Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/j-c4Ty9GGoeUD7q5ZaNnLoHe0F4.roa
File: j-c4Ty9GGoeUD7q5ZaNnLoHe0F4.roa (raw, json)
Hash identifier: 7CvH5w4RnwTyRklaia0ATx/cY98dYsFuLTuX/8vHOsg=
Subject key identifier: 8F:E7:38:4F:2F:46:1A:87:94:0F:BA:B9:65:A3:67:2E:81:DE:D0:5E
Certificate issuer: /CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Certificate serial: 018CC64AF54C6249BF0A6917F0D052CB213F
Authority key identifier: 7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/j-c4Ty9GGoeUD7q5ZaNnLoHe0F4.roa
Signing time: Mon 01 Jan 2024 18:30:50 +0000
ROA not before: Mon 01 Jan 2024 18:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8549
IP address blocks: 87.237.88.0/21 maxlen: 22
80.77.208.0/20 maxlen: 24
193.24.32.0/22 maxlen: 22
185.199.192.0/22 maxlen: 22
2a03:f00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/fciRFoK8XKcc7OHv46wTW_21ndY.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/fciRFoK8XKcc7OHv46wTW_21ndY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:f5:4c:62:49:bf:0a:69:17:f0:d0:52:cb:21:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Validity
Not Before: Jan 1 18:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fe7384f2f461a87940fbab965a3672e81ded05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:57:b8:62:b2:8f:22:d6:8d:a9:16:c9:90:b7:
1e:e4:7e:a0:b6:40:d7:28:ae:16:78:21:e4:b0:03:
6c:ea:a9:34:f7:8b:a7:d1:12:79:93:68:c6:2a:3b:
ab:d9:70:e6:be:c4:fa:26:8c:22:bb:84:34:9a:c6:
22:33:af:70:16:7b:a4:15:58:81:d9:5f:3a:a5:f8:
e5:a5:f3:51:a8:0c:be:00:a3:fe:4b:d9:3e:98:9a:
e5:35:02:bc:f3:16:7e:4a:7d:c5:f2:5b:ff:00:aa:
2c:f5:70:4d:a6:f3:40:84:8d:43:89:e0:2e:c4:f8:
e1:a8:3c:f4:42:ab:b3:8b:c5:80:99:e2:68:ab:1e:
65:ac:bd:98:1d:94:54:2b:86:89:3a:0f:e3:c1:7e:
30:58:ae:8e:c6:99:87:96:30:04:7c:36:34:e7:43:
e8:c1:04:74:5a:b5:c4:ac:7a:8e:fb:73:f5:6c:90:
37:16:fa:4d:6c:df:bd:e1:31:13:37:72:5f:ba:b8:
67:b5:3c:97:52:5b:29:d5:c7:5d:d9:35:20:e4:dc:
5d:88:d8:36:b4:f0:e3:2e:ac:4e:5d:c7:fb:74:63:
22:54:77:4e:97:62:fd:33:af:a6:d0:a1:06:b5:ae:
92:75:b4:bf:ab:09:d5:3f:6f:18:42:a1:4c:12:20:
81:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E7:38:4F:2F:46:1A:87:94:0F:BA:B9:65:A3:67:2E:81:DE:D0:5E
X509v3 Authority Key Identifier:
keyid:7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/j-c4Ty9GGoeUD7q5ZaNnLoHe0F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/fciRFoK8XKcc7OHv46wTW_21ndY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.77.208.0/20
87.237.88.0/21
185.199.192.0/22
