Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/8q20AD5cnij2ekbAcXZG5ZG1zqg.roa
File: 8q20AD5cnij2ekbAcXZG5ZG1zqg.roa (raw, json)
Hash identifier: 6lhuyI+zMmF+Ttdu9Fh9dcEjzvizQqBB+EFyhF8GU40=
Subject key identifier: F2:AD:B4:00:3E:5C:9E:28:F6:7A:46:C0:71:76:46:E5:91:B5:CE:A8
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 018CC26D028199786D551E936C6196BF0313
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/8q20AD5cnij2ekbAcXZG5ZG1zqg.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 264617
IP address blocks: 45.113.238.0/24 maxlen: 24
147.185.250.0/24 maxlen: 24
43.245.119.0/24 maxlen: 24
193.36.172.0/24 maxlen: 24
193.36.86.0/24 maxlen: 24
147.185.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:02:81:99:78:6d:55:1e:93:6c:61:96:bf:03:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2adb4003e5c9e28f67a46c0717646e591b5cea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:95:b4:2d:e2:07:54:8d:45:98:a2:2b:37:2f:
82:79:da:13:3e:8e:4d:38:af:04:f5:44:1e:8b:d8:
89:03:c6:42:54:77:4d:a5:c6:5d:46:d2:69:4c:f1:
8a:4c:4e:9f:dd:00:67:d1:e5:83:25:dd:33:1d:16:
c9:04:11:83:ff:2e:24:5b:c4:10:64:4f:2a:fc:c2:
93:eb:5f:99:58:e9:99:2f:6d:fe:8e:fa:fe:e6:c9:
77:00:e9:37:6e:62:40:6e:a2:4a:28:4a:2e:02:64:
2a:e0:62:cf:4a:41:45:b5:22:b3:75:c6:6b:4e:10:
7a:c7:1f:73:f0:e5:e5:75:1a:b3:6e:73:95:59:e0:
4d:ed:1c:dc:b9:f2:08:ac:d9:c6:76:aa:ea:bc:37:
a4:4a:61:70:2f:66:1b:84:0c:9d:18:ed:e5:f0:70:
c8:f0:a7:46:2e:01:70:e3:c5:24:7e:40:a2:cb:4d:
25:7f:a5:1b:e2:db:e5:8a:3d:82:c6:dd:f8:29:90:
a1:b7:d8:ac:ab:b8:1b:1d:6f:31:3d:c9:5a:ec:8e:
2c:b0:b8:4a:bd:5d:32:cf:54:38:99:ba:1d:2d:e0:
13:08:ca:11:c8:fe:c3:52:75:9e:d1:02:d0:43:2c:
4f:d2:2c:5b:6c:f7:94:2f:a1:a7:e4:90:70:e4:8a:
4d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AD:B4:00:3E:5C:9E:28:F6:7A:46:C0:71:76:46:E5:91:B5:CE:A8
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/8q20AD5cnij2ekbAcXZG5ZG1zqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.245.119.0/24
45.113.238.0/24
147.185.217.0/24
147.185.250.0/24
193.36.86.0/24
193.36.172.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:6d:a5:c5:d6:7c:68:e4:0d:08:52:ac:12:e8:6b:1d:b8:f0:
55:fe:e6:35:0a:47:d3:4a:98:b0:f6:0c:6b:18:fc:18:94:cc:
b2:21:67:af:30:52:64:95:4e:89:79:f0:c8:27:ae:f3:3f:6f:
45:48:b7:76:a6:9e:3b:85:f1:06:ba:4d:83:85:17:62:b1:6e:
b8:f9:f5:e5:e0:93:d7:fa:1b:6b:dd:13:70:15:a1:5c:f8:35:
56:04:5d:95:55:6d:c1:c8:eb:2e:db:7b:b9:a5:07:88:18:e7:
e4:0e:08:87:d2:55:e7:55:8b:84:20:d8:b0:d7:b9:f6:72:98:
cb:4a:56:b6:71:e0:88:48:fb:4a:40:0b:f5:08:02:7e:73:d8:
96:5b:7a:dc:32:1b:07:87:a5:22:de:24:52:b4:53:69:52:f7:
90:25:40:98:50:4c:ec:60:29:61:d6:8b:41:d3:be:bd:6d:7d:
34:b4:4b:07:6d:ec:9b:47:71:25:40:d4:dd:fe:d4:b0:57:32:
46:7a:b1:8b:00:04:8e:07:15:5b:f3:af:0c:c7:9d:81:cc:f8:
2e:37:fc:6f:50:fe:13:e8:2e:a7:71:ce:f4:d7:4d:8d:8e:12:
f1:9f:81:f4:c6:1f:3d:76:8d:5b:4f:0f:83:40:c9:07:10:94:
e7:5c:c9:b0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzCbQKBmXhtVR6TbGGWvwMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFkYjQwMDNlNWM5ZTI4ZjY3YTQ2YzA3MTc2NDZlNTkxYjVjZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5W0LeIHVI1FmKIrNy+CedoTPo5N
OK8E9UQei9iJA8ZCVHdNpcZdRtJpTPGKTE6f3QBn0eWDJd0zHRbJBBGD/y4kW8QQ
ZE8q/MKT61+ZWOmZL23+jvr+5sl3AOk3bmJAbqJKKEouAmQq4GLPSkFFtSKzdcZr
ThB6xx9z8OXldRqzbnOVWeBN7RzcufIIrNnGdqrqvDekSmFwL2YbhAydGO3l8HDI
8KdGLgFw48UkfkCiy00lf6Ub4tvlij2Cxt34KZCht9isq7gbHW8xPcla7I4ssLhK
vV0yz1Q4mbodLeATCMoRyP7DUnWe0QLQQyxP0ixbbPeUL6Gn5JBw5IpNpwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPKttAA+XJ4o9npGwHF2RuWRtc6oMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvOHEyMEFENWNuaWoyZWtiQWNYWkc1WkcxenFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAK/V3AwQA
LXHuAwQAk7nZAwQAk7n6AwQAwSRWAwQAwSSsMA0GCSqGSIb3DQEBCwUAA4IBAQDS
baXF1nxo5A0IUqwS6GsduPBV/uY1CkfTSpiw9gxrGPwYlMyyIWevMFJklU6JefDI
J67zP29FSLd2pp47hfEGuk2DhRdisW64+fXl4JPX+htr3RNwFaFc+DVWBF2VVW3B
yOsu23u5pQeIGOfkDgiH0lXnVYuEINiw17n2cpjLSla2ceCISPtKQAv1CAJ+c9iW
W3rcMhsHh6Ui3iRStFNpUveQJUCYUEzsYClh1otB0769bX00tEsHbeybR3ElQNTd
/tSwVzJGerGLAASOBxVb868Mx52BzPguN/xvUP4T6C6ncc70102NjhLxn4H0xh89
do1bTw+DQMkHEJTnXMmw
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:35:13 2024 by rpki-client on console-ams.rpki-client.org