Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/CF8z_JfS3FdOLTWt4pnSrOuvkCE.roa
File: CF8z_JfS3FdOLTWt4pnSrOuvkCE.roa (raw, json)
Hash identifier: 1UuENJ9cfPTe14LLOiQoAMn0K55s1jJl4lh0E2Ff2ZE=
Subject key identifier: 08:5F:33:FC:97:D2:DC:57:4E:2D:35:AD:E2:99:D2:AC:EB:AF:90:21
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0190E4F958732ED9C33B3AC762671603FDB4
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/CF8z_JfS3FdOLTWt4pnSrOuvkCE.roa
Signing time: Wed 24 Jul 2024 13:41:04 +0000
ROA not before: Wed 24 Jul 2024 13:41:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
194.242.63.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:f9:58:73:2e:d9:c3:3b:3a:c7:62:67:16:03:fd:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jul 24 13:41:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=085f33fc97d2dc574e2d35ade299d2acebaf9021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7f:ae:82:60:b9:60:35:75:18:74:4c:3e:e6:
a0:52:49:53:a2:de:88:4d:65:99:18:e4:9e:49:38:
cc:b3:7e:92:ba:cf:41:ea:c1:cc:0d:63:f9:70:15:
50:e8:05:dd:a8:c4:97:8b:49:0b:96:63:c6:e3:cb:
bb:5f:8e:a8:40:f2:54:ad:8d:72:3b:44:02:3b:bf:
08:78:80:f3:8f:fe:a8:1e:c4:d6:df:71:71:37:64:
fa:86:bc:2c:f3:b4:58:e9:f1:40:be:71:7f:3c:53:
29:36:4b:74:f4:a5:cf:3d:9f:52:af:4a:8d:89:3a:
80:db:06:35:74:bf:e8:ef:ae:07:06:ab:84:b7:7a:
85:6e:8a:0a:c3:07:6a:8e:0d:10:af:5c:ae:8b:0e:
1d:7f:c8:f1:b0:47:57:23:c4:38:52:0f:20:10:3d:
d6:40:68:02:d1:da:9a:15:a9:12:b5:d1:cb:11:31:
8f:e5:ef:30:1a:5f:5c:b5:7c:a2:ab:f5:d1:21:87:
f3:b7:b6:fe:cc:a0:c9:84:d6:7a:54:1f:5d:5b:56:
98:30:ee:20:e4:6d:b4:f7:1e:75:4e:ff:de:b2:17:
e2:b1:bf:6b:17:96:77:24:22:9f:99:05:05:ae:25:
49:8b:ca:92:fe:aa:d2:aa:39:84:21:02:58:4d:c4:
c6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5F:33:FC:97:D2:DC:57:4E:2D:35:AD:E2:99:D2:AC:EB:AF:90:21
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/CF8z_JfS3FdOLTWt4pnSrOuvkCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
194.242.63.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
73:d3:68:1a:f8:61:4f:ae:6e:84:03:c2:89:e8:91:27:ae:d0:
8b:8f:82:b6:1a:e1:41:db:77:ff:48:74:e7:c9:de:6d:25:3b:
44:09:8a:49:d6:97:9a:e1:b6:89:69:0a:96:11:07:d8:13:65:
64:1c:12:dd:90:f8:40:e9:4e:7e:3c:85:62:f6:e7:e3:43:58:
9d:c0:5d:8a:5f:9c:7b:82:f6:be:b0:31:6b:b9:14:a0:27:4c:
e4:5f:be:dc:a2:41:a3:ec:51:b3:9d:1a:a6:04:cc:5e:ee:4a:
03:53:c7:03:7c:a5:89:c7:86:04:31:df:0a:02:fb:80:3d:6c:
bb:be:a5:90:58:4f:35:1f:6c:3f:c1:b7:e1:a0:3c:de:ec:0a:
c9:9a:4c:91:f9:a2:ea:b6:29:64:a8:4a:36:33:3d:43:ed:fe:
81:34:67:12:6a:11:a0:51:30:ba:a9:ba:fc:c2:07:bf:43:ae:
fe:89:ab:cf:43:b8:19:0d:3c:85:de:70:46:21:20:12:1b:b4:
8e:5f:9d:79:5f:88:9d:a4:5e:6a:10:18:d5:c0:61:a0:7c:1c:
38:e4:50:d3:9a:f2:f1:54:94:f1:56:04:9d:17:47:b2:4f:55:
bd:12:35:b9:8b:3e:ff:00:53:16:07:88:79:22:df:3b:a0:12:
3c:77:c1:72
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZDk+VhzLtnDOzrHYmcWA/20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwNzI0MTM0MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODVmMzNmYzk3ZDJkYzU3NGUyZDM1YWRlMjk5ZDJhY2ViYWY5MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH+ugmC5YDV1GHRMPuagUklTot6I
TWWZGOSeSTjMs36Sus9B6sHMDWP5cBVQ6AXdqMSXi0kLlmPG48u7X46oQPJUrY1y
O0QCO78IeIDzj/6oHsTW33FxN2T6hrws87RY6fFAvnF/PFMpNkt09KXPPZ9Sr0qN
iTqA2wY1dL/o764HBquEt3qFbooKwwdqjg0Qr1yuiw4df8jxsEdXI8Q4Ug8gED3W
QGgC0dqaFakStdHLETGP5e8wGl9ctXyiq/XRIYfzt7b+zKDJhNZ6VB9dW1aYMO4g
5G209x51Tv/eshfisb9rF5Z3JCKfmQUFriVJi8qS/qrSqjmEIQJYTcTGnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAhfM/yX0txXTi01reKZ0qzrr5AhMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvQ0Y4el9KZlMzRmRPTFRXdDRwblNyT3V2a0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLULgAwQA
wvI/MA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQBz02ga+GFPrm6E
A8KJ6JEnrtCLj4K2GuFB23f/SHTnyd5tJTtECYpJ1pea4baJaQqWEQfYE2VkHBLd
kPhA6U5+PIVi9ufjQ1idwF2KX5x7gva+sDFruRSgJ0zkX77cokGj7FGznRqmBMxe
7koDU8cDfKWJx4YEMd8KAvuAPWy7vqWQWE81H2w/wbfhoDze7ArJmkyR+aLqtilk
qEo2Mz1D7f6BNGcSahGgUTC6qbr8wge/Q67+iavPQ7gZDTyF3nBGISASG7SOX515
X4idpF5qEBjVwGGgfBw45FDTmvLxVJTxVgSdF0eyT1W9EjW5iz7/AFMWB4h5It87
oBI8d8Fy
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:56:52 2024 by rpki-client on console-fra.rpki-client.org