Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/8tvwSoXshXxpQ0Tm1A2jQJc_Eeg.roa
File: 8tvwSoXshXxpQ0Tm1A2jQJc_Eeg.roa (raw, json)
Hash identifier: pw2wxdd/JQ81qWsJZfKwhogxUt8NNvCukQtn3rD0Ewg=
Subject key identifier: F2:DB:F0:4A:85:EC:85:7C:69:43:44:E6:D4:0D:A3:40:97:3F:11:E8
Certificate issuer: /CN=a764a26f76355140aa696e0a4f1f0c312b7277c0
Certificate serial: 018CC4933AE78AFC39413154A549E2D6686C
Authority key identifier: A7:64:A2:6F:76:35:51:40:AA:69:6E:0A:4F:1F:0C:31:2B:72:77:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2Sib3Y1UUCqaW4KTx8MMStyd8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/8tvwSoXshXxpQ0Tm1A2jQJc_Eeg.roa
Signing time: Mon 01 Jan 2024 10:30:32 +0000
ROA not before: Mon 01 Jan 2024 10:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201000
IP address blocks: 45.156.120.0/22 maxlen: 24
185.89.72.0/22 maxlen: 24
91.245.244.0/22 maxlen: 24
185.237.148.0/22 maxlen: 24
79.143.192.0/20 maxlen: 24
185.211.252.0/22 maxlen: 24
2a03:8260::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/p2Sib3Y1UUCqaW4KTx8MMStyd8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3a:e7:8a:fc:39:41:31:54:a5:49:e2:d6:68:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a764a26f76355140aa696e0a4f1f0c312b7277c0
Validity
Not Before: Jan 1 10:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2dbf04a85ec857c694344e6d40da340973f11e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0f:0c:71:74:7e:64:ad:3f:81:80:7b:50:c8:
d5:76:cc:55:06:9d:6d:d5:f8:65:20:5e:db:80:98:
67:dc:af:72:8d:b0:4b:74:20:b2:70:71:20:c0:40:
8f:43:09:b8:4e:a2:5f:fa:b6:70:bb:2d:8e:c8:51:
ac:ac:53:6d:cc:cc:e3:24:e2:fe:01:61:1e:ad:a6:
ae:f0:56:a2:c0:13:52:a2:51:c8:e1:92:80:2a:c5:
91:0f:82:57:6a:ec:1f:2d:97:66:76:db:9e:71:24:
43:f3:7a:bb:b3:5a:c5:f3:3a:23:a3:6f:94:a6:aa:
ad:a5:57:7b:28:d4:c1:4f:9b:8d:b1:c2:bf:92:17:
4a:6d:b4:34:bb:c5:00:ee:ca:d0:96:c3:ba:46:8f:
62:40:19:35:2e:f0:c9:f2:9e:86:01:b7:42:43:eb:
c1:ca:07:35:95:36:16:75:12:31:c6:54:cc:ed:77:
df:be:75:f6:ac:75:16:f0:78:ab:b0:0e:b4:cc:d9:
01:71:a2:b9:ee:72:d5:ea:3c:cf:72:4f:a0:4d:a5:
62:51:d3:1c:31:04:5a:90:31:b2:12:d4:31:76:fc:
ac:2c:55:a6:24:b7:d9:cd:b8:96:03:7d:5f:a6:36:
68:f0:89:cb:a6:34:0d:89:53:d6:3e:13:f2:2e:5d:
bb:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DB:F0:4A:85:EC:85:7C:69:43:44:E6:D4:0D:A3:40:97:3F:11:E8
X509v3 Authority Key Identifier:
keyid:A7:64:A2:6F:76:35:51:40:AA:69:6E:0A:4F:1F:0C:31:2B:72:77:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2Sib3Y1UUCqaW4KTx8MMStyd8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/8tvwSoXshXxpQ0Tm1A2jQJc_Eeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1e8183-aad1-4fd7-b10f-ffa4950a1ccb/1/p2Sib3Y1UUCqaW4KTx8MMStyd8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.120.0/22
