Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/9_aHLAJZp7xwioZPyk98EqvzNPo.roa
File: 9_aHLAJZp7xwioZPyk98EqvzNPo.roa (raw, json)
Hash identifier: I2yql6c/IZDFz+sDSpzDIvfEotdi7ULCySvZQllg/u0=
Subject key identifier: F7:F6:87:2C:02:59:A7:BC:70:8A:86:4F:CA:4F:7C:12:AB:F3:34:FA
Certificate issuer: /CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Certificate serial: 018CCA2A36BD08FAD9EFABF8C6A693BB83A2
Authority key identifier: 8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/9_aHLAJZp7xwioZPyk98EqvzNPo.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.102.148.0/22 maxlen: 24
62.64.128.0/21 maxlen: 24
62.64.136.0/22 maxlen: 24
217.168.248.0/21 maxlen: 24
188.74.64.0/19 maxlen: 24
62.64.144.0/20 maxlen: 24
2a05:87c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:36:bd:08:fa:d9:ef:ab:f8:c6:a6:93:bb:83:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7f6872c0259a7bc708a864fca4f7c12abf334fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:af:e6:3e:61:04:26:b4:7c:cc:e8:4a:b0:7d:
bd:7e:d4:64:97:b0:f6:e3:ad:ba:d9:16:d5:b9:cd:
d3:0f:4f:13:2a:ed:57:63:6e:2f:dc:5c:be:0d:e0:
bf:0c:60:5d:d1:24:7b:d8:79:3d:6f:02:a3:10:88:
fc:98:d1:2a:56:41:6e:51:89:25:e3:2a:25:ed:5a:
a4:d3:fc:55:b2:91:4b:3f:05:31:38:e6:f9:92:c2:
82:18:c6:f6:b4:66:c9:af:9d:3a:66:fa:49:9e:b0:
4f:ee:4b:de:ca:f4:f4:d1:26:c2:5c:c2:c6:18:90:
f1:1b:3f:0b:7f:ff:8f:0d:17:fc:69:25:77:5a:fc:
ea:4f:db:27:e6:d8:ec:7e:8a:01:f7:86:13:41:b5:
a0:62:3f:3f:63:28:d8:97:5e:f2:e6:9c:e3:c4:23:
18:2a:a4:02:82:2d:50:c6:15:f9:c8:a9:7e:ee:7d:
e3:72:dc:72:83:93:b7:2b:f9:6a:a8:66:ea:98:5b:
e4:c5:45:23:65:5d:f5:ce:fc:5a:0d:c3:bd:2a:cd:
c7:d4:d3:85:e3:81:27:d4:20:64:0f:9f:58:7e:10:
98:9a:bb:8e:f6:f5:de:a5:11:d5:c1:c4:b0:38:5d:
08:54:37:bf:6e:bf:02:de:2f:f7:16:5b:ea:37:be:
6b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F6:87:2C:02:59:A7:BC:70:8A:86:4F:CA:4F:7C:12:AB:F3:34:FA
X509v3 Authority Key Identifier:
keyid:8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/9_aHLAJZp7xwioZPyk98EqvzNPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.64.128.0-62.64.139.255
62.64.144.0/20
185.102.148.0/22
188.74.64.0/19
217.168.248.0/21
IPv6:
2a05:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
28:ce:1d:9b:42:f0:fb:1f:7c:10:a0:ca:62:21:74:d5:0f:d0:
5b:24:54:ab:78:91:64:e1:72:3a:f0:9c:bb:17:8c:71:99:60:
fa:84:77:5f:7f:9b:fa:d9:b8:6f:6d:aa:c2:d4:b9:31:cd:bc:
49:b0:74:74:c7:27:e0:01:d5:82:32:2d:43:34:b3:27:ef:e9:
00:78:ed:cc:6e:2a:aa:80:cc:21:e2:00:cb:9d:a5:e1:c0:35:
ee:9d:90:f9:c4:27:35:3c:b5:e5:63:36:35:09:a2:8f:0a:7d:
b5:a2:c4:54:03:84:c1:ff:3c:01:f9:92:c3:73:f7:db:9a:3f:
fc:c2:41:9d:3e:10:0f:40:3d:d5:b3:46:15:3c:fa:64:8b:63:
16:11:93:3a:f1:1f:08:cf:b7:ad:bb:9d:0d:96:7e:7c:55:eb:
3b:3d:53:9e:e4:f3:71:d0:38:cb:5a:a9:80:d9:ce:18:56:7d:
99:5e:31:06:91:45:5b:1a:75:08:b3:12:25:99:f0:e1:2d:9f:
1a:fa:77:a5:34:9d:9c:38:4f:20:0c:44:13:7f:51:cb:d5:9b:
e1:7a:a6:6f:c7:19:7c:03:7e:4e:05:ae:2c:0e:53:2a:37:f6:
32:9b:79:b0:10:61:7b:c2:ae:0b:eb:51:87:ab:37:02:fa:35:
15:14:88:99
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzKKja9CPrZ76v4xqaTu4OiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMTg2YTU2ZWE4NGMxM2M2Mjc2OGE5ZDE3YmFlMTMzY2Vk
ZjEwNDUwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Y2ODcyYzAyNTlhN2JjNzA4YTg2NGZjYTRmN2MxMmFiZjMzNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK/mPmEEJrR8zOhKsH29ftRkl7D2
46262RbVuc3TD08TKu1XY24v3Fy+DeC/DGBd0SR72Hk9bwKjEIj8mNEqVkFuUYkl
4yol7Vqk0/xVspFLPwUxOOb5ksKCGMb2tGbJr506ZvpJnrBP7kveyvT00SbCXMLG
GJDxGz8Lf/+PDRf8aSV3WvzqT9sn5tjsfooB94YTQbWgYj8/YyjYl17y5pzjxCMY
KqQCgi1QxhX5yKl+7n3jctxyg5O3K/lqqGbqmFvkxUUjZV31zvxaDcO9Ks3H1NOF
44En1CBkD59YfhCYmruO9vXepRHVwcSwOF0IVDe/br8C3i/3FlvqN75rtwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPf2hywCWae8cIqGT8pPfBKr8zT6MB8GA1UdIwQY
MBaAFIwYalbqhME8YnaKnRe64TPO3xBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2Qt
MjA5MmFmNjQ3MDcwLzEvOV9hSExBSlpwN3h3aW9aUHlrOThFcXZ6TlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2QtMjA5MmFmNjQ3MDcw
LzEvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBAc+QIAD
BAI+QIgDBAQ+QJADBAK5ZpQDBAW8SkADBAPZqPgwDQQCAAIwBwMFAyoFh8AwDQYJ
KoZIhvcNAQELBQADggEBACjOHZtC8PsffBCgymIhdNUP0FskVKt4kWThcjrwnLsX
jHGZYPqEd19/m/rZuG9tqsLUuTHNvEmwdHTHJ+AB1YIyLUM0syfv6QB47cxuKqqA
zCHiAMudpeHANe6dkPnEJzU8teVjNjUJoo8KfbWixFQDhMH/PAH5ksNz99uaP/zC
QZ0+EA9APdWzRhU8+mSLYxYRkzrxHwjPt627nQ2WfnxV6zs9U57k83HQOMtaqYDZ
zhhWfZleMQaRRVsadQizEiWZ8OEtnxr6d6U0nZw4TyAMRBN/UcvVm+F6pm/HGXwD
fk4FriwOUyo39jKbebAQYXvCrgvrUYerNwL6NRUUiJk=
-----END CERTIFICATE-----
Generated at Wed May 15 18:23:46 2024 by rpki-client on console-fra.rpki-client.org