Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/O8jIpfEeh9pPw6a36hUfliGDnmE.roa
File: O8jIpfEeh9pPw6a36hUfliGDnmE.roa (raw, json)
Hash identifier: 9I1lUpfvNjlhfJMDxxhfR8Jo1qp5PJWUXDecPmoU2/E=
Subject key identifier: 3B:C8:C8:A5:F1:1E:87:DA:4F:C3:A6:B7:EA:15:1F:96:21:83:9E:61
Certificate issuer: /CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Certificate serial: 018CC8DEAF16F62A10230F10715CA0DC8C10
Authority key identifier: C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/O8jIpfEeh9pPw6a36hUfliGDnmE.roa
Signing time: Tue 02 Jan 2024 06:31:26 +0000
ROA not before: Tue 02 Jan 2024 06:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202701
IP address blocks: 194.5.100.0/22 maxlen: 24
185.156.204.0/22 maxlen: 24
2a07:a106::/32 maxlen: 32
2a07:a104::/32 maxlen: 32
2a0c:e840::/29 maxlen: 29
2a07:a105::/32 maxlen: 32
2a07:a107::/32 maxlen: 32
2a07:a100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/yPJYziA-BKM_TpBlEVOyWc_6Pog.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/yPJYziA-BKM_TpBlEVOyWc_6Pog.mft
rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:af:16:f6:2a:10:23:0f:10:71:5c:a0:dc:8c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Validity
Not Before: Jan 2 06:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bc8c8a5f11e87da4fc3a6b7ea151f9621839e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f2:fc:c8:3a:a6:7e:d4:d1:99:68:10:cc:71:
1c:d7:f7:8f:dd:ff:f9:62:50:6a:c1:f5:11:95:e1:
be:1b:83:ea:05:3e:cd:1b:7c:ab:50:b2:fb:2e:3d:
cd:fe:49:d9:bf:eb:96:9b:87:58:e1:b0:2e:6d:a0:
1a:f7:03:f8:22:d5:2d:9d:85:2f:95:4a:b3:8d:6a:
14:d7:d6:df:11:40:80:6f:c3:35:7a:54:77:db:36:
6f:c6:00:ef:a8:97:b3:21:a0:a2:69:49:15:b9:8f:
fb:11:3b:2d:85:4f:14:bb:f2:4d:ad:b0:eb:ab:d7:
34:a6:f8:e3:1f:3d:20:90:eb:1b:e7:82:67:e8:15:
b5:71:80:2f:b7:bf:33:68:20:f9:bd:a3:0a:f9:0d:
0f:a3:68:de:85:f8:b5:08:85:2d:f4:f3:5b:58:e6:
23:5e:6a:59:3c:e2:33:69:40:8e:5d:c9:ab:89:56:
59:fd:72:b3:4a:a2:2d:8d:a6:49:f1:02:30:8d:3a:
14:b6:d7:b0:c4:5c:d1:a2:f9:5d:8e:a5:22:89:09:
bc:3b:02:8a:ad:ac:4e:c7:80:57:62:0a:c3:e5:dd:
68:df:e2:64:92:f8:ce:d3:2c:98:50:c4:1f:c4:59:
33:78:53:26:50:dd:88:e5:13:ee:cf:48:8d:bb:79:
2a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C8:C8:A5:F1:1E:87:DA:4F:C3:A6:B7:EA:15:1F:96:21:83:9E:61
X509v3 Authority Key Identifier:
keyid:C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/O8jIpfEeh9pPw6a36hUfliGDnmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/yPJYziA-BKM_TpBlEVOyWc_6Pog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.204.0/22
194.5.100.0/22
IPv6:
2a07:a100::/29
2a0c:e840::/29
