Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/h8dGGke1xY1JEpUdTNczvEMmj5E.roa
File: h8dGGke1xY1JEpUdTNczvEMmj5E.roa (raw, json)
Hash identifier: vo2ZgFHC68JDcvSHU2tNN+8GWnkrUyhfTfUl/V5oJfA=
Subject key identifier: 87:C7:46:1A:47:B5:C5:8D:49:12:95:1D:4C:D7:33:BC:43:26:8F:91
Certificate issuer: /CN=61340818a8633908cf37ea145d66d92452fb73aa
Certificate serial: 018CC8DE512E5BBC599FEBF0E8C617597865
Authority key identifier: 61:34:08:18:A8:63:39:08:CF:37:EA:14:5D:66:D9:24:52:FB:73:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTQIGKhjOQjPN-oUXWbZJFL7c6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/h8dGGke1xY1JEpUdTNczvEMmj5E.roa
Signing time: Tue 02 Jan 2024 06:31:02 +0000
ROA not before: Tue 02 Jan 2024 06:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39194
IP address blocks: 83.146.192.0/18 maxlen: 18
185.143.60.0/22 maxlen: 22
37.35.16.0/20 maxlen: 20
85.209.100.0/22 maxlen: 22
2a00:7a20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/YTQIGKhjOQjPN-oUXWbZJFL7c6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/YTQIGKhjOQjPN-oUXWbZJFL7c6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/YTQIGKhjOQjPN-oUXWbZJFL7c6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:51:2e:5b:bc:59:9f:eb:f0:e8:c6:17:59:78:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61340818a8633908cf37ea145d66d92452fb73aa
Validity
Not Before: Jan 2 06:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87c7461a47b5c58d4912951d4cd733bc43268f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f1:f1:f5:37:0c:36:6f:89:35:e6:a2:2c:32:
a7:2b:99:5e:84:4e:ed:94:3d:1b:cc:31:20:68:60:
26:06:42:6b:58:68:bb:d4:5e:5a:67:57:20:91:bd:
a6:2f:d5:1c:46:ec:57:ad:6d:ea:73:e4:8a:97:62:
19:b7:a1:b9:67:d2:33:d2:df:3b:ac:d9:65:cc:cd:
53:e0:1f:29:3f:1b:7c:72:0e:ed:69:2e:f6:be:c1:
01:e5:38:95:31:5b:0b:b6:9a:b4:62:96:f2:a5:3a:
c7:27:15:1c:29:86:ec:fa:a0:78:af:e9:1d:53:a4:
f2:c7:83:82:6a:38:66:90:a0:4f:e0:5f:6a:82:5d:
99:5c:bd:bd:6a:75:f6:b7:84:7b:01:fe:29:be:29:
62:60:b2:c7:b3:c4:9e:c5:c5:10:b7:e6:b7:d2:e6:
de:91:0d:45:51:23:bd:02:71:61:58:ea:89:07:d7:
93:64:6c:1a:9a:8f:a2:ef:8a:1f:4f:61:49:04:8d:
03:49:47:bd:e6:b4:b6:7e:60:ce:5f:86:36:88:02:
9d:51:ef:1e:6f:b1:0b:88:cb:89:21:c5:1c:13:1d:
db:e4:46:2c:1f:43:64:bb:eb:81:5a:ff:3f:76:c6:
34:84:d3:e2:e6:7c:36:c8:19:23:22:2e:80:4b:ea:
78:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C7:46:1A:47:B5:C5:8D:49:12:95:1D:4C:D7:33:BC:43:26:8F:91
X509v3 Authority Key Identifier:
keyid:61:34:08:18:A8:63:39:08:CF:37:EA:14:5D:66:D9:24:52:FB:73:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTQIGKhjOQjPN-oUXWbZJFL7c6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/h8dGGke1xY1JEpUdTNczvEMmj5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/YTQIGKhjOQjPN-oUXWbZJFL7c6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.16.0/20
