Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/8CcKJiF0r4FrDqB9K7MCSFJJvag.roa
File: 8CcKJiF0r4FrDqB9K7MCSFJJvag.roa (raw, json)
Hash identifier: oH5satYFVvZ45Q+JWd3Hf90Jew1mrnQWjIvCBL11FrU=
Subject key identifier: F0:27:0A:26:21:74:AF:81:6B:0E:A0:7D:2B:B3:02:48:52:49:BD:A8
Certificate issuer: /CN=a9cad9a977bf8b6b40f0b8e998e5787c6ae641c0
Certificate serial: 019423D6B93989783FE7EC5D5BBDD8B9EE0D
Authority key identifier: A9:CA:D9:A9:77:BF:8B:6B:40:F0:B8:E9:98:E5:78:7C:6A:E6:41:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/8CcKJiF0r4FrDqB9K7MCSFJJvag.roa
Signing time: Wed 01 Jan 2025 21:47:42 +0000
ROA not before: Wed 01 Jan 2025 21:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9080
IP address blocks: 85.132.140.0/22 maxlen: 24
85.132.160.0/20 maxlen: 24
85.132.176.0/22 maxlen: 24
212.71.128.0/18 maxlen: 24
213.168.160.0/20 maxlen: 24
2001:ae8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b9:39:89:78:3f:e7:ec:5d:5b:bd:d8:b9:ee:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9cad9a977bf8b6b40f0b8e998e5787c6ae641c0
Validity
Not Before: Jan 1 21:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0270a262174af816b0ea07d2bb302485249bda8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ba:d4:fe:75:0f:6b:fe:e0:ce:7a:85:91:cd:
29:62:66:4e:6d:11:38:c6:c1:82:b6:fc:76:b4:58:
20:bf:ff:11:98:71:54:16:ad:7b:7e:08:44:88:e5:
06:36:ad:bc:03:6e:e1:c1:ac:20:cc:f9:19:60:b7:
e4:47:13:b4:c1:b1:3e:ab:84:33:9b:fa:b0:aa:8e:
25:69:0d:82:bd:fb:b4:e0:ed:ed:f2:1c:86:6e:73:
2f:5a:4c:25:bb:ae:09:7b:e1:0c:68:d0:2e:08:ae:
72:83:0e:ce:56:e6:59:b7:c5:1c:3b:c6:cc:d2:5a:
ea:d7:6e:72:23:8a:7f:3c:ba:d5:44:c6:84:9e:79:
27:d8:47:c6:90:04:c0:67:99:38:d6:7e:ac:0f:13:
ad:41:d0:e6:93:09:ec:b0:20:2e:af:ca:b2:21:66:
c5:f7:8f:03:b9:0e:08:78:83:fa:76:e5:b0:c3:c6:
aa:2d:a6:89:91:3a:28:8b:13:5c:8d:be:00:4d:22:
7e:90:4e:20:75:58:c5:f1:1b:51:d6:c1:d9:8e:d8:
68:8e:dc:69:e4:e2:3b:7f:71:0e:26:98:5e:55:d1:
fc:20:74:ae:60:bf:67:1a:59:7f:83:9f:d2:0a:a6:
65:55:1d:a7:45:49:dd:68:90:91:8f:17:0c:d8:fd:
a1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:27:0A:26:21:74:AF:81:6B:0E:A0:7D:2B:B3:02:48:52:49:BD:A8
X509v3 Authority Key Identifier:
keyid:A9:CA:D9:A9:77:BF:8B:6B:40:F0:B8:E9:98:E5:78:7C:6A:E6:41:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/8CcKJiF0r4FrDqB9K7MCSFJJvag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.132.140.0/22
85.132.160.0-85.132.179.255
212.71.128.0/18
213.168.160.0/20
IPv6:
2001:ae8::/32
Signature Algorithm: sha256WithRSAEncryption
