Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/t34KhsLVJfg3ykg9v-4WMqMSjXE.roa
File: t34KhsLVJfg3ykg9v-4WMqMSjXE.roa (raw, json)
Hash identifier: dmvmq0LFpWaE+DzDJHB27zoURld5elKnpVQQT18tPlA=
Subject key identifier: B7:7E:0A:86:C2:D5:25:F8:37:CA:48:3D:BF:EE:16:32:A3:12:8D:71
Certificate issuer: /CN=f8ad110d39e95b542df8d2071d9245469a1b9f42
Certificate serial: 018CCA2AA6F7A8B0FB5D9013D6E60494EF53
Authority key identifier: F8:AD:11:0D:39:E9:5B:54:2D:F8:D2:07:1D:92:45:46:9A:1B:9F:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/t34KhsLVJfg3ykg9v-4WMqMSjXE.roa
Signing time: Tue 02 Jan 2024 12:34:01 +0000
ROA not before: Tue 02 Jan 2024 12:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208920
IP address blocks: 85.116.136.0/22 maxlen: 22
45.130.108.0/22 maxlen: 22
185.126.204.0/22 maxlen: 22
2a06:c100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a6:f7:a8:b0:fb:5d:90:13:d6:e6:04:94:ef:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad110d39e95b542df8d2071d9245469a1b9f42
Validity
Not Before: Jan 2 12:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b77e0a86c2d525f837ca483dbfee1632a3128d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:30:6b:b2:c3:b7:36:b7:35:88:d5:d2:1f:3b:
a3:6f:3a:14:96:5e:c6:43:00:b8:91:51:85:9a:4d:
4e:8f:c8:aa:64:e4:64:eb:ce:9f:0d:c5:c1:d3:28:
1f:f2:29:62:b4:f9:cf:b4:2b:1e:b9:b1:37:d6:0e:
a2:00:3d:9e:75:c9:ae:29:9f:6f:9a:7b:58:2b:f7:
47:26:75:bb:5b:e7:96:ec:eb:f2:ec:e9:e4:e1:87:
b7:c7:1c:e3:c7:bb:da:ae:6d:e7:00:3d:19:cf:b7:
c0:8f:97:d6:bf:47:34:09:cc:28:f1:4e:8b:4c:5f:
89:43:17:8a:97:14:6d:37:6f:c5:aa:29:3b:6b:af:
08:dc:d2:f9:7f:6c:92:7a:ea:67:b7:4e:6d:bb:87:
3e:6b:0a:f3:a9:14:c7:4b:24:ea:08:4e:82:6c:be:
f2:14:59:87:26:89:95:89:a1:5b:d0:c3:95:69:af:
15:9d:40:19:9d:b4:02:5c:cf:19:f9:cb:0b:70:de:
7b:3b:53:66:e9:88:44:ac:de:ce:1d:c2:cb:c0:a3:
4b:5e:06:23:48:f2:b7:01:db:14:41:32:25:77:14:
f5:22:54:e3:4b:44:57:d8:80:8e:9c:05:15:a5:26:
fb:53:62:0e:ce:4c:79:35:6c:52:1d:95:19:38:da:
bf:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7E:0A:86:C2:D5:25:F8:37:CA:48:3D:BF:EE:16:32:A3:12:8D:71
X509v3 Authority Key Identifier:
keyid:F8:AD:11:0D:39:E9:5B:54:2D:F8:D2:07:1D:92:45:46:9A:1B:9F:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/t34KhsLVJfg3ykg9v-4WMqMSjXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.108.0/22
85.116.136.0/22
185.126.204.0/22
IPv6:
2a06:c100::/29
Signature Algorithm: sha256WithRSAEncryption
b3:f5:ae:dd:ca:7d:41:da:df:cb:2a:ae:30:17:0f:ff:53:02:
a9:d0:ad:ad:61:25:8e:ac:70:14:ef:8b:c6:b9:36:eb:6e:b0:
e8:7c:7f:34:8b:cd:94:b2:04:42:02:62:66:54:e9:d3:44:02:
21:9f:d0:93:a1:67:b5:62:5a:94:cf:87:35:8e:9d:4d:28:97:
7c:89:36:8b:67:b3:33:5b:b9:40:07:94:cf:73:4c:23:be:3e:
d2:50:86:3a:99:db:6d:ab:b4:95:ee:6d:82:ce:aa:c3:94:41:
8d:5e:48:dc:5c:d3:27:39:58:50:ce:8f:fd:82:4f:be:4b:5b:
81:57:e6:c7:d9:60:55:a0:e8:60:88:62:97:fa:d5:fb:c9:51:
ae:81:92:c4:54:3a:bd:2c:92:6e:4c:93:f0:5d:29:9b:23:75:
a7:9d:e4:0d:4c:1f:99:da:e5:1e:95:14:57:46:80:d0:c2:b4:
79:0e:5d:70:b3:ab:62:59:3f:e5:36:5a:d6:8e:2d:9e:be:6b:
a3:43:75:8c:fb:78:c1:7e:e7:20:84:2c:6d:a3:04:0f:22:4f:
f6:b4:b7:de:96:db:b1:cb:ab:b6:af:b5:44:33:36:c0:78:69:
29:b1:a9:3b:4f:39:f3:b5:15:1f:e8:f8:db:b0:64:10:c0:b3:
69:8a:7b:e8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzKKqb3qLD7XZAT1uYElO9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQxMTBkMzllOTViNTQyZGY4ZDIwNzFkOTI0NTQ2OWEx
YjlmNDIwHhcNMjQwMTAyMTIzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdlMGE4NmMyZDUyNWY4MzdjYTQ4M2RiZmVlMTYzMmEzMTI4ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTBrssO3Nrc1iNXSHzujbzoUll7G
QwC4kVGFmk1Oj8iqZORk686fDcXB0ygf8ilitPnPtCseubE31g6iAD2edcmuKZ9v
mntYK/dHJnW7W+eW7Ovy7Onk4Ye3xxzjx7varm3nAD0Zz7fAj5fWv0c0Ccwo8U6L
TF+JQxeKlxRtN2/Fqik7a68I3NL5f2ySeupnt05tu4c+awrzqRTHSyTqCE6CbL7y
FFmHJomViaFb0MOVaa8VnUAZnbQCXM8Z+csLcN57O1Nm6YhErN7OHcLLwKNLXgYj
SPK3AdsUQTIldxT1IlTjS0RX2ICOnAUVpSb7U2IOzkx5NWxSHZUZONq/gQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLd+CobC1SX4N8pIPb/uFjKjEo1xMB8GA1UdIwQY
MBaAFPitEQ056VtULfjSBx2SRUaaG59CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMFJEVG5wVzFRdC1OSUhIWkpGUnBvYm4wSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvNjBlNjNjLWU2M2ItNGUxNi1hNWVi
LTc5YTViMzk3OGZmMi8xL3QzNEtoc0xWSmZnM3lrZzl2LTRXTXFNU2pYRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvNjBlNjNjLWU2M2ItNGUxNi1hNWViLTc5YTViMzk3OGZm
Mi8xLzEtSzBSRFRucFcxUXQtTklISFpKRlJwb2JuMEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAItgmwD
BAJVdIgDBAK5fswwDQQCAAIwBwMFAyoGwQAwDQYJKoZIhvcNAQELBQADggEBALP1
rt3KfUHa38sqrjAXD/9TAqnQra1hJY6scBTvi8a5NutusOh8fzSLzZSyBEICYmZU
6dNEAiGf0JOhZ7ViWpTPhzWOnU0ol3yJNotnszNbuUAHlM9zTCO+PtJQhjqZ222r
tJXubYLOqsOUQY1eSNxc0yc5WFDOj/2CT75LW4FX5sfZYFWg6GCIYpf61fvJUa6B
ksRUOr0skm5Mk/BdKZsjdaed5A1MH5na5R6VFFdGgNDCtHkOXXCzq2JZP+U2WtaO
LZ6+a6NDdYz7eMF+5yCELG2jBA8iT/a0t96W27HLq7avtUQzNsB4aSmxqTtPOfO1
FR/o+NuwZBDAs2mKe+g=
-----END CERTIFICATE-----
Generated at Fri May 17 23:58:00 2024 by rpki-client on console-fra.rpki-client.org