Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/8bf389-813c-49ba-850c-940c6b8b502a/1/RF8Ia2x7yRBgrHaemwnVMIVZjgg.roa
File: RF8Ia2x7yRBgrHaemwnVMIVZjgg.roa (raw, json)
Hash identifier: H5Yo01V6DdcG3ZEVlQblL/gwkhEEmAu8IogD9yfAMYQ=
Subject key identifier: 44:5F:08:6B:6C:7B:C9:10:60:AC:76:9E:9B:09:D5:30:85:59:8E:08
Certificate issuer: /CN=f3f6a57ea2a902eb4912de927df80304c355ab12
Certificate serial: 018CC42479F00DBE2EE07A7B8B05E916AFB8
Authority key identifier: F3:F6:A5:7E:A2:A9:02:EB:49:12:DE:92:7D:F8:03:04:C3:55:AB:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8_alfqKpAutJEt6SffgDBMNVqxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/8bf389-813c-49ba-850c-940c6b8b502a/1/RF8Ia2x7yRBgrHaemwnVMIVZjgg.roa
Signing time: Mon 01 Jan 2024 08:29:34 +0000
ROA not before: Mon 01 Jan 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200062
IP address blocks: 188.64.56.0/21 maxlen: 21
185.9.128.0/22 maxlen: 22
80.209.244.0/22 maxlen: 22
185.127.116.0/22 maxlen: 22
185.64.112.0/22 maxlen: 22
158.181.48.0/21 maxlen: 21
2a00:6140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/8bf389-813c-49ba-850c-940c6b8b502a/1/8_alfqKpAutJEt6SffgDBMNVqxI.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/8bf389-813c-49ba-850c-940c6b8b502a/1/8_alfqKpAutJEt6SffgDBMNVqxI.mft
rsync://rpki.ripe.net/repository/DEFAULT/8_alfqKpAutJEt6SffgDBMNVqxI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 04:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:79:f0:0d:be:2e:e0:7a:7b:8b:05:e9:16:af:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3f6a57ea2a902eb4912de927df80304c355ab12
Validity
Not Before: Jan 1 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=445f086b6c7bc91060ac769e9b09d53085598e08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:23:35:64:2a:87:8e:8c:c1:73:e1:11:a4:c1:
60:b9:c4:7f:ad:2a:a9:70:30:f1:6d:8f:e1:4d:a9:
fb:ff:eb:06:d1:36:97:f1:0c:ea:17:17:2a:24:00:
f0:8e:24:24:46:8a:5b:94:f5:e4:e2:db:27:e4:51:
cd:b5:42:3b:11:8f:af:0e:8d:60:e0:11:56:f9:76:
4e:c1:b6:d4:59:89:b8:c7:3c:09:e5:42:ed:f9:b9:
6f:51:99:e1:47:ed:c8:21:d5:3e:ac:0a:8d:3b:c2:
2d:e6:0a:df:26:66:f6:b4:82:2c:5a:8d:f8:85:3c:
dc:83:cc:59:eb:e5:f6:e5:6f:a5:fe:c9:51:f6:53:
08:c2:4c:e5:ff:9b:26:b9:3f:1e:91:d2:65:30:d2:
17:d0:15:a6:32:83:05:56:0d:c7:a6:a1:1a:7f:2f:
45:3e:33:52:12:8a:05:4b:14:97:7e:c9:36:ec:f9:
6c:0f:62:c2:71:fd:d9:5c:15:83:a1:eb:17:5c:01:
e5:ab:d9:6a:3f:d4:25:48:68:75:70:87:86:e0:b5:
02:d5:f1:03:7e:7c:d8:21:68:2e:d8:98:48:fc:97:
b4:0a:93:e9:fc:da:ab:26:bf:89:dc:44:99:2b:77:
67:1c:a1:67:61:4d:b4:67:8e:89:37:1a:50:cf:97:
c0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:5F:08:6B:6C:7B:C9:10:60:AC:76:9E:9B:09:D5:30:85:59:8E:08
X509v3 Authority Key Identifier:
keyid:F3:F6:A5:7E:A2:A9:02:EB:49:12:DE:92:7D:F8:03:04:C3:55:AB:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8_alfqKpAutJEt6SffgDBMNVqxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/8bf389-813c-49ba-850c-940c6b8b502a/1/RF8Ia2x7yRBgrHaemwnVMIVZjgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/8bf389-813c-49ba-850c-940c6b8b502a/1/8_alfqKpAutJEt6SffgDBMNVqxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.209.244.0/22
