Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/z8-FAiWhvDg03VshwPLIAT3uRok.roa
File: z8-FAiWhvDg03VshwPLIAT3uRok.roa (raw, json)
Hash identifier: dUxkF7tg/8bUjdKlwRQVJm1O1MredqTe5ZPWg65NAos=
Subject key identifier: CF:CF:85:02:25:A1:BC:38:34:DD:5B:21:C0:F2:C8:01:3D:EE:46:89
Certificate issuer: /CN=bcc63f010c540bcd4554344bfb9a59a2edbabc29
Certificate serial: 018D6212CEDCDD79B4265AC07D0AD502F526
Authority key identifier: BC:C6:3F:01:0C:54:0B:CD:45:54:34:4B:FB:9A:59:A2:ED:BA:BC:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/z8-FAiWhvDg03VshwPLIAT3uRok.roa
Signing time: Thu 01 Feb 2024 00:30:16 +0000
ROA not before: Thu 01 Feb 2024 00:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60144
IP address blocks: 45.138.36.0/22 maxlen: 24
45.150.76.0/22 maxlen: 24
91.215.156.0/22 maxlen: 24
146.19.105.0/24 maxlen: 24
185.27.236.0/24 maxlen: 32
185.27.237.0/24 maxlen: 32
185.27.238.0/24 maxlen: 32
185.27.239.0/24 maxlen: 32
185.53.8.0/22 maxlen: 24
185.56.28.0/22 maxlen: 24
192.162.136.0/22 maxlen: 24
2a02:5060::/32 maxlen: 48
2a07:f9c0::/29 maxlen: 48
2a12:1680::/29 maxlen: 29
2a12:8f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/vMY_AQxUC81FVDRL-5pZou26vCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/vMY_AQxUC81FVDRL-5pZou26vCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:12:ce:dc:dd:79:b4:26:5a:c0:7d:0a:d5:02:f5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcc63f010c540bcd4554344bfb9a59a2edbabc29
Validity
Not Before: Feb 1 00:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfcf850225a1bc3834dd5b21c0f2c8013dee4689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:80:4c:dd:a7:c4:07:08:81:6e:a8:34:0c:f6:
25:68:2d:8e:68:6a:fd:e4:29:4e:44:32:44:01:88:
e9:1d:38:4c:42:19:19:14:71:95:d3:56:8a:b6:3d:
e5:7c:69:f9:b8:99:ae:cc:1c:98:90:99:b5:ab:49:
3c:00:a9:45:b9:9a:72:75:03:55:19:ff:de:59:e6:
ae:7c:70:b3:7b:7c:b5:3c:45:fa:fd:14:de:b5:d6:
e2:3b:e5:85:a1:fa:d9:96:af:77:1e:92:4f:8c:7d:
1c:ed:da:60:d1:ef:f5:63:56:29:d8:e1:0a:9a:1d:
24:80:de:1a:fd:0f:69:b2:20:ba:01:d4:30:5d:5b:
d2:7b:3c:78:5c:bc:e4:c3:8d:ca:ce:23:05:5c:38:
30:ca:7d:19:26:a0:8f:d6:99:fc:4f:a6:38:e6:17:
e3:91:41:be:e3:30:b8:f0:b5:93:ab:bf:0d:77:86:
af:57:c7:10:4e:88:50:c1:6d:bf:66:9d:47:7b:47:
0a:08:cf:5f:84:f9:1b:84:08:b5:b0:6d:a5:3e:04:
98:93:aa:f8:f1:18:b2:05:3a:c9:80:b8:16:73:d7:
25:7d:3c:e5:87:f5:1d:60:d4:fd:a3:e1:45:5f:62:
b8:ae:de:5c:54:ef:4c:cb:fc:f8:6d:0d:fb:95:60:
ea:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:CF:85:02:25:A1:BC:38:34:DD:5B:21:C0:F2:C8:01:3D:EE:46:89
X509v3 Authority Key Identifier:
keyid:BC:C6:3F:01:0C:54:0B:CD:45:54:34:4B:FB:9A:59:A2:ED:BA:BC:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/z8-FAiWhvDg03VshwPLIAT3uRok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/vMY_AQxUC81FVDRL-5pZou26vCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.36.0/22
45.150.76.0/22
