Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/b3JDvgZALccQ-rPhNai1nx0sG04.roa
File: b3JDvgZALccQ-rPhNai1nx0sG04.roa (raw, json)
Hash identifier: 5PfDmnplZaiwly72TDaA86wgJ7vI/7CI2J56vF3fCY4=
Subject key identifier: 6F:72:43:BE:06:40:2D:C7:10:FA:B3:E1:35:A8:B5:9F:1D:2C:1B:4E
Certificate issuer: /CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Certificate serial: 019348F7F504B9BDA342A314F52313DF671E
Authority key identifier: F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/b3JDvgZALccQ-rPhNai1nx0sG04.roa
Signing time: Wed 20 Nov 2024 09:47:09 +0000
ROA not before: Wed 20 Nov 2024 09:47:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8323
IP address blocks: 185.92.51.0/24 maxlen: 24
193.193.64.0/19 maxlen: 19
195.150.0.0/16 maxlen: 16
195.150.0.0/17 maxlen: 17
195.150.128.0/18 maxlen: 18
2001:6d8::/29 maxlen: 29
2001:6d8::/32 maxlen: 32
2001:6df::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:f7:f5:04:b9:bd:a3:42:a3:14:f5:23:13:df:67:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Validity
Not Before: Nov 20 09:47:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f7243be06402dc710fab3e135a8b59f1d2c1b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:dd:ac:29:c1:c8:70:16:e1:78:3f:3d:9d:5c:
0f:47:78:71:8a:60:70:f1:2d:49:95:12:c8:e8:f0:
13:be:97:4b:d1:e2:90:34:4a:1d:66:0b:fa:aa:d5:
03:44:94:02:63:45:f2:39:9d:9d:55:32:3d:a5:a6:
5d:3f:c9:c0:b6:28:bd:61:66:3b:75:4c:f9:77:7d:
7d:0f:66:ff:6c:63:47:2e:19:d9:77:66:11:36:2c:
2d:5b:50:df:ee:d3:ff:0a:de:5e:be:c4:64:42:53:
66:61:c3:67:38:72:24:4d:07:0b:24:f1:25:62:4f:
cf:d2:20:de:bf:4a:f0:d7:c8:ad:da:41:c7:ec:f6:
f5:4d:7e:94:ac:3e:36:18:35:05:f5:a7:3b:9b:8a:
14:c0:22:c3:ab:d6:f9:cf:36:bb:76:f4:32:02:52:
2f:5f:96:2f:f1:82:cc:01:60:2e:77:d3:3f:7e:b6:
9e:81:a5:88:37:db:19:6b:76:be:2c:8c:db:9e:55:
31:7d:84:ee:af:52:b7:25:43:15:de:a7:4a:82:d6:
6b:a2:a2:0c:7b:10:4b:f7:c5:93:55:da:c3:29:3a:
f9:46:f1:db:61:22:a3:66:f4:99:d6:7e:ac:6c:48:
60:6b:54:f2:59:36:7f:03:82:4c:5a:4a:31:9a:21:
a1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:72:43:BE:06:40:2D:C7:10:FA:B3:E1:35:A8:B5:9F:1D:2C:1B:4E
X509v3 Authority Key Identifier:
keyid:F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/b3JDvgZALccQ-rPhNai1nx0sG04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.51.0/24
193.193.64.0/19
195.150.0.0/16
IPv6:
2001:6d8::/29
Signature Algorithm: sha256WithRSAEncryption
2d:0e:59:e8:8b:0d:7f:31:8f:78:ae:8e:05:9d:f1:e3:7d:b3:
a1:99:cb:36:1f:5d:d2:c8:1b:49:7c:0e:b6:38:15:0b:bd:51:
7e:4d:73:ca:9b:ac:90:b0:5a:95:26:b1:bd:8d:8a:67:14:8d:
36:a2:2c:80:43:f6:87:9b:bb:e7:f9:3e:b5:fe:b5:25:6b:b5:
90:de:23:a2:56:a9:60:ee:ad:59:37:4e:6f:c2:8c:17:b8:91:
b9:c0:22:f1:5a:ad:2d:0b:2c:a6:9e:a5:24:7a:14:58:af:15:
57:da:11:7e:81:a3:13:dd:bd:3b:09:32:0f:05:64:90:9b:36:
38:ce:ed:9f:54:c7:d0:ba:66:46:fd:3d:67:b9:51:ff:4e:39:
36:fd:e1:c9:af:83:88:4e:78:f7:b0:bc:bd:ab:ed:7f:91:19:
30:a1:14:b0:7f:a3:e9:11:62:e5:36:be:c6:f7:31:3d:3d:a5:
fc:96:19:f9:ee:8c:67:64:96:59:1b:89:a9:9e:41:11:5d:60:
a6:a0:14:07:df:f7:6f:c8:e6:dc:b3:11:b6:10:87:6a:ae:fd:
7f:3a:ee:e4:94:b4:a2:40:d9:ff:a3:7c:6a:24:c8:c0:86:c8:
7d:a2:63:6c:14:bb:31:de:0c:c6:1e:b6:c7:d4:dd:7e:45:f5:
bf:95:7f:5c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZNI9/UEub2jQqMU9SMT32ceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZjE5ZTIyNGM3M2Y4M2M0ZmRkMTk2ZDA2NjA4YWViM2E4
ODE4MDQwHhcNMjQxMTIwMDk0NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjcyNDNiZTA2NDAyZGM3MTBmYWIzZTEzNWE4YjU5ZjFkMmMxYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq92sKcHIcBbheD89nVwPR3hximBw
8S1JlRLI6PATvpdL0eKQNEodZgv6qtUDRJQCY0XyOZ2dVTI9paZdP8nAtii9YWY7
dUz5d319D2b/bGNHLhnZd2YRNiwtW1Df7tP/Ct5evsRkQlNmYcNnOHIkTQcLJPEl
Yk/P0iDev0rw18it2kHH7Pb1TX6UrD42GDUF9ac7m4oUwCLDq9b5zza7dvQyAlIv
X5Yv8YLMAWAud9M/fraegaWIN9sZa3a+LIzbnlUxfYTur1K3JUMV3qdKgtZroqIM
exBL98WTVdrDKTr5RvHbYSKjZvSZ1n6sbEhga1TyWTZ/A4JMWkoxmiGhyQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFG9yQ74GQC3HEPqz4TWotZ8dLBtOMB8GA1UdIwQY
MBaAFPjxniJMc/g8T90ZbQZgius6iBgEMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QR2VJa3h6LUR4UDNSbHRCbUNLNnpxSUdBUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUx
LTE2Y2Q4ZjRmYjRiOS8xL2IzSkR2Z1pBTGNjUS1yUGhOYWkxbngwc0cwNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUxLTE2Y2Q4ZjRmYjRi
OS8xLzEtUEdlSWt4ei1EeFAzUmx0Qm1DSzZ6cUlHQVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMBcEAgABMBEDBAC5XDMD
BAXBwUADAwDDljANBAIAAjAHAwUDIAEG2DANBgkqhkiG9w0BAQsFAAOCAQEALQ5Z
6IsNfzGPeK6OBZ3x432zoZnLNh9d0sgbSXwOtjgVC71Rfk1zypuskLBalSaxvY2K
ZxSNNqIsgEP2h5u75/k+tf61JWu1kN4jolapYO6tWTdOb8KMF7iRucAi8VqtLQss
pp6lJHoUWK8VV9oRfoGjE929OwkyDwVkkJs2OM7tn1TH0LpmRv09Z7lR/045Nv3h
ya+DiE5497C8vavtf5EZMKEUsH+j6RFi5Ta+xvcxPT2l/JYZ+e6MZ2SWWRuJqZ5B
EV1gpqAUB9/3b8jm3LMRthCHaq79fzru5JS0okDZ/6N8aiTIwIbIfaJjbBS7Md4M
xh62x9TdfkX1v5V/XA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:12 2024 by rpki-client on console-fra.rpki-client.org