Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/8ro1ghBsc0uDSzzGmf-47KQDERI.roa
File: 8ro1ghBsc0uDSzzGmf-47KQDERI.roa (raw, json)
Hash identifier: 5aky8Yfv84llj5S2sAW/9RAxkME9gufQ5asMo8uVgFA=
Subject key identifier: F2:BA:35:82:10:6C:73:4B:83:4B:3C:C6:99:FF:B8:EC:A4:03:11:12
Certificate issuer: /CN=44cf3fa7074e7304b1f32e1664ad5f7157d65d62
Certificate serial: 018CC26D39F93DE68759C88A5DEDC5033544
Authority key identifier: 44:CF:3F:A7:07:4E:73:04:B1:F3:2E:16:64:AD:5F:71:57:D6:5D:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RM8_pwdOcwSx8y4WZK1fcVfWXWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/8ro1ghBsc0uDSzzGmf-47KQDERI.roa
Signing time: Mon 01 Jan 2024 00:29:47 +0000
ROA not before: Mon 01 Jan 2024 00:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21283
IP address blocks: 185.28.8.0/22 maxlen: 22
213.157.224.0/19 maxlen: 19
85.10.32.0/20 maxlen: 20
90.157.128.0/17 maxlen: 17
188.64.24.0/21 maxlen: 21
46.164.0.0/18 maxlen: 18
146.212.0.0/16 maxlen: 18
62.84.224.0/20 maxlen: 20
80.95.224.0/20 maxlen: 20
85.10.0.0/19 maxlen: 19
94.127.24.0/21 maxlen: 21
46.122.0.0/15 maxlen: 15
92.37.0.0/17 maxlen: 17
212.18.32.0/19 maxlen: 19
109.239.176.0/20 maxlen: 20
185.173.52.0/22 maxlen: 22
2a00:1a20::/29 maxlen: 32
2001:15c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/RM8_pwdOcwSx8y4WZK1fcVfWXWI.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/RM8_pwdOcwSx8y4WZK1fcVfWXWI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RM8_pwdOcwSx8y4WZK1fcVfWXWI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:39:f9:3d:e6:87:59:c8:8a:5d:ed:c5:03:35:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44cf3fa7074e7304b1f32e1664ad5f7157d65d62
Validity
Not Before: Jan 1 00:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2ba3582106c734b834b3cc699ffb8eca4031112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a9:69:37:9a:b3:27:ef:3d:2f:32:0b:4f:bf:
c7:da:2f:5f:07:95:6a:b8:a6:ea:57:30:3d:bc:34:
4f:2d:a2:42:4c:fa:c5:bc:96:64:ad:2f:b2:ea:6d:
83:9f:07:6f:69:42:86:8e:0e:48:ab:55:d9:1d:51:
3d:cd:77:28:2b:d9:65:b8:e5:fa:72:97:7a:de:24:
82:02:29:ce:de:c1:c3:ec:0d:24:e6:88:98:ae:bd:
8d:da:d5:ee:7b:be:e5:1d:1c:b5:55:5e:5d:e8:93:
80:d0:a7:c2:37:d0:ac:83:e2:43:4e:39:27:be:ba:
1f:98:91:bf:af:ee:5c:a3:92:24:7b:e6:e9:98:ec:
08:a6:3f:92:60:c4:38:ae:5a:ba:20:a0:21:03:91:
a0:35:5f:f2:41:66:00:22:66:4b:43:80:31:8d:a5:
98:7b:73:01:80:e4:e8:ee:34:99:f4:be:3a:21:84:
04:73:a5:a9:15:4d:53:80:86:5f:51:6a:6e:d4:16:
fa:19:90:1f:05:80:0e:95:08:3a:81:7d:ba:67:c6:
e0:0f:36:a1:5d:b0:b3:ee:ea:e4:86:f0:23:99:75:
1c:06:d7:7e:d9:92:ad:72:b8:9f:3b:fa:da:08:8e:
ad:8f:04:66:a8:87:f1:d9:5a:5f:83:8a:1f:5c:5c:
3c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:BA:35:82:10:6C:73:4B:83:4B:3C:C6:99:FF:B8:EC:A4:03:11:12
X509v3 Authority Key Identifier:
keyid:44:CF:3F:A7:07:4E:73:04:B1:F3:2E:16:64:AD:5F:71:57:D6:5D:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RM8_pwdOcwSx8y4WZK1fcVfWXWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/8ro1ghBsc0uDSzzGmf-47KQDERI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/RM8_pwdOcwSx8y4WZK1fcVfWXWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.122.0.0/15