91.215.156.0/22
146.19.105.0/24
185.27.236.0/22
185.53.8.0/22
185.56.28.0/22
192.162.136.0/22
IPv6:
2a02:5060::/32
2a07:f9c0::/29
2a12:1680::/29
2a12:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
50:bd:06:fc:f9:d3:5a:9f:9b:6d:51:24:e3:2d:0d:a5:a7:d6:
bb:d0:a1:a3:b1:f3:54:52:5d:2a:8d:db:ff:32:43:69:a6:a6:
31:ad:10:94:ce:bd:cd:4a:2c:fb:d2:c8:18:64:23:15:3e:e4:
00:a9:ad:bd:1c:57:94:61:6f:3b:36:e8:ac:65:81:0f:cb:4a:
8c:24:d8:c6:04:e5:bc:ed:ac:1c:dd:91:4e:26:f9:e7:79:5f:
bb:b5:2e:50:51:33:94:cf:a9:0f:cb:6c:e8:6e:be:c2:3e:49:
16:41:96:ad:77:f1:47:d5:7c:f5:a4:83:60:ea:3d:a3:6d:c5:
c8:6f:3a:fe:a6:a5:37:7e:64:69:66:48:26:1d:0a:4a:7e:56:
8d:da:0b:28:03:d8:6e:e2:2b:59:0e:43:89:1e:f2:5f:73:ec:
ed:13:f5:aa:d5:d8:75:f2:df:5e:0c:84:34:05:93:39:02:55:
fc:0d:a7:d8:cc:28:83:60:77:61:ae:82:1d:9b:5b:94:72:dc:
57:28:ad:9d:a0:2c:64:1d:1a:d3:f2:bf:b6:fb:83:09:5c:1a:
fb:d0:7f:04:71:61:85:3f:77:e0:83:87:98:6e:01:fa:19:cb:
6e:b4:ae:7d:6f:10:ff:e8:4f:52:a9:12:29:e6:c1:1c:ec:fd:
8e:df:b8:59
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY1iEs7c3Xm0JlrAfQrVAvUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYzYzZjAxMGM1NDBiY2Q0NTU0MzQ0YmZiOWE1OWEyZWRi
YWJjMjkwHhcNMjQwMjAxMDAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmNmODUwMjI1YTFiYzM4MzRkZDViMjFjMGYyYzgwMTNkZWU0Njg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4BM3afEBwiBbqg0DPYlaC2OaGr9
5ClORDJEAYjpHThMQhkZFHGV01aKtj3lfGn5uJmuzByYkJm1q0k8AKlFuZpydQNV
Gf/eWeaufHCze3y1PEX6/RTetdbiO+WFofrZlq93HpJPjH0c7dpg0e/1Y1Yp2OEK
mh0kgN4a/Q9psiC6AdQwXVvSezx4XLzkw43KziMFXDgwyn0ZJqCP1pn8T6Y45hfj
kUG+4zC48LWTq78Nd4avV8cQTohQwW2/Zp1He0cKCM9fhPkbhAi1sG2lPgSYk6r4
8RiyBTrJgLgWc9clfTzlh/UdYNT9o+FFX2K4rt5cVO9My/z4bQ37lWDqEwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFM/PhQIlobw4NN1bIcDyyAE97kaJMB8GA1UdIwQY
MBaAFLzGPwEMVAvNRVQ0S/uaWaLturwpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk1ZX0FReFVDODFGVkRSTC01cFpvdTI2dkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMjljNjctZjI0ZC00OTc5LWIyYWYt
Y2M0MWM0YTMxOThkLzEvejgtRkFpV2h2RGcwM1ZzaHdQTElBVDN1Um9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMjljNjctZjI0ZC00OTc5LWIyYWYtY2M0MWM0YTMxOThk
LzEvdk1ZX0FReFVDODFGVkRSTC01cFpvdTI2dkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQCLYokAwQC
LZZMAwQCW9ecAwQAkhNpAwQCuRvsAwQCuTUIAwQCuTgcAwQCwKKIMCIEAgACMBwD
BQAqAlBgAwUDKgf5wAMFAyoSFoADBQMqEo8AMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
vQb8+dNan5ttUSTjLQ2lp9a70KGjsfNUUl0qjdv/MkNppqYxrRCUzr3NSiz70sgY
ZCMVPuQAqa29HFeUYW87NuisZYEPy0qMJNjGBOW87awc3ZFOJvnneV+7tS5QUTOU
z6kPy2zobr7CPkkWQZatd/FH1Xz1pINg6j2jbcXIbzr+pqU3fmRpZkgmHQpKflaN
2gsoA9hu4itZDkOJHvJfc+ztE/Wq1dh18t9eDIQ0BZM5AlX8DafYzCiDYHdhroId
m1uUctxXKK2doCxkHRrT8r+2+4MJXBr70H8EcWGFP3fgg4eYbgH6GctutK59bxD/
6E9SqRIp5sEc7P2O37hZ
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:22:34 2024 by rpki-client on console-fra.rpki-client.org