Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/ik00-FcrG4kEClEGn8UQi9wjHAc.roa
File: ik00-FcrG4kEClEGn8UQi9wjHAc.roa (raw, json)
Hash identifier: fw4YnhGUvOtKRHSvlNJA4jBGXkqYND2lkS2Bc03WIPg=
Subject key identifier: 8A:4D:34:F8:57:2B:1B:89:04:0A:51:06:9F:C5:10:8B:DC:23:1C:07
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 018CC94AB9782B37BD9B60FA777442E68800
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/ik00-FcrG4kEClEGn8UQi9wjHAc.roa
Signing time: Tue 02 Jan 2024 08:29:26 +0000
ROA not before: Tue 02 Jan 2024 08:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42908
IP address blocks: 80.78.136.0/22 maxlen: 22
188.119.96.0/22 maxlen: 22
80.79.0.0/22 maxlen: 22
94.241.64.0/18 maxlen: 18
78.136.128.0/18 maxlen: 18
2a07:cc80::/29 maxlen: 29
2a0c:8b40::/29 maxlen: 29
2a03:7a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:b9:78:2b:37:bd:9b:60:fa:77:74:42:e6:88:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Jan 2 08:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a4d34f8572b1b89040a51069fc5108bdc231c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8a:fe:b0:53:7a:4e:2f:18:29:66:7a:ce:10:
3a:25:50:34:c0:3b:d2:c5:c1:16:d8:d7:c2:52:1d:
61:4f:da:40:5d:7e:96:40:2e:4f:bf:3b:bc:79:7a:
0a:b7:83:4a:ff:c6:24:29:b6:7b:42:8c:cc:8b:af:
82:ce:0a:54:71:75:0c:cf:9b:5e:3f:3d:bd:ad:eb:
1d:97:12:a0:3b:2f:26:dc:02:8e:b2:5d:28:e6:0b:
cf:8c:41:4d:11:b3:eb:97:03:51:bb:ff:f1:e5:5d:
88:dd:ad:d5:2e:c6:bb:a3:fe:37:f0:e5:bc:81:d5:
20:f3:71:00:3a:a1:fb:cb:e9:21:e4:ef:4a:24:e3:
21:28:3c:51:25:86:36:d7:16:bc:ff:17:f8:8a:31:
9a:31:c1:0d:93:66:2e:85:51:0a:4b:d1:90:10:43:
cc:a0:e2:ed:2d:c5:8c:9e:67:ec:a9:0f:a9:a4:73:
9b:ae:32:23:1b:40:5d:f6:03:9f:5b:5e:40:79:ff:
db:96:00:33:1c:3e:1c:f3:27:b2:76:14:7d:b5:d9:
78:71:09:9f:29:82:56:8b:e9:9d:a3:82:ff:94:d6:
52:37:29:3b:02:76:00:57:90:b0:9d:d4:6c:dc:a1:
f1:6b:61:57:97:1b:d6:32:0a:0f:51:a0:f6:c9:ae:
17:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4D:34:F8:57:2B:1B:89:04:0A:51:06:9F:C5:10:8B:DC:23:1C:07
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/ik00-FcrG4kEClEGn8UQi9wjHAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.128.0/18
80.78.136.0/22
80.79.0.0/22
94.241.64.0/18
188.119.96.0/22
IPv6:
2a03:7a00::/32
2a07:cc80::/29
2a0c:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
09:56:4d:cb:dd:26:6b:0e:15:ed:b2:d6:60:ca:b4:57:3e:5d:
ff:4b:34:3f:56:0f:a2:73:1d:93:36:f4:5e:da:52:61:97:52:
e8:3d:ef:1f:59:8c:7f:85:ff:c6:d4:71:7e:e0:99:65:db:cc:
9c:26:33:f5:44:26:13:49:d2:27:37:ea:ca:9f:a3:40:7b:d1:
14:2d:fd:83:e6:ff:b4:5c:01:6c:97:48:2a:dc:21:63:dc:ed:
d5:60:73:6c:1e:fb:71:e9:76:f2:4d:01:af:45:c7:82:14:83:
19:e0:10:27:e7:97:66:eb:e9:e2:2b:6b:72:38:4e:cc:e0:fa:
90:64:4e:34:9f:23:d5:00:bd:c9:94:a4:b8:c1:ac:b7:7e:cc:
3e:ab:eb:65:e3:9a:2f:88:84:c8:28:97:8a:c2:27:9b:65:4c:
03:f8:d5:fd:55:51:a6:aa:e7:06:b1:f6:06:f5:a1:21:be:cc:
4f:ff:d5:45:4e:57:88:d9:f2:43:0e:fa:4c:8d:aa:a8:0c:d8:
1e:3f:9e:3b:ea:35:94:31:c6:17:ed:89:60:66:42:5f:16:ff:
c1:55:b7:47:b3:b2:26:01:ff:9a:ba:40:0e:0b:1f:b8:30:e0:
3b:15:1b:de:cf:7e:ba:30:a1:e8:af:23:27:08:95:51:94:2d:
16:99:92:13
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzJSrl4Kze9m2D6d3RC5ogAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjQwMTAyMDgyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTRkMzRmODU3MmIxYjg5MDQwYTUxMDY5ZmM1MTA4YmRjMjMxYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwor+sFN6Ti8YKWZ6zhA6JVA0wDvS
xcEW2NfCUh1hT9pAXX6WQC5Pvzu8eXoKt4NK/8YkKbZ7QozMi6+CzgpUcXUMz5te
Pz29resdlxKgOy8m3AKOsl0o5gvPjEFNEbPrlwNRu//x5V2I3a3VLsa7o/438OW8
gdUg83EAOqH7y+kh5O9KJOMhKDxRJYY21xa8/xf4ijGaMcENk2YuhVEKS9GQEEPM
oOLtLcWMnmfsqQ+ppHObrjIjG0Bd9gOfW15Aef/blgAzHD4c8yeydhR9tdl4cQmf
KYJWi+mdo4L/lNZSNyk7AnYAV5CwndRs3KHxa2FXlxvWMgoPUaD2ya4XUQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFIpNNPhXKxuJBApRBp/FEIvcIxwHMB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvaWswMC1GY3JHNGtFQ2xFR244VVFpOXdqSEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQGToiAAwQC
UE6IAwQCUE8AAwQGXvFAAwQCvHdgMBsEAgACMBUDBQAqA3oAAwUDKgfMgAMFAyoM
i0AwDQYJKoZIhvcNAQELBQADggEBAAlWTcvdJmsOFe2y1mDKtFc+Xf9LND9WD6Jz
HZM29F7aUmGXUug97x9ZjH+F/8bUcX7gmWXbzJwmM/VEJhNJ0ic36sqfo0B70RQt
/YPm/7RcAWyXSCrcIWPc7dVgc2we+3HpdvJNAa9Fx4IUgxngECfnl2br6eIra3I4
Tszg+pBkTjSfI9UAvcmUpLjBrLd+zD6r62Xjmi+IhMgol4rCJ5tlTAP41f1VUaaq
5wax9gb1oSG+zE//1UVOV4jZ8kMO+kyNqqgM2B4/njvqNZQxxhftiWBmQl8W/8FV
t0ezsiYB/5q6QA4LH7gw4DsVG97PfrowoeivIycIlVGULRaZkhM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:35 2024 by rpki-client on console-ams.rpki-client.org