83.146.192.0/18
85.209.100.0/22
185.143.60.0/22
IPv6:
2a00:7a20::/32
Signature Algorithm: sha256WithRSAEncryption
4b:bd:b7:87:18:44:86:89:be:c7:01:81:a2:5e:a9:07:54:47:
53:44:e2:0e:32:45:d4:74:a0:08:a5:b6:aa:9b:cf:ee:6b:63:
ac:75:58:50:5f:f2:6d:b8:ef:8a:19:ab:69:c6:b8:05:be:ed:
26:66:fb:83:85:93:82:b6:4e:6c:90:da:54:3b:46:8b:19:3e:
6e:09:1b:7e:42:49:eb:e5:c9:4b:b6:b8:ea:33:fe:66:f4:10:
c3:48:af:9b:3d:bd:a2:ad:f2:b3:a0:63:e5:c5:a0:5f:43:2c:
a0:15:47:14:d1:ea:91:d2:02:19:19:e1:ef:54:2a:9c:bc:78:
e2:74:7a:bb:40:14:71:73:0d:00:7d:9c:e0:7b:06:b9:27:cb:
b1:15:aa:d3:4e:fa:7e:35:47:0a:66:27:16:de:57:dd:fc:22:
3a:20:f8:9f:22:4d:54:d5:58:01:d8:e6:50:02:3d:90:96:ea:
9d:a5:97:c0:ff:d6:50:56:f7:1e:30:60:40:10:e1:55:92:b3:
b6:e9:7d:05:33:a3:3e:71:e4:b6:31:84:aa:0c:13:b4:d8:be:
3f:66:ae:f5:34:15:3d:a8:d9:dc:1e:78:9d:0e:53:5c:d5:af:
61:bf:25:54:c6:85:5e:ea:66:f1:0c:38:ea:19:f8:a4:dd:0e:
b9:d6:f5:c6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI3lEuW7xZn+vw6MYXWXhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzQwODE4YTg2MzM5MDhjZjM3ZWExNDVkNjZkOTI0NTJm
YjczYWEwHhcNMjQwMTAyMDYzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M3NDYxYTQ3YjVjNThkNDkxMjk1MWQ0Y2Q3MzNiYzQzMjY4ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvHx9TcMNm+JNeaiLDKnK5lehE7t
lD0bzDEgaGAmBkJrWGi71F5aZ1cgkb2mL9UcRuxXrW3qc+SKl2IZt6G5Z9Iz0t87
rNllzM1T4B8pPxt8cg7taS72vsEB5TiVMVsLtpq0YpbypTrHJxUcKYbs+qB4r+kd
U6Tyx4OCajhmkKBP4F9qgl2ZXL29anX2t4R7Af4pviliYLLHs8SexcUQt+a30ube
kQ1FUSO9AnFhWOqJB9eTZGwamo+i74ofT2FJBI0DSUe95rS2fmDOX4Y2iAKdUe8e
b7ELiMuJIcUcEx3b5EYsH0Nku+uBWv8/dsY0hNPi5nw2yBkjIi6AS+p4YQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIfHRhpHtcWNSRKVHUzXM7xDJo+RMB8GA1UdIwQY
MBaAFGE0CBioYzkIzzfqFF1m2SRS+3OqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRRSUdLaGpPUWpQTi1vVVhXYlpKRkw3YzZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zOTFkZDctNGI5Ni00NmE1LWFmYjQt
NmI2MTViN2RiZmUwLzEvaDhkR0drZTF4WTFKRXBVZFROY3p2RU1tajVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zOTFkZDctNGI5Ni00NmE1LWFmYjQtNmI2MTViN2RiZmUw
LzEvWVRRSUdLaGpPUWpQTi1vVVhXYlpKRkw3YzZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJSMQAwQG
U5LAAwQCVdFkAwQCuY88MA0EAgACMAcDBQAqAHogMA0GCSqGSIb3DQEBCwUAA4IB
AQBLvbeHGESGib7HAYGiXqkHVEdTROIOMkXUdKAIpbaqm8/ua2OsdVhQX/JtuO+K
GatpxrgFvu0mZvuDhZOCtk5skNpUO0aLGT5uCRt+Qknr5clLtrjqM/5m9BDDSK+b
Pb2irfKzoGPlxaBfQyygFUcU0eqR0gIZGeHvVCqcvHjidHq7QBRxcw0AfZzgewa5
J8uxFarTTvp+NUcKZicW3lfd/CI6IPifIk1U1VgB2OZQAj2QluqdpZfA/9ZQVvce
MGBAEOFVkrO26X0FM6M+ceS2MYSqDBO02L4/Zq71NBU9qNncHnidDlNc1a9hvyVU
xoVe6mbxDDjqGfik3Q651vXG
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:38 2024 by rpki-client on console-fra.rpki-client.org