a6:eb:13:31:e4:2e:16:0f:57:8c:46:c6:8a:85:ec:0c:5c:b0:
7a:d7:b7:d4:bb:0c:76:02:12:30:a6:5f:d8:4c:34:21:41:fd:
16:e2:be:03:fb:a5:fb:ba:1f:e8:f1:f2:8a:30:e9:d8:bd:93:
80:ee:6b:7e:42:26:1c:9d:39:8d:6f:e4:ee:f8:0b:7a:ff:27:
45:ef:0f:55:7a:b0:60:a0:47:9d:81:23:98:be:d8:72:9b:7d:
58:2d:f8:f7:57:87:1c:b2:4f:bf:05:fd:cc:a7:14:11:be:14:
41:35:d2:a1:f5:d1:9f:d4:c9:a4:44:9e:93:9f:11:78:f2:4d:
37:df:d6:0a:7d:16:0c:77:59:8f:e6:da:f7:ea:15:49:99:f0:
ce:c5:6b:9b:6f:3e:83:42:16:8f:f0:e1:83:18:61:ab:b1:1d:
58:dc:54:07:ee:09:15:d1:61:f8:78:d1:58:46:07:31:b5:31:
0c:c1:55:33:ae:5c:40:bb:09:1c:50:c2:fb:03:1b:d9:96:50:
e8:7a:ba:82:45:f6:14:8c:8e:a8:2d:3c:96:02:9b:15:b2:24:
cc:d4:b9:49:6a:a6:84:4b:c5:e9:8b:2b:22:f6:3b:fb:26:29:
62:0e:7a:4c:71:1f:fa:98:32:5d:29:d9:94:94:5b:c9:c8:fa:
f0:10:38:b7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQj1rk5iXg/5+xdW73Yue4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Y2FkOWE5NzdiZjhiNmI0MGYwYjhlOTk4ZTU3ODdjNmFl
NjQxYzAwHhcNMjUwMTAxMjE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDI3MGEyNjIxNzRhZjgxNmIwZWEwN2QyYmIzMDI0ODUyNDliZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rrU/nUPa/7gznqFkc0pYmZObRE4
xsGCtvx2tFggv/8RmHFUFq17fghEiOUGNq28A27hwawgzPkZYLfkRxO0wbE+q4Qz
m/qwqo4laQ2Cvfu04O3t8hyGbnMvWkwlu64Je+EMaNAuCK5ygw7OVuZZt8UcO8bM
0lrq125yI4p/PLrVRMaEnnkn2EfGkATAZ5k41n6sDxOtQdDmkwnssCAur8qyIWbF
948DuQ4IeIP6duWww8aqLaaJkTooixNcjb4ATSJ+kE4gdVjF8RtR1sHZjthojtxp
5OI7f3EOJpheVdH8IHSuYL9nGll/g5/SCqZlVR2nRUndaJCRjxcM2P2hNQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPAnCiYhdK+Baw6gfSuzAkhSSb2oMB8GA1UdIwQY
MBaAFKnK2al3v4trQPC46ZjleHxq5kHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWNyWnFYZV9pMnRBOExqcG1PVjRmR3JtUWNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zZjIwMDMtOTIxMC00NGJiLThhMjct
ZGIzZWM3NWZhMjBjLzEvOENjS0ppRjByNEZyRHFCOUs3TUNTRkpKdmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zZjIwMDMtOTIxMC00NGJiLThhMjctZGIzZWM3NWZhMjBj
LzEvcWNyWnFYZV9pMnRBOExqcG1PVjRmR3JtUWNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCVYSMMAwD
BAVVhKADBAJVhLADBAbUR4ADBATVqKAwDQQCAAIwBwMFACABCugwDQYJKoZIhvcN
AQELBQADggEBAKbrEzHkLhYPV4xGxoqF7AxcsHrXt9S7DHYCEjCmX9hMNCFB/Rbi
vgP7pfu6H+jx8oow6di9k4Dua35CJhydOY1v5O74C3r/J0XvD1V6sGCgR52BI5i+
2HKbfVgt+PdXhxyyT78F/cynFBG+FEE10qH10Z/UyaREnpOfEXjyTTff1gp9Fgx3
WY/m2vfqFUmZ8M7Fa5tvPoNCFo/w4YMYYauxHVjcVAfuCRXRYfh40VhGBzG1MQzB
VTOuXEC7CRxQwvsDG9mWUOh6uoJF9hSMjqgtPJYCmxWyJMzUuUlqpoRLxemLKyL2
O/smKWIOekxxH/qYMl0p2ZSUW8nI+vAQOLc=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:45:31 2025 by rpki-client