Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9c7aa4-a4c9-447a-8bc1-68c105d2f0db/1/8sr3TG3WJD66Az-TTCC8YPcREfg.roa
File: 8sr3TG3WJD66Az-TTCC8YPcREfg.roa (raw, json)
Hash identifier: zkOK2DO8YvOgALNKktFI8Gxa1O1eC/lz4GRpjKgUW28=
Subject key identifier: F2:CA:F7:4C:6D:D6:24:3E:BA:03:3F:93:4C:20:BC:60:F7:11:11:F8
Certificate issuer: /CN=fe5ca4e2a0a180eb2f29cc88740aa707b8821d7c
Certificate serial: 018CC8708A7589B926E938BE53A4A2D6FF75
Authority key identifier: FE:5C:A4:E2:A0:A1:80:EB:2F:29:CC:88:74:0A:A7:07:B8:82:1D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lyk4qChgOsvKcyIdAqnB7iCHXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9c7aa4-a4c9-447a-8bc1-68c105d2f0db/1/8sr3TG3WJD66Az-TTCC8YPcREfg.roa
Signing time: Tue 02 Jan 2024 04:31:07 +0000
ROA not before: Tue 02 Jan 2024 04:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57407
IP address blocks: 195.88.108.0/23 maxlen: 23
185.217.80.0/22 maxlen: 22
2001:67c:24f8::/48 maxlen: 48
2a0b:c6c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/9c7aa4-a4c9-447a-8bc1-68c105d2f0db/1/_lyk4qChgOsvKcyIdAqnB7iCHXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/9c7aa4-a4c9-447a-8bc1-68c105d2f0db/1/_lyk4qChgOsvKcyIdAqnB7iCHXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/_lyk4qChgOsvKcyIdAqnB7iCHXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:03:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:8a:75:89:b9:26:e9:38:be:53:a4:a2:d6:ff:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe5ca4e2a0a180eb2f29cc88740aa707b8821d7c
Validity
Not Before: Jan 2 04:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2caf74c6dd6243eba033f934c20bc60f71111f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f6:9d:13:81:92:7c:f0:56:a4:5a:da:d1:36:
51:a9:11:1d:92:aa:e1:e9:2e:99:56:5e:38:eb:ed:
60:b5:0f:69:e2:c7:dd:a8:15:e5:3b:28:dd:0d:96:
72:4d:28:15:51:f0:4c:4c:ae:92:98:99:dc:fc:21:
1a:d9:b9:87:dd:e8:0b:b5:0d:a3:18:59:9b:7f:46:
f4:3a:0c:8e:cb:11:cc:c0:38:7f:13:17:aa:d8:4f:
0e:19:d6:72:e4:92:f5:93:ca:80:60:b2:67:95:d5:
c5:e9:bd:d5:35:17:e3:e5:bb:8d:bc:53:fb:1c:1f:
8f:8e:40:b2:51:64:5d:5e:e6:27:a0:d3:b9:f3:d6:
68:b4:38:36:07:a4:fe:ee:9b:38:20:37:96:2a:58:
ed:56:f1:93:a9:ec:36:b0:ff:90:b8:5b:a3:db:86:
c1:02:7a:41:13:0c:f7:3d:75:93:20:fe:9c:b7:11:
b0:03:56:6f:f1:21:91:01:52:4f:87:f0:b8:4f:fe:
13:73:93:3a:e0:81:cc:a6:1d:24:cf:b2:45:43:24:
7c:40:43:92:25:41:cf:e3:40:43:35:b8:0d:83:9e:
9b:a9:1f:89:47:f9:3f:a1:2d:42:36:2b:44:64:d8:
16:5e:c4:15:71:f7:e5:d4:fe:40:43:a9:07:f5:a1:
3f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CA:F7:4C:6D:D6:24:3E:BA:03:3F:93:4C:20:BC:60:F7:11:11:F8
X509v3 Authority Key Identifier:
keyid:FE:5C:A4:E2:A0:A1:80:EB:2F:29:CC:88:74:0A:A7:07:B8:82:1D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lyk4qChgOsvKcyIdAqnB7iCHXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9c7aa4-a4c9-447a-8bc1-68c105d2f0db/1/8sr3TG3WJD66Az-TTCC8YPcREfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9c7aa4-a4c9-447a-8bc1-68c105d2f0db/1/_lyk4qChgOsvKcyIdAqnB7iCHXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.80.0/22
