Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/8Q_S9_PUbBM5jAIFsublGbxMN9w.roa
File: 8Q_S9_PUbBM5jAIFsublGbxMN9w.roa (raw, json)
Hash identifier: mZp8NnjHkB2FKag4Pag4ac5feQnDEs3X4cD0RFM06zo=
Subject key identifier: F1:0F:D2:F7:F3:D4:6C:13:39:8C:02:05:B2:E6:E5:19:BC:4C:37:DC
Certificate issuer: /CN=a1f7882861c29ed599be4a937480c4d13e25bfc2
Certificate serial: 018CC7265879551AD8C7A4C5BC3E0F0E4D11
Authority key identifier: A1:F7:88:28:61:C2:9E:D5:99:BE:4A:93:74:80:C4:D1:3E:25:BF:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ofeIKGHCntWZvkqTdIDE0T4lv8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/8Q_S9_PUbBM5jAIFsublGbxMN9w.roa
Signing time: Mon 01 Jan 2024 22:30:28 +0000
ROA not before: Mon 01 Jan 2024 22:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33986
IP address blocks: 217.194.188.0/24 maxlen: 24
217.194.189.0/24 maxlen: 24
217.194.190.0/24 maxlen: 24
217.194.187.0/24 maxlen: 24
217.194.191.0/24 maxlen: 24
185.41.75.0/24 maxlen: 24
185.41.72.0/24 maxlen: 24
185.41.73.0/24 maxlen: 24
185.41.74.0/24 maxlen: 24
185.41.72.0/22 maxlen: 22
45.9.96.0/22 maxlen: 24
217.194.176.0/24 maxlen: 24
217.194.176.0/20 maxlen: 20
217.194.177.0/24 maxlen: 24
217.194.178.0/24 maxlen: 24
217.194.179.0/24 maxlen: 24
217.194.184.0/24 maxlen: 24
217.194.185.0/24 maxlen: 24
217.194.186.0/24 maxlen: 24
217.194.181.0/24 maxlen: 24
217.194.182.0/24 maxlen: 24
217.194.183.0/24 maxlen: 24
217.194.180.0/24 maxlen: 24
46.102.101.0/24 maxlen: 24
185.169.44.0/22 maxlen: 22
2a00:5b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/ofeIKGHCntWZvkqTdIDE0T4lv8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/ofeIKGHCntWZvkqTdIDE0T4lv8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ofeIKGHCntWZvkqTdIDE0T4lv8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:58:79:55:1a:d8:c7:a4:c5:bc:3e:0f:0e:4d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1f7882861c29ed599be4a937480c4d13e25bfc2
Validity
Not Before: Jan 1 22:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f10fd2f7f3d46c13398c0205b2e6e519bc4c37dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:71:db:fa:ed:97:72:50:7e:2d:ea:4f:71:cf:
b5:ba:07:50:d2:89:98:88:ca:ab:69:e2:5f:6f:bb:
23:45:e8:d4:29:6c:9f:1c:02:7c:b2:5a:d3:34:d6:
3d:74:73:ec:14:bb:8f:ce:6f:2b:69:c3:05:59:0b:
86:2f:69:c4:e7:12:da:bd:1a:7c:0e:06:a0:ff:65:
98:ae:a9:d3:26:4e:ec:20:b6:8f:2c:25:35:34:c4:
b7:17:48:64:a6:8e:bd:c3:03:c5:b1:c9:e2:0b:2a:
ef:63:ae:cd:7d:5c:da:f8:0d:ad:f0:f1:e5:80:31:
cd:9a:78:6c:d1:65:39:92:d9:ee:f5:58:6e:75:53:
70:f7:94:a7:86:a2:d6:10:a4:a2:1c:a5:1c:1c:ab:
59:29:d2:03:cd:cb:de:19:5f:9c:a8:c4:a7:0c:41:
be:50:93:73:7e:fd:8b:16:3a:55:7d:05:9e:fe:86:
8d:a4:bb:b6:a4:87:47:8e:6a:41:84:e1:c6:a3:b6:
dd:23:f5:de:ff:ae:ae:5b:ba:1b:ef:17:ca:2e:aa:
5c:73:3d:4d:2a:1e:95:12:df:ce:51:2c:31:71:74:
2a:ef:f1:f6:6b:73:89:19:46:37:e5:4e:e1:eb:6a:
1b:ee:d8:cd:5b:31:6e:7b:64:63:77:0f:59:e6:fe:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:0F:D2:F7:F3:D4:6C:13:39:8C:02:05:B2:E6:E5:19:BC:4C:37:DC
X509v3 Authority Key Identifier:
keyid:A1:F7:88:28:61:C2:9E:D5:99:BE:4A:93:74:80:C4:D1:3E:25:BF:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofeIKGHCntWZvkqTdIDE0T4lv8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/8Q_S9_PUbBM5jAIFsublGbxMN9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/ofeIKGHCntWZvkqTdIDE0T4lv8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.96.0/22
46.102.101.0/24
185.41.72.0/22
185.169.44.0/22
217.194.176.0/20
IPv6:
2a00:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
0a:a7:04:51:3c:d2:28:77:8e:43:1a:b6:6d:f4:c6:22:ae:b9:
42:e1:50:8a:ee:c4:08:61:cf:6f:17:a3:cf:d5:60:27:72:29:
18:90:e6:75:c1:db:b8:34:7d:0c:35:a1:09:a0:f7:ad:f9:cd:
69:ea:e2:7e:1d:b4:05:52:0b:e1:49:e7:cc:fb:48:26:e8:0e:
7e:b4:97:a2:aa:ee:62:02:e8:59:78:d6:c0:0c:08:9e:39:f6:
5c:c1:21:c1:be:36:08:39:28:1e:4c:7e:9e:30:9b:c7:6e:1e:
67:b9:3a:c6:82:6f:4e:69:9c:20:a5:91:7a:17:87:4c:24:8d:
f4:8c:1b:8e:d7:bf:20:b2:56:25:5f:91:eb:de:bb:d2:d1:65:
3c:b3:f2:d4:59:72:7c:1a:35:b2:15:97:40:ec:a7:1f:f0:1a:
41:fa:5f:67:cb:b2:d9:8a:6c:23:9b:5e:c7:46:ef:24:78:3b:
e9:8a:46:92:87:56:df:8b:7c:96:fd:7e:30:98:a6:15:86:c6:
34:79:65:2c:9e:b0:1d:ac:ae:4b:60:32:24:d6:79:5e:2a:52:
56:9d:46:8b:d0:a1:6f:e8:e5:ed:45:59:93:c5:22:a2:a8:b2:
9b:e3:45:7d:c4:84:b1:5a:3a:e7:00:69:b5:c9:ea:6e:85:0a:
f7:ec:b1:13
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHJlh5VRrYx6TFvD4PDk0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZjc4ODI4NjFjMjllZDU5OWJlNGE5Mzc0ODBjNGQxM2Uy
NWJmYzIwHhcNMjQwMTAxMjIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTBmZDJmN2YzZDQ2YzEzMzk4YzAyMDViMmU2ZTUxOWJjNGMzN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnHb+u2XclB+LepPcc+1ugdQ0omY
iMqraeJfb7sjRejUKWyfHAJ8slrTNNY9dHPsFLuPzm8racMFWQuGL2nE5xLavRp8
Dgag/2WYrqnTJk7sILaPLCU1NMS3F0hkpo69wwPFscniCyrvY67NfVza+A2t8PHl
gDHNmnhs0WU5ktnu9VhudVNw95SnhqLWEKSiHKUcHKtZKdIDzcveGV+cqMSnDEG+
UJNzfv2LFjpVfQWe/oaNpLu2pIdHjmpBhOHGo7bdI/Xe/66uW7ob7xfKLqpccz1N
Kh6VEt/OUSwxcXQq7/H2a3OJGUY35U7h62ob7tjNWzFue2Rjdw9Z5v5sdwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPEP0vfz1GwTOYwCBbLm5Rm8TDfcMB8GA1UdIwQY
MBaAFKH3iChhwp7Vmb5Kk3SAxNE+Jb/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2ZlSUtHSENudFdadmtxVGRJREUwVDRsdjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wM2JhYjgtNmM0My00YTIwLWE5NjAt
YzM3YTU5ODJmNDY2LzEvOFFfUzlfUFViQk01akFJRnN1YmxHYnhNTjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wM2JhYjgtNmM0My00YTIwLWE5NjAtYzM3YTU5ODJmNDY2
LzEvb2ZlSUtHSENudFdadmtxVGRJREUwVDRsdjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLQlgAwQA
LmZlAwQCuSlIAwQCuaksAwQE2cKwMA0EAgACMAcDBQMqAFsAMA0GCSqGSIb3DQEB
CwUAA4IBAQAKpwRRPNIod45DGrZt9MYirrlC4VCK7sQIYc9vF6PP1WAncikYkOZ1
wdu4NH0MNaEJoPet+c1p6uJ+HbQFUgvhSefM+0gm6A5+tJeiqu5iAuhZeNbADAie
OfZcwSHBvjYIOSgeTH6eMJvHbh5nuTrGgm9OaZwgpZF6F4dMJI30jBuO178gslYl
X5Hr3rvS0WU8s/LUWXJ8GjWyFZdA7Kcf8BpB+l9ny7LZimwjm17HRu8keDvpikaS
h1bfi3yW/X4wmKYVhsY0eWUsnrAdrK5LYDIk1nleKlJWnUaL0KFv6OXtRVmTxSKi
qLKb40V9xISxWjrnAGm1yepuhQr37LET
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:47:56 2024 by rpki-client on console-fra.rpki-client.org