Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/CL-l79gv5sKmDrI5H3D3m8rMcuw.roa
File: CL-l79gv5sKmDrI5H3D3m8rMcuw.roa (raw, json)
Hash identifier: Q4bUYWxmO/qyWC5yv6KacuNXAzGiuuTVyLT+IEQnWqw=
Subject key identifier: 08:BF:A5:EF:D8:2F:E6:C2:A6:0E:B2:39:1F:70:F7:9B:CA:CC:72:EC
Certificate issuer: /CN=7274b5ee2aa0778af1304358225ac67e55170a88
Certificate serial: 018D3C0B0560035F0D4CFDB50A765E3ACC88
Authority key identifier: 72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/CL-l79gv5sKmDrI5H3D3m8rMcuw.roa
Signing time: Wed 24 Jan 2024 15:16:11 +0000
ROA not before: Wed 24 Jan 2024 15:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205115
IP address blocks: 87.120.56.0/23 maxlen: 24
87.120.70.0/23 maxlen: 24
87.120.82.0/23 maxlen: 24
87.120.94.0/23 maxlen: 24
87.120.188.0/23 maxlen: 24
87.120.238.0/23 maxlen: 24
87.121.80.0/23 maxlen: 24
94.156.38.0/23 maxlen: 24
178.249.236.0/22 maxlen: 24
185.134.108.0/22 maxlen: 24
2a06:eb40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:0b:05:60:03:5f:0d:4c:fd:b5:0a:76:5e:3a:cc:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7274b5ee2aa0778af1304358225ac67e55170a88
Validity
Not Before: Jan 24 15:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08bfa5efd82fe6c2a60eb2391f70f79bcacc72ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e3:18:48:91:29:8e:02:cc:95:61:d2:bc:de:
3c:a8:df:d0:ab:af:c1:3d:82:6e:71:bc:e6:ef:03:
d1:e8:c9:ee:43:ea:21:b3:1a:7d:a3:14:c4:c1:a5:
fd:29:87:e6:a6:8d:3c:3a:03:bb:05:1e:6b:48:a6:
97:22:c8:2b:5f:f0:6c:3e:22:f7:1f:cc:14:b5:4f:
b5:b4:12:fc:7e:21:22:5a:a4:96:4a:94:b6:3e:ff:
55:b4:16:11:1f:37:4d:0b:ac:13:c6:c0:9a:64:24:
0b:97:2b:04:e7:bd:59:3e:90:0c:a0:bc:2d:d5:65:
79:2f:52:b0:7e:6a:f7:20:0b:c0:02:35:71:71:08:
56:9d:04:ea:19:a4:e2:8a:c6:36:bc:24:a1:65:5c:
bb:34:96:7b:3a:1b:18:1f:c8:10:f5:33:64:5e:36:
9b:8c:87:3c:23:51:71:77:bb:3b:5e:30:ce:df:67:
e7:01:72:7c:d6:09:dc:00:bd:aa:c9:40:6c:44:2d:
ac:b5:59:14:19:ab:b4:04:4f:d3:9f:00:3f:c6:13:
a7:08:b4:00:49:be:e1:be:3a:55:22:b0:81:47:13:
ce:c0:9e:af:fe:93:63:7d:92:c7:98:f3:d0:d0:e0:
dc:fe:fd:2a:2f:0a:35:46:64:bb:ec:26:70:86:ba:
38:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BF:A5:EF:D8:2F:E6:C2:A6:0E:B2:39:1F:70:F7:9B:CA:CC:72:EC
X509v3 Authority Key Identifier:
keyid:72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/CL-l79gv5sKmDrI5H3D3m8rMcuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.56.0/23
87.120.70.0/23
87.120.82.0/23
87.120.94.0/23
87.120.188.0/23
87.120.238.0/23
87.121.80.0/23
94.156.38.0/23
178.249.236.0/22
