Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t8ZwIwG7AnULNj7wV_daRyUbblQ.roa
File: t8ZwIwG7AnULNj7wV_daRyUbblQ.roa (raw, json)
Hash identifier: CrpfJ+oKrXrelEzUyqkZnUICZcDhcbBnp6ZB/ATP5YE=
Subject key identifier: B7:C6:70:23:01:BB:02:75:0B:36:3E:F0:57:F7:5A:47:25:1B:6E:54
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191ADD28D8A204575AAB7E6D66D7612B524
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t8ZwIwG7AnULNj7wV_daRyUbblQ.roa
Signing time: Sun 01 Sep 2024 13:42:22 +0000
ROA not before: Sun 01 Sep 2024 13:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 80.240.88.0/21 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.24.0/21 maxlen: 24
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
89.213.228.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ad:d2:8d:8a:20:45:75:aa:b7:e6:d6:6d:76:12:b5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 1 13:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7c6702301bb02750b363ef057f75a47251b6e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:47:ad:0e:d0:61:34:5b:3b:1e:04:6a:2b:a4:
b7:23:37:19:ce:21:ac:93:8b:a6:9d:c2:48:24:b0:
d2:14:f1:e1:27:12:22:bf:47:b7:95:aa:9c:c0:e2:
fc:6d:d2:b0:cf:64:31:62:48:41:74:ed:56:2a:b6:
2a:59:e5:59:29:f6:26:49:2d:d7:47:43:85:fc:f0:
37:6e:26:05:bc:28:ae:d8:5f:59:a8:c0:7d:15:a6:
40:f4:a4:82:f8:98:40:54:f9:01:53:01:75:e3:af:
12:bf:28:4e:6c:35:57:e9:29:6d:a0:42:ef:86:84:
00:da:c4:0c:2d:0e:3b:bb:5e:38:2b:84:ee:59:eb:
44:49:4d:d1:ea:39:7b:ce:18:bc:13:3e:a8:4b:93:
01:06:dc:48:b0:eb:18:cb:0b:29:c2:44:a9:8c:e7:
f9:25:31:2b:19:3f:a6:a3:ae:64:df:04:77:24:db:
cf:5c:7b:4d:06:2e:09:5f:f9:09:f9:b4:0e:aa:75:
e7:ed:99:a3:c6:79:c9:dc:3d:11:27:79:e7:c1:11:
0a:77:95:11:dd:3f:c8:aa:35:bb:86:31:e9:48:18:
69:43:b4:f2:af:23:15:67:5f:ac:5a:f1:42:e5:b4:
a6:f2:1c:aa:e6:b5:3b:fe:9b:8a:8f:d2:4c:1e:e9:
69:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C6:70:23:01:BB:02:75:0B:36:3E:F0:57:F7:5A:47:25:1B:6E:54
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t8ZwIwG7AnULNj7wV_daRyUbblQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/21
81.168.122.0/24
82.152.131.0/24
82.152.174.0/23
82.153.208.0/22
82.163.24.0/21
89.213.58.0/24
89.213.60.0/23
89.213.143.0/24
89.213.147.0/24
89.213.181.0/24
89.213.198.0-89.213.205.255
89.213.228.0/24
109.176.230.0/24
Signature Algorithm: sha256WithRSAEncryption
83:a8:95:3b:ff:34:27:e0:36:54:c7:54:e9:7e:30:16:d6:de:
5a:eb:c1:83:bf:59:b5:b1:fd:96:d4:a4:97:3a:46:11:8d:e8:
3c:1a:0f:a9:c3:85:2b:ac:ae:3f:31:53:20:82:eb:ce:60:0a:
51:96:68:05:70:9c:88:1b:92:05:c5:f7:9c:f5:80:dd:7c:0c:
49:63:5c:ef:95:c6:de:f6:98:a9:03:ac:47:97:e4:29:ca:00:
5d:03:95:55:4b:29:4e:90:89:7e:c4:83:8e:0f:d6:af:11:db:
66:b8:3a:e3:8c:56:33:68:23:5e:da:61:56:1c:86:b3:fa:65:
a8:0b:3e:e6:64:41:d9:2e:3d:d0:16:e2:b7:87:64:38:da:f5:
ae:7a:5b:ac:ee:3f:6a:70:11:05:5b:d5:8f:c3:b5:21:32:66:
b2:aa:1f:0f:ed:48:ad:a2:a5:a2:31:d1:6f:67:b0:cb:b2:4d:
a9:32:9d:ce:ff:45:c8:e2:78:db:67:59:99:7e:31:e4:24:71:
57:f7:f3:3f:65:c9:45:44:01:1f:0f:c4:8d:24:5f:21:61:78:
0d:5d:1e:32:17:f4:2c:5b:cf:ff:c8:a5:f0:4f:61:a9:39:03:
fc:4a:4b:d5:93:14:2e:5c:0f:0b:5f:71:98:42:6a:ba:c2:4a:
c2:9f:3a:d1
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZGt0o2KIEV1qrfm1m12ErUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTAxMTM0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2M2NzAyMzAxYmIwMjc1MGIzNjNlZjA1N2Y3NWE0NzI1MWI2ZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0etDtBhNFs7HgRqK6S3IzcZziGs
k4umncJIJLDSFPHhJxIiv0e3laqcwOL8bdKwz2QxYkhBdO1WKrYqWeVZKfYmSS3X
R0OF/PA3biYFvCiu2F9ZqMB9FaZA9KSC+JhAVPkBUwF1468SvyhObDVX6SltoELv
hoQA2sQMLQ47u144K4TuWetESU3R6jl7zhi8Ez6oS5MBBtxIsOsYywspwkSpjOf5
JTErGT+mo65k3wR3JNvPXHtNBi4JX/kJ+bQOqnXn7ZmjxnnJ3D0RJ3nnwREKd5UR
3T/IqjW7hjHpSBhpQ7TyryMVZ1+sWvFC5bSm8hyq5rU7/puKj9JMHulp8wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFLfGcCMBuwJ1CzY+8Ff3WkclG25UMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdDhad0l3RzdBblVMTmo3d1ZfZGFSeVViYmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDUPBYAwQA
Uah6AwQAUpiDAwQBUpiuAwQCUpnQAwQDUqMYAwQAWdU6AwQBWdU8AwQAWdWPAwQA
WdWTAwQAWdW1MAwDBAFZ1cYDBAFZ1cwDBABZ1eQDBABtsOYwDQYJKoZIhvcNAQEL
BQADggEBAIOolTv/NCfgNlTHVOl+MBbW3lrrwYO/WbWx/ZbUpJc6RhGN6DwaD6nD
hSusrj8xUyCC685gClGWaAVwnIgbkgXF95z1gN18DEljXO+Vxt72mKkDrEeX5CnK
AF0DlVVLKU6QiX7Eg44P1q8R22a4OuOMVjNoI17aYVYchrP6ZagLPuZkQdkuPdAW
4reHZDja9a56W6zuP2pwEQVb1Y/DtSEyZrKqHw/tSK2ipaIx0W9nsMuyTakync7/
RcjieNtnWZl+MeQkcVf38z9lyUVEAR8PxI0kXyFheA1dHjIX9Cxbz//IpfBPYak5
A/xKS9WTFC5cDwtfcZhCarrCSsKfOtE=
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:10:31 2024 by rpki-client on console-ams.rpki-client.org