Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/0pbY0-VuDfBabHqUChXz6--eCP4.roa
File: 0pbY0-VuDfBabHqUChXz6--eCP4.roa (raw, json)
Hash identifier: VZQZaQPX8oujPUs4wJ8uhool6D5D/deiRIn9tZfE4jU=
Subject key identifier: D2:96:D8:D3:E5:6E:0D:F0:5A:6C:7A:94:0A:15:F3:EB:EF:9E:08:FE
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 018E853A29AE414E304A0A2246417F16012A
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/0pbY0-VuDfBabHqUChXz6--eCP4.roa
Signing time: Thu 28 Mar 2024 13:22:45 +0000
ROA not before: Thu 28 Mar 2024 13:22:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196755
IP address blocks: 80.251.108.0/22 maxlen: 22
80.251.108.0/23 maxlen: 23
80.251.110.0/23 maxlen: 23
157.143.248.0/21 maxlen: 21
178.157.18.0/23 maxlen: 23
178.157.20.0/22 maxlen: 22
178.157.24.0/23 maxlen: 23
178.157.26.0/23 maxlen: 23
178.157.28.0/22 maxlen: 22
178.157.40.0/22 maxlen: 22
178.157.44.0/22 maxlen: 22
178.174.106.0/23 maxlen: 23
178.174.108.0/23 maxlen: 23
217.181.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:3a:29:ae:41:4e:30:4a:0a:22:46:41:7f:16:01:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Mar 28 13:22:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d296d8d3e56e0df05a6c7a940a15f3ebef9e08fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a2:fe:71:0a:b7:f7:ed:97:9a:ca:d0:b5:d4:
a2:8f:7e:38:76:e1:25:9f:f6:af:ba:1d:8b:a2:e4:
54:dd:e6:90:0b:41:88:03:41:59:b5:5b:b3:2f:d9:
2d:24:2d:4e:e3:a8:8f:ca:89:6d:86:d4:86:dc:67:
53:d6:65:74:86:1b:da:4e:03:34:19:b1:8e:e1:f0:
63:68:97:ef:8f:cb:b3:9d:7e:40:0f:21:a7:c7:4c:
dd:b2:54:2a:9a:51:c4:b9:ae:bc:f8:d9:8a:3d:e4:
23:fc:74:ae:ee:d0:78:82:c3:de:a7:97:fd:51:62:
40:04:a8:e2:63:6e:d2:3b:84:d5:72:e2:b8:5a:2c:
c8:18:63:45:45:b4:14:c5:20:c4:5e:76:ee:ce:0e:
70:52:4e:b8:b1:e8:b5:76:09:bb:c7:2a:cc:e4:bc:
42:47:e8:79:c7:7e:86:e9:84:24:50:e6:4c:06:10:
f1:ea:35:d1:cb:1c:8d:e3:59:8b:c1:d0:01:ec:3c:
a7:d3:6a:2e:f0:a0:9b:84:ed:52:62:2f:f2:6e:ae:
bc:f7:95:fd:1c:e7:68:82:d5:bc:5f:9e:da:78:a0:
0a:5b:70:7f:92:42:9a:e0:f9:91:5f:47:0d:fe:1d:
5f:81:63:cf:0f:d6:68:d2:11:97:a2:47:ab:85:24:
48:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:96:D8:D3:E5:6E:0D:F0:5A:6C:7A:94:0A:15:F3:EB:EF:9E:08:FE
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/0pbY0-VuDfBabHqUChXz6--eCP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.251.108.0/22
157.143.248.0/21
178.157.18.0-178.157.31.255
178.157.40.0/21
178.174.106.0-178.174.109.255
217.181.252.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:16:5a:69:47:a0:01:1f:cc:ae:aa:b6:fd:0d:e5:c7:17:8a:
bb:41:37:d4:3c:cb:06:23:67:95:5f:fd:fc:1d:bc:90:e3:8d:
c6:0b:5c:1d:21:b0:c4:eb:5c:6d:36:3d:c2:be:45:33:f3:ae:
68:51:75:62:a2:6b:7b:ab:d6:b9:33:61:dd:d2:76:b8:bd:2d:
d8:3a:8b:f9:42:f7:c0:77:9a:c7:1b:1c:ba:fc:f0:38:d7:ec:
1a:5e:9b:de:1c:af:55:e1:67:9e:25:84:2c:a3:bd:38:d8:f0:
69:f9:25:55:1e:b7:8d:63:66:76:1e:f2:cc:a8:19:96:35:3a:
6c:d4:0d:27:15:76:e5:6a:29:2a:3c:91:2c:e5:73:e7:73:3c:
79:23:e4:5d:9e:16:a9:15:f0:8e:26:c6:eb:55:ca:cf:13:8f:
2e:f9:9f:e4:64:b0:2a:54:3a:f9:ab:d5:f1:0f:53:b4:1a:ec:
2e:3d:35:47:4e:15:5a:cc:10:5f:82:ad:33:75:d4:7a:ce:76:
b6:17:48:e7:1b:db:87:7b:ac:c1:28:76:49:34:c9:02:28:cb:
e7:5f:a9:92:61:18:b2:b3:95:c5:2f:f0:79:20:e6:40:11:62:
df:32:89:48:3d:88:d4:14:9f:1d:37:8c:0b:34:13:9f:65:56:
5e:90:2c:82
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY6FOimuQU4wSgoiRkF/FgEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjQwMzI4MTMyMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjk2ZDhkM2U1NmUwZGYwNWE2YzdhOTQwYTE1ZjNlYmVmOWUwOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqL+cQq39+2XmsrQtdSij344duEl
n/avuh2LouRU3eaQC0GIA0FZtVuzL9ktJC1O46iPyolthtSG3GdT1mV0hhvaTgM0
GbGO4fBjaJfvj8uznX5ADyGnx0zdslQqmlHEua68+NmKPeQj/HSu7tB4gsPep5f9
UWJABKjiY27SO4TVcuK4WizIGGNFRbQUxSDEXnbuzg5wUk64sei1dgm7xyrM5LxC
R+h5x36G6YQkUOZMBhDx6jXRyxyN41mLwdAB7Dyn02ou8KCbhO1SYi/ybq6895X9
HOdogtW8X57aeKAKW3B/kkKa4PmRX0cN/h1fgWPPD9Zo0hGXokerhSRIQwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNKW2NPlbg3wWmx6lAoV8+vvngj+MB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvMHBiWTAtVnVEZkJhYkhxVUNoWHo2LS1lQ1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQCUPtsAwQD
nY/4MAwDBAGynRIDBAWynQADBAOynSgwDAMEAbKuagMEAbKubAMEAdm1/DANBgkq
hkiG9w0BAQsFAAOCAQEAHBZaaUegAR/Mrqq2/Q3lxxeKu0E31DzLBiNnlV/9/B28
kOONxgtcHSGwxOtcbTY9wr5FM/OuaFF1YqJre6vWuTNh3dJ2uL0t2DqL+UL3wHea
xxscuvzwONfsGl6b3hyvVeFnniWELKO9ONjwafklVR63jWNmdh7yzKgZljU6bNQN
JxV25WopKjyRLOVz53M8eSPkXZ4WqRXwjibG61XKzxOPLvmf5GSwKlQ6+avV8Q9T
tBrsLj01R04VWswQX4KtM3XUes52thdI5xvbh3uswSh2STTJAijL51+pkmEYsrOV
xS/weSDmQBFi3zKJSD2I1BSfHTeMCzQTn2VWXpAsgg==
-----END CERTIFICATE-----
Generated at Sat May 25 09:07:33 2024 by rpki-client on console-fra.rpki-client.org