185.134.108.0/22
IPv6:
2a06:eb40::/29
Signature Algorithm: sha256WithRSAEncryption
52:bc:71:94:fb:b3:20:3b:44:fa:03:d8:7e:70:19:83:bc:14:
73:84:1e:d5:ee:1a:b2:2a:3f:88:95:4a:0e:ea:7e:ef:d7:05:
07:97:a9:6f:01:66:53:09:b6:cf:b2:77:22:b2:ff:fa:0f:e6:
99:14:15:c2:c2:ca:d6:b2:ac:5a:da:05:39:e9:16:d0:88:03:
4f:f0:85:39:a2:b8:44:95:bd:7e:9d:48:34:ca:08:7a:02:b8:
ad:30:4f:8b:6e:d2:5e:38:00:a2:ae:cd:70:5a:ba:63:d8:2b:
92:0a:95:ee:cd:28:ab:9f:fe:2e:8e:17:9f:c0:d0:c6:d5:d5:
15:91:7d:b8:c7:1d:cf:57:ff:3f:17:0b:92:b5:2d:3d:92:b7:
fc:87:1f:c0:6f:bf:33:d2:8d:e7:61:d4:d4:6c:6a:a0:0d:5f:
1c:46:0e:07:b7:a0:75:ac:1d:c4:04:5d:17:74:a0:32:2a:be:
9b:61:21:14:d4:35:d5:48:16:94:9b:7e:fc:a4:38:e1:be:f8:
f7:75:e6:c0:a6:f1:b3:27:32:dc:7a:fe:60:f2:14:d6:2a:88:
1f:b0:9d:e7:57:8b:69:a2:1a:e1:a9:08:6e:81:7d:cf:1d:31:
d4:d8:0f:0c:a9:74:98:85:3f:f6:ff:ac:53:a8:6a:3f:6a:00:
b9:17:40:2b
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY08CwVgA18NTP21CnZeOsyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzRiNWVlMmFhMDc3OGFmMTMwNDM1ODIyNWFjNjdlNTUx
NzBhODgwHhcNMjQwMTI0MTUxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJmYTVlZmQ4MmZlNmMyYTYwZWIyMzkxZjcwZjc5YmNhY2M3MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeMYSJEpjgLMlWHSvN48qN/Qq6/B
PYJucbzm7wPR6MnuQ+ohsxp9oxTEwaX9KYfmpo08OgO7BR5rSKaXIsgrX/BsPiL3
H8wUtU+1tBL8fiEiWqSWSpS2Pv9VtBYRHzdNC6wTxsCaZCQLlysE571ZPpAMoLwt
1WV5L1Kwfmr3IAvAAjVxcQhWnQTqGaTiisY2vCShZVy7NJZ7OhsYH8gQ9TNkXjab
jIc8I1Fxd7s7XjDO32fnAXJ81gncAL2qyUBsRC2stVkUGau0BE/TnwA/xhOnCLQA
Sb7hvjpVIrCBRxPOwJ6v/pNjfZLHmPPQ0ODc/v0qLwo1RmS77CZwhro4LwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFAi/pe/YL+bCpg6yOR9w95vKzHLsMB8GA1UdIwQY
MBaAFHJ0te4qoHeK8TBDWCJaxn5VFwqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMt
NjllYmVkMTc4MTRhLzEvQ0wtbDc5Z3Y1c0ttRHJJNUgzRDNtOHJNY3V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMtNjllYmVkMTc4MTRh
LzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQBV3g4AwQB
V3hGAwQBV3hSAwQBV3heAwQBV3i8AwQBV3juAwQBV3lQAwQBXpwmAwQCsvnsAwQC
uYZsMA0EAgACMAcDBQMqButAMA0GCSqGSIb3DQEBCwUAA4IBAQBSvHGU+7MgO0T6
A9h+cBmDvBRzhB7V7hqyKj+IlUoO6n7v1wUHl6lvAWZTCbbPsncisv/6D+aZFBXC
wsrWsqxa2gU56RbQiANP8IU5orhElb1+nUg0ygh6AritME+LbtJeOACirs1wWrpj
2CuSCpXuzSirn/4ujhefwNDG1dUVkX24xx3PV/8/FwuStS09krf8hx/Ab78z0o3n
YdTUbGqgDV8cRg4Ht6B1rB3EBF0XdKAyKr6bYSEU1DXVSBaUm378pDjhvvj3debA
pvGzJzLcev5g8hTWKogfsJ3nV4tpohrhqQhugX3PHTHU2A8MqXSYhT/2/6xTqGo/
agC5F0Ar
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:21 2024 by rpki-client on console-fra.rpki-client.org