Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/8lOYAmZinla-QYiGuBV7N7NWmxs.roa
File: 8lOYAmZinla-QYiGuBV7N7NWmxs.roa (raw, json)
Hash identifier: oQcQwx417WLqGa/fXQpuYFhJ7+LST6HBqfnyW+WpTbY=
Subject key identifier: F2:53:98:02:66:62:9E:56:BE:41:88:86:B8:15:7B:37:B3:56:9B:1B
Certificate issuer: /CN=c1ee603b78ad72ba7855682ca2b806ac0e7e98fd
Certificate serial: 018CC2DAECA0E0A8844ECFE5DBADA22BD680
Authority key identifier: C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/8lOYAmZinla-QYiGuBV7N7NWmxs.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1126
IP address blocks: 185.33.68.0/22 maxlen: 24
37.60.192.0/21 maxlen: 24
85.90.64.0/19 maxlen: 24
2001:4d60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/we5gO3itcrp4VWgsorgGrA5-mP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/we5gO3itcrp4VWgsorgGrA5-mP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ec:a0:e0:a8:84:4e:cf:e5:db:ad:a2:2b:d6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1ee603b78ad72ba7855682ca2b806ac0e7e98fd
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f253980266629e56be418886b8157b37b3569b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ec:65:88:6b:e7:7f:88:18:40:16:8e:6d:c6:
34:93:e5:88:37:a4:aa:01:aa:8b:fc:2e:92:f2:af:
4d:38:7e:39:63:11:00:c7:74:b7:e0:19:95:e8:e5:
72:aa:f9:dd:3d:0c:af:83:c5:4e:33:46:be:ef:11:
8f:d5:1a:be:21:6c:1c:cc:66:86:04:1c:e6:1f:82:
ef:ab:9f:be:23:42:c4:c4:5f:7d:37:e0:7a:9c:39:
d3:3c:55:1a:1d:4f:8d:9b:54:02:7e:a5:2e:87:a4:
e0:17:5e:8e:3e:a4:70:8f:cd:d8:43:ee:6a:75:0d:
5d:71:35:85:dc:96:cb:60:f1:6c:40:4a:a8:a3:c8:
09:e8:84:c3:60:17:45:b8:d9:82:2a:8b:4e:4c:36:
24:7f:c6:8f:50:1a:8f:19:94:46:9e:76:b3:88:c0:
6d:c5:41:ea:77:83:e7:6d:bf:dd:6e:65:3e:d1:03:
8c:03:0f:a6:ba:04:f4:fc:ba:37:e2:dc:2f:6a:18:
d1:0b:d1:72:40:50:af:36:d1:4b:54:79:2a:0a:a2:
92:28:4d:8f:4e:44:2f:63:fc:b7:0c:0d:63:4b:06:
74:eb:ed:d5:16:ef:62:52:68:41:6f:d5:55:ca:de:
82:a7:fe:21:99:3f:db:d0:a7:8b:c6:85:33:54:dd:
c4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:53:98:02:66:62:9E:56:BE:41:88:86:B8:15:7B:37:B3:56:9B:1B
X509v3 Authority Key Identifier:
keyid:C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/8lOYAmZinla-QYiGuBV7N7NWmxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/we5gO3itcrp4VWgsorgGrA5-mP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.192.0/21
85.90.64.0/19
185.33.68.0/22
IPv6:
2001:4d60::/32
Signature Algorithm: sha256WithRSAEncryption
00:d2:4b:45:0f:a5:08:a5:e1:1b:c8:61:6d:c7:4f:90:9c:c9:
