Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/8OHRv5RyW0FKLMBVpJ7CJWfYtEM.roa
File: 8OHRv5RyW0FKLMBVpJ7CJWfYtEM.roa (raw, json)
Hash identifier: 6qAFFMhREgdAe2I81oqcFoaxgk06wJRAWHZF0aBUnh4=
Subject key identifier: F0:E1:D1:BF:94:72:5B:41:4A:2C:C0:55:A4:9E:C2:25:67:D8:B4:43
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 018CC725FFB07DDAC851D8C608B88CC2B0B5
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/8OHRv5RyW0FKLMBVpJ7CJWfYtEM.roa
Signing time: Mon 01 Jan 2024 22:30:05 +0000
ROA not before: Mon 01 Jan 2024 22:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31287
IP address blocks: 151.237.41.204/32 maxlen: 32
151.237.84.0/22 maxlen: 22
151.237.80.0/22 maxlen: 22
85.187.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:ff:b0:7d:da:c8:51:d8:c6:08:b8:8c:c2:b0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Jan 1 22:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0e1d1bf94725b414a2cc055a49ec22567d8b443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a0:42:b7:56:21:e9:09:c0:3e:f6:16:11:ff:
cd:fa:9a:66:13:e3:74:76:7e:fe:67:ee:fa:db:4f:
64:58:60:b0:38:58:ff:11:0b:88:0f:4e:26:f4:29:
8c:e3:df:a8:35:6a:af:7b:62:e6:64:db:62:d0:99:
5e:ab:2b:53:3f:73:43:11:2d:4c:e4:90:a2:f2:f6:
f6:3a:5c:93:51:1e:84:0c:c7:dd:2d:19:5b:75:5e:
db:ef:37:bd:ea:80:16:d1:3e:be:f0:1d:e0:cf:83:
7a:81:68:7f:27:29:76:7a:bd:ca:f3:78:6b:b4:87:
53:68:dd:72:67:2b:52:d8:54:b7:c2:16:38:56:df:
c9:26:c2:11:92:3a:6b:92:8e:29:10:a6:ca:a5:75:
24:4f:55:02:e7:a8:1d:ea:27:12:57:6b:ac:b8:f4:
12:63:87:68:2f:3e:40:6a:7e:b8:a1:49:ad:a9:85:
c7:63:f2:b6:96:c8:cc:49:bb:72:3c:4c:df:8c:0e:
dd:68:c6:e3:b5:44:30:2d:65:c7:fa:f5:2e:be:bf:
92:55:3e:00:d5:8d:1d:73:cf:18:6c:a0:b4:24:b3:
2b:2c:2a:f6:55:a8:d4:aa:7f:a4:46:10:b4:ca:98:
97:e7:87:97:9f:7d:a5:c3:29:52:df:0f:e7:8f:3c:
bc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E1:D1:BF:94:72:5B:41:4A:2C:C0:55:A4:9E:C2:25:67:D8:B4:43
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/8OHRv5RyW0FKLMBVpJ7CJWfYtEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.192.0/21
151.237.41.204/32
151.237.80.0/21
Signature Algorithm: sha256WithRSAEncryption
09:f2:02:58:c0:32:95:2c:66:85:ff:80:f4:6b:ae:70:82:03:
55:b7:21:b0:2d:9a:95:b3:29:9e:23:ec:95:42:bf:ba:13:d0:
52:8c:a2:de:b9:1f:ef:ae:50:e3:f0:49:47:ba:2e:55:a3:fc:
13:70:b4:12:26:29:94:34:3e:9a:64:a7:7d:9b:9f:37:55:04:
16:db:32:fd:05:14:df:ae:eb:2f:6f:f2:7d:74:0a:ff:a5:a1:
96:0f:8c:de:9c:b3:b3:42:60:ce:5f:55:d1:99:80:69:78:51:
7a:e4:95:ab:ae:7f:a6:5f:b7:72:42:4f:a5:34:27:02:8c:7d:
cd:af:e9:f8:5b:a9:3b:e8:b8:5f:d4:23:4b:ea:31:ea:48:10:
51:e2:7e:c7:66:c8:a0:ea:c5:cb:a2:e2:82:e5:11:df:24:0f:
2a:30:6e:fb:3e:d4:36:6a:fb:b7:41:30:b8:e9:ea:32:b2:7b:
32:0d:89:90:d7:ad:f0:fc:b7:97:c0:0a:94:f2:62:af:75:a2:
69:d2:b1:f3:cd:c3:ee:ef:6d:2d:8e:1d:76:91:d9:c6:20:8c:
2a:96:95:67:2e:36:3e:b3:15:74:a9:3d:ab:fc:33:b5:9f:a2:
45:4f:2d:c0:64:b7:f6:3d:bf:b6:6d:89:0a:64:cf:e5:55:b9:
f0:18:24:02
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzHJf+wfdrIUdjGCLiMwrC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjIyZmRlYzhmYWRmY2E1OGU3NTc1YzI5ZjEwZTczYWU3
NzU3MTUwHhcNMjQwMTAxMjIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGUxZDFiZjk0NzI1YjQxNGEyY2MwNTVhNDllYzIyNTY3ZDhiNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqBCt1Yh6QnAPvYWEf/N+ppmE+N0
dn7+Z+76209kWGCwOFj/EQuID04m9CmM49+oNWqve2LmZNti0JleqytTP3NDES1M
5JCi8vb2OlyTUR6EDMfdLRlbdV7b7ze96oAW0T6+8B3gz4N6gWh/Jyl2er3K83hr
tIdTaN1yZytS2FS3whY4Vt/JJsIRkjprko4pEKbKpXUkT1UC56gd6icSV2usuPQS
Y4doLz5Aan64oUmtqYXHY/K2lsjMSbtyPEzfjA7daMbjtUQwLWXH+vUuvr+SVT4A
1Y0dc88YbKC0JLMrLCr2VajUqn+kRhC0ypiX54eXn32lwylS3w/njzy8cwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPDh0b+UcltBSizAVaSewiVn2LRDMB8GA1UdIwQY
MBaAFNJiL97I+t/KWOdXXCnxDnOud1cVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWIt
ZjA1YWEyMjlkNjM4LzEvOE9IUnY1UnlXMEZLTE1CVnBKN0NKV2ZZdEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWItZjA1YWEyMjlkNjM4
LzEvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQDVbvAAwUA
l+0pzAMEA5ftUDANBgkqhkiG9w0BAQsFAAOCAQEACfICWMAylSxmhf+A9GuucIID
VbchsC2albMpniPslUK/uhPQUoyi3rkf765Q4/BJR7ouVaP8E3C0EiYplDQ+mmSn
fZufN1UEFtsy/QUU367rL2/yfXQK/6Whlg+M3pyzs0Jgzl9V0ZmAaXhReuSVq65/
pl+3ckJPpTQnAox9za/p+FupO+i4X9QjS+ox6kgQUeJ+x2bIoOrFy6LiguUR3yQP
KjBu+z7UNmr7t0EwuOnqMrJ7Mg2JkNet8Py3l8AKlPJir3WiadKx883D7u9tLY4d
dpHZxiCMKpaVZy42PrMVdKk9q/wztZ+iRU8twGS39j2/tm2JCmTP5VW58BgkAg==
-----END CERTIFICATE-----
Generated at Fri May 10 12:09:42 2024 by rpki-client on console-ams.rpki-client.org