193.24.32.0/22
IPv6:
2a03:f00::/29
Signature Algorithm: sha256WithRSAEncryption
45:b3:6b:15:d9:6c:5b:02:ab:ce:64:b3:2d:be:97:fa:a3:e4:
2b:8b:82:16:3a:5c:1d:b1:10:8e:d8:f9:0a:d7:2a:19:ce:99:
1f:3b:43:29:ce:97:fc:a5:48:a2:d3:da:f9:87:2f:44:35:04:
41:08:7c:b7:ab:59:62:3d:de:48:5c:a1:1c:56:19:06:62:f0:
6d:00:2f:52:d3:68:1e:fa:de:b6:67:2a:e6:31:c1:2a:56:9a:
f3:3e:9a:4b:23:d6:31:c4:23:0a:09:51:83:7e:3c:d0:d4:69:
57:35:1a:e9:71:74:2f:aa:d4:f7:b5:75:30:73:be:0d:dc:71:
97:43:ce:f9:b4:b8:af:b9:06:92:b3:a7:4c:4f:73:b2:c2:2c:
01:46:a3:77:4f:d2:73:43:55:7f:09:a7:ed:9e:98:fa:99:bd:
bb:95:bc:ed:53:c2:a6:41:41:3e:0a:ed:d7:2b:63:33:3b:80:
53:66:df:fb:ff:8c:bf:65:49:89:2c:cd:31:09:ba:58:4d:e9:
cf:eb:a9:16:66:eb:af:7d:c8:40:c9:21:0b:2c:17:b4:2c:99:
98:22:7a:02:c4:98:42:2c:14:ea:12:ac:69:01:3b:53:8d:14:
54:43:c5:bc:5c:85:82:ce:9c:cd:bc:9b:39:4a:91:14:9f:02:
3f:a6:6a:61
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGSvVMYkm/CmkX8NBSyyE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzg5MTE2ODJiYzVjYTcxY2VjZTFlZmUzYWMxMzViZmRi
NTlkZDYwHhcNMjQwMTAxMTgzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmU3Mzg0ZjJmNDYxYTg3OTQwZmJhYjk2NWEzNjcyZTgxZGVkMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAple4YrKPItaNqRbJkLce5H6gtkDX
KK4WeCHksANs6qk094un0RJ5k2jGKjur2XDmvsT6Jowiu4Q0msYiM69wFnukFViB
2V86pfjlpfNRqAy+AKP+S9k+mJrlNQK88xZ+Sn3F8lv/AKos9XBNpvNAhI1DieAu
xPjhqDz0Qquzi8WAmeJoqx5lrL2YHZRUK4aJOg/jwX4wWK6OxpmHljAEfDY050Po
wQR0WrXErHqO+3P1bJA3FvpNbN+94TETN3JfurhntTyXUlsp1cdd2TUg5NxdiNg2
tPDjLqxOXcf7dGMiVHdOl2L9M6+m0KEGta6SdbS/qwnVP28YQqFMEiCBZQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI/nOE8vRhqHlA+6uWWjZy6B3tBeMB8GA1UdIwQY
MBaAFH3IkRaCvFynHOzh7+OsE1v9tZ3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQt
NzUyOTUyNTFiMWU4LzEvai1jNFR5OUdHb2VVRDdxNVphTm5Mb0hlMEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQtNzUyOTUyNTFiMWU4
LzEvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUE3QAwQD
V+1YAwQCucfAAwQCwRggMA0EAgACMAcDBQMqAw8AMA0GCSqGSIb3DQEBCwUAA4IB
AQBFs2sV2WxbAqvOZLMtvpf6o+Qri4IWOlwdsRCO2PkK1yoZzpkfO0Mpzpf8pUii
09r5hy9ENQRBCHy3q1liPd5IXKEcVhkGYvBtAC9S02ge+t62ZyrmMcEqVprzPppL
I9YxxCMKCVGDfjzQ1GlXNRrpcXQvqtT3tXUwc74N3HGXQ875tLivuQaSs6dMT3Oy
wiwBRqN3T9JzQ1V/Caftnpj6mb27lbztU8KmQUE+Cu3XK2MzO4BTZt/7/4y/ZUmJ
LM0xCbpYTenP66kWZuuvfchAySELLBe0LJmYInoCxJhCLBTqEqxpATtTjRRUQ8W8
XIWCzpzNvJs5SpEUnwI/pmph
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:23:57 2024 by rpki-client on console-fra.rpki-client.org