Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/8tzCNc1DPgPup5NWGeG9d0bxMQo.roa
File: 8tzCNc1DPgPup5NWGeG9d0bxMQo.roa (raw, json)
Hash identifier: g5qpLwnqywDmZ7JiVEIp2RX1doRHZwOR9V6IfiqGrXE=
Subject key identifier: F2:DC:C2:35:CD:43:3E:03:EE:A7:93:56:19:E1:BD:77:46:F1:31:0A
Certificate issuer: /CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Certificate serial: 018CC9BC7B9A6434F6CFAC2E79EEA2E920E9
Authority key identifier: FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/8tzCNc1DPgPup5NWGeG9d0bxMQo.roa
Signing time: Tue 02 Jan 2024 10:33:42 +0000
ROA not before: Tue 02 Jan 2024 10:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199346
IP address blocks: 185.12.158.0/23 maxlen: 24
185.12.156.0/24 maxlen: 24
81.24.248.0/21 maxlen: 24
2a03:2240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:7b:9a:64:34:f6:cf:ac:2e:79:ee:a2:e9:20:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Validity
Not Before: Jan 2 10:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2dcc235cd433e03eea7935619e1bd7746f1310a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5e:bb:89:ce:31:d3:0d:23:13:73:a6:33:a1:
0e:71:76:aa:2e:03:46:e9:e9:76:b7:9e:ce:4e:07:
62:df:72:b1:86:06:10:da:f3:b3:4c:4c:68:cc:b5:
c6:c3:ac:de:72:fb:2e:3e:59:c5:db:f7:9a:c5:2a:
56:18:6e:6d:ed:bf:a1:5f:25:da:37:a9:8c:be:7f:
42:a2:d8:66:83:9e:56:b7:86:bf:41:02:0b:43:96:
20:3c:39:49:3d:90:b0:28:fc:67:8c:b9:48:29:5d:
41:b2:3f:81:f5:93:2a:47:7f:e2:81:9a:e8:f6:dd:
70:1b:03:1d:a7:dc:0e:69:72:98:b1:08:fc:e3:87:
34:30:37:58:b4:8b:e1:35:35:5b:1c:e7:9b:16:d6:
27:cc:71:26:65:cd:1b:58:28:49:7e:85:e3:90:40:
cf:35:1a:06:e0:30:4f:92:c8:94:b9:3e:7a:d1:02:
0d:7e:9b:49:b2:ad:f3:5d:28:13:88:60:04:e2:90:
c6:a2:ea:19:82:9f:77:3a:c7:82:bd:f6:16:f6:dc:
b5:fa:7e:18:ff:63:dd:ac:eb:64:01:fc:80:17:a3:
ef:55:80:61:d1:c5:db:b3:3a:67:ff:8f:6c:cb:8d:
ec:16:bb:e1:eb:49:f6:12:4c:1e:ae:61:af:16:39:
55:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DC:C2:35:CD:43:3E:03:EE:A7:93:56:19:E1:BD:77:46:F1:31:0A
X509v3 Authority Key Identifier:
keyid:FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/8tzCNc1DPgPup5NWGeG9d0bxMQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.248.0/21
185.12.156.0/24
185.12.158.0/23
IPv6:
2a03:2240::/32
Signature Algorithm: sha256WithRSAEncryption
6a:b5:4d:8d:57:8a:2e:1d:8e:c0:d8:be:3f:6e:75:c9:e8:4a:
53:b9:1f:12:be:9e:99:9b:c9:f1:98:de:2d:52:ca:ee:74:cd:
2d:5e:e6:85:13:19:71:38:41:84:f0:d7:0b:99:3d:04:4b:c2:
6f:ab:a8:07:2b:40:2c:ab:18:db:1a:34:38:2a:13:47:98:48:
7f:95:e9:7e:34:65:a1:df:7b:00:9d:9e:2a:ab:da:72:3a:fa:
fc:9f:c0:55:60:d5:ad:77:74:11:d3:ec:d7:39:6f:b1:ac:32:
47:cf:1f:80:c2:b2:cf:cc:0b:c4:d6:52:af:f4:a4:a6:91:56:
d6:eb:5b:30:c5:23:20:3d:8d:09:2c:25:52:e0:63:de:47:99:
12:fa:85:26:a4:9e:e2:90:b5:db:11:98:c7:ef:1b:46:31:06:
a8:5f:73:ad:af:c9:af:40:52:b0:6d:7f:38:0b:e3:ac:f8:0f:
66:a0:e0:b2:f0:cc:16:53:37:39:02:4d:2f:8a:ab:6f:f8:d3:
9b:54:c7:42:66:dc:42:af:b1:cf:06:67:8a:7d:10:64:7d:7e:
cf:be:95:f3:f5:62:cc:0b:d4:5d:bf:36:a0:ae:08:d5:15:e1:
97:56:ba:03:5a:23:37:5e:66:69:95:fb:f1:c6:de:1f:10:71:
4d:86:8b:c4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJvHuaZDT2z6wuee6i6SDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDcwNWEzNjNkYzFkOGQwZWE1MWM5YjlhMWVjYmQzODA3
YmQwNTQwHhcNMjQwMTAyMTAzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRjYzIzNWNkNDMzZTAzZWVhNzkzNTYxOWUxYmQ3NzQ2ZjEzMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjF67ic4x0w0jE3OmM6EOcXaqLgNG
6el2t57OTgdi33KxhgYQ2vOzTExozLXGw6zecvsuPlnF2/eaxSpWGG5t7b+hXyXa
N6mMvn9Cothmg55Wt4a/QQILQ5YgPDlJPZCwKPxnjLlIKV1Bsj+B9ZMqR3/igZro
9t1wGwMdp9wOaXKYsQj844c0MDdYtIvhNTVbHOebFtYnzHEmZc0bWChJfoXjkEDP
NRoG4DBPksiUuT560QINfptJsq3zXSgTiGAE4pDGouoZgp93OseCvfYW9ty1+n4Y
/2PdrOtkAfyAF6PvVYBh0cXbszpn/49sy43sFrvh60n2EkwermGvFjlV/wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPLcwjXNQz4D7qeTVhnhvXdG8TEKMB8GA1UdIwQY
MBaAFP9HBaNj3B2NDqUcm5oey9OAe9BUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYt
NTZiYmUzOGY3NDA3LzEvOHR6Q05jMURQZ1B1cDVOV0dlRzlkMGJ4TVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYtNTZiYmUzOGY3NDA3
LzEvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDURj4AwQA
uQycAwQBuQyeMA0EAgACMAcDBQAqAyJAMA0GCSqGSIb3DQEBCwUAA4IBAQBqtU2N
V4ouHY7A2L4/bnXJ6EpTuR8Svp6Zm8nxmN4tUsrudM0tXuaFExlxOEGE8NcLmT0E
S8Jvq6gHK0AsqxjbGjQ4KhNHmEh/lel+NGWh33sAnZ4qq9pyOvr8n8BVYNWtd3QR
0+zXOW+xrDJHzx+AwrLPzAvE1lKv9KSmkVbW61swxSMgPY0JLCVS4GPeR5kS+oUm
pJ7ikLXbEZjH7xtGMQaoX3Otr8mvQFKwbX84C+Os+A9moOCy8MwWUzc5Ak0viqtv
+NObVMdCZtxCr7HPBmeKfRBkfX7PvpXz9WLMC9RdvzagrgjVFeGXVroDWiM3XmZp
lfvxxt4fEHFNhovE
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:48:30 2024 by rpki-client on console-fra.rpki-client.org