Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/8x9_eylkEhp6TH2LOMxhFttQGjs.roa
File: 8x9_eylkEhp6TH2LOMxhFttQGjs.roa (raw, json)
Hash identifier: 2UOLPzzFeitX6fXTZ4oQaluGmiDAu7lrTsiKUDUiEyE=
Subject key identifier: F3:1F:7F:7B:29:64:12:1A:7A:4C:7D:8B:38:CC:61:16:DB:50:1A:3B
Certificate issuer: /CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Certificate serial: 018CCA2B8FC62EFF919DA9C1392209175D8D
Authority key identifier: E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/8x9_eylkEhp6TH2LOMxhFttQGjs.roa
Signing time: Tue 02 Jan 2024 12:35:01 +0000
ROA not before: Tue 02 Jan 2024 12:35:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 89.148.0.0/18 maxlen: 18
193.188.107.0/24 maxlen: 24
185.165.176.0/22 maxlen: 22
88.201.37.0/24 maxlen: 24
77.69.128.0/17 maxlen: 17
82.194.32.0/19 maxlen: 19
77.69.148.0/24 maxlen: 24
88.201.99.0/24 maxlen: 24
193.188.96.0/19 maxlen: 19
88.201.0.0/17 maxlen: 17
217.17.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.mft
rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 04:02:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:8f:c6:2e:ff:91:9d:a9:c1:39:22:09:17:5d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Validity
Not Before: Jan 2 12:35:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f31f7f7b2964121a7a4c7d8b38cc6116db501a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:09:29:7d:01:32:1b:0e:e3:3f:45:c2:2b:cf:
7f:cf:fe:03:1f:a8:34:99:7a:6d:50:80:bc:2b:72:
b0:47:88:94:62:de:02:df:8d:0c:6c:55:b3:72:ed:
6d:4f:00:fe:23:b9:d8:45:3a:f5:5a:79:79:76:ec:
bd:8d:f2:46:af:c5:ec:a8:74:1f:95:30:d3:a2:2c:
f9:43:eb:3e:4c:00:ba:18:e7:27:25:30:79:39:be:
86:a8:80:2b:d1:6f:1d:99:0e:4a:db:bb:0a:61:08:
36:9c:d3:ec:22:e4:35:23:c0:d3:d3:2d:c2:71:13:
03:41:c1:83:bc:d6:84:f7:01:fa:bc:f1:72:fe:16:
ca:41:26:ad:73:de:f3:86:be:9f:9f:b2:7d:0c:54:
82:b4:26:56:6a:a8:7a:41:ee:ae:b9:f6:2c:33:f4:
d1:05:82:98:6d:39:1c:fa:2e:ae:5a:f3:07:54:47:
f3:8b:e6:97:56:77:bf:d9:64:be:ed:76:13:60:64:
37:28:46:5a:49:3d:57:75:48:a3:35:91:c7:23:75:
e4:02:92:e4:0f:c5:b5:7a:22:a7:f7:1e:68:11:94:
8a:ff:49:93:ce:43:1d:2f:19:a4:03:7e:4c:04:c5:
13:58:c3:56:41:7a:c7:65:0a:36:54:b5:ca:90:4d:
b1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1F:7F:7B:29:64:12:1A:7A:4C:7D:8B:38:CC:61:16:DB:50:1A:3B
X509v3 Authority Key Identifier:
keyid:E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/8x9_eylkEhp6TH2LOMxhFttQGjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.69.128.0/17
82.194.32.0/19
88.201.0.0/17
