Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/8EFiJAhVVTivxMXn55H2jw0r_6I.roa
File: 8EFiJAhVVTivxMXn55H2jw0r_6I.roa (raw, json)
Hash identifier: P8o1N3fVJ1W+2PVpZbny54rJ/mV2S4EYYaRgDUOsV5Q=
Subject key identifier: F0:41:62:24:08:55:55:38:AF:C4:C5:E7:E7:91:F6:8F:0D:2B:FF:A2
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018CC8DF7D26A3E541D5A895CC5996D36C96
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/8EFiJAhVVTivxMXn55H2jw0r_6I.roa
Signing time: Tue 02 Jan 2024 06:32:18 +0000
ROA not before: Tue 02 Jan 2024 06:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49334
IP address blocks: 188.132.131.0/24 maxlen: 24
212.68.58.0/24 maxlen: 24
212.68.54.0/24 maxlen: 24
212.68.53.0/24 maxlen: 24
212.68.62.0/24 maxlen: 24
212.68.63.0/24 maxlen: 24
31.210.34.0/24 maxlen: 24
188.132.173.0/24 maxlen: 24
188.132.181.0/24 maxlen: 24
188.132.182.0/24 maxlen: 24
188.132.187.0/24 maxlen: 24
78.135.65.0/24 maxlen: 24
31.210.53.0/24 maxlen: 24
31.210.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:7d:26:a3:e5:41:d5:a8:95:cc:59:96:d3:6c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 06:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f041622408555538afc4c5e7e791f68f0d2bffa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f3:86:16:cb:5a:00:94:99:5c:68:3c:33:86:
fb:7c:56:ab:fe:c4:ad:e1:f0:54:7d:9c:7d:bc:1b:
f6:eb:2a:06:b8:4a:4a:a5:18:46:86:06:ac:36:0d:
b0:2c:44:48:07:53:85:2a:83:03:9a:44:58:90:51:
75:68:47:5c:99:57:14:3c:d3:a3:80:1e:4f:5a:33:
4d:db:34:ab:45:d3:54:1a:3c:be:a2:c5:4b:7e:af:
43:f3:81:61:20:af:ab:8b:52:a5:6e:10:7e:d9:fe:
9f:38:17:2a:94:a9:51:a3:21:7e:15:88:0e:06:cb:
0f:89:75:b5:e5:34:f2:7f:7e:62:01:42:ef:87:37:
6b:49:66:2c:ca:92:98:76:81:a1:c6:8e:7c:2b:1c:
3b:18:bb:e9:a9:76:62:0c:84:7f:96:46:5c:33:29:
3b:26:37:ec:5d:57:4c:ca:19:c7:28:e9:04:bd:7b:
49:2a:32:74:cf:4c:43:4d:92:15:1f:53:97:67:6c:
99:67:2c:43:60:7b:5f:1b:bb:7d:6e:a9:21:7d:1f:
7e:f8:5b:1c:65:b8:4c:ee:74:9d:82:44:f4:00:58:
21:1c:3c:e4:72:7b:c8:ba:c4:9c:12:86:51:90:1b:
6d:7a:fe:b6:13:5f:51:24:02:06:ed:6f:06:09:3b:
77:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:41:62:24:08:55:55:38:AF:C4:C5:E7:E7:91:F6:8F:0D:2B:FF:A2
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/8EFiJAhVVTivxMXn55H2jw0r_6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.34.0/24
31.210.52.0/23
78.135.65.0/24
188.132.131.0/24
188.132.173.0/24