5a:cd:b3:16:c5:f9:a0:ce:93:a9:bc:99:72:86:be:35:95:28:
55:da:70:9e:6f:9c:b2:34:58:31:48:26:13:a0:88:59:41:f1:
85:ec:e1:49:5c:41:32:c6:bc:9f:8e:ed:25:bd:2a:05:33:52:
1e:8f:03:1a:7a:18:9d:a4:ad:b0:7a:6d:0d:10:6e:52:bc:ea:
09:4f:b0:b3:fa:e6:1f:54:36:f4:70:95:0e:a4:08:1b:5f:ac:
ea:79:01:75:b2:bf:aa:7d:bd:04:67:cd:a7:a2:97:2d:25:86:
26:92:a8:d5:9e:3d:20:2e:58:b0:c3:66:74:c1:4f:1e:c5:bc:
89:d7:03:eb:ef:f6:84:3e:e0:bb:59:ce:96:d0:3f:20:ca:8c:
bb:10:41:1e:56:29:19:3c:99:32:e7:11:ef:36:a5:96:8e:51:
b1:d6:c2:78:59:8b:b5:6c:de:fe:d8:bc:f3:15:27:08:e9:69:
04:97:2b:2a:38:28:53:f4:0a:9b:5a:7a:03:f5:da:16:f1:7e:
bd:b4:9c:6c:de:c5:14:a0:d1:9f:07:0f:68:b7:5e:79:27:c1:
33:d9:cf:99:8d:c1:97:a6:74:0f:ff:75:0c:b9:07:5f:d6:a7:
cf:a6:8a:e1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2uyg4KiETs/l262iK9aAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWU2MDNiNzhhZDcyYmE3ODU1NjgyY2EyYjgwNmFjMGU3
ZTk4ZmQwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjUzOTgwMjY2NjI5ZTU2YmU0MTg4ODZiODE1N2IzN2IzNTY5YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+xliGvnf4gYQBaObcY0k+WIN6Sq
AaqL/C6S8q9NOH45YxEAx3S34BmV6OVyqvndPQyvg8VOM0a+7xGP1Rq+IWwczGaG
BBzmH4Lvq5++I0LExF99N+B6nDnTPFUaHU+Nm1QCfqUuh6TgF16OPqRwj83YQ+5q
dQ1dcTWF3JbLYPFsQEqoo8gJ6ITDYBdFuNmCKotOTDYkf8aPUBqPGZRGnnaziMBt
xUHqd4Pnbb/dbmU+0QOMAw+mugT0/Lo34twvahjRC9FyQFCvNtFLVHkqCqKSKE2P
TkQvY/y3DA1jSwZ06+3VFu9iUmhBb9VVyt6Cp/4hmT/b0KeLxoUzVN3EHQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPJTmAJmYp5WvkGIhrgVezezVpsbMB8GA1UdIwQY
MBaAFMHuYDt4rXK6eFVoLKK4BqwOfpj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2U1Z08zaXRjcnA0Vldnc29yZ0dyQTUtbVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy85YjZkOWItODU0MS00NGJjLTk2MWEt
Y2VlNWJlODdhNDZiLzEvOGxPWUFtWmlubGEtUVlpR3VCVjdON05XbXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy85YjZkOWItODU0MS00NGJjLTk2MWEtY2VlNWJlODdhNDZi
LzEvd2U1Z08zaXRjcnA0Vldnc29yZ0dyQTUtbVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJTzAAwQF
VVpAAwQCuSFEMA0EAgACMAcDBQAgAU1gMA0GCSqGSIb3DQEBCwUAA4IBAQAA0ktF
D6UIpeEbyGFtx0+QnMlazbMWxfmgzpOpvJlyhr41lShV2nCeb5yyNFgxSCYToIhZ
QfGF7OFJXEEyxryfju0lvSoFM1IejwMaehidpK2wem0NEG5SvOoJT7Cz+uYfVDb0
cJUOpAgbX6zqeQF1sr+qfb0EZ82nopctJYYmkqjVnj0gLliww2Z0wU8exbyJ1wPr
7/aEPuC7Wc6W0D8gyoy7EEEeVikZPJky5xHvNqWWjlGx1sJ4WYu1bN7+2LzzFScI
6WkElysqOChT9AqbWnoD9doW8X69tJxs3sUUoNGfBw9ot155J8Ez2c+ZjcGXpnQP
/3UMuQdf1qfPporh
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:32 2024 by rpki-client on console-fra.rpki-client.org