Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/8-RFE8LtW8qhn31SJct19K8XoqY.roa
File: 8-RFE8LtW8qhn31SJct19K8XoqY.roa (raw, json)
Hash identifier: KjeaYfMV5ekZPlncB8x+hDHbocwBRBt2qb5PDAprRzs=
Subject key identifier: F3:E4:45:13:C2:ED:5B:CA:A1:9F:7D:52:25:CB:75:F4:AF:17:A2:A6
Certificate issuer: /CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Certificate serial: 018CF43B2E8EADDD638795AB0C9E59F376F6
Authority key identifier: 9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/8-RFE8LtW8qhn31SJct19K8XoqY.roa
Signing time: Wed 10 Jan 2024 16:36:08 +0000
ROA not before: Wed 10 Jan 2024 16:36:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208882
IP address blocks: 92.249.26.0/24 maxlen: 24
45.81.40.0/23 maxlen: 23
2a0e:4d80::/29 maxlen: 29
2a0d:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f4:3b:2e:8e:ad:dd:63:87:95:ab:0c:9e:59:f3:76:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Validity
Not Before: Jan 10 16:36:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3e44513c2ed5bcaa19f7d5225cb75f4af17a2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6d:a9:14:94:0c:3d:69:ff:92:10:f0:30:da:
b9:a1:30:ff:ee:db:5d:ff:dc:d4:7b:51:c3:e9:a0:
c3:06:e8:82:0c:5b:e1:86:e8:99:ac:67:95:37:1b:
42:d6:eb:f6:fd:75:1f:a1:a0:b1:c8:77:6d:3f:55:
d0:85:51:df:f3:5e:84:09:65:31:d9:98:75:47:e5:
4c:a4:ba:24:e6:82:bd:11:79:c3:50:31:fa:fe:f2:
53:ac:c1:e0:cb:23:37:8a:6b:e7:f2:a8:c7:88:ef:
e1:c1:ed:76:69:18:6b:1d:9a:76:46:6f:3c:8e:ba:
34:21:42:6d:a7:8b:e8:0d:39:fc:4e:03:8f:bd:3c:
2a:00:1b:19:fd:e3:c9:3f:5c:36:55:e6:e4:85:c0:
bd:fb:d3:90:d7:ec:04:3c:71:d5:f9:ab:21:95:5a:
2b:e3:c5:f6:db:fe:30:eb:70:bb:aa:f2:02:61:e8:
98:57:34:ad:26:f3:91:fb:6b:b5:a9:1d:c0:5e:4a:
07:e4:52:de:a3:fb:00:26:80:ca:ca:df:f6:e7:d6:
6b:2d:ca:d6:f8:ce:04:e8:29:6a:d2:0a:ce:3e:7f:
b9:52:67:6c:57:7f:01:55:d6:79:ae:27:78:51:51:
95:03:1b:62:24:4c:a5:a0:63:57:bb:f5:0e:5e:80:
d4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E4:45:13:C2:ED:5B:CA:A1:9F:7D:52:25:CB:75:F4:AF:17:A2:A6
X509v3 Authority Key Identifier:
keyid:9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/8-RFE8LtW8qhn31SJct19K8XoqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.40.0/23
92.249.26.0/24
IPv6:
2a0d:ff40::/29
2a0e:4d80::/29
Signature Algorithm: sha256WithRSAEncryption
8a:4c:ae:6a:7d:a1:3a:47:8a:23:3d:6a:e2:f9:d1:35:9e:30:
