Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/f8WYBESjByDrjILBuxDDauHMQAE.roa
File: f8WYBESjByDrjILBuxDDauHMQAE.roa (raw, json)
Hash identifier: oc/WPycV/j9MXis6Yhh6nOSHEbwaDTsPiljQ3hh/TpE=
Subject key identifier: 7F:C5:98:04:44:A3:07:20:EB:8C:82:C1:BB:10:C3:6A:E1:CC:40:01
Certificate issuer: /CN=43d518d7307788fca3891878490e4f32d9aaf6af
Certificate serial: 018CC26D550970F418F439DA88B4D4795FCF
Authority key identifier: 43:D5:18:D7:30:77:88:FC:A3:89:18:78:49:0E:4F:32:D9:AA:F6:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/f8WYBESjByDrjILBuxDDauHMQAE.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20592
IP address blocks: 185.178.96.0/22 maxlen: 22
212.115.116.0/23 maxlen: 23
212.115.118.0/24 maxlen: 24
2a11:6f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:55:09:70:f4:18:f4:39:da:88:b4:d4:79:5f:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d518d7307788fca3891878490e4f32d9aaf6af
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fc5980444a30720eb8c82c1bb10c36ae1cc4001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d2:b9:5b:5a:23:3b:e5:6d:d8:52:84:26:de:
60:50:b0:94:9e:bb:a0:1c:61:52:40:ee:c4:62:c2:
fd:e4:6d:16:dc:c7:29:9e:06:2b:46:8b:37:3c:8c:
68:89:20:89:1e:bd:f2:9f:22:d1:ce:b2:19:33:0a:
fb:8d:dd:73:e2:eb:8e:65:a5:a3:82:27:28:18:09:
d4:ad:c0:8a:25:d4:fe:ef:7e:d3:36:e3:4a:08:cc:
9d:3a:13:84:69:7c:c3:a9:11:d0:1d:94:2f:d3:d3:
e9:80:5d:a8:07:e8:09:a4:9f:1e:8b:73:f6:aa:95:
c9:af:6e:05:a6:07:ad:04:ff:6e:2d:c6:30:95:89:
7d:47:ac:2b:30:d2:ef:92:a1:2b:27:9a:f3:95:fc:
49:6b:71:39:cb:fd:77:62:37:c8:34:29:d1:e3:7f:
44:cf:bf:96:e2:8f:e7:99:9f:98:f7:81:14:2a:9f:
27:4e:07:4a:7c:05:97:de:eb:9b:ba:3d:e4:6c:29:
4a:2a:3a:08:aa:7c:fc:6b:26:6f:ad:ec:bd:a1:f2:
58:36:d3:ad:84:19:89:ee:f7:a0:ef:d3:e2:a0:51:
e7:11:64:32:d7:3d:54:64:03:0f:8e:5c:bd:cd:71:
70:b3:11:36:52:34:4e:2f:e0:50:53:49:9c:21:8f:
4c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C5:98:04:44:A3:07:20:EB:8C:82:C1:BB:10:C3:6A:E1:CC:40:01
X509v3 Authority Key Identifier:
keyid:43:D5:18:D7:30:77:88:FC:A3:89:18:78:49:0E:4F:32:D9:AA:F6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/f8WYBESjByDrjILBuxDDauHMQAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.96.0/22
212.115.116.0-212.115.118.255
IPv6:
2a11:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
21:f1:3b:17:36:8a:1d:d8:ed:bd:f8:10:25:a4:e5:a7:4b:94:
06:58:0e:91:d2:ed:52:42:04:dd:14:39:f0:47:d0:9b:86:e9:
6b:5b:1a:27:1a:77:25:c0:12:00:4a:6d:32:7c:0e:27:44:ff:
4e:67:0c:41:84:59:d9:76:50:38:c6:8c:a4:3f:ff:fd:16:15:
64:04:b5:c0:f9:94:75:f8:ab:82:50:c0:c3:45:4b:76:71:c3:
08:cb:0c:c5:a3:fe:61:bc:68:ee:9a:9e:0b:2a:3a:f3:b1:f6:
a9:e6:19:44:11:27:ec:e8:92:1f:52:c3:6a:83:6e:1a:c9:07:
a4:d6:15:a1:14:b9:ad:6d:b6:1d:67:df:99:4a:ba:83:cb:df:
83:7d:f5:4d:88:e3:ee:83:53:b5:16:14:c1:00:e3:20:78:3a:
6c:22:18:f8:2b:15:eb:b8:02:8d:7d:f1:e2:06:61:f9:23:11:
9f:97:e1:d3:e9:dc:1a:46:11:54:f2:d7:bf:10:c6:09:66:c8:
99:aa:c0:2c:c4:10:83:4f:5f:b2:c8:90:90:c4:3a:d0:04:c1:
ae:df:b5:f4:e9:16:90:3d:c0:86:7b:0b:03:e2:82:3a:55:d8:
3e:dc:27:0a:da:b6:56:f9:2a:6d:05:fc:f0:53:93:61:69:b5:
d5:af:83:63
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzCbVUJcPQY9DnaiLTUeV/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDUxOGQ3MzA3Nzg4ZmNhMzg5MTg3ODQ5MGU0ZjMyZDlh
YWY2YWYwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmM1OTgwNDQ0YTMwNzIwZWI4YzgyYzFiYjEwYzM2YWUxY2M0MDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNK5W1ojO+Vt2FKEJt5gULCUnrug
HGFSQO7EYsL95G0W3McpngYrRos3PIxoiSCJHr3ynyLRzrIZMwr7jd1z4uuOZaWj
gicoGAnUrcCKJdT+737TNuNKCMydOhOEaXzDqRHQHZQv09PpgF2oB+gJpJ8ei3P2
qpXJr24FpgetBP9uLcYwlYl9R6wrMNLvkqErJ5rzlfxJa3E5y/13YjfINCnR439E
z7+W4o/nmZ+Y94EUKp8nTgdKfAWX3uubuj3kbClKKjoIqnz8ayZvrey9ofJYNtOt
hBmJ7veg79PioFHnEWQy1z1UZAMPjly9zXFwsxE2UjROL+BQU0mcIY9MyQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFH/FmAREowcg64yCwbsQw2rhzEABMB8GA1UdIwQY
MBaAFEPVGNcwd4j8o4kYeEkOTzLZqvavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlVWTF6QjNpUHlqaVJoNFNRNVBNdG1xOXE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9hYjdjYWEtOGJjNS00YmNlLWExMzAt
ZWRkZjMyMGQ1MGUyLzEvZjhXWUJFU2pCeURyaklMQnV4RERhdUhNUUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9hYjdjYWEtOGJjNS00YmNlLWExMzAtZWRkZjMyMGQ1MGUy
LzEvUTlVWTF6QjNpUHlqaVJoNFNRNVBNdG1xOXE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCubJgMAwD
BALUc3QDBADUc3YwDQQCAAIwBwMFAyoRbwAwDQYJKoZIhvcNAQELBQADggEBACHx
Oxc2ih3Y7b34ECWk5adLlAZYDpHS7VJCBN0UOfBH0JuG6WtbGicadyXAEgBKbTJ8
DidE/05nDEGEWdl2UDjGjKQ///0WFWQEtcD5lHX4q4JQwMNFS3ZxwwjLDMWj/mG8
aO6angsqOvOx9qnmGUQRJ+zokh9Sw2qDbhrJB6TWFaEUua1tth1n35lKuoPL34N9
9U2I4+6DU7UWFMEA4yB4OmwiGPgrFeu4Ao198eIGYfkjEZ+X4dPp3BpGEVTy178Q
xglmyJmqwCzEEINPX7LIkJDEOtAEwa7ftfTpFpA9wIZ7CwPigjpV2D7cJwratlb5
Km0F/PBTk2FptdWvg2M=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:41:50 2024 by rpki-client on console-ams.rpki-client.org