Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/08f4U5olwxHnldXUiRVnPMGj9us.roa
File: 08f4U5olwxHnldXUiRVnPMGj9us.roa (raw, json)
Hash identifier: T7dZ5MW7WG2ZcGAcj+EGh1GfvoVtAuRCu20W3A9TS5I=
Subject key identifier: D3:C7:F8:53:9A:25:C3:11:E7:95:D5:D4:89:15:67:3C:C1:A3:F6:EB
Certificate issuer: /CN=0830bc34b8f4fcbc2bf523bbdbe9a044a2445fbe
Certificate serial: 01929450BC126A4C3AF787234A45A76079A5
Authority key identifier: 08:30:BC:34:B8:F4:FC:BC:2B:F5:23:BB:DB:E9:A0:44:A2:44:5F:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/08f4U5olwxHnldXUiRVnPMGj9us.roa
Signing time: Wed 16 Oct 2024 07:52:51 +0000
ROA not before: Wed 16 Oct 2024 07:52:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 5.154.244.0/22 maxlen: 23
5.154.246.0/23 maxlen: 23
185.48.80.0/23 maxlen: 23
185.48.82.0/23 maxlen: 23
2a01:9560::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/CDC8NLj0_Lwr9SO72-mgRKJEX74.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/CDC8NLj0_Lwr9SO72-mgRKJEX74.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:50:bc:12:6a:4c:3a:f7:87:23:4a:45:a7:60:79:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0830bc34b8f4fcbc2bf523bbdbe9a044a2445fbe
Validity
Not Before: Oct 16 07:52:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3c7f8539a25c311e795d5d48915673cc1a3f6eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:92:7e:3c:d0:7e:dd:ad:b9:7e:6c:9a:f8:e7:
94:1d:27:97:c1:e3:bd:5e:6b:bc:b4:e9:a1:ca:50:
6e:1b:d7:6f:b5:e7:5e:c0:d6:58:d3:ce:fe:93:54:
e2:1d:00:e2:b4:26:bb:42:06:29:04:75:dc:2e:6e:
21:e0:47:79:66:9a:2b:5c:60:a8:5f:e9:5d:0a:39:
ce:62:4c:9e:f7:4f:2a:79:b3:f5:6a:ae:2a:82:19:
ee:4f:a8:63:4a:56:3f:06:b3:57:60:5e:30:98:91:
eb:72:4e:02:61:88:48:5e:64:2e:e6:3e:8b:52:37:
a8:6e:b8:da:bc:4a:40:d4:da:df:ce:0d:19:91:48:
67:96:48:bd:86:d1:a3:a3:75:de:58:9a:3c:65:58:
fd:32:6b:81:cc:c3:03:59:a3:72:0a:54:9c:21:cb:
3b:02:8c:e6:51:37:29:98:81:a9:4c:17:f0:33:d7:
8c:fb:83:03:44:68:0a:ed:81:3d:7d:60:92:8e:0d:
6d:85:38:25:2b:b9:83:b8:50:da:b6:48:46:0a:9a:
48:3e:25:5b:37:ed:f6:93:11:57:1e:0a:f7:cf:ee:
0a:97:74:35:00:25:c5:9e:95:22:37:71:59:ae:18:
ba:b6:87:cc:37:19:a9:da:5e:9e:67:97:44:e2:fc:
e8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C7:F8:53:9A:25:C3:11:E7:95:D5:D4:89:15:67:3C:C1:A3:F6:EB
X509v3 Authority Key Identifier:
keyid:08:30:BC:34:B8:F4:FC:BC:2B:F5:23:BB:DB:E9:A0:44:A2:44:5F:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDC8NLj0_Lwr9SO72-mgRKJEX74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/08f4U5olwxHnldXUiRVnPMGj9us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3fa36d-8faf-4bdc-ad9e-013c1f01edb9/1/CDC8NLj0_Lwr9SO72-mgRKJEX74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.244.0/22