188.132.181.0-188.132.182.255
188.132.187.0/24
212.68.53.0-212.68.54.255
212.68.58.0/24
212.68.62.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:39:db:d7:26:4d:0e:91:16:41:a2:5c:b3:a9:6d:03:30:ff:
0a:cc:b2:14:a6:c8:9b:1b:7a:c5:be:3f:a2:e1:53:e8:03:97:
fc:e2:5b:35:0f:39:2c:cb:6f:18:dd:05:66:5c:f7:a7:1f:ab:
e9:ff:3d:a3:78:be:d7:95:79:81:56:d8:3d:ed:fd:b9:3b:e2:
18:27:9a:c3:d5:d7:2e:f3:06:a1:f8:de:4d:a1:93:02:4f:05:
30:2f:8f:da:06:15:12:1e:b4:ae:b2:26:7b:f6:75:15:45:2e:
21:b5:ae:21:9d:2d:77:e6:3d:2d:20:72:4c:fb:62:3f:22:d1:
4f:87:c6:5a:f9:e2:e5:f0:77:95:47:7e:02:ed:a7:b7:3f:da:
b6:91:fd:2c:fe:b5:7c:61:47:25:13:23:7b:0b:93:a3:2d:65:
cc:40:b3:f2:e6:23:36:da:30:93:27:51:85:ce:7a:f9:43:9f:
5c:89:c2:6e:e7:50:19:46:35:1d:55:9a:3f:10:13:82:07:58:
94:3b:a9:d6:b0:bc:ce:a5:f5:36:1e:f3:0f:77:5e:f6:b4:2f:
98:2e:8a:10:2b:8d:69:7a:60:d2:81:2e:f8:a8:ac:86:d2:2a:
80:de:c9:c5:6a:44:17:52:aa:7e:54:63:c7:8b:8f:32:32:64:
a5:8d:0f:8a
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzI330mo+VB1aiVzFmW02yWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMTAyMDYzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQxNjIyNDA4NTU1NTM4YWZjNGM1ZTdlNzkxZjY4ZjBkMmJmZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfOGFstaAJSZXGg8M4b7fFar/sSt
4fBUfZx9vBv26yoGuEpKpRhGhgasNg2wLERIB1OFKoMDmkRYkFF1aEdcmVcUPNOj
gB5PWjNN2zSrRdNUGjy+osVLfq9D84FhIK+ri1KlbhB+2f6fOBcqlKlRoyF+FYgO
BssPiXW15TTyf35iAULvhzdrSWYsypKYdoGhxo58Kxw7GLvpqXZiDIR/lkZcMyk7
JjfsXVdMyhnHKOkEvXtJKjJ0z0xDTZIVH1OXZ2yZZyxDYHtfG7t9bqkhfR9++Fsc
ZbhM7nSdgkT0AFghHDzkcnvIusScEoZRkBttev62E19RJAIG7W8GCTt3sQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFPBBYiQIVVU4r8TF5+eR9o8NK/+iMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvOEVGaUpBaFZWVGl2eE1YbjU1SDJqdzByXzZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAH9IiAwQB
H9I0AwQATodBAwQAvISDAwQAvIStMAwDBAC8hLUDBAC8hLYDBAC8hLswDAMEANRE
NQMEANRENgMEANREOgMEAdREPjANBgkqhkiG9w0BAQsFAAOCAQEAOznb1yZNDpEW
QaJcs6ltAzD/CsyyFKbImxt6xb4/ouFT6AOX/OJbNQ85LMtvGN0FZlz3px+r6f89
o3i+15V5gVbYPe39uTviGCeaw9XXLvMGofjeTaGTAk8FMC+P2gYVEh60rrIme/Z1
FUUuIbWuIZ0td+Y9LSByTPtiPyLRT4fGWvni5fB3lUd+Au2ntz/atpH9LP61fGFH
JRMjewuToy1lzECz8uYjNtowkydRhc56+UOfXInCbudQGUY1HVWaPxATggdYlDup
1rC8zqX1Nh7zD3de9rQvmC6KECuNaXpg0oEu+KishtIqgN7JxWpEF1KqflRjx4uP
MjJkpY0Pig==
-----END CERTIFICATE-----
Generated at Mon May 20 17:39:29 2024 by rpki-client on console-fra.rpki-client.org