Signature Algorithm: sha256WithRSAEncryption
05:76:10:71:dd:bf:a8:58:8d:be:5a:46:6f:23:16:92:a1:81:
96:8f:40:f8:b4:78:c3:b3:2a:06:d2:2e:89:d1:4a:7c:68:96:
bc:d4:14:05:8a:f4:19:6e:47:5e:41:41:b8:19:f4:8c:f5:e6:
0a:0b:de:df:e0:66:c6:fa:17:2a:26:b2:9e:29:3d:40:35:09:
88:aa:df:3f:80:ac:1d:b2:d5:30:0b:16:dc:94:3d:a9:c2:39:
b2:2d:2a:68:84:2c:e1:61:3a:8e:58:ea:3f:26:8c:65:30:55:
70:c0:2e:08:45:60:ec:ff:7e:83:93:ee:0b:66:79:08:55:f9:
1e:b8:52:9c:97:0a:83:27:28:e4:8f:c8:a1:0b:63:09:9a:66:
e2:3f:84:d5:d3:d8:e4:ad:1b:38:72:2c:da:68:df:4a:f8:ad:
f8:33:c9:8c:a0:58:f7:96:f7:71:aa:33:52:1a:46:0d:2c:2f:
cd:c5:f3:f0:89:af:1d:a1:42:6f:e3:2d:d9:72:75:2f:9d:bc:
8f:7d:f7:32:1f:c9:f6:65:e1:08:df:f3:f0:6f:d2:c7:46:c2:
c6:40:54:75:4b:de:ad:63:51:e6:52:a7:72:72:8e:10:8c:57:
ad:94:f5:f5:1c:10:0f:65:4d:33:9e:ca:fb:1f:4c:05:56:96:
df:fe:90:cd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzI3q8W9ioQIw8QcVyg3IwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjI1OGNlMjAzZTA0YTMzZjRlOTA2NTExNTNiMjU5Y2Zm
YTNlODgwHhcNMjQwMTAyMDYzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM4YzhhNWYxMWU4N2RhNGZjM2E2YjdlYTE1MWY5NjIxODM5ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfL8yDqmftTRmWgQzHEc1/eP3f/5
YlBqwfURleG+G4PqBT7NG3yrULL7Lj3N/knZv+uWm4dY4bAubaAa9wP4ItUtnYUv
lUqzjWoU19bfEUCAb8M1elR32zZvxgDvqJezIaCiaUkVuY/7ETsthU8Uu/JNrbDr
q9c0pvjjHz0gkOsb54Jn6BW1cYAvt78zaCD5vaMK+Q0Po2jehfi1CIUt9PNbWOYj
XmpZPOIzaUCOXcmriVZZ/XKzSqItjaZJ8QIwjToUttewxFzRovldjqUiiQm8OwKK
raxOx4BXYgrD5d1o3+JkkvjO0yyYUMQfxFkzeFMmUN2I5RPuz0iNu3kqKwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDvIyKXxHofaT8Omt+oVH5Yhg55hMB8GA1UdIwQY
MBaAFMjyWM4gPgSjP06QZRFTslnP+j6IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBKWXppQS1CS01fVHBCbEVWT3lXY182UG9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8xZjNjNGQtNTllNC00OTM3LWJjMTQt
NmM4OGJmYTdiNTVjLzEvTzhqSXBmRWVoOXBQdzZhMzZoVWZsaUdEbm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8xZjNjNGQtNTllNC00OTM3LWJjMTQtNmM4OGJmYTdiNTVj
LzEveVBKWXppQS1CS01fVHBCbEVWT3lXY182UG9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuZzMAwQC
wgVkMBQEAgACMA4DBQMqB6EAAwUDKgzoQDANBgkqhkiG9w0BAQsFAAOCAQEABXYQ
cd2/qFiNvlpGbyMWkqGBlo9A+LR4w7MqBtIuidFKfGiWvNQUBYr0GW5HXkFBuBn0
jPXmCgve3+BmxvoXKiaynik9QDUJiKrfP4CsHbLVMAsW3JQ9qcI5si0qaIQs4WE6
jljqPyaMZTBVcMAuCEVg7P9+g5PuC2Z5CFX5HrhSnJcKgyco5I/IoQtjCZpm4j+E
1dPY5K0bOHIs2mjfSvit+DPJjKBY95b3caozUhpGDSwvzcXz8ImvHaFCb+Mt2XJ1
L528j333Mh/J9mXhCN/z8G/Sx0bCxkBUdUverWNR5lKncnKOEIxXrZT19RwQD2VN
M57K+x9MBVaW3/6QzQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:12:20 2024 by rpki-client on console-fra.rpki-client.org