46.164.0.0/18
62.84.224.0/20
80.95.224.0/20
85.10.0.0-85.10.47.255
90.157.128.0/17
92.37.0.0/17
94.127.24.0/21
109.239.176.0/20
146.212.0.0/16
185.28.8.0/22
185.173.52.0/22
188.64.24.0/21
212.18.32.0/19
213.157.224.0/19
IPv6:
2001:15c0::/29
2a00:1a20::/29
Signature Algorithm: sha256WithRSAEncryption
0e:b9:e3:0a:ec:1c:65:00:80:37:0d:e8:29:c1:02:42:e3:52:
b6:b6:1f:13:30:ea:01:29:98:37:f5:b7:53:c5:45:3b:dc:df:
f4:fe:b7:22:3a:fd:30:0c:5b:41:28:99:59:b8:b1:74:9e:d7:
98:53:3b:9c:29:ef:12:32:68:e1:0d:e1:0c:d6:42:70:96:fc:
71:85:56:7e:84:70:6c:31:38:31:57:fb:5c:04:b4:fa:38:3b:
1f:e1:b4:75:c0:ed:1d:ba:e9:7a:f9:ef:6c:9d:68:5b:98:cf:
1b:2f:61:df:db:d4:55:8b:a6:64:f0:d5:f5:c5:44:56:17:f2:
f8:a5:22:b4:0e:dc:6e:82:0b:7d:9c:d5:b8:31:b0:6f:ab:c4:
22:af:1f:f8:31:80:51:82:65:d7:35:69:22:6a:d9:20:3b:b9:
ed:f8:44:6c:78:d4:50:ef:b9:34:6d:f0:fa:c3:ac:f8:5d:1d:
33:b3:61:8a:47:1b:5b:d1:0b:e7:5b:69:ed:61:d8:78:06:7c:
df:23:c4:ca:fe:7b:d5:f5:a5:e2:e2:54:9d:fc:d5:48:8d:57:
c6:d8:75:7f:1e:5b:b9:ea:9a:89:5e:4b:fc:51:4b:77:9c:e6:
ce:d8:7f:81:fd:f5:ef:38:18:a5:64:19:bd:f1:91:ca:17:b3:
67:bf:3e:3d
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzCbTn5PeaHWciKXe3FAzVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Y2YzZmE3MDc0ZTczMDRiMWYzMmUxNjY0YWQ1ZjcxNTdk
NjVkNjIwHhcNMjQwMTAxMDAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmJhMzU4MjEwNmM3MzRiODM0YjNjYzY5OWZmYjhlY2E0MDMxMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlalpN5qzJ+89LzILT7/H2i9fB5Vq
uKbqVzA9vDRPLaJCTPrFvJZkrS+y6m2DnwdvaUKGjg5Iq1XZHVE9zXcoK9lluOX6
cpd63iSCAinO3sHD7A0k5oiYrr2N2tXue77lHRy1VV5d6JOA0KfCN9Csg+JDTjkn
vrofmJG/r+5co5Ike+bpmOwIpj+SYMQ4rlq6IKAhA5GgNV/yQWYAImZLQ4AxjaWY
e3MBgOTo7jSZ9L46IYQEc6WpFU1TgIZfUWpu1Bb6GZAfBYAOlQg6gX26Z8bgDzah
XbCz7urkhvAjmXUcBtd+2ZKtcrifO/raCI6tjwRmqIfx2Vpfg4ofXFw8gwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFPK6NYIQbHNLg0s8xpn/uOykAxESMB8GA1UdIwQY
MBaAFETPP6cHTnMEsfMuFmStX3FX1l1iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk04X3B3ZE9jd1N4OHk0V1pLMWZjVmZXWFdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84OTMxNDktZGQyNS00NTk2LWJhZDgt
MWRlOTMzZDlmODQzLzEvOHJvMWdoQnNjMHVEU3p6R21mLTQ3S1FERVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84OTMxNDktZGQyNS00NTk2LWJhZDgtMWRlOTMzZDlmODQz
LzEvUk04X3B3ZE9jd1N4OHk0V1pLMWZjVmZXWFdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wZQQCAAEwXwMDAS56AwQG
LqQAAwQEPlTgAwQEUF/gMAsDAwFVCgMEBFUKIAMEB1qdgAMEB1wlAAMEA15/GAME
BG3vsAMDAJLUAwQCuRwIAwQCua00AwQDvEAYAwQF1BIgAwQF1Z3gMBQEAgACMA4D
BQMgARXAAwUDKgAaIDANBgkqhkiG9w0BAQsFAAOCAQEADrnjCuwcZQCANw3oKcEC
QuNStrYfEzDqASmYN/W3U8VFO9zf9P63Ijr9MAxbQSiZWbixdJ7XmFM7nCnvEjJo
4Q3hDNZCcJb8cYVWfoRwbDE4MVf7XAS0+jg7H+G0dcDtHbrpevnvbJ1oW5jPGy9h
39vUVYumZPDV9cVEVhfy+KUitA7cboILfZzVuDGwb6vEIq8f+DGAUYJl1zVpImrZ
IDu57fhEbHjUUO+5NG3w+sOs+F0dM7NhikcbW9EL51tp7WHYeAZ83yPEyv571fWl
4uJUnfzVSI1Xxth1fx5bueqaiV5L/FFLd5zmzth/gf317zgYpWQZvfGRyhezZ78+
PQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:56:26 2024 by rpki-client on console-ams.rpki-client.org