Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/7C8RrKt0U50_7hviWYOI8N_wj-o.roa
File: 7C8RrKt0U50_7hviWYOI8N_wj-o.roa (raw, json)
Hash identifier: 9/4tglzGreQ4oaRnnVMJRRIymD5kE16GMpxEy0Ijugw=
Subject key identifier: EC:2F:11:AC:AB:74:53:9D:3F:EE:1B:E2:59:83:88:F0:DF:F0:8F:EA
Certificate issuer: /CN=fba0ed92ec94321dcb219d37f38d907e183244bd
Certificate serial: 018CC80165204623DA4BFCB9BA67EDF2EC97
Authority key identifier: FB:A0:ED:92:EC:94:32:1D:CB:21:9D:37:F3:8D:90:7E:18:32:44:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-6DtkuyUMh3LIZ03842QfhgyRL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/7C8RrKt0U50_7hviWYOI8N_wj-o.roa
Signing time: Tue 02 Jan 2024 02:29:43 +0000
ROA not before: Tue 02 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 195.12.224.0/19 maxlen: 19
80.239.128.0/19 maxlen: 19
195.12.248.0/24 maxlen: 24
195.12.248.0/23 maxlen: 23
195.12.249.0/24 maxlen: 24
62.115.128.0/22 maxlen: 22
80.91.240.0/20 maxlen: 20
80.91.248.0/21 maxlen: 21
213.248.64.0/18 maxlen: 18
80.239.224.0/19 maxlen: 19
2.255.248.0/21 maxlen: 21
80.239.160.0/19 maxlen: 19
62.115.0.0/16 maxlen: 16
213.155.128.0/19 maxlen: 19
80.239.192.0/19 maxlen: 19
2.255.192.0/18 maxlen: 18
2001:2030:c005::/48 maxlen: 48
2001:2030::/28 maxlen: 28
2001:2030:c004::/48 maxlen: 48
2001:2030:c004::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/1-6DtkuyUMh3LIZ03842QfhgyRL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/1-6DtkuyUMh3LIZ03842QfhgyRL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-6DtkuyUMh3LIZ03842QfhgyRL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:65:20:46:23:da:4b:fc:b9:ba:67:ed:f2:ec:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fba0ed92ec94321dcb219d37f38d907e183244bd
Validity
Not Before: Jan 2 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec2f11acab74539d3fee1be2598388f0dff08fea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bd:cb:09:23:a8:9b:0c:c6:60:95:57:45:f2:
a0:f5:22:a8:40:75:0c:06:50:20:6f:5f:6c:cd:ec:
ff:14:a0:6d:3d:e2:e3:e5:b8:7c:b3:85:c0:bb:9f:
c1:42:90:e9:81:47:37:2f:50:74:40:80:77:3a:2e:
11:56:2c:14:e0:64:7e:71:27:01:91:a9:6b:1f:41:
ad:9b:d6:aa:f6:26:8a:09:e3:1a:55:da:12:83:d4:
c3:8c:e4:ef:f3:2c:7b:a1:b7:77:18:40:c3:1b:2c:
2d:7b:31:2b:81:21:39:b7:c2:58:ee:7b:3f:26:62:
b6:e2:2e:2f:40:5d:8c:9e:e8:1f:c7:45:3d:1a:50:
26:f4:8e:dc:af:ae:9f:fe:15:63:a2:68:f9:21:2d:
2a:b5:71:cc:aa:11:c6:99:9d:ec:be:b9:bb:f9:6b:
0e:ae:ca:23:b4:0a:a9:e6:db:4c:06:ad:89:aa:1c:
47:eb:c1:89:f4:4a:c9:5d:69:65:59:b9:78:0c:8a:
51:ee:10:f9:04:15:e6:d7:2f:e4:0d:04:aa:20:96:
e6:f4:c7:61:70:db:e4:4e:49:80:5f:d7:5d:09:b3:
d3:b3:bf:08:70:ef:cc:9b:83:cb:3e:a3:47:3f:a2:
4c:d9:0f:d8:73:25:ce:c2:68:4d:0d:b4:4e:36:98:
2d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:2F:11:AC:AB:74:53:9D:3F:EE:1B:E2:59:83:88:F0:DF:F0:8F:EA
X509v3 Authority Key Identifier:
keyid:FB:A0:ED:92:EC:94:32:1D:CB:21:9D:37:F3:8D:90:7E:18:32:44:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6DtkuyUMh3LIZ03842QfhgyRL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/7C8RrKt0U50_7hviWYOI8N_wj-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/593482-d762-4409-b850-20c44a81f977/1/1-6DtkuyUMh3LIZ03842QfhgyRL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.255.192.0/18
62.115.0.0/16
80.91.240.0/20
80.239.128.0/17
195.12.224.0/19
213.155.128.0/19
213.248.64.0/18
IPv6:
2001:2030::/28
Signature Algorithm: sha256WithRSAEncryption
17:b9:cc:a5:35:b5:40:d5:81:dc:b8:ee:ad:20:a9:06:6f:ce:
f4:ef:ab:dc:70:2b:c0:a0:4b:65:9b:3e:b8:16:fc:35:e1:4e:
e0:09:47:4f:24:52:1e:26:76:e0:d1:15:04:e3:48:5e:8b:47:
76:bc:3f:13:27:1c:67:a4:90:a5:64:1b:b2:5a:c4:2c:a3:bd:
ab:61:32:5a:fc:99:93:98:1a:26:f8:28:6e:30:d0:f1:c4:91:
a4:0d:59:d7:d6:4d:52:e3:4e:6a:f7:fd:5a:de:bb:29:29:1e:
c5:4f:17:c5:6c:7d:bc:17:ec:86:1f:d3:9e:cf:b7:7d:7e:88:
79:99:6a:a0:87:7a:e3:7d:f9:2b:97:5c:c2:e0:e6:49:49:97:
4f:15:61:97:e4:c7:56:66:38:08:9e:1a:c3:7e:70:58:94:22:
05:f1:91:06:35:d2:ed:60:19:99:8b:2e:fd:aa:3d:c1:c5:9b:
bf:39:95:57:24:95:46:b7:e4:4e:30:80:c0:17:ce:54:b2:81:
97:56:1b:4d:1d:af:1d:ca:e6:1c:d1:07:36:91:44:a6:11:03:
c4:c0:45:fe:1d:2b:29:01:e1:5b:df:6f:ab:df:e6:a5:9b:0e:
10:42:72:9d:9e:7f:c7:0d:52:91:fd:d5:50:19:27:6b:53:a1:
ab:f6:87:54
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzIAWUgRiPaS/y5umft8uyXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYTBlZDkyZWM5NDMyMWRjYjIxOWQzN2YzOGQ5MDdlMTgz
MjQ0YmQwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzJmMTFhY2FiNzQ1MzlkM2ZlZTFiZTI1OTgzODhmMGRmZjA4ZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL3LCSOomwzGYJVXRfKg9SKoQHUM
BlAgb19szez/FKBtPeLj5bh8s4XAu5/BQpDpgUc3L1B0QIB3Oi4RViwU4GR+cScB
kalrH0Gtm9aq9iaKCeMaVdoSg9TDjOTv8yx7obd3GEDDGywtezErgSE5t8JY7ns/
JmK24i4vQF2Mnugfx0U9GlAm9I7cr66f/hVjomj5IS0qtXHMqhHGmZ3svrm7+WsO
rsojtAqp5ttMBq2JqhxH68GJ9ErJXWllWbl4DIpR7hD5BBXm1y/kDQSqIJbm9Mdh
cNvkTkmAX9ddCbPTs78IcO/Mm4PLPqNHP6JM2Q/YcyXOwmhNDbRONpgtmQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOwvEayrdFOdP+4b4lmDiPDf8I/qMB8GA1UdIwQY
MBaAFPug7ZLslDIdyyGdN/ONkH4YMkS9MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS02RHRrdXlVTWgzTElaMDM4NDJRZmhneVJMMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvNTkzNDgyLWQ3NjItNDQwOS1iODUw
LTIwYzQ0YTgxZjk3Ny8xLzdDOFJyS3QwVTUwXzdodmlXWU9JOE5fd2otby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvNTkzNDgyLWQ3NjItNDQwOS1iODUwLTIwYzQ0YTgxZjk3
Ny8xLzEtNkR0a3V5VU1oM0xJWjAzODQyUWZoZ3lSTDAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUQYIKwYBBQUHAQcBAf8EQjBAMC8EAgABMCkDBAYC/8AD
AwA+cwMEBFBb8AMEB1DvgAMEBcMM4AMEBdWbgAMEBtX4QDANBAIAAjAHAwUEIAEg
MDANBgkqhkiG9w0BAQsFAAOCAQEAF7nMpTW1QNWB3LjurSCpBm/O9O+r3HArwKBL
ZZs+uBb8NeFO4AlHTyRSHiZ24NEVBONIXotHdrw/EyccZ6SQpWQbslrELKO9q2Ey
WvyZk5gaJvgobjDQ8cSRpA1Z19ZNUuNOavf9Wt67KSkexU8XxWx9vBfshh/Tns+3
fX6IeZlqoId64335K5dcwuDmSUmXTxVhl+THVmY4CJ4aw35wWJQiBfGRBjXS7WAZ
mYsu/ao9wcWbvzmVVySVRrfkTjCAwBfOVLKBl1YbTR2vHcrmHNEHNpFEphEDxMBF
/h0rKQHhW99vq9/mpZsOEEJynZ5/xw1Skf3VUBkna1Ohq/aHVA==
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:20:26 2024 by rpki-client on console-ams.rpki-client.org