Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/CQ4ajTFNfvRz5LngDVC2Nzz5T0Y.roa
File: CQ4ajTFNfvRz5LngDVC2Nzz5T0Y.roa (raw, json)
Hash identifier: TTYVsd63OYzrYH1//QbaYXfXTkY32Qwx8Ilp+Q7jV9o=
Subject key identifier: 09:0E:1A:8D:31:4D:7E:F4:73:E4:B9:E0:0D:50:B6:37:3C:F9:4F:46
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B72BB7C4DE986540BC2382F186CE2F
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/CQ4ajTFNfvRz5LngDVC2Nzz5T0Y.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8376
IP address blocks: 81.52.144.0/21 maxlen: 24
81.52.152.0/21 maxlen: 24
90.84.64.0/21 maxlen: 24
80.10.32.0/21 maxlen: 24
90.84.72.0/21 maxlen: 24
80.10.48.0/20 maxlen: 24
90.84.80.0/20 maxlen: 24
80.10.64.0/20 maxlen: 24
81.52.224.0/21 maxlen: 24
81.253.96.0/21 maxlen: 24
81.253.104.0/21 maxlen: 24
80.10.8.0/21 maxlen: 24
80.10.16.0/20 maxlen: 24
81.253.112.0/21 maxlen: 24
80.10.144.0/21 maxlen: 24
81.253.240.0/20 maxlen: 24
80.10.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2b:b7:c4:de:98:65:40:bc:23:82:f1:86:ce:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=090e1a8d314d7ef473e4b9e00d50b6373cf94f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f3:db:d0:81:a5:c6:23:a0:98:aa:d0:5e:e2:
15:d2:83:34:91:fa:ee:51:6b:77:a9:d3:cf:62:4e:
a0:6a:fa:fb:b1:6c:5f:ef:6c:ad:a1:82:4b:ac:b2:
fb:c0:9d:7a:95:85:ec:bc:f1:50:98:f0:a1:27:4d:
b2:0e:6e:a6:e6:c3:07:e6:1c:14:b6:8b:e7:e7:0f:
b6:44:a8:47:9b:01:1e:91:fe:6d:d2:e3:8b:86:27:
00:95:94:84:55:6d:57:64:2e:a8:56:16:5f:80:5c:
10:01:4c:8c:85:f4:fe:40:36:4e:de:48:a2:56:5d:
29:f4:41:86:c8:4a:85:95:5e:f2:b4:7b:09:33:4a:
9a:a1:b8:b0:98:22:8d:45:e0:2a:87:15:5d:a5:7c:
ae:34:93:5d:cd:21:03:93:22:c0:a5:77:c8:d7:cc:
89:db:d2:08:a5:7b:56:b5:dc:0a:4c:78:a4:0f:dc:
c4:60:1c:dd:46:2c:d1:df:52:bd:c8:b5:cf:28:b1:
e0:f3:62:bc:06:a5:dc:f2:c6:46:f4:07:d1:bd:23:
7e:26:8d:af:ff:d2:35:2b:40:4f:6e:ed:ea:43:b9:
a5:a1:4b:8c:8d:d3:bb:c6:66:ea:a7:0f:45:c6:5a:
14:77:f4:6c:f9:e7:e7:ae:f2:13:55:5c:ee:a2:69:
06:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0E:1A:8D:31:4D:7E:F4:73:E4:B9:E0:0D:50:B6:37:3C:F9:4F:46
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/CQ4ajTFNfvRz5LngDVC2Nzz5T0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.10.8.0-80.10.39.255
80.10.48.0-80.10.79.255
80.10.144.0/21
80.10.168.0/21
81.52.144.0/20
