Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/65P1FGjsRk-0zt5mJECk_Ip2E48.roa
File: 65P1FGjsRk-0zt5mJECk_Ip2E48.roa (raw, json)
Hash identifier: +8XxOMUeVj/+FQnhcpsXfCOBarBgmyL8tLCjaSotBis=
Subject key identifier: EB:93:F5:14:68:EC:46:4F:B4:CE:DE:66:24:40:A4:FC:8A:76:13:8F
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0191A30B271CE6F248062719A643AEC9C378
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/65P1FGjsRk-0zt5mJECk_Ip2E48.roa
Signing time: Fri 30 Aug 2024 11:28:22 +0000
ROA not before: Fri 30 Aug 2024 11:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204746
IP address blocks: 86.38.35.0/24 maxlen: 24
89.117.223.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
89.117.246.0/24 maxlen: 24
185.189.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a3:0b:27:1c:e6:f2:48:06:27:19:a6:43:ae:c9:c3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Aug 30 11:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb93f51468ec464fb4cede662440a4fc8a76138f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:39:98:2f:01:d9:85:77:d4:1a:2b:36:23:5f:
8b:dc:ff:0f:0c:c7:47:9e:48:09:22:30:4f:46:ef:
77:3c:71:47:d1:f8:6e:53:15:62:21:4d:03:bc:26:
7f:93:fa:2d:71:c1:fc:17:a5:43:02:ca:d5:8e:a8:
c1:27:4b:f5:01:a0:87:4a:26:00:5a:e5:af:f7:1e:
f4:5a:60:ab:92:01:0e:e0:91:30:b6:bc:ce:47:7a:
f4:11:fc:c0:b1:dc:9c:6e:25:05:bc:00:62:ed:9b:
d3:15:1d:fa:ba:ad:e2:39:88:00:41:76:27:7b:36:
88:8c:21:55:e9:72:0a:2c:44:d0:7f:93:05:6d:f2:
a2:1f:e7:b1:92:25:4b:2b:ed:0d:11:8f:a9:62:86:
54:36:0e:b1:62:28:6c:3c:24:a8:d9:fa:cb:f8:74:
94:2c:bb:7f:aa:3e:7f:53:60:c9:cf:41:9b:52:f1:
3c:bc:9a:d9:b3:d6:43:5a:24:5a:b3:18:c8:1b:21:
c0:7f:b1:c0:df:c6:07:49:0a:c1:d1:5f:f5:9b:66:
8c:e7:fc:61:43:3e:c5:3d:49:b2:02:22:34:39:a0:
d1:ac:62:57:b0:7f:c4:d4:46:50:15:a8:4e:66:41:
82:e0:38:80:c3:e7:af:fa:a8:54:08:76:d0:4b:11:
05:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:93:F5:14:68:EC:46:4F:B4:CE:DE:66:24:40:A4:FC:8A:76:13:8F
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/65P1FGjsRk-0zt5mJECk_Ip2E48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.35.0/24
89.117.223.0/24
89.117.243.0/24
89.117.246.0/24
185.189.153.0/24
Signature Algorithm: sha256WithRSAEncryption
34:ec:aa:ee:91:83:e6:1a:91:83:b1:0b:e4:c9:9d:4d:9b:f4:
41:24:f6:19:ed:99:ba:d4:ac:90:ab:de:a9:e6:8d:d4:2e:0c:
fe:1c:b7:6e:a3:d0:b4:27:5f:69:d1:2b:ed:08:98:12:95:91:
e9:7b:d2:89:03:06:03:c1:60:f3:e6:1f:0f:63:95:19:ae:b6:
03:7d:e2:a0:ef:c8:5d:84:30:00:11:03:c0:2e:53:c7:f0:2f:
cc:44:a2:a9:b6:41:80:86:3b:7a:33:5e:a7:89:88:b0:b0:37:
e7:21:a0:36:44:65:31:70:71:61:d8:61:cd:6a:3a:c0:98:65:
a8:21:e2:90:87:56:16:67:39:65:50:38:fd:f1:ed:60:bf:b0:
9d:15:39:b0:77:5e:57:c4:eb:37:22:b9:e8:a8:e0:74:2a:a6:
95:41:a9:80:2d:e1:84:45:be:35:30:4e:ac:e9:b0:19:31:85:
83:b3:e2:3c:02:b9:41:0c:91:58:1a:ad:dc:91:df:3d:8e:84:
bd:36:7d:14:27:7d:ef:9e:41:bd:86:26:7e:58:d9:9d:1b:e7:
5a:f6:61:cd:e6:9f:e3:8d:d3:0e:ff:51:45:98:40:67:20:ea:
34:48:f9:7c:f8:8a:23:0a:1d:38:80:45:18:c4:38:8d:24:1f:
91:93:fa:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZGjCycc5vJIBicZpkOuycN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwODMwMTEyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjkzZjUxNDY4ZWM0NjRmYjRjZWRlNjYyNDQwYTRmYzhhNzYxMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDmYLwHZhXfUGis2I1+L3P8PDMdH
nkgJIjBPRu93PHFH0fhuUxViIU0DvCZ/k/otccH8F6VDAsrVjqjBJ0v1AaCHSiYA
WuWv9x70WmCrkgEO4JEwtrzOR3r0EfzAsdycbiUFvABi7ZvTFR36uq3iOYgAQXYn
ezaIjCFV6XIKLETQf5MFbfKiH+exkiVLK+0NEY+pYoZUNg6xYihsPCSo2frL+HSU
LLt/qj5/U2DJz0GbUvE8vJrZs9ZDWiRasxjIGyHAf7HA38YHSQrB0V/1m2aM5/xh
Qz7FPUmyAiI0OaDRrGJXsH/E1EZQFahOZkGC4DiAw+ev+qhUCHbQSxEF8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOuT9RRo7EZPtM7eZiRApPyKdhOPMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvNjVQMUZHanNSay0wenQ1bUpFQ2tfSXAyRTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAViYjAwQA
WXXfAwQAWXXzAwQAWXX2AwQAub2ZMA0GCSqGSIb3DQEBCwUAA4IBAQA07KrukYPm
GpGDsQvkyZ1Nm/RBJPYZ7Zm61KyQq96p5o3ULgz+HLduo9C0J19p0SvtCJgSlZHp
e9KJAwYDwWDz5h8PY5UZrrYDfeKg78hdhDAAEQPALlPH8C/MRKKptkGAhjt6M16n
iYiwsDfnIaA2RGUxcHFh2GHNajrAmGWoIeKQh1YWZzllUDj98e1gv7CdFTmwd15X
xOs3IrnoqOB0KqaVQamALeGERb41ME6s6bAZMYWDs+I8ArlBDJFYGq3ckd89joS9
Nn0UJ33vnkG9hiZ+WNmdG+da9mHN5p/jjdMO/1FFmEBnIOo0SPl8+IojCh04gEUY
xDiNJB+Rk/of
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:51:31 2024 by rpki-client on console-ams.rpki-client.org