Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/8pVDjNrT0Lo_DTMhW-4PrCKM130.roa
File: 8pVDjNrT0Lo_DTMhW-4PrCKM130.roa (raw, json)
Hash identifier: JW5TFLxnJ5N0TC38ptDSHk0w2LdZNuX3CDW39bq3oeg=
Subject key identifier: F2:95:43:8C:DA:D3:D0:BA:3F:0D:33:21:5B:EE:0F:AC:22:8C:D7:7D
Certificate issuer: /CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Certificate serial: 018CC3B68B3EF944FC7EF6FA023BAEEC8E1B
Authority key identifier: EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/8pVDjNrT0Lo_DTMhW-4PrCKM130.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2613
IP address blocks: 193.135.150.0/24 maxlen: 24
91.218.38.0/24 maxlen: 24
2a07:e640:666::/48 maxlen: 48
2001:678:298::/48 maxlen: 48
2a07:e640::/29 maxlen: 29
2001:678:294::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/79YM7FOzoM_Iy0VDotCopZ5glu4.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/79YM7FOzoM_Iy0VDotCopZ5glu4.mft
rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 12:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8b:3e:f9:44:fc:7e:f6:fa:02:3b:ae:ec:8e:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f295438cdad3d0ba3f0d33215bee0fac228cd77d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:92:a6:75:d7:6c:b0:78:87:c3:9d:e9:27:84:
04:00:a2:37:90:89:f3:f8:c4:67:75:5f:c2:de:7f:
e8:b9:44:5e:e9:29:51:39:2e:97:df:e6:8f:1b:ee:
a2:fd:7b:32:53:b5:d0:99:9a:c6:62:a8:c4:88:61:
7e:3d:68:31:74:e5:04:5a:15:56:b4:34:72:01:c3:
4c:65:f8:63:5d:f0:22:5c:53:17:38:7f:e1:93:4d:
2b:b8:16:8d:09:2f:af:42:63:fe:48:1b:4a:06:d6:
a1:79:dd:96:1e:10:96:02:2b:28:b3:6e:b3:1d:45:
f4:12:c7:a2:f9:3d:3d:23:8c:37:0f:23:d0:cb:20:
90:94:24:41:f0:ed:06:92:e5:af:7c:35:40:4e:c7:
30:38:40:82:9a:d1:32:1f:3d:1c:d3:7b:e7:95:26:
3a:0a:65:5b:a0:7f:57:8c:08:1d:ee:6e:39:0a:3d:
6c:59:5d:d3:98:36:09:13:c8:74:d5:c4:3f:ef:97:
37:5e:ec:fd:7c:1c:35:55:ce:4c:ea:35:94:31:a8:
2e:81:69:ac:69:a4:dd:e7:39:31:d5:f5:b7:fe:36:
22:2f:e5:58:4a:45:1b:46:d6:87:a6:44:54:29:6a:
2b:5b:30:e8:8a:00:51:70:23:e8:6e:e6:0e:44:46:
25:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:95:43:8C:DA:D3:D0:BA:3F:0D:33:21:5B:EE:0F:AC:22:8C:D7:7D
X509v3 Authority Key Identifier:
keyid:EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/8pVDjNrT0Lo_DTMhW-4PrCKM130.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/79YM7FOzoM_Iy0VDotCopZ5glu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.38.0/24
193.135.150.0/24
IPv6:
2001:678:294::/48
2001:678:298::/48
2a07:e640::/29
Signature Algorithm: sha256WithRSAEncryption
16:90:c8:5d:51:7f:a8:f2:76:ee:9e:b3:be:a4:d7:74:06:7f:
2b:b1:a2:0d:9e:03:43:ae:2b:be:b7:83:aa:02:9e:b8:52:6c:
9d:60:ea:38:c9:a4:2e:67:f7:83:84:4a:85:54:83:16:ff:f9:
5b:0c:da:1d:32:86:4a:d7:7a:33:12:c6:9c:8d:55:43:8f:ab:
61:1d:5b:a4:3c:3f:78:08:e3:7c:72:9f:73:4f:b2:21:ea:fe:
de:7c:7c:72:59:2e:23:58:ab:c1:c3:e4:61:ad:00:ee:57:f0:
41:2a:87:b8:74:1c:99:d9:53:7a:a6:cb:16:07:52:ec:54:b3:
e6:aa:c9:cb:76:bd:34:f4:72:a7:4f:f2:df:5c:39:3b:aa:57:
e8:e2:56:4d:da:19:88:c4:1c:c7:4b:82:81:4b:49:d3:61:44:
95:b9:c4:3d:de:d3:89:03:aa:77:7d:12:97:15:56:4a:ab:43:
25:05:07:f4:69:b0:81:1c:f7:55:95:a1:2b:41:c1:ca:b6:db:
16:88:04:80:a1:26:8a:cd:82:e2:cf:49:73:ca:70:eb:7e:5b:
5b:84:68:de:c5:2d:db:84:ff:55:48:80:a6:c0:60:4a:61:a2:
02:ac:9b:ed:11:cb:6f:ad:02:cf:fa:eb:e6:72:39:f6:62:98:
66:28:e5:05
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtos++UT8fvb6Ajuu7I4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZDYwY2VjNTNiM2EwY2ZjOGNiNDU0M2EyZDBhOGE1OWU2
MDk2ZWUwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjk1NDM4Y2RhZDNkMGJhM2YwZDMzMjE1YmVlMGZhYzIyOGNkNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpKmdddssHiHw53pJ4QEAKI3kInz
+MRndV/C3n/ouURe6SlROS6X3+aPG+6i/XsyU7XQmZrGYqjEiGF+PWgxdOUEWhVW
tDRyAcNMZfhjXfAiXFMXOH/hk00ruBaNCS+vQmP+SBtKBtahed2WHhCWAisos26z
HUX0Esei+T09I4w3DyPQyyCQlCRB8O0GkuWvfDVATscwOECCmtEyHz0c03vnlSY6
CmVboH9XjAgd7m45Cj1sWV3TmDYJE8h01cQ/75c3Xuz9fBw1Vc5M6jWUMagugWms
aaTd5zkx1fW3/jYiL+VYSkUbRtaHpkRUKWorWzDoigBRcCPobuYOREYl7QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPKVQ4za09C6Pw0zIVvuD6wijNd9MB8GA1UdIwQY
MBaAFO/WDOxTs6DPyMtFQ6LQqKWeYJbuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzlZTTdGT3pvTV9JeTBWRG90Q29wWjVnbHU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80M2U5NTktMzk3ZS00ZTk1LTk5Nzgt
OWUxMjhjZjNjM2FkLzEvOHBWRGpOclQwTG9fRFRNaFctNFByQ0tNMTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80M2U5NTktMzk3ZS00ZTk1LTk5NzgtOWUxMjhjZjNjM2Fk
LzEvNzlZTTdGT3pvTV9JeTBWRG90Q29wWjVnbHU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTASBAIAATAMAwQAW9omAwQA
wYeWMB8EAgACMBkDBwAgAQZ4ApQDBwAgAQZ4ApgDBQMqB+ZAMA0GCSqGSIb3DQEB
CwUAA4IBAQAWkMhdUX+o8nbunrO+pNd0Bn8rsaINngNDriu+t4OqAp64UmydYOo4
yaQuZ/eDhEqFVIMW//lbDNodMoZK13ozEsacjVVDj6thHVukPD94CON8cp9zT7Ih
6v7efHxyWS4jWKvBw+RhrQDuV/BBKoe4dByZ2VN6pssWB1LsVLPmqsnLdr009HKn
T/LfXDk7qlfo4lZN2hmIxBzHS4KBS0nTYUSVucQ93tOJA6p3fRKXFVZKq0MlBQf0
abCBHPdVlaErQcHKttsWiASAoSaKzYLiz0lzynDrfltbhGjexS3bhP9VSICmwGBK
YaICrJvtEctvrQLP+uvmcjn2YphmKOUF
-----END CERTIFICATE-----
Generated at Wed May 8 18:44:25 2024 by rpki-client on console-fra.rpki-client.org