Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/87cO3EcuSh6qHZul3cQs9sqFKDM.roa
File: 87cO3EcuSh6qHZul3cQs9sqFKDM.roa (raw, json)
Hash identifier: tRCWmsHFyebTe975Ax980RtDqATwPUzxGt9rQ+VkANo=
Subject key identifier: F3:B7:0E:DC:47:2E:4A:1E:AA:1D:9B:A5:DD:C4:2C:F6:CA:85:28:33
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 018CC4928B85907455B550E0EAFE25733AB1
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/87cO3EcuSh6qHZul3cQs9sqFKDM.roa
Signing time: Mon 01 Jan 2024 10:29:47 +0000
ROA not before: Mon 01 Jan 2024 10:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51747
IP address blocks: 176.74.192.0/21 maxlen: 21
5.133.192.0/19 maxlen: 20
151.252.24.0/21 maxlen: 21
185.12.248.0/22 maxlen: 22
185.12.148.0/22 maxlen: 22
151.248.0.0/21 maxlen: 21
80.248.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.mft
rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:8b:85:90:74:55:b5:50:e0:ea:fe:25:73:3a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 1 10:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3b70edc472e4a1eaa1d9ba5ddc42cf6ca852833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:83:2a:6e:91:08:ff:8d:e8:c7:ec:18:83:a4:
7a:f1:d4:b4:03:2c:6b:91:73:5f:7a:a5:26:7e:06:
9a:ad:a5:96:a7:95:6d:5f:b7:ec:9a:27:fe:f1:cf:
21:ec:7c:99:a1:07:5a:20:c7:13:72:f8:bf:26:db:
f3:c9:a2:f6:e5:e0:08:e2:19:d2:0b:dd:de:35:76:
ec:f6:e1:2a:7c:2d:48:ef:bc:4b:81:14:39:85:51:
db:c5:78:c1:7e:0d:22:0c:d9:e9:6a:f0:2d:9b:66:
45:82:54:a1:e8:fe:50:af:da:2b:74:34:20:7b:c7:
28:fc:20:ff:6d:6f:a0:d1:42:52:8c:06:fa:a1:53:
8a:42:0a:5b:88:0a:ed:b0:16:4d:09:8b:98:b0:11:
85:de:0e:e1:3b:f7:e0:16:c2:66:c9:a0:01:b1:69:
88:20:5b:00:6f:6f:6a:fc:23:05:ce:10:01:cd:4a:
a6:65:d6:04:d2:ed:3d:fc:82:a7:59:02:5a:90:65:
17:27:2b:47:01:d9:1d:6e:9f:f9:b4:61:97:aa:76:
33:4a:2f:79:87:85:aa:48:21:3f:df:b2:3d:85:0e:
03:66:c6:2a:9b:81:d8:fa:b1:cf:16:28:01:00:2c:
d7:19:07:8a:e0:f3:39:a5:4d:91:ff:8a:d6:cc:ad:
4b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B7:0E:DC:47:2E:4A:1E:AA:1D:9B:A5:DD:C4:2C:F6:CA:85:28:33
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/87cO3EcuSh6qHZul3cQs9sqFKDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.192.0/19
80.248.224.0/20
151.248.0.0/21
151.252.24.0/21
176.74.192.0/21
185.12.148.0/22
185.12.248.0/22
Signature Algorithm: sha256WithRSAEncryption
af:e1:c5:d5:34:a5:2e:2f:91:b1:89:72:a5:42:f4:8a:80:e9:
2f:13:bf:c8:1d:56:e0:60:7d:93:1d:43:16:6b:6a:25:55:ac:
dd:60:79:12:7d:98:65:5b:97:9f:93:c9:59:f7:fa:a5:fd:f1:
6f:78:3a:d5:35:c1:ea:ef:32:b8:1e:9b:99:ec:c5:30:ac:fb:
b9:54:62:fe:e7:c6:c0:2f:14:c9:c9:d4:fe:dc:e6:e6:7d:89:
7d:5d:a9:f3:1e:a3:e6:12:b7:03:8f:ac:47:61:15:2e:c6:d1:
e7:a1:29:d5:19:cf:35:0e:d1:c4:3b:c6:e3:c6:05:e0:85:6c:
36:52:c1:86:19:99:f9:f8:61:bf:a2:85:50:ad:48:ba:45:06:
b8:c5:ec:08:44:6b:d7:56:c1:c6:f3:da:f5:9c:94:7d:9c:29:
44:f8:db:ff:5a:82:de:c2:b0:0a:21:ab:56:b1:e6:bb:40:c5:
2e:13:22:d4:4b:19:99:3e:66:c0:07:71:6d:74:c6:02:28:33:
ff:f2:a8:9d:2a:8d:da:f2:ea:56:7b:38:e0:d5:d5:4f:41:a3:
16:36:fe:8e:95:30:a7:62:16:0f:26:b0:be:e2:a8:17:24:0b:
46:46:63:f6:c9:56:34:18:b5:c8:1a:ac:e1:1d:a8:df:81:3d:
22:e0:73:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzEkouFkHRVtVDg6v4lczqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjQwMTAxMTAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2I3MGVkYzQ3MmU0YTFlYWExZDliYTVkZGM0MmNmNmNhODUyODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIMqbpEI/43ox+wYg6R68dS0Ayxr
kXNfeqUmfgaaraWWp5VtX7fsmif+8c8h7HyZoQdaIMcTcvi/JtvzyaL25eAI4hnS
C93eNXbs9uEqfC1I77xLgRQ5hVHbxXjBfg0iDNnpavAtm2ZFglSh6P5Qr9ordDQg
e8co/CD/bW+g0UJSjAb6oVOKQgpbiArtsBZNCYuYsBGF3g7hO/fgFsJmyaABsWmI
IFsAb29q/CMFzhABzUqmZdYE0u09/IKnWQJakGUXJytHAdkdbp/5tGGXqnYzSi95
h4WqSCE/37I9hQ4DZsYqm4HY+rHPFigBACzXGQeK4PM5pU2R/4rWzK1LaQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPO3DtxHLkoeqh2bpd3ELPbKhSgzMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvODdjTzNFY3VTaDZxSFp1bDNjUXM5c3FGS0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFBYXAAwQE
UPjgAwQDl/gAAwQDl/wYAwQDsErAAwQCuQyUAwQCuQz4MA0GCSqGSIb3DQEBCwUA
A4IBAQCv4cXVNKUuL5GxiXKlQvSKgOkvE7/IHVbgYH2THUMWa2olVazdYHkSfZhl
W5efk8lZ9/ql/fFveDrVNcHq7zK4HpuZ7MUwrPu5VGL+58bALxTJydT+3ObmfYl9
XanzHqPmErcDj6xHYRUuxtHnoSnVGc81DtHEO8bjxgXghWw2UsGGGZn5+GG/ooVQ
rUi6RQa4xewIRGvXVsHG89r1nJR9nClE+Nv/WoLewrAKIatWsea7QMUuEyLUSxmZ
PmbAB3FtdMYCKDP/8qidKo3a8upWezjg1dVPQaMWNv6OlTCnYhYPJrC+4qgXJAtG
RmP2yVY0GLXIGqzhHajfgT0i4HNG
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:26 2024 by rpki-client on console-fra.rpki-client.org