Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/8SJ_LBREWOMigQGrbOSpoED6efU.roa
File: 8SJ_LBREWOMigQGrbOSpoED6efU.roa (raw, json)
Hash identifier: 62y0nmOlXA0+Z/ArGW7+jXU+JPJ93QdKSCA9WPq34/4=
Subject key identifier: F1:22:7F:2C:14:44:58:E3:22:81:01:AB:6C:E4:A9:A0:40:FA:79:F5
Certificate issuer: /CN=0324db1dcf0c2429e121516ae2792fc3253fd3ba
Certificate serial: 019422FC101F2FF72DBF682DB979412FCF95
Authority key identifier: 03:24:DB:1D:CF:0C:24:29:E1:21:51:6A:E2:79:2F:C3:25:3F:D3:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyTbHc8MJCnhIVFq4nkvwyU_07o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/8SJ_LBREWOMigQGrbOSpoED6efU.roa
Signing time: Wed 01 Jan 2025 17:48:52 +0000
ROA not before: Wed 01 Jan 2025 17:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39783
IP address blocks: 46.226.8.0/21 maxlen: 21
62.122.248.0/21 maxlen: 21
91.189.168.0/21 maxlen: 21
91.189.168.0/24 maxlen: 24
91.192.220.0/22 maxlen: 22
185.7.60.0/22 maxlen: 22
185.35.184.0/22 maxlen: 22
193.93.220.0/22 maxlen: 22
2a02:2690::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/AyTbHc8MJCnhIVFq4nkvwyU_07o.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/AyTbHc8MJCnhIVFq4nkvwyU_07o.mft
rsync://rpki.ripe.net/repository/DEFAULT/AyTbHc8MJCnhIVFq4nkvwyU_07o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:10:1f:2f:f7:2d:bf:68:2d:b9:79:41:2f:cf:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0324db1dcf0c2429e121516ae2792fc3253fd3ba
Validity
Not Before: Jan 1 17:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1227f2c144458e3228101ab6ce4a9a040fa79f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:53:08:2a:25:15:b6:cb:f6:6f:bb:6e:ab:
1b:12:36:50:17:6e:ff:cc:a1:48:0e:0a:39:6a:7c:
97:64:70:51:52:7d:06:96:09:07:18:f1:9a:50:0e:
80:72:5a:4a:41:04:b0:b5:62:3b:40:eb:f1:f2:0c:
aa:26:6a:f2:a4:aa:c0:1f:40:e2:43:23:cc:a6:12:
29:f2:f8:d8:e6:58:84:e1:a7:f6:cd:90:64:ad:86:
3a:fc:86:96:a6:fa:6c:17:4a:c1:67:f1:cd:9f:27:
24:fe:af:b1:07:51:30:88:2a:d8:77:30:d9:f4:cc:
b6:32:53:0d:94:d2:ed:8b:d9:46:26:39:5f:17:58:
2f:33:86:30:54:bf:ec:88:c2:2e:0c:a5:e8:a0:0f:
ae:b8:00:4f:a5:76:14:ae:52:80:d0:7f:af:8d:db:
f3:17:8e:a6:36:78:2b:68:dc:ec:bb:ed:01:e2:d1:
e4:74:02:48:2b:e2:53:c5:29:54:22:6c:04:1c:12:
84:59:93:53:9d:f8:bb:93:ed:5f:5f:d5:be:1d:99:
ab:f8:7d:f1:f3:fa:38:ec:1f:2f:e7:42:ed:07:f5:
c6:b4:c8:d9:ca:ea:32:70:d2:90:f1:d5:22:ac:ad:
18:1c:56:9c:59:6d:a5:2d:a7:47:e0:af:3f:9d:77:
17:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:22:7F:2C:14:44:58:E3:22:81:01:AB:6C:E4:A9:A0:40:FA:79:F5
X509v3 Authority Key Identifier:
keyid:03:24:DB:1D:CF:0C:24:29:E1:21:51:6A:E2:79:2F:C3:25:3F:D3:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyTbHc8MJCnhIVFq4nkvwyU_07o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/8SJ_LBREWOMigQGrbOSpoED6efU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/AyTbHc8MJCnhIVFq4nkvwyU_07o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.8.0/21
