Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/8czRXX13tJ9gikeLqm3QL5T08Yw.roa
File: 8czRXX13tJ9gikeLqm3QL5T08Yw.roa (raw, json)
Hash identifier: qJpvK08XFCPkHqKUhPmJlnnbisVmcNEb0lYdJnyI8Ts=
Subject key identifier: F1:CC:D1:5D:7D:77:B4:9F:60:8A:47:8B:AA:6D:D0:2F:94:F4:F1:8C
Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial: 01903142B8BEFCE7E7503FC778D91845787B
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/8czRXX13tJ9gikeLqm3QL5T08Yw.roa
Signing time: Wed 19 Jun 2024 16:09:34 +0000
ROA not before: Wed 19 Jun 2024 16:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 185.5.147.0/24 maxlen: 24
195.64.120.0/24 maxlen: 24
195.64.121.0/24 maxlen: 24
195.64.122.0/24 maxlen: 24
195.64.123.0/24 maxlen: 24
195.64.124.0/24 maxlen: 24
195.64.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.mft
rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:31:42:b8:be:fc:e7:e7:50:3f:c7:78:d9:18:45:78:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
Validity
Not Before: Jun 19 16:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1ccd15d7d77b49f608a478baa6dd02f94f4f18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:43:7c:36:5d:c3:8a:ef:e5:05:03:dd:9b:7b:
b7:b8:9c:78:d0:fc:6f:16:b9:3b:5c:09:36:2d:f3:
54:11:fe:a2:fa:bf:a0:2a:57:89:61:f6:f0:d4:22:
3e:e1:ca:90:51:0e:53:1e:cf:09:06:d0:ca:ef:f7:
3e:c9:3e:4a:13:0d:19:65:ad:ab:9c:d2:cd:aa:f7:
b0:82:27:a6:3d:05:48:ea:97:2c:11:2f:16:f3:e1:
33:a4:0f:3b:17:b9:e7:36:cd:8a:2f:3f:6c:e2:e0:
9a:4c:21:d5:29:79:81:13:4c:1e:92:2a:bf:a5:2b:
85:26:49:ad:f5:68:53:49:6c:20:7f:f5:2a:db:f8:
e6:9e:54:4d:2f:ba:fc:9c:43:b3:08:a9:0c:96:ae:
97:4e:64:50:58:2d:14:67:83:b8:4e:32:94:fc:61:
a8:a4:82:86:53:f6:13:4b:ef:a4:a0:6d:aa:4c:95:
a5:b6:52:e0:4e:99:9a:e2:43:b0:21:af:65:9c:2a:
69:46:55:a6:2f:76:30:aa:94:20:91:37:44:7d:3d:
ab:72:b3:3a:ed:b7:2e:89:30:1e:e7:1a:33:41:ca:
66:97:90:0b:07:dd:d3:21:03:04:6a:2a:2d:27:85:
27:91:79:c2:81:89:72:46:e6:1f:48:94:15:b0:12:
36:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CC:D1:5D:7D:77:B4:9F:60:8A:47:8B:AA:6D:D0:2F:94:F4:F1:8C
X509v3 Authority Key Identifier:
keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/8czRXX13tJ9gikeLqm3QL5T08Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.147.0/24
195.64.120.0-195.64.125.255
Signature Algorithm: sha256WithRSAEncryption
79:a8:22:0e:f0:36:d8:bf:95:9a:ae:bf:67:a9:ea:66:92:32:
16:9c:dd:93:38:bb:89:45:49:1e:9a:6f:f0:7d:41:b3:11:37:
04:df:e3:20:10:6b:38:5b:7e:21:dc:e6:2f:11:5e:91:cf:55:
a7:4b:46:4d:82:36:c5:ae:65:d3:7e:c4:04:22:b9:a2:9f:1b:
9b:f4:4a:59:75:6b:1c:e3:20:96:4f:46:d5:d8:5d:52:5e:09:
83:84:76:20:77:f9:f9:51:12:ce:51:1e:84:48:7c:53:96:e4:
c2:0b:fa:f9:53:2f:34:28:18:56:de:62:63:11:aa:03:4f:18:
aa:23:86:5f:2d:2f:42:3c:41:27:5e:46:20:5b:b0:45:7d:53:
39:b4:9e:52:cf:43:d5:e9:af:fa:82:28:96:7f:ee:64:2d:03:
99:c6:9a:27:46:7c:f0:de:63:89:a7:3d:29:4c:f2:5e:4e:92:
3b:f5:14:0d:51:ad:cc:07:d9:d7:c1:ea:2a:06:8a:03:d3:07:
81:b5:82:7b:e5:7e:c1:54:92:82:59:9a:72:ff:ce:78:64:70:
64:fb:d5:43:1c:1b:6c:24:c8:29:00:d5:5c:2f:8d:52:57:02:
88:8e:5f:40:0b:ba:5d:1f:75:c8:62:78:cd:12:61:57:5e:b0:
a5:44:95:8d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZAxQri+/OfnUD/HeNkYRXh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjQwNjE5MTYwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNjZDE1ZDdkNzdiNDlmNjA4YTQ3OGJhYTZkZDAyZjk0ZjRmMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEN8Nl3Diu/lBQPdm3u3uJx40Pxv
Frk7XAk2LfNUEf6i+r+gKleJYfbw1CI+4cqQUQ5THs8JBtDK7/c+yT5KEw0ZZa2r
nNLNqvewgiemPQVI6pcsES8W8+EzpA87F7nnNs2KLz9s4uCaTCHVKXmBE0wekiq/
pSuFJkmt9WhTSWwgf/Uq2/jmnlRNL7r8nEOzCKkMlq6XTmRQWC0UZ4O4TjKU/GGo
pIKGU/YTS++koG2qTJWltlLgTpma4kOwIa9lnCppRlWmL3YwqpQgkTdEfT2rcrM6
7bcuiTAe5xozQcpml5ALB93TIQMEaiotJ4UnkXnCgYlyRuYfSJQVsBI2sQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPHM0V19d7SfYIpHi6pt0C+U9PGMMB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvOGN6UlhYMTN0SjlnaWtlTHFtM1FMNVQwOFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAuQWTMAwD
BAPDQHgDBAHDQHwwDQYJKoZIhvcNAQELBQADggEBAHmoIg7wNti/lZquv2ep6maS
Mhac3ZM4u4lFSR6ab/B9QbMRNwTf4yAQazhbfiHc5i8RXpHPVadLRk2CNsWuZdN+
xAQiuaKfG5v0Sll1axzjIJZPRtXYXVJeCYOEdiB3+flREs5RHoRIfFOW5MIL+vlT
LzQoGFbeYmMRqgNPGKojhl8tL0I8QSdeRiBbsEV9Uzm0nlLPQ9Xpr/qCKJZ/7mQt
A5nGmidGfPDeY4mnPSlM8l5Okjv1FA1RrcwH2dfB6ioGigPTB4G1gnvlfsFUkoJZ
mnL/znhkcGT71UMcG2wkyCkA1VwvjVJXAoiOX0ALul0fdchieM0SYVdesKVElY0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 00:01:14 2024 by rpki-client on console-fra.rpki-client.org