Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/815sabZ5eBKX704ZQ1fj0E7D0QQ.roa
File: 815sabZ5eBKX704ZQ1fj0E7D0QQ.roa (raw, json)
Hash identifier: V7N85SSuN5Tg9loMUPuX7jnrrDGJmNECvUDjlRSsVIA=
Subject key identifier: F3:5E:6C:69:B6:79:78:12:97:EF:4E:19:43:57:E3:D0:4E:C3:D1:04
Certificate issuer: /CN=9a2ebbbcbe1bf6346ed476b83c7e13a784417acd
Certificate serial: 018CCA2A5F47DDFEEBB994C0867A76D4E83A
Authority key identifier: 9A:2E:BB:BC:BE:1B:F6:34:6E:D4:76:B8:3C:7E:13:A7:84:41:7A:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mi67vL4b9jRu1Ha4PH4Tp4RBes0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/815sabZ5eBKX704ZQ1fj0E7D0QQ.roa
Signing time: Tue 02 Jan 2024 12:33:43 +0000
ROA not before: Tue 02 Jan 2024 12:33:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60087
IP address blocks: 89.40.172.0/22 maxlen: 24
81.28.8.0/22 maxlen: 24
46.252.144.0/20 maxlen: 24
86.107.96.0/22 maxlen: 24
185.31.64.0/22 maxlen: 24
2a03:a500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/mi67vL4b9jRu1Ha4PH4Tp4RBes0.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/mi67vL4b9jRu1Ha4PH4Tp4RBes0.mft
rsync://rpki.ripe.net/repository/DEFAULT/mi67vL4b9jRu1Ha4PH4Tp4RBes0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:03:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5f:47:dd:fe:eb:b9:94:c0:86:7a:76:d4:e8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a2ebbbcbe1bf6346ed476b83c7e13a784417acd
Validity
Not Before: Jan 2 12:33:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f35e6c69b679781297ef4e194357e3d04ec3d104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b6:ff:7e:c0:9b:de:16:27:3c:98:a3:c1:23:
93:70:e2:ed:d9:92:3c:7a:a8:57:85:3b:f1:62:74:
eb:bf:a8:25:7e:63:f4:d4:95:89:4a:a3:c8:3d:98:
e8:57:80:75:70:9f:e4:05:af:79:1b:76:c8:f4:cf:
76:ec:01:db:a5:cf:8f:24:b7:a9:98:9b:df:e2:1d:
91:8f:97:dd:39:1c:77:d6:9c:1a:94:66:47:6f:7b:
3e:4d:e7:18:1a:bd:6b:3a:ce:57:0f:f1:c3:59:5d:
83:11:43:e3:7b:19:72:a0:ee:54:30:48:2c:0c:10:
c1:50:61:c9:99:73:83:f5:ca:6b:27:ca:d3:1b:1c:
36:77:6c:70:cf:81:dc:79:31:39:0b:d9:36:a6:72:
e7:c2:c3:aa:e8:05:6b:f8:db:f5:01:d7:91:39:50:
11:e8:80:6d:b8:98:11:49:de:9b:25:ba:09:84:c9:
c0:dc:11:64:3c:95:fc:de:01:5d:01:e3:f4:b8:b5:
22:09:b2:f4:42:0c:e0:a8:c9:47:5f:e5:44:46:28:
f6:7f:70:d0:b8:1c:40:12:4e:39:39:66:00:96:50:
b6:9c:46:51:17:74:81:28:62:6b:a1:03:bd:cd:af:
89:8f:70:e6:9d:9c:71:ad:a3:8b:76:cd:1c:80:9c:
a3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:5E:6C:69:B6:79:78:12:97:EF:4E:19:43:57:E3:D0:4E:C3:D1:04
X509v3 Authority Key Identifier:
keyid:9A:2E:BB:BC:BE:1B:F6:34:6E:D4:76:B8:3C:7E:13:A7:84:41:7A:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mi67vL4b9jRu1Ha4PH4Tp4RBes0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/815sabZ5eBKX704ZQ1fj0E7D0QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1a1cbe-217d-434b-ada1-44e219a9e96e/1/mi67vL4b9jRu1Ha4PH4Tp4RBes0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.144.0/20
