Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/9oEzcmYBCBRnGPKGJZ7_7JlRTto.roa
File: 9oEzcmYBCBRnGPKGJZ7_7JlRTto.roa (raw, json)
Hash identifier: B+DKf32RMLfKiaHjiNrGR91rEcKBV6iFwY17/J692ro=
Subject key identifier: F6:81:33:72:66:01:08:14:67:18:F2:86:25:9E:FF:EC:99:51:4E:DA
Certificate issuer: /CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Certificate serial: 018DF5A10B1A786AAB8E1AC38F995006AFA2
Authority key identifier: 8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/9oEzcmYBCBRnGPKGJZ7_7JlRTto.roa
Signing time: Thu 29 Feb 2024 16:09:48 +0000
ROA not before: Thu 29 Feb 2024 16:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 46.17.88.0/21 maxlen: 24
91.192.192.0/22 maxlen: 24
91.215.184.0/22 maxlen: 24
185.27.244.0/22 maxlen: 24
193.164.206.0/23 maxlen: 24
193.200.80.0/23 maxlen: 24
194.50.108.0/24 maxlen: 24
194.116.174.0/23 maxlen: 24
195.8.126.0/24 maxlen: 24
212.42.0.0/19 maxlen: 24
2a03:be80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:a1:0b:1a:78:6a:ab:8e:1a:c3:8f:99:50:06:af:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Validity
Not Before: Feb 29 16:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6813372660108146718f286259effec99514eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ea:06:4b:8f:82:f1:8b:92:0c:e6:63:ed:bf:
d9:0c:87:fc:fd:cc:0d:7e:ed:59:31:8e:ed:b6:6c:
60:38:0b:60:cd:b9:93:d8:27:72:22:92:0b:18:82:
0b:c6:18:67:3a:75:d2:53:b8:8a:e7:6f:a5:43:7f:
e7:1e:da:ab:13:8c:d9:fa:43:d3:15:93:0e:9e:1a:
e9:6b:0b:62:19:60:fa:f5:89:a6:bd:4e:14:a9:04:
5f:e8:f1:04:29:3e:fa:f9:dc:4c:16:a0:02:04:29:
5d:ff:74:2e:fd:1a:3c:80:95:95:1c:c5:b2:24:f2:
a7:b0:cf:36:c3:68:42:64:2a:e6:54:bb:72:0b:1d:
6c:bb:95:55:c5:f1:10:f4:5f:50:a2:60:84:ef:98:
c0:60:ab:ef:f9:6a:f8:a9:ff:7d:a1:07:7e:41:80:
6b:79:d1:39:9c:cd:ef:82:96:0f:8c:4b:c7:59:1f:
a5:00:96:fc:cc:98:ca:3e:99:de:9c:25:c0:c9:43:
48:6a:60:24:0c:d3:24:f1:9e:29:30:89:57:53:8d:
5f:f3:2c:8d:25:b4:5e:d1:d0:71:b1:07:49:5e:c6:
78:c3:c2:fc:33:6e:b2:7b:ce:85:72:f4:57:63:43:
e8:24:30:9b:6c:39:f0:ac:57:78:fe:ff:3a:04:d1:
c1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:81:33:72:66:01:08:14:67:18:F2:86:25:9E:FF:EC:99:51:4E:DA
X509v3 Authority Key Identifier:
keyid:8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/9oEzcmYBCBRnGPKGJZ7_7JlRTto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.88.0/21
91.192.192.0/22
91.215.184.0/22
185.27.244.0/22
193.164.206.0/23
193.200.80.0/23
194.50.108.0/24
194.116.174.0/23
195.8.126.0/24
212.42.0.0/19
IPv6:
2a03:be80::/32
Signature Algorithm: sha256WithRSAEncryption
8d:03:b9:b7:b4:94:4a:b2:8f:6f:25:bd:e8:bf:87:ca:4f:9d:
