Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/R8CrJzoCcrjcAr9IBwKafsofric.roa
File: R8CrJzoCcrjcAr9IBwKafsofric.roa (raw, json)
Hash identifier: m9WLKNIhXBay7PcGzD56enNEFiHGj2d2ZbGN8DYiUE8=
Subject key identifier: 47:C0:AB:27:3A:02:72:B8:DC:02:BF:48:07:02:9A:7E:CA:1F:AE:27
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 01913CC897F6D3159D9AB027632C38BC3B2A
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/R8CrJzoCcrjcAr9IBwKafsofric.roa
Signing time: Sat 10 Aug 2024 14:54:24 +0000
ROA not before: Sat 10 Aug 2024 14:54:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48648
IP address blocks: 91.198.233.0/24 maxlen: 24
91.211.120.0/24 maxlen: 24
91.211.122.0/24 maxlen: 24
193.107.80.0/24 maxlen: 24
194.28.103.0/24 maxlen: 24
195.12.56.0/22 maxlen: 22
2a0a:2c0::/48 maxlen: 48
2a0a:2c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.mft
rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3c:c8:97:f6:d3:15:9d:9a:b0:27:63:2c:38:bc:3b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Aug 10 14:54:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47c0ab273a0272b8dc02bf4807029a7eca1fae27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b1:1b:2d:9b:b4:ed:ce:f7:13:2a:d5:e6:1e:
65:e9:9a:2e:fb:e3:9d:61:33:5e:4d:1b:be:c4:5d:
27:e7:cb:96:c3:8c:36:27:41:09:d5:55:8e:14:6a:
14:c5:30:96:82:07:be:06:b5:9f:12:ce:ea:42:e8:
87:d5:25:a5:ec:ce:be:2f:88:f1:f7:60:8b:fb:0a:
4a:7c:7d:8c:d0:d2:99:62:79:83:e1:55:0b:2f:d4:
24:a3:d9:dc:df:2d:17:c3:b2:c0:57:d2:2b:47:02:
d8:d0:71:f8:58:34:76:5a:f5:91:d8:5f:27:b4:7d:
97:0c:51:f0:89:60:64:b5:49:16:11:1c:58:64:58:
44:80:6f:45:9b:8e:c6:a9:bb:da:a7:a8:d4:5b:91:
ea:54:df:26:f0:ac:ef:a7:07:a5:71:0f:81:dc:b1:
20:3f:50:ec:21:c1:48:b5:81:05:1d:3c:f7:34:4d:
4b:6e:25:ec:5c:51:5c:b8:b5:08:71:2e:e6:f7:e3:
d8:40:5c:de:c6:d6:52:b6:63:4d:6b:e0:d4:91:e0:
7a:3e:d8:f9:1d:c2:11:94:5c:e3:1e:cc:70:69:20:
d1:ff:d3:81:94:e4:c6:39:ca:20:59:21:72:33:be:
00:66:d4:14:c7:c0:8c:73:58:09:11:04:1b:db:c5:
9c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C0:AB:27:3A:02:72:B8:DC:02:BF:48:07:02:9A:7E:CA:1F:AE:27
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/R8CrJzoCcrjcAr9IBwKafsofric.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.233.0/24
91.211.120.0/24
91.211.122.0/24
193.107.80.0/24
194.28.103.0/24
195.12.56.0/22
IPv6:
2a0a:2c0::/48
2a0a:2c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
a1:8f:02:0b:77:77:bf:8e:c9:31:42:35:dc:d7:20:d8:14:67:
81:57:76:51:4b:91:c8:2c:d9:a1:ad:46:21:38:ff:8f:70:cc:
d3:8d:67:5f:90:66:3b:dc:1d:e5:db:14:3a:fb:01:05:fc:6b:
ea:94:32:59:d3:24:84:83:08:cc:24:03:8f:92:b3:c1:93:ae:
da:3b:69:f0:cf:83:a9:33:95:1a:20:18:91:9f:90:53:a8:1b:
b5:70:e3:a3:b6:e2:c7:38:90:4f:f1:4e:fc:4a:64:83:94:8f:
2f:fd:03:b0:47:68:c6:b9:e4:3c:dc:7c:46:0a:32:89:3a:ec:
cb:09:99:46:d3:cf:1d:34:b4:76:fe:82:f3:d3:89:27:10:55:
85:4e:b2:de:c8:4a:cd:0f:80:68:96:10:b4:f9:9e:a4:c0:3f:
ec:13:d2:93:0a:b0:97:7d:67:11:27:45:d7:17:e9:85:c2:29:
9a:dd:b2:da:0d:39:5d:27:4b:cb:39:09:e4:39:ca:f9:7b:6e:
e5:c7:cb:3e:ef:1b:9d:0d:4c:6c:ca:18:6e:f5:f1:02:c5:20:
67:8f:68:aa:69:a4:3d:aa:c0:98:64:16:e7:45:44:67:56:14:
f7:3b:72:71:c4:38:de:b6:df:0b:59:d5:89:5a:d4:d7:ec:83:
97:fc:68:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZE8yJf20xWdmrAnYyw4vDsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjQwODEwMTQ1NDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2MwYWIyNzNhMDI3MmI4ZGMwMmJmNDgwNzAyOWE3ZWNhMWZhZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLEbLZu07c73EyrV5h5l6Zou++Od
YTNeTRu+xF0n58uWw4w2J0EJ1VWOFGoUxTCWgge+BrWfEs7qQuiH1SWl7M6+L4jx
92CL+wpKfH2M0NKZYnmD4VULL9Qko9nc3y0Xw7LAV9IrRwLY0HH4WDR2WvWR2F8n
tH2XDFHwiWBktUkWERxYZFhEgG9Fm47Gqbvap6jUW5HqVN8m8KzvpwelcQ+B3LEg
P1DsIcFItYEFHTz3NE1LbiXsXFFcuLUIcS7m9+PYQFzextZStmNNa+DUkeB6Ptj5
HcIRlFzjHsxwaSDR/9OBlOTGOcogWSFyM74AZtQUx8CMc1gJEQQb28WcdwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEfAqyc6AnK43AK/SAcCmn7KH64nMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvUjhDckp6b0NjcmpjQXI5SUJ3S2Fmc29mcmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAqBAIAATAkAwQAW8bpAwQA
W9N4AwQAW9N6AwQAwWtQAwQAwhxnAwQCwww4MBgEAgACMBIDBwAqCgLAAAADBwAq
CgLAAAIwDQYJKoZIhvcNAQELBQADggEBAKGPAgt3d7+OyTFCNdzXINgUZ4FXdlFL
kcgs2aGtRiE4/49wzNONZ1+QZjvcHeXbFDr7AQX8a+qUMlnTJISDCMwkA4+Ss8GT
rto7afDPg6kzlRogGJGfkFOoG7Vw46O24sc4kE/xTvxKZIOUjy/9A7BHaMa55Dzc
fEYKMok67MsJmUbTzx00tHb+gvPTiScQVYVOst7ISs0PgGiWELT5nqTAP+wT0pMK
sJd9ZxEnRdcX6YXCKZrdstoNOV0nS8s5CeQ5yvl7buXHyz7vG50NTGzKGG718QLF
IGePaKpppD2qwJhkFudFRGdWFPc7cnHEON623wtZ1Yla1Nfsg5f8aCs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:01 2024 by rpki-client on console-ams.rpki-client.org