Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/eP1vtEB8LXRK3KsF15g8zdf1Rgo.roa
File: eP1vtEB8LXRK3KsF15g8zdf1Rgo.roa (raw, json)
Hash identifier: TxNsVmfMx/HeGiZz+wnRSCKSas2g6K0tVoQDIapLIZ4=
Subject key identifier: 78:FD:6F:B4:40:7C:2D:74:4A:DC:AB:05:D7:98:3C:CD:D7:F5:46:0A
Certificate issuer: /CN=bb8e2f5ac7cbe62117da478ac0c027ad6d843c56
Certificate serial: 018CC348DE6A921A7CB12B8F2B58940ECC12
Authority key identifier: BB:8E:2F:5A:C7:CB:E6:21:17:DA:47:8A:C0:C0:27:AD:6D:84:3C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/eP1vtEB8LXRK3KsF15g8zdf1Rgo.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8767
IP address blocks: 82.135.0.0/17 maxlen: 17
46.244.128.0/17 maxlen: 17
212.18.0.0/19 maxlen: 19
62.216.192.0/19 maxlen: 19
185.17.204.0/22 maxlen: 22
213.179.128.0/19 maxlen: 19
80.81.0.0/19 maxlen: 19
212.114.128.0/17 maxlen: 17
62.245.128.0/17 maxlen: 17
93.104.0.0/16 maxlen: 16
212.204.64.0/18 maxlen: 18
212.204.75.0/24 maxlen: 24
188.174.0.0/16 maxlen: 16
83.171.128.0/18 maxlen: 18
88.217.0.0/16 maxlen: 16
2001:a60::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/u44vWsfL5iEX2keKwMAnrW2EPFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/u44vWsfL5iEX2keKwMAnrW2EPFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:de:6a:92:1a:7c:b1:2b:8f:2b:58:94:0e:cc:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8e2f5ac7cbe62117da478ac0c027ad6d843c56
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78fd6fb4407c2d744adcab05d7983ccdd7f5460a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6d:11:de:03:3c:85:61:e2:50:df:07:77:2a:
74:d5:71:c0:c5:0e:6c:cc:14:3c:c3:eb:5c:71:43:
47:3d:36:80:26:cf:10:6c:95:a7:f4:85:6b:85:e3:
34:41:40:b3:d2:88:09:fd:7a:a2:f6:19:1b:7e:cc:
1d:ed:cd:8d:c1:6f:3f:3b:57:90:7e:39:ed:b1:f9:
88:0a:36:be:bb:cb:11:9e:93:61:f0:21:f0:f6:2a:
66:cf:7a:29:01:f1:a2:fc:2d:fa:76:f3:6b:30:52:
d8:95:fe:0b:c6:24:f3:02:07:fc:f9:5f:73:5d:20:
fd:ab:e7:7a:9a:6f:f0:36:48:2b:21:5d:46:67:f8:
ea:78:f3:7a:77:f9:b8:59:fc:2d:21:01:8e:64:8f:
a1:38:85:1f:f2:d9:3e:c4:d9:ed:a0:eb:a1:0f:de:
28:e7:6a:4b:55:10:e3:8b:dc:ef:3e:8c:77:35:34:
d1:80:8d:c8:0e:24:d5:5b:e7:c7:61:61:e3:14:4b:
8d:24:6d:47:74:02:41:48:49:74:2f:2b:d4:40:cd:
e2:45:a1:03:3d:2e:c7:ae:7f:70:96:cf:49:93:a2:
8d:66:3b:05:0b:0a:ff:7b:e7:1d:16:b0:c9:59:95:
a1:69:35:1d:ad:63:e0:f3:ea:bd:86:5b:cc:c7:58:
ff:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:FD:6F:B4:40:7C:2D:74:4A:DC:AB:05:D7:98:3C:CD:D7:F5:46:0A
X509v3 Authority Key Identifier:
keyid:BB:8E:2F:5A:C7:CB:E6:21:17:DA:47:8A:C0:C0:27:AD:6D:84:3C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/eP1vtEB8LXRK3KsF15g8zdf1Rgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/u44vWsfL5iEX2keKwMAnrW2EPFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.128.0/17
62.216.192.0/19
62.245.128.0/17
80.81.0.0/19
82.135.0.0/17
83.171.128.0/18