82:78:a1:69:ac:21:3f:4c:5f:4e:af:06:31:ea:fa:97:83:57:
50:49:08:e0:75:96:4b:db:e3:eb:de:da:f8:4c:3d:38:33:ca:
be:66:bf:45:9a:0b:dc:86:a1:26:51:e6:7b:3a:b3:99:73:b1:
b8:11:b8:04:de:37:61:a7:be:03:a9:9b:79:85:d3:94:3e:af:
17:31:28:a4:57:17:9a:1b:0f:b1:22:e0:8d:10:57:5a:b8:5d:
ce:91:83:f8:f9:75:ba:9c:65:a5:d4:f6:de:a9:1c:55:25:19:
03:cf:9b:eb:8b:a8:ac:c5:bb:06:f2:0c:1b:a6:8b:59:db:2a:
eb:94:d2:73:75:85:52:26:c4:47:36:28:5d:a3:a1:24:53:77:
a6:2e:c3:13:00:c2:9d:ae:ea:7b:21:04:45:f0:5e:31:bf:7f:
97:de:32:c5:5f:57:df:ee:d9:0e:42:01:9b:37:94:08:65:01:
f2:d9:fa:7b:06:e6:d3:88:ea:52:0e:bd:ad:c9:42:49:e9:41:
e2:81:33:59:03:b4:0d:70:67:d3:07:08:c5:7a:16:05:a3:4b:
3f:82:8c:79:2c:54:8a:4b:1f:e6:f4:04:bb:ee:ae:64:46:33:
25:c1:66:53
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY31oQsaeGqrjhrDj5lQBq+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZjUxZDA2NzA3MTVlYjY5ZWZhMmZiZmYxOTk4YzNiZGJk
OGE5ZjUwHhcNMjQwMjI5MTYwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjgxMzM3MjY2MDEwODE0NjcxOGYyODYyNTllZmZlYzk5NTE0ZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOoGS4+C8YuSDOZj7b/ZDIf8/cwN
fu1ZMY7ttmxgOAtgzbmT2CdyIpILGIILxhhnOnXSU7iK52+lQ3/nHtqrE4zZ+kPT
FZMOnhrpawtiGWD69YmmvU4UqQRf6PEEKT76+dxMFqACBCld/3Qu/Ro8gJWVHMWy
JPKnsM82w2hCZCrmVLtyCx1su5VVxfEQ9F9QomCE75jAYKvv+Wr4qf99oQd+QYBr
edE5nM3vgpYPjEvHWR+lAJb8zJjKPpnenCXAyUNIamAkDNMk8Z4pMIlXU41f8yyN
JbRe0dBxsQdJXsZ4w8L8M26ye86FcvRXY0PoJDCbbDnwrFd4/v86BNHBhQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFPaBM3JmAQgUZxjyhiWe/+yZUU7aMB8GA1UdIwQY
MBaAFI31HQZwcV62nvovv/GZjDvb2Kn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamZVZEJuQnhYcmFlLWktXzhabU1POXZZcWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC83NDcxMTMtNTkxZC00ODA4LTkyZDkt
N2E3OTRkNWNlZDNkLzEvOW9FemNtWUJDQlJuR1BLR0paN183SmxSVHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC83NDcxMTMtNTkxZC00ODA4LTkyZDktN2E3OTRkNWNlZDNk
LzEvamZVZEJuQnhYcmFlLWktXzhabU1POXZZcWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDLhFYAwQC
W8DAAwQCW9e4AwQCuRv0AwQBwaTOAwQBwchQAwQAwjJsAwQBwnSuAwQAwwh+AwQF
1CoAMA0EAgACMAcDBQAqA76AMA0GCSqGSIb3DQEBCwUAA4IBAQCNA7m3tJRKso9v
Jb3ov4fKT52CeKFprCE/TF9OrwYx6vqXg1dQSQjgdZZL2+Pr3tr4TD04M8q+Zr9F
mgvchqEmUeZ7OrOZc7G4EbgE3jdhp74DqZt5hdOUPq8XMSikVxeaGw+xIuCNEFda
uF3OkYP4+XW6nGWl1PbeqRxVJRkDz5vri6isxbsG8gwbpotZ2yrrlNJzdYVSJsRH
Nihdo6EkU3emLsMTAMKdrup7IQRF8F4xv3+X3jLFX1ff7tkOQgGbN5QIZQHy2fp7
BubTiOpSDr2tyUJJ6UHigTNZA7QNcGfTBwjFehYFo0s/gox5LFSKSx/m9AS77q5k
RjMlwWZT
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:14:38 2024 by rpki-client on console-ams.rpki-client.org