79.143.192.0/20
91.245.244.0/22
185.89.72.0/22
185.211.252.0/22
185.237.148.0/22
IPv6:
2a03:8260::/32
Signature Algorithm: sha256WithRSAEncryption
94:16:38:b9:88:3a:77:09:54:f4:13:a8:f5:aa:f2:3d:0f:81:
f3:0e:a3:14:2f:09:58:cf:d4:fe:cd:04:e3:04:3f:af:66:57:
c3:f6:ff:7a:2b:fe:85:6a:06:75:7e:bf:0c:03:51:1d:09:bf:
43:9c:03:4f:ba:f5:93:a3:77:71:a6:61:85:4c:08:a8:cc:01:
67:3c:3b:27:f5:8a:b4:0d:aa:0e:09:c0:03:da:4b:71:82:eb:
73:97:a8:9b:4c:f1:43:9f:e8:0b:39:2e:61:a1:0d:d1:01:f3:
ad:dc:73:0c:44:b0:ee:cd:f5:b2:65:a0:58:d6:3a:40:d1:a7:
6b:12:ad:45:f7:ff:bb:81:4e:05:55:b5:28:50:b5:07:e5:d5:
b1:72:1f:5c:5a:98:69:00:85:fc:f8:db:50:ed:6e:6b:55:4c:
f4:0a:c2:6c:93:56:ef:22:0d:bc:b7:56:38:f4:49:4e:d9:f3:
61:36:a5:a8:86:79:75:c2:8f:79:e8:fd:a1:04:d9:76:fa:a3:
50:72:cc:79:4d:e6:ca:f5:9a:90:52:70:aa:f4:29:4c:54:72:
a7:08:f7:a9:3c:c7:5f:fb:4c:d2:e8:56:ef:c4:ea:09:37:1e:
5c:8e:47:91:1a:49:3f:3b:67:9a:9a:8a:f8:00:a3:4f:80:a2:
16:29:eb:19
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzEkzrnivw5QTFUpUni1mhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjRhMjZmNzYzNTUxNDBhYTY5NmUwYTRmMWYwYzMxMmI3
Mjc3YzAwHhcNMjQwMTAxMTAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRiZjA0YTg1ZWM4NTdjNjk0MzQ0ZTZkNDBkYTM0MDk3M2YxMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw8McXR+ZK0/gYB7UMjVdsxVBp1t
1fhlIF7bgJhn3K9yjbBLdCCycHEgwECPQwm4TqJf+rZwuy2OyFGsrFNtzMzjJOL+
AWEeraau8FaiwBNSolHI4ZKAKsWRD4JXauwfLZdmdtuecSRD83q7s1rF8zojo2+U
pqqtpVd7KNTBT5uNscK/khdKbbQ0u8UA7srQlsO6Ro9iQBk1LvDJ8p6GAbdCQ+vB
ygc1lTYWdRIxxlTM7XffvnX2rHUW8HirsA60zNkBcaK57nLV6jzPck+gTaViUdMc
MQRakDGyEtQxdvysLFWmJLfZzbiWA31fpjZo8InLpjQNiVPWPhPyLl27owIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPLb8EqF7IV8aUNE5tQNo0CXPxHoMB8GA1UdIwQY
MBaAFKdkom92NVFAqmluCk8fDDErcnfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJTaWIzWTFVVUNxYVc0S1R4OE1NU3R5ZDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xZTgxODMtYWFkMS00ZmQ3LWIxMGYt
ZmZhNDk1MGExY2NiLzEvOHR2d1NvWHNoWHhwUTBUbTFBMmpRSmNfRWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xZTgxODMtYWFkMS00ZmQ3LWIxMGYtZmZhNDk1MGExY2Ni
LzEvcDJTaWIzWTFVVUNxYVc0S1R4OE1NU3R5ZDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZx4AwQE
T4/AAwQCW/X0AwQCuVlIAwQCudP8AwQCue2UMA0EAgACMAcDBQAqA4JgMA0GCSqG
SIb3DQEBCwUAA4IBAQCUFji5iDp3CVT0E6j1qvI9D4HzDqMULwlYz9T+zQTjBD+v
ZlfD9v96K/6FagZ1fr8MA1EdCb9DnANPuvWTo3dxpmGFTAiozAFnPDsn9Yq0DaoO
CcAD2ktxgutzl6ibTPFDn+gLOS5hoQ3RAfOt3HMMRLDuzfWyZaBY1jpA0adrEq1F
9/+7gU4FVbUoULUH5dWxch9cWphpAIX8+NtQ7W5rVUz0CsJsk1bvIg28t1Y49ElO
2fNhNqWohnl1wo956P2hBNl2+qNQcsx5TebK9ZqQUnCq9ClMVHKnCPepPMdf+0zS
6FbvxOoJNx5cjkeRGkk/O2eamor4AKNPgKIWKesZ
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:28 2024 by rpki-client on console-ams.rpki-client.org