf:69:43:88:dd:
90:98:55:9b:25:c1:28:94:a5:8c:ae:b6:e8:22:69:0d:8b:44:
ca:17:75:68:a1:59:ec:47:3b:e8:c6:bb:da:fe:a4:4d:57:da:
64:58:1e:fe:9c:95:a5:a7:39:3e:18:95:99:5b:0a:06:c2:59:
bb:e2:df:d5:e6:76:ab:d5:07:d7:29:57:36:28:68:d1:8f:f0:
e1:a9:1f:ac
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYzHk3W0k2sgW5SqAJlzQP6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzcwMTNlNDg4YTA5YzcwOWI2MzIyNDZkOTQwNWRhNDU4
YzU1MzgwHhcNMjQwMTAyMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmMwYmM1NGIwNmZjZDRiNGRiM2YxYjY5OGI5YTZjOWVlYjNlNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CJv+apTOnN0hbuFF1kjpi0A1qSx
5wv9jTo7fmrbO4lfjR2eI+yh5Ilp2uhlJT8gFHbwYtIbzLLNLKTu357zLuNMbtUU
E3u8+H7SA9zlYBRKvEBnGGY8rdVdCq6TZ8bA4eyetrD47tG0ortx0dpquargmoG4
QyNb/iU+bme0yaMt1Qs8EpCY7FB4PEKRP7Gk027agIg8SFrZlYn2Vvxv9uqNHJWQ
sWPEeMbAOEWwwuOf3z3R3a4Vg0t9J2Nb2Xlad4IlKMRINJQ6i5a6bEYWkc4yi0FC
BTiFajXCToWQd02uODP/0ss6OA8+7CoCiT0AS65ImRp89/JUJeNTH9tNbQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFG/AvFSwb81LTbPxtpi5psnus+XKMB8GA1UdIwQY
MBaAFIx3AT5IignHCbYyJG2UBdpFjFU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgt
MDIxMjk1MzNhMzNkLzEvYjhDOFZMQnZ6VXROc19HMm1MbW15ZTZ6NWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgtMDIxMjk1MzNhMzNk
LzEvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA8BAIAATA2AwQBW84IAwQC
dMzEAwQDsvtAAwQCuREMAwQCuUT4AwQCuYD0AwQCuYGsAwQCwe7sAwQE2XSwMCkE
AgACMCMDBQAgARuYAwUAKgIXSAMFAyoG0YADBQMqBtUAAwUDKgytQDANBgkqhkiG
9w0BAQsFAAOCAQEACFzmLMQPiN8evG6I0V0c7ygcCFlL0ikUSBaj4JxUgyNaCsal
EzgBoF+Z8FP/Mt2QJ+sf1fcMNAYigTHmJrMe5XykmZG8wr0QRixnLqzg3g0ct1Ca
KUYGKwBSE7cpwUhwYlOpvNwuuwyTrx78ggryTv7PutysRW3/eEDzi5rukZHPXhzN
pqaQ/wcRyiNQKgyM88cRsveUe0USh3K6MH3KTeQCMqgf3FahdLW24yJAss9pQ4jd
kJhVmyXBKJSljK626CJpDYtEyhd1aKFZ7Ec76Ma72v6kTVfaZFge/pyVpac5PhiV
mVsKBsJZu+Lf1eZ2q9UH1ylXNiho0Y/w4akfrA==
-----END CERTIFICATE-----
Generated at Mon Jun 3 08:57:41 2024 by rpki-client on console-fra.rpki-client.org