81.28.8.0/22
86.107.96.0/22
89.40.172.0/22
185.31.64.0/22
IPv6:
2a03:a500::/32
Signature Algorithm: sha256WithRSAEncryption
ac:8d:3e:d7:59:62:71:fb:66:ed:e3:ff:f8:62:dc:7e:22:3b:
39:f0:68:f2:b8:02:19:71:b5:8c:5d:0b:36:ce:ff:87:7b:69:
f3:6b:79:73:8b:b0:18:a9:58:13:76:00:d6:0d:20:6d:2f:0a:
15:e3:0b:c0:f4:fa:96:35:5f:11:77:00:64:0d:a5:29:94:c6:
95:bd:25:2a:98:ca:9e:7c:85:b4:29:87:c5:3f:41:3d:97:a4:
3b:fe:c3:06:69:f5:31:54:59:07:54:0e:86:d1:b0:25:fb:ef:
90:35:21:2f:71:e4:ea:d3:23:8c:b3:21:ab:9b:f7:a0:6c:0f:
04:37:a0:ed:a1:8c:d0:b1:ee:1a:38:42:9d:66:bd:fe:2c:4a:
44:54:16:48:9b:9e:a8:d5:c8:4c:f0:6a:81:e4:cd:39:ec:04:
c1:86:29:73:d0:33:3c:5f:1f:8d:58:e8:ea:00:91:fa:b1:0f:
2b:a3:ea:e8:b9:ca:5a:a3:1d:fa:b8:34:99:be:b5:62:56:ca:
c4:80:3a:58:a5:e4:12:bb:b8:6c:a3:9d:5c:62:b8:49:90:e4:
54:62:13:e6:a9:7f:dc:72:75:bc:44:fc:60:99:61:8d:64:b7:
b7:34:a7:f1:00:66:b5:d9:1d:34:b9:f6:07:9f:47:17:bf:3f:
a1:01:d2:df
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKKl9H3f7ruZTAhnp21Og6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMmViYmJjYmUxYmY2MzQ2ZWQ0NzZiODNjN2UxM2E3ODQ0
MTdhY2QwHhcNMjQwMTAyMTIzMzQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzVlNmM2OWI2Nzk3ODEyOTdlZjRlMTk0MzU3ZTNkMDRlYzNkMTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLb/fsCb3hYnPJijwSOTcOLt2ZI8
eqhXhTvxYnTrv6glfmP01JWJSqPIPZjoV4B1cJ/kBa95G3bI9M927AHbpc+PJLep
mJvf4h2Rj5fdORx31pwalGZHb3s+TecYGr1rOs5XD/HDWV2DEUPjexlyoO5UMEgs
DBDBUGHJmXOD9cprJ8rTGxw2d2xwz4HceTE5C9k2pnLnwsOq6AVr+Nv1AdeROVAR
6IBtuJgRSd6bJboJhMnA3BFkPJX83gFdAeP0uLUiCbL0QgzgqMlHX+VERij2f3DQ
uBxAEk45OWYAllC2nEZRF3SBKGJroQO9za+Jj3DmnZxxraOLds0cgJyjUQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPNebGm2eXgSl+9OGUNX49BOw9EEMB8GA1UdIwQY
MBaAFJouu7y+G/Y0btR2uDx+E6eEQXrNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWk2N3ZMNGI5alJ1MUhhNFBINFRwNFJCZXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xYTFjYmUtMjE3ZC00MzRiLWFkYTEt
NDRlMjE5YTllOTZlLzEvODE1c2FiWjVlQktYNzA0WlExZmowRTdEMFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xYTFjYmUtMjE3ZC00MzRiLWFkYTEtNDRlMjE5YTllOTZl
LzEvbWk2N3ZMNGI5alJ1MUhhNFBINFRwNFJCZXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQELvyQAwQC
URwIAwQCVmtgAwQCWSisAwQCuR9AMA0EAgACMAcDBQAqA6UAMA0GCSqGSIb3DQEB
CwUAA4IBAQCsjT7XWWJx+2bt4//4Ytx+Ijs58GjyuAIZcbWMXQs2zv+He2nza3lz
i7AYqVgTdgDWDSBtLwoV4wvA9PqWNV8RdwBkDaUplMaVvSUqmMqefIW0KYfFP0E9
l6Q7/sMGafUxVFkHVA6G0bAl+++QNSEvceTq0yOMsyGrm/egbA8EN6DtoYzQse4a
OEKdZr3+LEpEVBZIm56o1chM8GqB5M057ATBhilz0DM8Xx+NWOjqAJH6sQ8ro+ro
ucpaox36uDSZvrViVsrEgDpYpeQSu7hso51cYrhJkORUYhPmqX/ccnW8RPxgmWGN
ZLe3NKfxAGa12R00ufYHn0cXvz+hAdLf
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:30:17 2024 by rpki-client on console-fra.rpki-client.org