Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/8aLWTRFKDxaPNA6hS2EUKOmLN7U.roa
File: 8aLWTRFKDxaPNA6hS2EUKOmLN7U.roa (raw, json)
Hash identifier: w2Fctre7LtRNjGexSqx2Ptl5QsOn74V9SKppDhDnOxA=
Subject key identifier: F1:A2:D6:4D:11:4A:0F:16:8F:34:0E:A1:4B:61:14:28:E9:8B:37:B5
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 01953CD6C45CC46B0B8D90D80FFA451A7CBE
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/8aLWTRFKDxaPNA6hS2EUKOmLN7U.roa
Signing time: Tue 25 Feb 2025 11:21:02 +0000
ROA not before: Tue 25 Feb 2025 11:21:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205673
IP address blocks: 176.39.96.0/22 maxlen: 23
185.210.84.0/22 maxlen: 23
185.235.132.0/22 maxlen: 23
185.244.168.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:d6:c4:5c:c4:6b:0b:8d:90:d8:0f:fa:45:1a:7c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Feb 25 11:21:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1a2d64d114a0f168f340ea14b611428e98b37b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cd:7c:24:8d:d5:0b:33:10:f9:87:33:5d:3e:
7f:ae:fc:3d:18:21:a6:23:56:13:70:a3:04:ec:4d:
19:6e:fb:50:b8:fa:1c:b1:2b:bc:df:b0:d4:55:ae:
46:60:d1:75:0d:3c:7b:55:1d:64:43:95:74:63:e1:
44:91:ab:8c:ce:26:c9:ba:c2:d1:67:ad:9b:8e:bd:
9d:4a:4c:2f:7c:e7:35:5f:a0:6d:35:53:dc:24:27:
cd:bc:71:cf:ca:41:16:97:39:11:3e:88:7e:ca:c4:
40:63:db:8d:ba:12:60:15:fd:1f:bb:ce:cc:f6:ef:
7c:a5:f3:b4:96:a2:f2:51:5f:3f:8e:5c:54:e1:46:
90:aa:21:f9:59:35:5c:d7:a7:51:8b:3f:ab:5c:6a:
9b:cf:33:df:0d:54:69:73:16:fa:f5:4b:35:5b:97:
21:80:c4:4a:cf:f1:38:f7:12:53:47:8a:69:5a:60:
8c:2b:7f:04:83:e3:66:74:47:43:c5:bf:7f:e0:38:
9b:1b:08:bd:91:2b:7b:4f:c4:1d:32:21:f8:7e:52:
48:3d:8a:08:10:fa:ec:cb:60:e0:cc:f6:87:b2:a1:
6b:42:0a:ab:1b:d4:72:78:25:77:d5:11:27:c1:6d:
2e:a1:8e:a6:d0:a4:1b:74:b1:74:da:0b:3d:6d:cd:
c3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A2:D6:4D:11:4A:0F:16:8F:34:0E:A1:4B:61:14:28:E9:8B:37:B5
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/8aLWTRFKDxaPNA6hS2EUKOmLN7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.39.96.0/22
185.210.84.0/22
185.235.132.0/22
185.244.168.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:e0:19:dd:c8:bb:4d:93:97:70:bf:b3:dd:73:33:28:9c:40:
2f:d7:8d:95:88:4c:07:37:68:22:eb:55:29:f2:0b:76:79:6a:
9a:66:13:58:9e:da:09:bf:9d:6a:c4:cf:f8:49:90:5b:32:a0:
5d:a8:ea:00:08:fc:ea:9e:27:73:f6:08:84:9f:b3:0e:19:b3:
60:a6:04:09:cb:9e:94:96:51:b3:70:04:55:6e:bd:bb:dd:fe:
b5:46:52:77:f6:f0:b4:cc:37:f9:51:47:5d:31:83:0d:d8:a9:
cc:37:52:e0:51:ed:28:75:b4:2f:9e:bc:a6:63:de:5b:b6:61:
c1:78:f2:c9:a1:ec:66:d7:c6:ab:dc:25:47:22:b3:60:ef:f2:
63:d1:09:4c:dc:1b:ab:d7:24:5d:a7:5d:17:38:30:03:a7:29:
bf:77:43:1c:a6:83:0d:66:df:5b:e6:22:c5:9f:7a:83:ae:9a:
c8:72:0f:ae:da:ea:26:50:0f:90:b1:9d:c4:7a:1b:92:fd:18:
a0:f4:96:66:6e:57:4b:f5:ed:b1:39:7f:d2:02:22:16:f2:7b:
b3:57:85:c9:23:a5:0d:82:2d:c0:50:e0:0c:ee:da:51:42:5a:
ca:d2:2f:e8:59:01:9e:bd:aa:87:3c:cc:5e:8c:93:58:a0:46:
51:45:a1:0a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZU81sRcxGsLjZDYD/pFGny+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjUwMjI1MTEyMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWEyZDY0ZDExNGEwZjE2OGYzNDBlYTE0YjYxMTQyOGU5OGIzN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs18JI3VCzMQ+YczXT5/rvw9GCGm
I1YTcKME7E0ZbvtQuPocsSu837DUVa5GYNF1DTx7VR1kQ5V0Y+FEkauMzibJusLR
Z62bjr2dSkwvfOc1X6BtNVPcJCfNvHHPykEWlzkRPoh+ysRAY9uNuhJgFf0fu87M
9u98pfO0lqLyUV8/jlxU4UaQqiH5WTVc16dRiz+rXGqbzzPfDVRpcxb69Us1W5ch
gMRKz/E49xJTR4ppWmCMK38Eg+NmdEdDxb9/4DibGwi9kSt7T8QdMiH4flJIPYoI
EPrsy2DgzPaHsqFrQgqrG9RyeCV31REnwW0uoY6m0KQbdLF02gs9bc3DgQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPGi1k0RSg8WjzQOoUthFCjpize1MB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xLzhhTFdUUkZLRHhhUE5BNmhTMkVVS09tTE43VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAKwJ2AD
BAK50lQDBAK564QDBAK59KgwDQYJKoZIhvcNAQELBQADggEBAC/gGd3Iu02Tl3C/
s91zMyicQC/XjZWITAc3aCLrVSnyC3Z5appmE1ie2gm/nWrEz/hJkFsyoF2o6gAI
/OqeJ3P2CISfsw4Zs2CmBAnLnpSWUbNwBFVuvbvd/rVGUnf28LTMN/lRR10xgw3Y
qcw3UuBR7Sh1tC+evKZj3lu2YcF48smh7GbXxqvcJUcis2Dv8mPRCUzcG6vXJF2n
XRc4MAOnKb93Qxymgw1m31vmIsWfeoOumshyD67a6iZQD5CxncR6G5L9GKD0lmZu
V0v17bE5f9ICIhbye7NXhckjpQ2CLcBQ4Azu2lFCWsrSL+hZAZ69qoc8zF6Mk1ig
RlFFoQo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:43:23 2025 by rpki-client