Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/sVh-cfwa0nLAAsQ3QS9xnXR2oKA.roa
File: sVh-cfwa0nLAAsQ3QS9xnXR2oKA.roa (raw, json)
Hash identifier: VSsfda4600BeIROmOnni8GvuMZ6iH1BVHw4UZOP/mA4=
Subject key identifier: B1:58:7E:71:FC:1A:D2:72:C0:02:C4:37:41:2F:71:9D:74:76:A0:A0
Certificate issuer: /CN=e8206aa3252e3ea8d684eaec7a2993513b5d2307
Certificate serial: 018CC49307F623156FEAFC3FF77DD852797A
Authority key identifier: E8:20:6A:A3:25:2E:3E:A8:D6:84:EA:EC:7A:29:93:51:3B:5D:23:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/sVh-cfwa0nLAAsQ3QS9xnXR2oKA.roa
Signing time: Mon 01 Jan 2024 10:30:19 +0000
ROA not before: Mon 01 Jan 2024 10:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15738
IP address blocks: 89.21.84.0/22 maxlen: 22
89.21.88.0/22 maxlen: 22
89.21.93.0/24 maxlen: 24
89.21.94.0/24 maxlen: 24
80.84.176.0/20 maxlen: 20
80.254.0.0/20 maxlen: 20
2a06:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/6CBqoyUuPqjWhOrseimTUTtdIwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/6CBqoyUuPqjWhOrseimTUTtdIwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:07:f6:23:15:6f:ea:fc:3f:f7:7d:d8:52:79:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8206aa3252e3ea8d684eaec7a2993513b5d2307
Validity
Not Before: Jan 1 10:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1587e71fc1ad272c002c437412f719d7476a0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:da:ae:e3:02:4e:e4:cd:59:e3:6c:bc:96:27:
e7:fc:f8:9f:54:37:45:f7:41:e0:79:11:d0:a0:49:
6e:3d:2a:6b:7c:d9:bc:23:8d:f5:c0:c5:9d:6a:09:
a6:62:60:18:4b:74:18:a8:df:23:c7:49:ab:07:88:
ac:d0:2a:66:e0:39:59:07:cb:06:19:38:2a:46:0d:
bb:19:b7:ae:73:62:66:97:3d:2f:4b:8d:cf:9e:5b:
da:88:2a:26:44:13:c3:57:01:9e:12:34:c9:1d:4a:
af:db:9c:b2:88:bf:53:41:35:01:f8:28:5b:7f:03:
48:3b:56:65:17:58:09:70:c3:7d:c0:97:2e:c6:42:
49:f3:96:89:6b:ba:c8:e1:52:bb:c1:fa:3c:0d:b2:
fd:0a:6f:e1:6c:1f:a0:e7:0f:34:5e:06:13:3f:8b:
d7:23:5f:21:14:e2:3f:e5:03:d1:0d:a4:53:4f:80:
b7:96:93:7c:e5:c3:98:e3:73:c9:ac:ad:0a:a0:f2:
c4:6d:5b:c1:83:01:57:8e:43:f5:51:63:de:a7:da:
a3:6d:f1:48:44:e2:b8:09:c6:b8:0e:c4:ac:be:4c:
d9:8b:3a:03:86:76:2c:cf:55:b9:c7:b8:c8:68:f1:
65:ad:b8:61:12:ee:89:07:f0:c8:43:f6:ba:1f:42:
42:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:58:7E:71:FC:1A:D2:72:C0:02:C4:37:41:2F:71:9D:74:76:A0:A0
X509v3 Authority Key Identifier:
keyid:E8:20:6A:A3:25:2E:3E:A8:D6:84:EA:EC:7A:29:93:51:3B:5D:23:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/sVh-cfwa0nLAAsQ3QS9xnXR2oKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/6CBqoyUuPqjWhOrseimTUTtdIwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.176.0/20
80.254.0.0/20
89.21.84.0-89.21.91.255