81.52.224.0/21
81.253.96.0-81.253.119.255
81.253.240.0/20
90.84.64.0/19
Signature Algorithm: sha256WithRSAEncryption
4a:ab:1e:0a:0c:de:fa:d4:2c:78:5d:84:df:b7:6a:79:2c:cb:
70:d4:cb:bf:5c:15:90:e3:38:05:28:21:5c:22:12:64:1e:4b:
3f:db:be:a7:23:27:c6:f9:1f:da:05:03:43:de:87:07:ed:e6:
a2:fa:63:2e:a7:7d:e9:f9:ff:38:18:a5:a9:31:5b:84:01:fa:
ba:f0:18:91:e9:5e:34:e9:72:d0:96:67:c0:95:31:92:9b:9a:
bf:db:ae:17:a4:80:6d:9d:f0:88:21:26:64:1e:6e:0b:87:66:
d5:5f:5a:a0:11:c0:66:cb:15:61:ec:9a:b8:a8:b3:c5:b4:e7:
be:af:74:45:6c:7d:d1:4a:1d:6c:ae:8f:f7:7b:50:a5:f8:e2:
95:c2:3a:79:b7:95:6a:ae:d0:fc:04:a4:e0:db:72:16:9c:96:
c4:d8:a1:47:07:41:4d:4c:11:d9:78:6c:d3:13:a7:7e:40:d9:
57:d8:7c:9c:ee:0c:67:72:98:b8:97:9d:13:1c:fd:cd:11:af:
29:b5:20:76:5b:6b:16:dd:ff:0a:f4:4e:be:4a:19:4f:01:93:
ee:47:10:d8:f0:03:81:e5:95:b5:51:97:32:0f:83:7d:d2:a5:
72:02:7d:18:51:ea:5d:4c:e1:82:0b:aa:9b:b9:ad:2d:f0:e7:
99:a8:f5:06
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzDtyu3xN6YZUC8I4Lxhs4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTBlMWE4ZDMxNGQ3ZWY0NzNlNGI5ZTAwZDUwYjYzNzNjZjk0ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfPb0IGlxiOgmKrQXuIV0oM0kfru
UWt3qdPPYk6gavr7sWxf72ytoYJLrLL7wJ16lYXsvPFQmPChJ02yDm6m5sMH5hwU
tovn5w+2RKhHmwEekf5t0uOLhicAlZSEVW1XZC6oVhZfgFwQAUyMhfT+QDZO3kii
Vl0p9EGGyEqFlV7ytHsJM0qaobiwmCKNReAqhxVdpXyuNJNdzSEDkyLApXfI18yJ
29IIpXtWtdwKTHikD9zEYBzdRizR31K9yLXPKLHg82K8BqXc8sZG9AfRvSN+Jo2v
/9I1K0BPbu3qQ7mloUuMjdO7xmbqpw9FxloUd/Rs+efnrvITVVzuomkGVwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAkOGo0xTX70c+S54A1Qtjc8+U9GMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvQ1E0YWpURk5mdlJ6NUxuZ0RWQzJOeno1VDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBANQCggD
BANQCiAwDAMEBFAKMAMEBFAKQAMEA1AKkAMEA1AKqAMEBFE0kAMEA1E04DAMAwQF
Uf1gAwQDUf1wAwQEUf3wAwQFWlRAMA0GCSqGSIb3DQEBCwUAA4IBAQBKqx4KDN76
1Cx4XYTft2p5LMtw1Mu/XBWQ4zgFKCFcIhJkHks/276nIyfG+R/aBQND3ocH7eai
+mMup33p+f84GKWpMVuEAfq68BiR6V406XLQlmfAlTGSm5q/264XpIBtnfCIISZk
Hm4Lh2bVX1qgEcBmyxVh7Jq4qLPFtOe+r3RFbH3RSh1sro/3e1Cl+OKVwjp5t5Vq
rtD8BKTg23IWnJbE2KFHB0FNTBHZeGzTE6d+QNlX2Hyc7gxncpi4l50THP3NEa8p
tSB2W2sW3f8K9E6+ShlPAZPuRxDY8AOB5ZW1UZcyD4N90qVyAn0YUepdTOGCC6qb
ua0t8OeZqPUG
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:27:39 2024 by rpki-client on console-ams.rpki-client.org