Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/8k9xt7JIB_7LSwfva3Uw7Hg0tBs.roa
File: 8k9xt7JIB_7LSwfva3Uw7Hg0tBs.roa (raw, json)
Hash identifier: 8yWqRF9DKgyVDl0NZ7ZacYJRLeimvYtppeOaZvrUpZw=
Subject key identifier: F2:4F:71:B7:B2:48:07:FE:CB:4B:07:EF:6B:75:30:EC:78:34:B4:1B
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 018F81492FFC3DAB1571910C65DF8EF84D52
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/8k9xt7JIB_7LSwfva3Uw7Hg0tBs.roa
Signing time: Thu 16 May 2024 12:03:28 +0000
ROA not before: Thu 16 May 2024 12:03:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 46.229.243.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
92.42.100.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
103.121.48.0/24 maxlen: 24
103.121.49.0/24 maxlen: 24
103.244.144.0/24 maxlen: 24
103.244.145.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
2a12:3200:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:49:2f:fc:3d:ab:15:71:91:0c:65:df:8e:f8:4d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: May 16 12:03:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f24f71b7b24807fecb4b07ef6b7530ec7834b41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e9:90:2b:e1:c1:34:20:ab:25:f1:e1:e4:66:
84:85:da:31:d7:d8:e0:ce:7b:03:cc:76:f5:86:9b:
1e:97:93:61:ea:46:76:01:1c:e6:b4:68:80:b5:5e:
80:49:9c:5a:fb:3f:63:e4:6e:bb:c1:e2:e0:fb:d5:
2f:79:da:73:ae:bd:7c:21:14:25:9a:d6:f7:4c:ad:
d9:d4:af:c6:ce:bf:41:1d:5f:42:6a:9b:16:a1:14:
59:52:7a:58:62:a0:55:bc:31:c0:43:f1:93:52:d2:
40:0f:9e:9e:21:29:73:bd:80:be:e5:56:9d:b3:a0:
53:c6:0b:f6:b9:73:3c:e9:cf:f2:6e:48:12:52:7c:
8f:b3:bc:00:6c:7c:7d:06:b0:58:b9:51:4a:9f:0f:
ce:82:91:db:47:ff:91:b2:d4:6f:7b:1c:6d:66:aa:
6c:b3:68:da:bf:39:3d:f1:22:ca:9d:f4:d7:cb:b7:
08:32:b8:15:e4:05:f4:95:da:35:fe:db:33:90:9c:
b8:2c:c8:5d:86:8b:36:0d:22:6a:00:19:1d:7a:11:
72:ee:5c:a3:47:10:94:1c:5a:b5:fe:d9:47:18:be:
31:2a:3c:36:fb:a4:d4:d3:b5:45:be:08:5f:0f:5a:
ae:c2:39:b5:96:65:79:61:e3:26:5b:75:ae:fe:78:
84:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4F:71:B7:B2:48:07:FE:CB:4B:07:EF:6B:75:30:EC:78:34:B4:1B
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/8k9xt7JIB_7LSwfva3Uw7Hg0tBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
92.42.100.0/24
103.112.171.0/24
103.121.48.0/23
103.244.144.0/23
103.246.248.0/24
185.104.63.0/24
195.74.93.0/24
IPv6:
2a12:3200::-2a12:3200:5fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a4:46:ea:51:07:96:ac:ac:ff:13:9b:d8:61:75:cc:40:51:b0:
ce:62:50:53:d9:d7:46:71:a2:f5:20:36:58:93:2b:20:af:a6:
fd:c1:df:ff:9b:87:2d:df:0c:5a:f7:95:77:45:39:cb:af:ac:
79:bf:b8:07:0e:55:c7:f8:a1:d9:9f:3d:7f:d4:df:cc:d6:1d:
fb:05:a7:0d:b3:0d:93:c2:4b:51:8b:e7:95:c4:29:07:5a:33:
44:c8:40:3a:dd:dc:07:d7:b0:5d:79:73:d7:64:2b:08:10:b7:
10:3e:19:77:ea:9d:dd:76:fd:7d:12:9d:7d:62:1a:83:37:57:
01:95:53:17:12:a6:17:fb:34:84:5c:e5:1b:44:3e:7e:de:8f:
9c:d0:2a:e7:26:de:00:33:c1:b8:0e:22:68:e8:fd:9a:e7:cb:
cd:1f:94:29:a8:39:92:41:36:34:fa:44:28:5a:4d:28:b8:7c:
27:ce:6d:99:30:db:4a:60:85:24:b4:77:b7:c9:4f:fb:89:38:
a0:b3:69:07:60:08:34:65:40:ac:81:86:50:27:ed:5f:10:55:
be:23:5a:56:fc:1d:d7:c1:05:d3:bc:c9:bc:70:c5:44:e9:f3:
32:68:8d:ce:51:d7:f0:8f:9b:bd:ac:96:16:a9:bb:e0:d7:f7:
8b:bb:37:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY+BSS/8PasVcZEMZd+O+E1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjQwNTE2MTIwMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjRmNzFiN2IyNDgwN2ZlY2I0YjA3ZWY2Yjc1MzBlYzc4MzRiNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtemQK+HBNCCrJfHh5GaEhdox19jg
znsDzHb1hpsel5Nh6kZ2ARzmtGiAtV6ASZxa+z9j5G67weLg+9Uvedpzrr18IRQl
mtb3TK3Z1K/Gzr9BHV9CapsWoRRZUnpYYqBVvDHAQ/GTUtJAD56eISlzvYC+5Vad
s6BTxgv2uXM86c/ybkgSUnyPs7wAbHx9BrBYuVFKnw/OgpHbR/+RstRvexxtZqps
s2javzk98SLKnfTXy7cIMrgV5AX0ldo1/tszkJy4LMhdhos2DSJqABkdehFy7lyj
RxCUHFq1/tlHGL4xKjw2+6TU07VFvghfD1quwjm1lmV5YeMmW3Wu/niEsQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFPJPcbeySAf+y0sH72t1MOx4NLQbMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvOGs5eHQ3SklCXzdMU3dmdmEzVXc3SGcwdEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBUBAIAATBOAwQALuXzAwQA
LuX7AwQALuX9AwQATUp7AwQAU+U9AwQAVcxrAwQAXCpkAwQAZ3CrAwQBZ3kwAwQB
Z/SQAwQAZ/b4AwQAuWg/AwQAw0pdMBYEAgACMBAwDgMEASoSMgMGBSoSMgBAMA0G
CSqGSIb3DQEBCwUAA4IBAQCkRupRB5asrP8Tm9hhdcxAUbDOYlBT2ddGcaL1IDZY
kysgr6b9wd//m4ct3wxa95V3RTnLr6x5v7gHDlXH+KHZnz1/1N/M1h37BacNsw2T
wktRi+eVxCkHWjNEyEA63dwH17BdeXPXZCsIELcQPhl36p3ddv19Ep19YhqDN1cB
lVMXEqYX+zSEXOUbRD5+3o+c0CrnJt4AM8G4DiJo6P2a58vNH5QpqDmSQTY0+kQo
Wk0ouHwnzm2ZMNtKYIUktHe3yU/7iTigs2kHYAg0ZUCsgYZQJ+1fEFW+I1pW/B3X
wQXTvMm8cMVE6fMyaI3OUdfwj5u9rJYWqbvg1/eLuzfm
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:14:53 2024 by rpki-client on console-ams.rpki-client.org