88.217.0.0/16
93.104.0.0/16
185.17.204.0/22
188.174.0.0/16
212.18.0.0/19
212.114.128.0/17
212.204.64.0/18
213.179.128.0/19
IPv6:
2001:a60::/29
Signature Algorithm: sha256WithRSAEncryption
98:a3:61:e5:0c:32:46:ba:47:63:0c:e5:80:08:6e:8a:59:50:
ad:dd:cc:3c:5d:c8:3b:9d:ec:1c:08:65:01:81:70:66:e2:1a:
2a:d4:94:62:f1:63:d3:c8:8b:38:eb:d8:3f:dd:d6:ec:0f:f4:
99:41:a9:cf:34:c6:2a:b3:bd:72:11:6b:3d:c0:3a:ac:71:c4:
f3:5c:b5:90:fb:ee:f9:81:3e:0e:ba:42:8a:8f:28:24:e1:56:
93:46:57:c8:98:29:26:58:63:5d:59:7e:68:60:3b:17:41:7c:
33:41:69:bc:61:d3:1e:eb:05:a6:9b:72:ce:8d:26:31:b3:e3:
4b:96:be:7a:49:55:3b:96:c3:1a:8e:93:60:4c:2a:16:39:cb:
3f:48:b7:8e:e8:d5:3d:00:37:b7:14:3e:bf:50:ff:e4:ac:0c:
43:f8:76:7f:5b:cd:be:03:d3:70:db:e6:77:fd:3e:7d:d2:37:
1c:c3:c2:6b:5f:73:af:59:61:41:3c:7e:de:58:5b:ef:c7:78:
cd:60:49:76:77:df:24:5e:aa:f9:95:aa:18:e9:7c:fb:13:c8:
a3:c1:32:e9:e8:de:91:fe:39:b4:c8:5e:ce:52:c6:d6:c7:72:
a8:c6:b3:d9:21:e8:2c:46:30:26:6b:bf:34:be:98:79:f2:98:
4e:91:fd:04
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYzDSN5qkhp8sSuPK1iUDswSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGUyZjVhYzdjYmU2MjExN2RhNDc4YWMwYzAyN2FkNmQ4
NDNjNTYwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGZkNmZiNDQwN2MyZDc0NGFkY2FiMDVkNzk4M2NjZGQ3ZjU0NjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0m0R3gM8hWHiUN8Hdyp01XHAxQ5s
zBQ8w+tccUNHPTaAJs8QbJWn9IVrheM0QUCz0ogJ/Xqi9hkbfswd7c2NwW8/O1eQ
fjntsfmICja+u8sRnpNh8CHw9ipmz3opAfGi/C36dvNrMFLYlf4LxiTzAgf8+V9z
XSD9q+d6mm/wNkgrIV1GZ/jqePN6d/m4WfwtIQGOZI+hOIUf8tk+xNntoOuhD94o
52pLVRDji9zvPox3NTTRgI3IDiTVW+fHYWHjFEuNJG1HdAJBSEl0LyvUQM3iRaED
PS7Hrn9wls9Jk6KNZjsFCwr/e+cdFrDJWZWhaTUdrWPg8+q9hlvMx1j/lwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFHj9b7RAfC10StyrBdeYPM3X9UYKMB8GA1UdIwQY
MBaAFLuOL1rHy+YhF9pHisDAJ61thDxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQ0dldzZkw1aUVYMmtlS3dNQW5yVzJFUEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kMjA4YTAtZTQzNi00ODk2LWJlZjIt
M2I5ZGIwNWQyMzg0LzEvZVAxdnRFQjhMWFJLM0tzRjE1Zzh6ZGYxUmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kMjA4YTAtZTQzNi00ODk2LWJlZjItM2I5ZGIwNWQyMzg0
LzEvdTQ0dldzZkw1aUVYMmtlS3dNQW5yVzJFUEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBXBAIAATBRAwQHLvSAAwQF
PtjAAwQHPvWAAwQFUFEAAwQHUocAAwQGU6uAAwMAWNkDAwBdaAMEArkRzAMDALyu
AwQF1BIAAwQH1HKAAwQG1MxAAwQF1bOAMA0EAgACMAcDBQMgAQpgMA0GCSqGSIb3
DQEBCwUAA4IBAQCYo2HlDDJGukdjDOWACG6KWVCt3cw8Xcg7newcCGUBgXBm4hoq
1JRi8WPTyIs469g/3dbsD/SZQanPNMYqs71yEWs9wDqsccTzXLWQ++75gT4OukKK
jygk4VaTRlfImCkmWGNdWX5oYDsXQXwzQWm8YdMe6wWmm3LOjSYxs+NLlr56SVU7
lsMajpNgTCoWOcs/SLeO6NU9ADe3FD6/UP/krAxD+HZ/W82+A9Nw2+Z3/T590jcc
w8JrX3OvWWFBPH7eWFvvx3jNYEl2d98kXqr5laoY6Xz7E8ijwTLp6N6R/jm0yF7O
UsbWx3KoxrPZIegsRjAma780vph58phOkf0E
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:52 2024 by rpki-client on console-fra.rpki-client.org