Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/8ulT59rCOmNuaeZOOkvsEowY_0s.roa
File: 8ulT59rCOmNuaeZOOkvsEowY_0s.roa (raw, json)
Hash identifier: yckMKYacWrzU7uNzKa1ST15jY+lVSl7OlAGExg+ya3I=
Subject key identifier: F2:E9:53:E7:DA:C2:3A:63:6E:69:E6:4E:3A:4B:EC:12:8C:18:FF:4B
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018CC794211D5BD357BBCB38CD5DFC1BA1A6
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/8ulT59rCOmNuaeZOOkvsEowY_0s.roa
Signing time: Tue 02 Jan 2024 00:30:22 +0000
ROA not before: Tue 02 Jan 2024 00:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202984
IP address blocks: 109.248.59.0/24 maxlen: 24
46.8.21.0/24 maxlen: 24
46.8.29.0/24 maxlen: 24
95.182.120.0/22 maxlen: 24
46.8.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:21:1d:5b:d3:57:bb:cb:38:cd:5d:fc:1b:a1:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 00:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2e953e7dac23a636e69e64e3a4bec128c18ff4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c9:75:bd:41:8f:ad:f2:af:60:d6:86:58:b9:
b5:19:49:96:76:de:5b:53:ab:1c:f1:e8:20:1d:35:
f5:d7:33:19:9c:ed:a9:0b:d9:09:5f:5a:15:48:33:
cd:89:0a:61:7c:95:10:5d:d9:98:14:c8:7e:18:95:
af:3a:c6:63:5a:15:1c:e5:db:62:e3:e5:c5:75:2a:
8d:a2:32:d6:ea:3d:88:ce:15:c8:38:18:5b:32:09:
1d:0a:8a:70:75:3f:84:1c:24:04:71:0b:a8:bb:d8:
21:65:95:7a:44:b9:2c:84:bc:21:4b:0e:25:7d:32:
be:f6:82:51:8d:5c:d3:e7:21:d5:fa:be:41:a4:7c:
39:6a:09:a9:9f:12:ef:19:49:8c:94:f5:a6:37:c0:
6c:ff:7f:8c:83:c1:fb:fb:f8:5f:d0:b0:d6:cf:e1:
c3:c7:09:0a:2d:bc:e8:bc:e3:27:8f:4c:8d:8f:66:
c2:e5:55:3a:6f:6b:28:31:b7:6c:dc:19:d3:15:ca:
c7:ac:61:7c:51:c0:0c:8e:01:1a:b7:f6:ff:fe:17:
91:ed:77:2c:72:5a:10:0a:4b:49:60:34:86:8f:b4:
aa:35:aa:30:9a:e4:69:00:04:db:32:48:df:a6:77:
2f:36:e0:f4:26:c6:47:7a:c1:67:7b:99:6c:ea:a5:
4f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E9:53:E7:DA:C2:3A:63:6E:69:E6:4E:3A:4B:EC:12:8C:18:FF:4B
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/8ulT59rCOmNuaeZOOkvsEowY_0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.21.0/24
46.8.29.0/24
46.8.158.0/24
95.182.120.0/22
109.248.59.0/24
Signature Algorithm: sha256WithRSAEncryption
48:1c:69:7e:7d:62:fe:81:b0:2d:8d:f3:c2:2f:cc:d8:75:33:
c9:ec:17:95:14:e2:e6:c2:12:c1:b0:a3:90:c9:1b:51:dd:5d:
cf:cb:ce:0e:9c:d6:24:52:47:1a:02:3d:66:57:39:cb:9b:21:
ee:0b:15:dd:59:f0:9f:39:5d:de:05:b1:e4:5d:03:06:25:73:
c3:59:67:77:fc:cc:f5:5c:4b:41:ed:53:fa:a3:d3:92:01:46:
b2:e3:03:76:37:57:8f:b5:08:18:dc:20:1a:da:54:a2:d7:e9:
e1:ce:df:e3:34:d6:53:1f:60:db:10:ae:25:09:07:b4:69:dd:
bc:c2:5f:16:88:54:a5:6e:72:0e:25:3a:55:23:bd:0e:52:3a:
cb:99:70:f3:65:d4:0e:cb:41:c8:b2:b7:fd:ba:27:9f:97:82:
8a:07:fd:f9:4c:1a:81:71:0c:20:05:ef:1c:e9:46:0d:1a:79:
64:a1:ec:13:e3:d0:4d:89:10:27:e3:a5:0a:7b:08:8c:36:4b:
82:b7:fb:b2:a0:e5:dc:29:89:8b:24:fb:1c:bc:bd:a1:56:95:
4d:4a:04:e1:9e:01:04:e8:7c:63:0a:02:c9:7b:ed:0f:47:9a:
f6:82:e1:1b:90:9a:ec:21:6c:13:7d:13:ff:44:91:db:7a:ca:
19:76:08:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHlCEdW9NXu8s4zV38G6GmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmU5NTNlN2RhYzIzYTYzNmU2OWU2NGUzYTRiZWMxMjhjMThmZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicl1vUGPrfKvYNaGWLm1GUmWdt5b
U6sc8eggHTX11zMZnO2pC9kJX1oVSDPNiQphfJUQXdmYFMh+GJWvOsZjWhUc5dti
4+XFdSqNojLW6j2IzhXIOBhbMgkdCopwdT+EHCQEcQuou9ghZZV6RLkshLwhSw4l
fTK+9oJRjVzT5yHV+r5BpHw5agmpnxLvGUmMlPWmN8Bs/3+Mg8H7+/hf0LDWz+HD
xwkKLbzovOMnj0yNj2bC5VU6b2soMbds3BnTFcrHrGF8UcAMjgEat/b//heR7Xcs
cloQCktJYDSGj7SqNaowmuRpAATbMkjfpncvNuD0JsZHesFne5ls6qVPjwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPLpU+fawjpjbmnmTjpL7BKMGP9LMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvOHVsVDU5ckNPbU51YWVaT09rdnNFb3dZXzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALggVAwQA
LggdAwQALgieAwQCX7Z4AwQAbfg7MA0GCSqGSIb3DQEBCwUAA4IBAQBIHGl+fWL+
gbAtjfPCL8zYdTPJ7BeVFOLmwhLBsKOQyRtR3V3Py84OnNYkUkcaAj1mVznLmyHu
CxXdWfCfOV3eBbHkXQMGJXPDWWd3/Mz1XEtB7VP6o9OSAUay4wN2N1ePtQgY3CAa
2lSi1+nhzt/jNNZTH2DbEK4lCQe0ad28wl8WiFSlbnIOJTpVI70OUjrLmXDzZdQO
y0HIsrf9uiefl4KKB/35TBqBcQwgBe8c6UYNGnlkoewT49BNiRAn46UKewiMNkuC
t/uyoOXcKYmLJPscvL2hVpVNSgThngEE6HxjCgLJe+0PR5r2guEbkJrsIWwTfRP/
RJHbesoZdgh2
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:51:32 2024 by rpki-client on console-ams.rpki-client.org