89.148.0.0/18
185.165.176.0/22
193.188.96.0/19
217.17.224.0/19
Signature Algorithm: sha256WithRSAEncryption
07:5a:8b:3b:61:83:61:88:58:81:60:b6:4c:6f:a2:d1:9c:17:
a4:04:bd:c9:a9:f5:77:49:75:7a:ce:f2:a2:59:26:eb:a1:1f:
e0:ba:86:8e:19:b2:3f:25:29:c7:b2:fe:d4:5a:29:fd:2d:fb:
58:19:80:0f:a0:1f:f3:46:73:7d:cd:6e:11:6e:8e:ec:50:05:
b6:0c:9d:fe:ac:79:ed:5a:75:1c:c0:12:45:a8:64:f0:4e:8f:
3f:0c:42:2b:5d:20:20:45:2f:1c:46:e5:3d:41:d6:a7:1d:7b:
a0:6a:05:a4:bd:16:2b:4c:6d:89:be:e1:78:51:51:31:ca:b9:
ff:2f:c7:78:15:07:96:b6:eb:60:03:1c:35:02:71:0d:4d:52:
f3:8d:14:f4:90:5a:84:6e:fa:8b:72:2c:3f:ec:86:8b:ed:69:
9d:c9:6f:0a:b2:e0:cf:c8:58:84:1f:23:56:c7:5b:07:a6:aa:
86:cf:16:4e:59:de:9e:4b:34:40:65:62:bb:1d:46:ec:11:31:
ba:18:f5:17:3e:67:94:2c:3c:eb:91:b1:f2:5c:c6:78:ce:91:
bf:33:56:f8:35:15:7e:9c:c8:2d:80:db:93:80:3f:bc:21:88:
38:e9:05:bc:11:20:ba:22:cb:1e:92:66:c2:8e:ef:88:4e:bd:
75:85:f0:c7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzKK4/GLv+RnanBOSIJF12NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMmJjZDQwYzY3NzQ2NzdkMmMzNzAyZWY1OWVkZjQ5ZDBi
MzZjNmMwHhcNMjQwMTAyMTIzNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzFmN2Y3YjI5NjQxMjFhN2E0YzdkOGIzOGNjNjExNmRiNTAxYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwkpfQEyGw7jP0XCK89/z/4DH6g0
mXptUIC8K3KwR4iUYt4C340MbFWzcu1tTwD+I7nYRTr1Wnl5duy9jfJGr8XsqHQf
lTDToiz5Q+s+TAC6GOcnJTB5Ob6GqIAr0W8dmQ5K27sKYQg2nNPsIuQ1I8DT0y3C
cRMDQcGDvNaE9wH6vPFy/hbKQSatc97zhr6fn7J9DFSCtCZWaqh6Qe6uufYsM/TR
BYKYbTkc+i6uWvMHVEfzi+aXVne/2WS+7XYTYGQ3KEZaST1XdUijNZHHI3XkApLk
D8W1eiKn9x5oEZSK/0mTzkMdLxmkA35MBMUTWMNWQXrHZQo2VLXKkE2x4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPMff3spZBIaekx9izjMYRbbUBo7MB8GA1UdIwQY
MBaAFOMrzUDGd0Z30sNwLvWe30nQs2xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEt
MDc0MDExNWI1YTUyLzEvOHg5X2V5bGtFaHA2VEgyTE9NeGhGdHRRR2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEtMDc0MDExNWI1YTUy
LzEvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQHTUWAAwQF
UsIgAwQHWMkAAwQGWZQAAwQCuaWwAwQFwbxgAwQF2RHgMA0GCSqGSIb3DQEBCwUA
A4IBAQAHWos7YYNhiFiBYLZMb6LRnBekBL3JqfV3SXV6zvKiWSbroR/guoaOGbI/
JSnHsv7UWin9LftYGYAPoB/zRnN9zW4Rbo7sUAW2DJ3+rHntWnUcwBJFqGTwTo8/
DEIrXSAgRS8cRuU9QdanHXugagWkvRYrTG2JvuF4UVExyrn/L8d4FQeWtutgAxw1
AnENTVLzjRT0kFqEbvqLciw/7IaL7WmdyW8KsuDPyFiEHyNWx1sHpqqGzxZOWd6e
SzRAZWK7HUbsETG6GPUXPmeULDzrkbHyXMZ4zpG/M1b4NRV+nMgtgNuTgD+8IYg4
6QW8ESC6IssekmbCju+ITr11hfDH
-----END CERTIFICATE-----
Generated at Fri May 10 09:21:57 2024 by rpki-client on console-ams.rpki-client.org