49:40:fc:4d:74:1d:b1:57:7a:2f:bb:94:e6:db:96:0a:71:1a:
90:63:53:46:4f:9c:09:02:e1:f5:9f:ef:8f:5b:9c:1b:48:c1:
9a:9f:7d:9c:90:b0:2b:36:dc:48:26:0b:6b:12:6a:26:85:12:
2d:5b:1b:27:0b:3d:78:2c:a2:e2:87:d8:f9:46:4d:21:d3:6b:
24:8a:58:a7:78:2c:fc:d3:96:d6:af:22:e5:43:18:f7:52:7c:
0e:00:d4:3a:a1:0a:ff:8c:fb:c9:d7:ef:4d:e5:b2:1a:c1:22:
97:36:06:60:3f:35:a0:2b:30:4f:9b:2d:38:77:d7:13:0d:5a:
68:26:4e:48:fa:94:8a:e0:88:18:cf:41:e8:cb:86:1c:64:26:
a6:13:48:0f:51:47:95:db:a9:29:b3:30:0e:8d:2f:9c:1d:82:
52:34:6c:d0:d9:ad:9d:bb:3f:28:bc:84:83:e9:b6:cd:6b:7e:
79:a7:a1:17:94:b9:f2:0b:d2:b7:f1:b6:27:fe:45:04:8c:ad:
8a:da:9e:0e:5f:1f:f3:63:69:53:32:85:3c:64:f5:82:dc:8c:
6d:85:64:6c:9b:e7:ac:70:cb:c8:68:79:db:4d:b6:ee:24:ca:
09:01:bc:64
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYz0Oy6Ord1jh5WrDJ5Z83b2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTU2NzY3MjAxYzUwZjZiMmE5NTVkYjZhMWU2ZTAxMWRm
YTVkNDQwHhcNMjQwMTEwMTYzNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2U0NDUxM2MyZWQ1YmNhYTE5ZjdkNTIyNWNiNzVmNGFmMTdhMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG2pFJQMPWn/khDwMNq5oTD/7ttd
/9zUe1HD6aDDBuiCDFvhhuiZrGeVNxtC1uv2/XUfoaCxyHdtP1XQhVHf816ECWUx
2Zh1R+VMpLok5oK9EXnDUDH6/vJTrMHgyyM3imvn8qjHiO/hwe12aRhrHZp2Rm88
jro0IUJtp4voDTn8TgOPvTwqABsZ/ePJP1w2VebkhcC9+9OQ1+wEPHHV+ashlVor
48X22/4w63C7qvICYeiYVzStJvOR+2u1qR3AXkoH5FLeo/sAJoDKyt/259ZrLcrW
+M4E6Clq0grOPn+5UmdsV38BVdZ5rid4UVGVAxtiJEyloGNXu/UOXoDUjwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPPkRRPC7VvKoZ99UiXLdfSvF6KmMB8GA1UdIwQY
MBaAFJxVZ2cgHFD2sqlV22oebgEd+l1EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgt
NDk2YmE4MjQ5MmNlLzEvOC1SRkU4THRXOHFobjMxU0pjdDE5SzhYb3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgtNDk2YmE4MjQ5MmNl
LzEvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBLVEoAwQA
XPkaMBQEAgACMA4DBQMqDf9AAwUDKg5NgDANBgkqhkiG9w0BAQsFAAOCAQEAikyu
an2hOkeKIz1q4vnRNZ4wSUD8TXQdsVd6L7uU5tuWCnEakGNTRk+cCQLh9Z/vj1uc
G0jBmp99nJCwKzbcSCYLaxJqJoUSLVsbJws9eCyi4ofY+UZNIdNrJIpYp3gs/NOW
1q8i5UMY91J8DgDUOqEK/4z7ydfvTeWyGsEilzYGYD81oCswT5stOHfXEw1aaCZO
SPqUiuCIGM9B6MuGHGQmphNID1FHldupKbMwDo0vnB2CUjRs0Nmtnbs/KLyEg+m2
zWt+eaehF5S58gvSt/G2J/5FBIytitqeDl8f82NpUzKFPGT1gtyMbYVkbJvnrHDL
yGh520227iTKCQG8ZA==
-----END CERTIFICATE-----
Generated at Thu May 23 04:29:46 2024 by rpki-client on console-fra.rpki-client.org