Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/8xmHMW9ieGUpVFXCwuzxCvP2IiI.roa
File: 8xmHMW9ieGUpVFXCwuzxCvP2IiI.roa (raw, json)
Hash identifier: 5ySKm3Q5k2MnpBATPL+i9HRe68CZcQ5zHwXFVEWZhwc=
Subject key identifier: F3:19:87:31:6F:62:78:65:29:54:55:C2:C2:EC:F1:0A:F3:F6:22:22
Certificate issuer: /CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Certificate serial: 018CC5DC60E57AD52A3C2CE7AB07BE52AEC9
Authority key identifier: BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/8xmHMW9ieGUpVFXCwuzxCvP2IiI.roa
Signing time: Mon 01 Jan 2024 16:30:03 +0000
ROA not before: Mon 01 Jan 2024 16:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200308
IP address blocks: 195.189.245.0/24 maxlen: 24
185.248.28.0/22 maxlen: 22
2a0d:dd80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:60:e5:7a:d5:2a:3c:2c:e7:ab:07:be:52:ae:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Validity
Not Before: Jan 1 16:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f31987316f627865295455c2c2ecf10af3f62222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3d:96:ed:93:26:a9:be:b4:05:5c:91:b9:de:
aa:11:4b:d1:b7:9f:67:ea:ac:43:9f:12:6b:88:15:
da:91:4e:d6:84:b1:69:ca:53:f2:5a:00:9b:a5:55:
ad:31:2f:1d:15:48:c0:c9:c8:05:eb:09:ab:e2:b6:
98:be:bd:e5:6d:93:28:56:aa:28:97:35:2b:5b:29:
e1:fd:d4:84:ad:27:53:ee:ac:cf:b2:ec:48:b2:cd:
80:34:35:3e:36:64:d5:f7:86:47:f8:7a:ce:78:02:
c5:20:d9:f3:4a:a5:3a:bc:bb:7a:2f:f5:23:3e:99:
cc:e0:69:16:11:e5:13:a6:98:f6:16:4e:01:1d:be:
8e:03:14:99:c5:f5:72:88:f1:a6:a0:8d:75:bd:1a:
18:ab:a8:32:19:bd:f1:01:c6:74:0e:e5:d8:eb:86:
03:05:df:3a:df:b7:86:26:e3:e0:1a:d2:8b:8f:af:
0a:ed:c4:35:03:8e:4b:26:38:db:bd:5c:fb:6c:36:
ab:6d:40:94:c4:4d:87:0f:3c:6d:b6:65:96:ca:ff:
ce:c1:f7:12:f0:42:eb:98:84:87:86:56:3b:93:4b:
a3:96:03:de:86:21:91:c9:b4:7e:01:dc:d7:88:a9:
60:71:44:c6:1c:79:5b:61:b3:c5:8c:0f:1a:0f:76:
3d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:19:87:31:6F:62:78:65:29:54:55:C2:C2:EC:F1:0A:F3:F6:22:22
X509v3 Authority Key Identifier:
keyid:BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/8xmHMW9ieGUpVFXCwuzxCvP2IiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.28.0/22
195.189.245.0/24
IPv6:
2a0d:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
42:10:2a:06:53:61:d9:3c:4e:5b:58:58:71:c0:ab:10:79:f5:
be:ee:f0:14:69:71:7f:10:03:78:60:95:e3:6c:a2:b2:c3:ad:
b9:24:e0:11:d6:d4:55:0f:64:f9:f3:68:a5:df:9d:ba:21:6f:
6b:19:21:27:69:19:a5:be:3a:50:c5:0a:22:1b:fb:ab:94:23:
79:4a:e7:82:f0:cf:81:7e:79:5f:7c:b1:d8:b9:5e:4d:fd:e7:
ed:87:b4:d8:3f:fb:77:69:0f:2e:d1:be:8d:11:35:5f:69:c9:
43:23:9c:b7:c9:37:88:a7:3a:c5:5c:5c:35:c7:c7:d1:5e:3a:
6c:e6:f4:17:c9:14:e1:8e:bc:74:f3:c1:ff:7f:0e:70:cc:7f:
fc:b4:05:cd:e0:37:10:92:2c:79:5f:53:35:f3:72:ab:f5:13:
f8:91:08:b4:02:99:fe:4d:61:80:3d:7e:b6:9d:de:1f:25:f8:
4d:c6:a8:ce:ee:35:28:9d:b6:fd:68:cb:ae:69:4a:dd:c7:48:
47:1b:34:62:6f:8d:97:99:68:fb:8e:f2:1c:9e:29:44:74:59:
54:cb:68:42:7b:9a:8a:16:aa:bd:ce:d2:40:2a:c2:bd:a2:8d:
31:2b:7d:d0:8f:f5:7e:b6:f0:e2:75:39:7a:41:31:43:8c:34:
71:8a:fd:9a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3GDletUqPCznqwe+Uq7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDczMTg4NGJhMGY1NzNmYTYxOGI2ZTdhZDUwM2ExMmM5
NjVhZjMwHhcNMjQwMTAxMTYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzE5ODczMTZmNjI3ODY1Mjk1NDU1YzJjMmVjZjEwYWYzZjYyMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD2W7ZMmqb60BVyRud6qEUvRt59n
6qxDnxJriBXakU7WhLFpylPyWgCbpVWtMS8dFUjAycgF6wmr4raYvr3lbZMoVqoo
lzUrWynh/dSErSdT7qzPsuxIss2ANDU+NmTV94ZH+HrOeALFINnzSqU6vLt6L/Uj
PpnM4GkWEeUTppj2Fk4BHb6OAxSZxfVyiPGmoI11vRoYq6gyGb3xAcZ0DuXY64YD
Bd8637eGJuPgGtKLj68K7cQ1A45LJjjbvVz7bDarbUCUxE2HDzxttmWWyv/OwfcS
8ELrmISHhlY7k0ujlgPehiGRybR+AdzXiKlgcUTGHHlbYbPFjA8aD3Y9iwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPMZhzFvYnhlKVRVwsLs8Qrz9iIiMB8GA1UdIwQY
MBaAFLtHMYhLoPVz+mGLbnrVA6EsllrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYt
ODM1YTU4NDJiOTRjLzEvOHhtSE1XOWllR1VwVkZYQ3d1enhDdlAySWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYtODM1YTU4NDJiOTRj
LzEvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufgcAwQA
w731MA0EAgACMAcDBQMqDd2AMA0GCSqGSIb3DQEBCwUAA4IBAQBCECoGU2HZPE5b
WFhxwKsQefW+7vAUaXF/EAN4YJXjbKKyw625JOAR1tRVD2T582il3526IW9rGSEn
aRmlvjpQxQoiG/urlCN5SueC8M+BfnlffLHYuV5N/efth7TYP/t3aQ8u0b6NETVf
aclDI5y3yTeIpzrFXFw1x8fRXjps5vQXyRThjrx088H/fw5wzH/8tAXN4DcQkix5
X1M183Kr9RP4kQi0Apn+TWGAPX62nd4fJfhNxqjO7jUonbb9aMuuaUrdx0hHGzRi
b42XmWj7jvIcnilEdFlUy2hCe5qKFqq9ztJAKsK9oo0xK33Qj/V+tvDidTl6QTFD
jDRxiv2a
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:51:46 2024 by rpki-client on console-fra.rpki-client.org