Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/8BqVktcgcrdcVByLHfHU94YCx-U.roa
File: 8BqVktcgcrdcVByLHfHU94YCx-U.roa (raw, json)
Hash identifier: jkmSRZhbRlApFwTesSrU4Y3ypwNlU8PrxqXbJ44jSXg=
Subject key identifier: F0:1A:95:92:D7:20:72:B7:5C:54:1C:8B:1D:F1:D4:F7:86:02:C7:E5
Certificate issuer: /CN=3b230442feae9fc26b8bd887faa0ed0275827a58
Certificate serial: 018CC26D0CEC4FDEE7AF55D87DF7C43E602A
Authority key identifier: 3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/8BqVktcgcrdcVByLHfHU94YCx-U.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48951
IP address blocks: 82.210.192.0/18 maxlen: 18
82.210.224.0/19 maxlen: 19
78.140.64.0/24 maxlen: 24
78.140.64.0/21 maxlen: 21
82.210.254.0/24 maxlen: 24
78.140.65.0/24 maxlen: 24
78.140.64.0/18 maxlen: 18
78.140.67.0/24 maxlen: 24
82.210.255.0/24 maxlen: 24
78.140.66.0/24 maxlen: 24
78.140.68.0/24 maxlen: 24
78.140.72.0/22 maxlen: 22
78.140.72.0/24 maxlen: 24
78.140.76.0/24 maxlen: 24
78.140.76.0/22 maxlen: 22
78.140.81.0/24 maxlen: 24
78.140.80.0/23 maxlen: 23
78.140.80.0/24 maxlen: 24
93.122.80.0/22 maxlen: 22
93.122.84.0/22 maxlen: 22
81.7.208.0/22 maxlen: 22
81.7.208.0/21 maxlen: 21
93.122.88.0/22 maxlen: 22
93.122.92.0/22 maxlen: 22
81.7.216.0/21 maxlen: 21
81.7.216.0/22 maxlen: 22
81.7.220.0/22 maxlen: 22
93.122.44.0/22 maxlen: 22
93.122.40.0/22 maxlen: 22
93.122.48.0/22 maxlen: 22
93.122.52.0/22 maxlen: 22
93.122.56.0/22 maxlen: 22
93.122.60.0/22 maxlen: 22
93.122.64.0/22 maxlen: 22
81.7.192.0/19 maxlen: 19
93.122.68.0/22 maxlen: 22
93.122.72.0/21 maxlen: 21
185.149.164.0/22 maxlen: 22
194.41.39.0/24 maxlen: 24
93.122.0.0/17 maxlen: 17
2a01:666:400::/40 maxlen: 40
2a01:666::/40 maxlen: 40
2a01:666::/32 maxlen: 32
2a01:667::/40 maxlen: 40
2a01:667:400::/40 maxlen: 40
2a01:667::/32 maxlen: 32
2a01:664:1600::/40 maxlen: 40
2a01:664:1300::/40 maxlen: 40
2a01:664:1200::/40 maxlen: 40
2a01:664:1700::/40 maxlen: 40
2a01:664:1800::/40 maxlen: 40
2a01:664:1a00::/40 maxlen: 40
2a01:664:1900::/40 maxlen: 40
2a01:664::/38 maxlen: 38
2a01:664:800::/38 maxlen: 38
2a01:664:1200::/39 maxlen: 39
2a01:660::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/OyMEQv6un8Jri9iH-qDtAnWCelg.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/OyMEQv6un8Jri9iH-qDtAnWCelg.mft
rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0c:ec:4f:de:e7:af:55:d8:7d:f7:c4:3e:60:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b230442feae9fc26b8bd887faa0ed0275827a58
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f01a9592d72072b75c541c8b1df1d4f78602c7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:25:71:7c:9a:5c:62:61:09:7e:cd:43:6c:e9:
dc:6a:85:49:4d:d0:88:32:30:89:f4:e9:6c:8d:c1:
8a:9c:e5:a9:4b:85:7b:1d:14:7b:24:97:81:51:2e:
ed:24:c7:f7:57:53:01:af:10:ca:a1:3a:df:84:cd:
f9:4e:7f:a3:d6:10:cf:e3:dc:40:4f:94:5c:12:13:
80:54:6d:32:cc:04:63:09:33:96:7d:05:a2:d9:70:
b1:4a:0e:a9:10:c3:f4:f4:e3:8c:42:94:58:f9:f8:
cb:1a:de:c4:46:f9:dd:3b:cb:b6:76:b8:61:2f:6d:
ad:48:77:cf:1a:76:d7:2a:86:67:5a:74:6e:58:3f:
68:b4:a6:b9:35:54:7f:fe:6f:13:5e:db:44:f8:7c:
33:d1:36:61:8e:1a:02:ea:0d:d9:c6:1d:25:c0:a6:
96:be:60:c5:00:51:6d:b2:b5:ac:18:3b:dd:09:e0:
d9:bd:68:0e:0f:28:29:99:08:c9:a8:0c:bf:11:49:
cc:6e:e7:89:fd:6c:bf:7b:10:d6:cd:b7:cf:d4:71:
4a:2b:87:98:2a:a2:9d:76:58:e8:09:59:8d:6b:1e:
4a:b8:d0:a6:53:1c:36:1f:3c:89:a6:44:21:3c:4b:
c9:39:39:fe:1b:e9:c8:7e:ce:f8:ce:32:9c:2b:3b:
61:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1A:95:92:D7:20:72:B7:5C:54:1C:8B:1D:F1:D4:F7:86:02:C7:E5
X509v3 Authority Key Identifier:
keyid:3B:23:04:42:FE:AE:9F:C2:6B:8B:D8:87:FA:A0:ED:02:75:82:7A:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OyMEQv6un8Jri9iH-qDtAnWCelg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/8BqVktcgcrdcVByLHfHU94YCx-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3a1094-9b70-4251-b68f-7267073761d4/1/OyMEQv6un8Jri9iH-qDtAnWCelg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.140.64.0/18
81.7.192.0/19
82.210.192.0/18
93.122.0.0/17
185.149.164.0/22
194.41.39.0/24
IPv6:
2a01:660::/29
Signature Algorithm: sha256WithRSAEncryption
00:94:0f:82:39:94:4e:34:b4:f0:4e:81:dd:12:a0:df:ec:bf:
6a:bc:13:70:ac:45:b1:b0:6b:87:3c:99:6d:e7:ba:2b:0e:e0:
02:d4:47:20:61:0a:40:1c:99:2f:4e:4e:e8:67:f1:42:e8:f7:
c5:65:25:3d:59:43:5e:e3:b7:a3:ce:5b:43:5c:93:55:b9:20:
5e:2d:c8:4f:93:b7:43:97:31:68:67:4d:8a:a4:f0:7d:3d:d5:
21:26:71:7c:82:e8:6d:84:61:df:a9:e8:90:8f:13:41:77:b5:
0f:b6:95:9b:7c:5c:88:d2:8c:18:eb:a2:3d:15:52:30:cd:9b:
a5:9e:4f:1c:45:10:6b:27:86:30:37:6a:ad:04:30:9a:d7:40:
45:e2:09:a2:95:a7:88:6a:37:56:97:2d:fd:37:8e:4b:c2:0d:
71:1c:75:dd:9b:a8:27:b0:b0:0d:03:03:ad:b0:59:0f:94:85:
22:9c:d5:79:d5:6e:b1:d9:6d:bb:e4:66:f6:0f:70:39:c6:d7:
d3:e2:3e:6f:68:6a:28:05:13:57:7e:f8:b2:58:da:e7:ee:63:
eb:15:25:2b:3d:5b:a0:cc:f7:64:8f:0e:55:60:11:f1:af:2f:
53:e2:f7:ad:32:da:e4:89:56:d5:d0:78:0b:80:9f:a2:61:3d:
0b:c2:45:b7
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzCbQzsT97nr1XYfffEPmAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMjMwNDQyZmVhZTlmYzI2YjhiZDg4N2ZhYTBlZDAyNzU4
MjdhNTgwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDFhOTU5MmQ3MjA3MmI3NWM1NDFjOGIxZGYxZDRmNzg2MDJjN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSVxfJpcYmEJfs1DbOncaoVJTdCI
MjCJ9OlsjcGKnOWpS4V7HRR7JJeBUS7tJMf3V1MBrxDKoTrfhM35Tn+j1hDP49xA
T5RcEhOAVG0yzARjCTOWfQWi2XCxSg6pEMP09OOMQpRY+fjLGt7ERvndO8u2drhh
L22tSHfPGnbXKoZnWnRuWD9otKa5NVR//m8TXttE+Hwz0TZhjhoC6g3Zxh0lwKaW
vmDFAFFtsrWsGDvdCeDZvWgODygpmQjJqAy/EUnMbueJ/Wy/exDWzbfP1HFKK4eY
KqKddljoCVmNax5KuNCmUxw2HzyJpkQhPEvJOTn+G+nIfs74zjKcKzthKwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPAalZLXIHK3XFQcix3x1PeGAsflMB8GA1UdIwQY
MBaAFDsjBEL+rp/Ca4vYh/qg7QJ1gnpYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYt
NzI2NzA3Mzc2MWQ0LzEvOEJxVmt0Y2djcmRjVkJ5TEhmSFU5NFlDeC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zYTEwOTQtOWI3MC00MjUxLWI2OGYtNzI2NzA3Mzc2MWQ0
LzEvT3lNRVF2NnVuOEpyaTlpSC1xRHRBbldDZWxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGToxAAwQF
UQfAAwQGUtLAAwQHXXoAAwQCuZWkAwQAwiknMA0EAgACMAcDBQMqAQZgMA0GCSqG
SIb3DQEBCwUAA4IBAQAAlA+COZRONLTwToHdEqDf7L9qvBNwrEWxsGuHPJlt57or
DuAC1EcgYQpAHJkvTk7oZ/FC6PfFZSU9WUNe47ejzltDXJNVuSBeLchPk7dDlzFo
Z02KpPB9PdUhJnF8guhthGHfqeiQjxNBd7UPtpWbfFyI0owY66I9FVIwzZulnk8c
RRBrJ4YwN2qtBDCa10BF4gmilaeIajdWly39N45Lwg1xHHXdm6gnsLANAwOtsFkP
lIUinNV51W6x2W275Gb2D3A5xtfT4j5vaGooBRNXfviyWNrn7mPrFSUrPVugzPdk
jw5VYBHxry9T4vetMtrkiVbV0HgLgJ+iYT0LwkW3
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:12:00 2024 by rpki-client on console-ams.rpki-client.org