185.48.80.0/22
IPv6:
2a01:9560::/32
Signature Algorithm: sha256WithRSAEncryption
32:73:64:cb:50:0c:05:6d:55:83:3f:af:97:a2:61:10:44:ee:
fb:54:32:7c:d3:1e:51:b0:01:0b:d6:47:b3:1e:43:46:4c:fc:
03:d5:6c:b6:08:fc:fb:26:28:fb:1a:21:42:bd:01:62:70:9b:
cc:5a:19:97:4d:17:69:fe:dd:d1:1c:d2:a2:d8:cf:3d:7a:28:
da:79:de:ff:ee:b8:6d:11:9a:3d:2a:3c:e4:5b:92:de:5b:cc:
15:13:f9:c5:f5:39:e0:bf:02:c9:d1:45:c4:58:c9:1b:24:d6:
b0:93:ae:df:3f:5d:a1:1a:9a:43:d8:ee:0b:7d:03:ef:2a:2c:
b3:fe:80:e6:01:a3:90:70:9d:d1:5c:d8:cd:d2:de:b1:c8:4a:
42:32:76:31:3d:08:70:56:29:b1:6c:17:58:6e:ce:41:e8:73:
84:7c:7a:9c:28:a9:a6:9e:80:12:8f:f8:9d:df:88:76:15:16:
2a:1d:25:1c:4a:6a:9c:61:5a:d6:00:45:14:c1:ab:26:2f:61:
f8:d4:c7:f8:09:fe:2d:f6:5c:51:5f:0a:15:89:ca:93:82:a2:
35:e9:80:ef:a5:b7:eb:81:b6:2a:95:01:ef:8b:8e:d7:bb:b2:
dc:aa:c7:e6:db:30:86:66:6d:f8:7c:25:10:51:45:25:ac:3a:
85:7c:53:1e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZKUULwSakw694cjSkWnYHmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzBiYzM0YjhmNGZjYmMyYmY1MjNiYmRiZTlhMDQ0YTI0
NDVmYmUwHhcNMjQxMDE2MDc1MjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2M3Zjg1MzlhMjVjMzExZTc5NWQ1ZDQ4OTE1NjczY2MxYTNmNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZJ+PNB+3a25fmya+OeUHSeXweO9
Xmu8tOmhylBuG9dvtedewNZY087+k1TiHQDitCa7QgYpBHXcLm4h4Ed5ZporXGCo
X+ldCjnOYkye908qebP1aq4qghnuT6hjSlY/BrNXYF4wmJHrck4CYYhIXmQu5j6L
UjeobrjavEpA1Nrfzg0ZkUhnlki9htGjo3XeWJo8ZVj9MmuBzMMDWaNyClScIcs7
AozmUTcpmIGpTBfwM9eM+4MDRGgK7YE9fWCSjg1thTglK7mDuFDatkhGCppIPiVb
N+32kxFXHgr3z+4Kl3Q1ACXFnpUiN3FZrhi6tofMNxmp2l6eZ5dE4vzoswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNPH+FOaJcMR55XV1IkVZzzBo/brMB8GA1UdIwQY
MBaAFAgwvDS49Py8K/Uju9vpoESiRF++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RDOE5MajBfTHdyOVNPNzItbWdSS0pFWDc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zZmEzNmQtOGZhZi00YmRjLWFkOWUt
MDEzYzFmMDFlZGI5LzEvMDhmNFU1b2x3eEhubGRYVWlSVm5QTUdqOXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zZmEzNmQtOGZhZi00YmRjLWFkOWUtMDEzYzFmMDFlZGI5
LzEvQ0RDOE5MajBfTHdyOVNPNzItbWdSS0pFWDc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBZr0AwQC
uTBQMA0EAgACMAcDBQAqAZVgMA0GCSqGSIb3DQEBCwUAA4IBAQAyc2TLUAwFbVWD
P6+XomEQRO77VDJ80x5RsAEL1kezHkNGTPwD1Wy2CPz7Jij7GiFCvQFicJvMWhmX
TRdp/t3RHNKi2M89eijaed7/7rhtEZo9KjzkW5LeW8wVE/nF9TngvwLJ0UXEWMkb
JNawk67fP12hGppD2O4LfQPvKiyz/oDmAaOQcJ3RXNjN0t6xyEpCMnYxPQhwVimx
bBdYbs5B6HOEfHqcKKmmnoASj/id34h2FRYqHSUcSmqcYVrWAEUUwasmL2H41Mf4
Cf4t9lxRXwoVicqTgqI16YDvpbfrgbYqlQHvi47Xu7Lcqsfm2zCGZm34fCUQUUUl
rDqFfFMe
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:37:02 2024 by rpki-client on console-fra.rpki-client.org