Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/8W1YvRKTNxNHXcpafBwAW_Jzd_U.roa
File: 8W1YvRKTNxNHXcpafBwAW_Jzd_U.roa (raw, json)
Hash identifier: OM0lj8/zK/Z3Ttr3IbFQSNIZ3Y2MB4tDFS6TNpiqthw=
Subject key identifier: F1:6D:58:BD:12:93:37:13:47:5D:CA:5A:7C:1C:00:5B:F2:73:77:F5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0191173B41371CA74CBA634528F28E2FACF4
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/8W1YvRKTNxNHXcpafBwAW_Jzd_U.roa
Signing time: Sat 03 Aug 2024 07:54:04 +0000
ROA not before: Sat 03 Aug 2024 07:54:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 5.102.124.0/22 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:3b:41:37:1c:a7:4c:ba:63:45:28:f2:8e:2f:ac:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 3 07:54:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f16d58bd12933713475dca5a7c1c005bf27377f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:27:48:79:e8:cf:bc:40:e9:f5:42:60:dd:43:
66:56:47:aa:33:46:0f:08:fb:ad:9c:98:6c:2e:be:
eb:f0:f1:f0:c3:19:cb:9b:26:fa:01:86:de:b6:22:
39:50:93:87:d0:d6:53:b7:9f:94:78:65:44:a0:9a:
38:36:d7:62:b9:c2:2a:ea:e5:29:9b:9e:15:ff:0c:
7e:df:ab:ee:96:b8:55:7e:08:62:b7:bc:35:e7:01:
02:eb:38:ae:bb:2c:61:5a:4a:36:7f:46:c6:89:5c:
92:8c:ec:13:61:5c:fa:41:31:40:92:d2:b1:23:40:
e8:1b:12:4a:46:cf:1e:40:d2:9c:32:87:49:a5:b0:
cd:3c:68:35:61:55:8b:e6:a1:b8:1e:55:09:70:54:
58:59:20:d7:e8:fa:78:e7:e1:90:76:b8:ee:b8:7c:
03:ba:28:c7:28:8d:44:1c:f2:ef:de:58:63:8b:e5:
72:c9:e2:db:76:7e:f4:f2:bb:ad:1d:e4:87:5b:b5:
94:c0:05:dc:62:45:59:1b:4e:66:bc:ec:6d:dd:3c:
e2:ae:bf:77:24:9f:0d:78:e5:33:58:24:00:a1:13:
a3:a6:ee:c8:ce:72:2b:c7:ce:40:63:4a:ea:1a:49:
20:7c:9c:3b:fd:eb:d0:80:7c:dd:4f:b1:0d:fc:87:
db:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:6D:58:BD:12:93:37:13:47:5D:CA:5A:7C:1C:00:5B:F2:73:77:F5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/8W1YvRKTNxNHXcpafBwAW_Jzd_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.124.0/22
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:d5:75:66:4f:83:69:b1:3e:8e:cb:9e:84:10:74:30:46:00:
ef:ed:89:10:51:18:78:54:ad:bc:cd:a3:49:33:81:e3:ae:ce:
ed:65:17:3c:a6:d9:88:e4:89:a6:09:7a:1e:b4:b4:d7:02:db:
a8:85:30:08:8f:86:40:08:56:e9:eb:db:f9:81:d0:5b:d9:ff:
c8:91:94:ab:18:70:28:39:c6:eb:28:8b:e4:c3:38:95:eb:97:
3c:34:bc:28:ef:7a:c2:d2:86:73:99:24:1e:47:30:d0:22:2b:
f1:89:29:2a:e9:b2:3f:7f:e8:ac:c1:e3:73:74:44:a4:a7:df:
49:60:83:32:9f:6c:74:d8:84:9b:4c:94:76:2f:e7:34:76:e5:
83:d5:bc:b1:9d:ce:65:b5:6e:67:9f:9c:17:33:ec:08:a5:67:
05:58:b9:19:51:3f:50:4c:2b:84:6b:d3:ca:13:4a:19:bb:55:
58:44:85:6c:d3:53:65:8d:17:17:57:f8:62:eb:72:1a:4c:75:
7b:68:04:d2:76:70:11:76:1e:53:30:a8:b2:0a:e8:12:22:94:
00:f8:bf:8c:12:e0:9f:7e:97:22:0a:f0:bd:c1:ba:bf:56:2a:
c4:71:8f:62:ad:e0:6e:c7:88:3b:c7:df:f1:87:dd:8b:34:fb:
0d:07:f6:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZEXO0E3HKdMumNFKPKOL6z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwODAzMDc1NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTZkNThiZDEyOTMzNzEzNDc1ZGNhNWE3YzFjMDA1YmYyNzM3N2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCdIeejPvEDp9UJg3UNmVkeqM0YP
CPutnJhsLr7r8PHwwxnLmyb6AYbetiI5UJOH0NZTt5+UeGVEoJo4NtdiucIq6uUp
m54V/wx+36vulrhVfghit7w15wEC6ziuuyxhWko2f0bGiVySjOwTYVz6QTFAktKx
I0DoGxJKRs8eQNKcModJpbDNPGg1YVWL5qG4HlUJcFRYWSDX6Pp45+GQdrjuuHwD
uijHKI1EHPLv3lhji+VyyeLbdn708rutHeSHW7WUwAXcYkVZG05mvOxt3Tzirr93
JJ8NeOUzWCQAoROjpu7IznIrx85AY0rqGkkgfJw7/evQgHzdT7EN/Ifb2wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPFtWL0SkzcTR13KWnwcAFvyc3f1MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvOFcxWXZSS1ROeE5IWGNwYWZCd0FXX0p6ZF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBWZ8AwQC
UqOoAwQCUqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQBb1XVmT4Np
sT6Oy56EEHQwRgDv7YkQURh4VK28zaNJM4Hjrs7tZRc8ptmI5ImmCXoetLTXAtuo
hTAIj4ZACFbp69v5gdBb2f/IkZSrGHAoOcbrKIvkwziV65c8NLwo73rC0oZzmSQe
RzDQIivxiSkq6bI/f+isweNzdESkp99JYIMyn2x02ISbTJR2L+c0duWD1byxnc5l
tW5nn5wXM+wIpWcFWLkZUT9QTCuEa9PKE0oZu1VYRIVs01NljRcXV/hi63IaTHV7
aATSdnARdh5TMKiyCugSIpQA+L+MEuCffpciCvC9wbq/VirEcY9ireBux4g7x9/x
h92LNPsNB/bS
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:35:46 2024 by rpki-client on console-ams.rpki-client.org