158.181.48.0/21
185.9.128.0/22
185.64.112.0/22
185.127.116.0/22
188.64.56.0/21
IPv6:
2a00:6140::/32
Signature Algorithm: sha256WithRSAEncryption
3a:77:d6:3e:3d:8c:c4:7d:d8:71:ab:e0:2d:96:44:e6:28:07:
38:b6:86:d0:99:21:26:22:ba:3e:15:b1:28:79:14:74:06:d7:
06:0e:d0:0c:19:e8:3d:29:20:6a:53:ff:b0:4e:8a:bb:ca:44:
f6:8d:02:22:79:aa:b5:f4:54:77:c9:cb:84:85:6b:29:37:da:
04:b9:7d:bb:a9:f8:ea:63:41:ab:e1:b5:26:d1:b5:ae:2e:36:
1d:ef:c6:f1:22:cf:23:cc:34:3d:84:07:be:fd:1d:0c:8f:05:
66:93:6f:45:5f:d7:ce:2a:4b:24:a1:0e:81:87:50:3e:92:f8:
fe:8b:ca:b5:96:08:ea:a9:ee:72:4e:c6:83:29:94:38:d3:de:
88:2a:b1:50:dd:56:ad:48:94:d0:10:51:9f:61:51:4b:31:97:
5a:ec:95:6d:72:d7:8f:53:44:07:44:40:31:db:e8:3d:12:a3:
ae:67:d8:fe:db:c4:a5:44:8c:e6:13:6b:42:07:7c:bb:b7:79:
00:66:22:d1:cb:16:a6:93:f2:97:a1:b6:74:91:0c:b2:69:e4:
52:3b:42:ed:d7:9b:90:a4:1e:50:cf:de:63:ef:cf:35:cd:96:
73:50:ea:ac:6a:c8:5b:5c:e7:26:16:39:c6:92:64:9f:ec:99:
10:4d:29:a2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzEJHnwDb4u4Hp7iwXpFq+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZjZhNTdlYTJhOTAyZWI0OTEyZGU5MjdkZjgwMzA0YzM1
NWFiMTIwHhcNMjQwMTAxMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDVmMDg2YjZjN2JjOTEwNjBhYzc2OWU5YjA5ZDUzMDg1NTk4ZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iM1ZCqHjozBc+ERpMFgucR/rSqp
cDDxbY/hTan7/+sG0TaX8QzqFxcqJADwjiQkRopblPXk4tsn5FHNtUI7EY+vDo1g
4BFW+XZOwbbUWYm4xzwJ5ULt+blvUZnhR+3IIdU+rAqNO8It5grfJmb2tIIsWo34
hTzcg8xZ6+X25W+l/slR9lMIwkzl/5smuT8ekdJlMNIX0BWmMoMFVg3HpqEafy9F
PjNSEooFSxSXfsk27PlsD2LCcf3ZXBWDoesXXAHlq9lqP9QlSGh1cIeG4LUC1fED
fnzYIWgu2JhI/Je0CpPp/NqrJr+J3ESZK3dnHKFnYU20Z46JNxpQz5fA1wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFERfCGtse8kQYKx2npsJ1TCFWY4IMB8GA1UdIwQY
MBaAFPP2pX6iqQLrSRLekn34AwTDVasSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOF9hbGZxS3BBdXRKRXQ2U2ZmZ0RCTU5WcXhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84YmYzODktODEzYy00OWJhLTg1MGMt
OTQwYzZiOGI1MDJhLzEvUkY4SWEyeDd5UkJnckhhZW13blZNSVZaamdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84YmYzODktODEzYy00OWJhLTg1MGMtOTQwYzZiOGI1MDJh
LzEvOF9hbGZxS3BBdXRKRXQ2U2ZmZ0RCTU5WcXhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCUNH0AwQD
nrUwAwQCuQmAAwQCuUBwAwQCuX90AwQDvEA4MA0EAgACMAcDBQAqAGFAMA0GCSqG
SIb3DQEBCwUAA4IBAQA6d9Y+PYzEfdhxq+AtlkTmKAc4tobQmSEmIro+FbEoeRR0
BtcGDtAMGeg9KSBqU/+wToq7ykT2jQIieaq19FR3ycuEhWspN9oEuX27qfjqY0Gr
4bUm0bWuLjYd78bxIs8jzDQ9hAe+/R0MjwVmk29FX9fOKkskoQ6Bh1A+kvj+i8q1
lgjqqe5yTsaDKZQ4096IKrFQ3VatSJTQEFGfYVFLMZda7JVtctePU0QHREAx2+g9
EqOuZ9j+28SlRIzmE2tCB3y7t3kAZiLRyxamk/KXobZ0kQyyaeRSO0Lt15uQpB5Q
z95j7881zZZzUOqsashbXOcmFjnGkmSf7JkQTSmi
-----END CERTIFICATE-----
Generated at Fri May 10 06:13:16 2024 by rpki-client on console-ams.rpki-client.org