89.21.93.0-89.21.94.255
IPv6:
2a06:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
d2:b3:94:1e:18:b2:17:9d:bd:05:a4:50:e1:67:89:91:c5:f4:
7a:73:8c:22:38:df:73:db:93:e0:53:d5:5c:69:ee:a7:45:f1:
8a:0d:97:ee:3b:66:ac:d4:3f:5f:f3:b1:3b:0b:48:0c:b6:ee:
79:3c:00:f0:1c:78:87:78:13:cf:20:8f:07:64:81:3b:be:0a:
ca:6d:28:df:3e:c2:ae:b0:ee:f5:27:dd:f2:c0:95:8e:01:63:
69:19:00:ee:cf:99:59:46:a8:c9:6b:dc:b8:b9:9d:10:1b:7b:
3e:4c:5e:49:99:a4:2c:84:60:fc:cc:49:8f:0d:0c:ae:32:29:
96:86:49:cc:27:1c:07:27:48:20:23:14:ef:46:00:6a:77:10:
de:d0:e1:b7:62:f6:d7:1d:01:6f:26:3b:65:2d:1c:1b:d4:7c:
2b:38:9e:ec:e2:7f:08:1f:9e:8a:88:e1:da:85:a9:f8:49:72:
62:aa:ff:c2:a5:94:71:4e:fb:6a:65:3f:db:df:f9:96:6f:ff:
59:16:55:43:29:ef:66:ad:54:c6:b6:19:ca:fa:54:5e:e3:e3:
8b:e0:e0:3a:fb:60:24:64:34:2a:6f:0b:65:a9:4f:e8:3b:f4:
dc:05:e3:95:04:c8:8e:ba:f8:98:a2:fc:79:9c:8d:eb:9d:06:
cb:68:f3:bd
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzEkwf2IxVv6vw/933YUnl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MjA2YWEzMjUyZTNlYThkNjg0ZWFlYzdhMjk5MzUxM2I1
ZDIzMDcwHhcNMjQwMTAxMTAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTU4N2U3MWZjMWFkMjcyYzAwMmM0Mzc0MTJmNzE5ZDc0NzZhMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttqu4wJO5M1Z42y8lifn/PifVDdF
90HgeRHQoEluPSprfNm8I431wMWdagmmYmAYS3QYqN8jx0mrB4is0Cpm4DlZB8sG
GTgqRg27Gbeuc2Jmlz0vS43PnlvaiComRBPDVwGeEjTJHUqv25yyiL9TQTUB+Chb
fwNIO1ZlF1gJcMN9wJcuxkJJ85aJa7rI4VK7wfo8DbL9Cm/hbB+g5w80XgYTP4vX
I18hFOI/5QPRDaRTT4C3lpN85cOY43PJrK0KoPLEbVvBgwFXjkP1UWPep9qjbfFI
ROK4Cca4DsSsvkzZizoDhnYsz1W5x7jIaPFlrbhhEu6JB/DIQ/a6H0JCwQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFLFYfnH8GtJywALEN0EvcZ10dqCgMB8GA1UdIwQY
MBaAFOggaqMlLj6o1oTq7Hopk1E7XSMHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkNCcW95VXVQcWpXaE9yc2VpbVRVVHRkSXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80N2FjY2ItNmYzYy00YzZjLTlmZDAt
NTg1ZWI4NDU1OGY5LzEvc1ZoLWNmd2EwbkxBQXNRM1FTOXhuWFIyb0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80N2FjY2ItNmYzYy00YzZjLTlmZDAtNTg1ZWI4NDU1OGY5
LzEvNkNCcW95VXVQcWpXaE9yc2VpbVRVVHRkSXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQEUFSwAwQE
UP4AMAwDBAJZFVQDBAJZFVgwDAMEAFkVXQMEAFkVXjANBAIAAjAHAwUDKgb/QDAN
BgkqhkiG9w0BAQsFAAOCAQEA0rOUHhiyF529BaRQ4WeJkcX0enOMIjjfc9uT4FPV
XGnup0Xxig2X7jtmrNQ/X/OxOwtIDLbueTwA8Bx4h3gTzyCPB2SBO74Kym0o3z7C
rrDu9Sfd8sCVjgFjaRkA7s+ZWUaoyWvcuLmdEBt7PkxeSZmkLIRg/MxJjw0MrjIp
loZJzCccBydIICMU70YAancQ3tDht2L21x0BbyY7ZS0cG9R8Kzie7OJ/CB+eiojh
2oWp+ElyYqr/wqWUcU77amU/29/5lm//WRZVQynvZq1UxrYZyvpUXuPji+DgOvtg
JGQ0Km8LZalP6Dv03AXjlQTIjrr4mKL8eZyN650Gy2jzvQ==
-----END CERTIFICATE-----
Generated at Tue Jun 25 23:16:53 2024 by rpki-client on console-ams.rpki-client.org