62.122.248.0/21
91.189.168.0/21
91.192.220.0/22
185.7.60.0/22
185.35.184.0/22
193.93.220.0/22
IPv6:
2a02:2690::/32
Signature Algorithm: sha256WithRSAEncryption
80:ff:25:97:b4:d5:22:ba:b8:43:db:83:ba:92:99:40:d3:7e:
fd:ed:c0:4a:51:c6:eb:57:ac:c3:93:5c:f1:92:80:ff:3a:73:
cb:20:ec:6d:65:39:e7:7b:d1:f7:ed:44:64:e5:f2:61:0f:58:
12:4c:a5:19:b6:f7:28:37:7a:15:48:22:b5:0b:fc:54:76:44:
db:fb:17:41:40:bb:0f:69:75:e9:43:8b:f4:34:c5:ee:59:90:
b0:b5:33:3c:d0:d9:ae:20:01:19:ba:97:7d:2f:3f:39:a4:3a:
a9:5b:ac:c8:78:b9:dc:22:cf:5f:e3:00:e7:cf:d4:50:78:b5:
33:a6:2c:cb:d0:7e:f6:63:de:b1:a7:11:e5:18:bf:75:54:5f:
e1:38:d0:7f:15:34:f8:8d:60:f0:06:e8:7d:3b:18:0e:06:58:
79:fb:68:56:7f:34:b5:28:38:cd:eb:c0:a2:76:eb:3a:c9:31:
6f:3f:54:80:d4:8a:6e:89:f2:c2:f7:4e:6a:6c:67:77:ae:b3:
18:0d:66:92:3d:65:b9:b1:ee:5d:48:5e:fe:ce:a2:d7:45:6e:
02:dd:ab:a5:69:73:c0:4e:3c:7b:35:0c:1c:e6:90:bf:cb:7f:
bc:1e:35:1d:c6:b0:1e:7a:47:4f:9d:5c:5b:4b:e2:ef:6f:ee:
b5:a4:eb:5a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQi/BAfL/ctv2gtuXlBL8+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjRkYjFkY2YwYzI0MjllMTIxNTE2YWUyNzkyZmMzMjUz
ZmQzYmEwHhcNMjUwMTAxMTc0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTIyN2YyYzE0NDQ1OGUzMjI4MTAxYWI2Y2U0YTlhMDQwZmE3OWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsotTCColFbbL9m+7bqsbEjZQF27/
zKFIDgo5anyXZHBRUn0GlgkHGPGaUA6AclpKQQSwtWI7QOvx8gyqJmrypKrAH0Di
QyPMphIp8vjY5liE4af2zZBkrYY6/IaWpvpsF0rBZ/HNnyck/q+xB1EwiCrYdzDZ
9My2MlMNlNLti9lGJjlfF1gvM4YwVL/siMIuDKXooA+uuABPpXYUrlKA0H+vjdvz
F46mNngraNzsu+0B4tHkdAJIK+JTxSlUImwEHBKEWZNTnfi7k+1fX9W+HZmr+H3x
8/o47B8v50LtB/XGtMjZyuoycNKQ8dUirK0YHFacWW2lLadH4K8/nXcX2QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPEifywURFjjIoEBq2zkqaBA+nn1MB8GA1UdIwQY
MBaAFAMk2x3PDCQp4SFRauJ5L8MlP9O6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlUYkhjOE1KQ25oSVZGcTRua3Z3eVVfMDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85MGY5NDItNjUxMS00MDU0LTk0YmUt
NGQyYzRkYTcyMWQ0LzEvOFNKX0xCUkVXT01pZ1FHcmJPU3BvRUQ2ZWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85MGY5NDItNjUxMS00MDU0LTk0YmUtNGQyYzRkYTcyMWQ0
LzEvQXlUYkhjOE1KQ25oSVZGcTRua3Z3eVVfMDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLuIIAwQD
Pnr4AwQDW72oAwQCW8DcAwQCuQc8AwQCuSO4AwQCwV3cMA0EAgACMAcDBQAqAiaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCA/yWXtNUiurhD24O6kplA03797cBKUcbrV6zD
k1zxkoD/OnPLIOxtZTnne9H37URk5fJhD1gSTKUZtvcoN3oVSCK1C/xUdkTb+xdB
QLsPaXXpQ4v0NMXuWZCwtTM80NmuIAEZupd9Lz85pDqpW6zIeLncIs9f4wDnz9RQ
eLUzpizL0H72Y96xpxHlGL91VF/hONB/FTT4jWDwBuh9OxgOBlh5+2hWfzS1KDjN
68Cidus6yTFvP1SA1IpuifLC905qbGd3rrMYDWaSPWW5se5dSF7+zqLXRW4C3aul
aXPATjx7NQwc5pC/y3+8HjUdxrAeekdPnVxbS+Lvb+61pOta
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:59:24 2025 by rpki-client