Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/F8kOd79BzwrtMG0iXrjnf4uqphs.roa
File: F8kOd79BzwrtMG0iXrjnf4uqphs.roa (raw, json)
Hash identifier: 1faqv1YrtdMYWrQkl4IdQxDhtay3qTCNEFoK4KCd7VY=
Subject key identifier: 17:C9:0E:77:BF:41:CF:0A:ED:30:6D:22:5E:B8:E7:7F:8B:AA:A6:1B
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 018CC94DF9A0217C4221C96300C361D74A94
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/F8kOd79BzwrtMG0iXrjnf4uqphs.roa
Signing time: Tue 02 Jan 2024 08:32:59 +0000
ROA not before: Tue 02 Jan 2024 08:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1887
IP address blocks: 148.81.13.0/24 maxlen: 24
195.187.64.0/18 maxlen: 18
148.81.100.0/24 maxlen: 24
148.81.0.0/16 maxlen: 16
2a00:1488::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:f9:a0:21:7c:42:21:c9:63:00:c3:61:d7:4a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 2 08:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17c90e77bf41cf0aed306d225eb8e77f8baaa61b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6d:80:82:53:26:67:44:17:e7:c4:6b:bd:fd:
d5:43:08:c6:2f:06:0a:f0:ef:67:15:d0:14:5b:7a:
1b:7b:67:07:ed:88:04:50:e3:42:7b:0e:c5:28:58:
cf:ca:65:b5:4e:a4:43:b3:8d:15:6b:4d:fa:c7:0c:
21:cd:a3:38:34:ec:3e:c2:21:01:4d:4b:17:04:24:
23:f3:b4:d6:0b:65:3e:01:65:e0:ee:0e:cc:54:93:
7c:94:0f:e0:7d:c0:8f:19:d3:e0:0e:5a:39:bc:b9:
e9:a7:97:ad:f2:4c:b2:62:39:b1:38:39:c6:a4:4e:
b1:0e:2c:ee:3f:27:c9:f1:b9:0b:b5:cc:e6:6b:ee:
a9:bd:d6:46:a2:0b:23:f1:53:88:3c:a9:8a:df:6d:
ea:e5:a0:16:b5:16:54:59:83:29:34:f4:21:63:bc:
58:c1:51:ca:e0:97:c9:34:0b:6f:7e:94:64:5a:d3:
54:f0:25:75:d0:ca:9e:76:b6:4b:a7:db:23:cc:4a:
ee:a7:f7:7a:42:df:bd:35:0d:19:d4:e3:2c:ee:cd:
be:6b:21:5f:48:d8:0e:f8:ee:2c:f4:49:18:99:d1:
6d:90:1e:b1:39:72:b0:59:b4:0a:30:fa:d0:92:e9:
bf:61:f7:7d:2a:cd:4c:2f:a9:20:9a:01:88:2c:33:
bd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C9:0E:77:BF:41:CF:0A:ED:30:6D:22:5E:B8:E7:7F:8B:AA:A6:1B
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/F8kOd79BzwrtMG0iXrjnf4uqphs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.81.0.0/16
195.187.64.0/18
IPv6:
2a00:1488::/32
Signature Algorithm: sha256WithRSAEncryption
3e:99:08:e5:47:57:d4:aa:60:ee:d5:34:02:2b:1d:56:08:0e:
50:73:a3:7a:af:43:e6:ee:10:d6:31:b4:84:62:bf:83:58:c6:
64:b2:44:0b:fc:87:db:96:5e:61:9c:ec:da:ea:28:ab:f0:0e:
df:92:64:e6:96:7c:eb:c8:20:69:fb:65:23:30:bf:f3:96:e7:
53:29:8f:f8:64:af:f4:fd:25:65:40:5f:af:f0:d3:e4:05:d9:
f7:6b:20:b1:36:61:bd:a3:94:63:7d:8e:08:57:01:82:8d:0f:
bf:27:db:0f:88:ea:13:aa:a8:e3:e5:86:42:34:8c:ff:50:e3:
c3:25:7d:4b:56:ae:25:92:89:0e:5c:9f:ce:0e:df:c7:c9:9e:
19:aa:60:43:20:d9:96:b1:4f:58:6b:ea:e6:03:b2:0f:94:96:
6a:fb:d0:51:2d:29:23:f5:e3:37:6e:93:46:3a:06:cc:aa:d6:
99:84:fe:98:0d:f8:23:54:45:57:2e:1d:19:7c:28:0d:44:14:
81:37:81:3c:5b:c8:1b:d7:f3:7f:fd:1a:d7:7b:88:7b:0e:13:
b6:82:81:57:78:b8:04:e6:cc:23:bf:c4:c8:b6:a9:77:1d:86:
c8:2b:5e:0f:eb:4b:c9:9c:e3:c7:10:41:79:95:51:3f:60:59:
f0:67:fd:9f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJTfmgIXxCIcljAMNh10qUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjQwMTAyMDgzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2M5MGU3N2JmNDFjZjBhZWQzMDZkMjI1ZWI4ZTc3ZjhiYWFhNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg22AglMmZ0QX58Rrvf3VQwjGLwYK
8O9nFdAUW3obe2cH7YgEUONCew7FKFjPymW1TqRDs40Va036xwwhzaM4NOw+wiEB
TUsXBCQj87TWC2U+AWXg7g7MVJN8lA/gfcCPGdPgDlo5vLnpp5et8kyyYjmxODnG
pE6xDizuPyfJ8bkLtczma+6pvdZGogsj8VOIPKmK323q5aAWtRZUWYMpNPQhY7xY
wVHK4JfJNAtvfpRkWtNU8CV10MqedrZLp9sjzErup/d6Qt+9NQ0Z1OMs7s2+ayFf
SNgO+O4s9EkYmdFtkB6xOXKwWbQKMPrQkum/Yfd9Ks1ML6kgmgGILDO90wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBfJDne/Qc8K7TBtIl6453+LqqYbMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvRjhrT2Q3OUJ6d3J0TUcwaVhyam5mNHVxcGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAlFEDBAbD
u0AwDQQCAAIwBwMFACoAFIgwDQYJKoZIhvcNAQELBQADggEBAD6ZCOVHV9SqYO7V
NAIrHVYIDlBzo3qvQ+buENYxtIRiv4NYxmSyRAv8h9uWXmGc7NrqKKvwDt+SZOaW
fOvIIGn7ZSMwv/OW51Mpj/hkr/T9JWVAX6/w0+QF2fdrILE2Yb2jlGN9jghXAYKN
D78n2w+I6hOqqOPlhkI0jP9Q48MlfUtWriWSiQ5cn84O38fJnhmqYEMg2ZaxT1hr
6uYDsg+Ulmr70FEtKSP14zduk0Y6Bsyq1pmE/pgN+CNURVcuHRl8KA1EFIE3gTxb
yBvX83/9Gtd7iHsOE7aCgVd4uATmzCO/xMi2qXcdhsgrXg/rS8mc48cQQXmVUT9g
WfBn/Z8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:56:08 2024 by rpki-client on console-fra.rpki-client.org