195.88.108.0/23
IPv6:
2001:67c:24f8::/48
2a0b:c6c0::/29
Signature Algorithm: sha256WithRSAEncryption
7b:18:a5:9a:fc:f2:37:1b:6a:3f:3f:e1:9f:ed:a1:8f:ed:b1:
6c:79:36:af:22:54:b6:2b:ab:99:5c:c4:3c:2f:e4:62:2c:59:
6d:47:0d:78:6f:36:45:05:c1:51:c6:cb:f8:f4:02:c4:60:c0:
c5:86:94:e9:29:4c:8a:e5:2a:ba:77:95:16:85:08:1a:6f:d1:
0d:d1:c0:86:65:bb:f5:27:9b:b6:30:e2:9d:62:f6:42:bc:7f:
b5:0d:9e:13:3c:f0:47:40:70:54:d7:64:06:83:b6:c0:3c:e6:
3c:d2:98:e0:e1:b6:d0:61:55:95:eb:70:bf:d7:42:57:17:2f:
ed:f4:01:fe:65:01:0e:bd:b7:e4:ab:48:f7:d6:fc:7e:7c:61:
9b:62:4a:89:af:e0:8f:6c:7e:93:24:02:ef:47:5f:0a:58:45:
c1:1e:dc:78:f1:08:a9:2a:53:a8:38:58:5f:38:0a:19:42:8f:
51:f0:11:d2:df:44:bd:06:d4:f6:86:15:c4:5c:33:7b:4a:27:
f3:bc:64:04:03:44:81:63:6b:5c:2c:d5:ad:43:2d:ce:b9:4a:
a0:a0:45:86:d5:81:62:a8:02:2e:99:4e:77:25:2b:ce:95:f9:
78:2e:5c:86:68:97:fa:30:ea:63:c1:55:c9:be:d5:09:89:13:
77:c3:65:07
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIcIp1ibkm6Ti+U6Si1v91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNWNhNGUyYTBhMTgwZWIyZjI5Y2M4ODc0MGFhNzA3Yjg4
MjFkN2MwHhcNMjQwMTAyMDQzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmNhZjc0YzZkZDYyNDNlYmEwMzNmOTM0YzIwYmM2MGY3MTExMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPadE4GSfPBWpFra0TZRqREdkqrh
6S6ZVl446+1gtQ9p4sfdqBXlOyjdDZZyTSgVUfBMTK6SmJnc/CEa2bmH3egLtQ2j
GFmbf0b0OgyOyxHMwDh/Exeq2E8OGdZy5JL1k8qAYLJnldXF6b3VNRfj5buNvFP7
HB+PjkCyUWRdXuYnoNO589ZotDg2B6T+7ps4IDeWKljtVvGTqew2sP+QuFuj24bB
AnpBEwz3PXWTIP6ctxGwA1Zv8SGRAVJPh/C4T/4Tc5M64IHMph0kz7JFQyR8QEOS
JUHP40BDNbgNg56bqR+JR/k/oS1CNitEZNgWXsQVcffl1P5AQ6kH9aE/CQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPLK90xt1iQ+ugM/k0wgvGD3ERH4MB8GA1UdIwQY
MBaAFP5cpOKgoYDrLynMiHQKpwe4gh18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2x5azRxQ2hnT3N2S2N5SWRBcW5CN2lDSFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85YzdhYTQtYTRjOS00NDdhLThiYzEt
NjhjMTA1ZDJmMGRiLzEvOHNyM1RHM1dKRDY2QXotVFRDQzhZUGNSRWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85YzdhYTQtYTRjOS00NDdhLThiYzEtNjhjMTA1ZDJmMGRi
LzEvX2x5azRxQ2hnT3N2S2N5SWRBcW5CN2lDSFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCudlQAwQB
w1hsMBYEAgACMBADBwAgAQZ8JPgDBQMqC8bAMA0GCSqGSIb3DQEBCwUAA4IBAQB7
GKWa/PI3G2o/P+Gf7aGP7bFseTavIlS2K6uZXMQ8L+RiLFltRw14bzZFBcFRxsv4
9ALEYMDFhpTpKUyK5Sq6d5UWhQgab9EN0cCGZbv1J5u2MOKdYvZCvH+1DZ4TPPBH
QHBU12QGg7bAPOY80pjg4bbQYVWV63C/10JXFy/t9AH+ZQEOvbfkq0j31vx+fGGb
YkqJr+CPbH6TJALvR18KWEXBHtx48QipKlOoOFhfOAoZQo9R8BHS30S9BtT2hhXE
XDN7SifzvGQEA0SBY2tcLNWtQy3OuUqgoEWG1YFiqAIumU53JSvOlfl4LlyGaJf6
MOpjwVXJvtUJiRN3w2UH
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:20:20 2024 by rpki-client on console-ams.rpki-client.org