Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/F8TbNCrwfTErtjEIcHStLPdE2vI.roa
File: F8TbNCrwfTErtjEIcHStLPdE2vI.roa (raw, json)
Hash identifier: 8To/nzbLW/Odz7h40QSuiSpp2wH/UYDudS7E0Ab0L4I=
Subject key identifier: 17:C4:DB:34:2A:F0:7D:31:2B:B6:31:08:70:74:AD:2C:F7:44:DA:F2
Certificate issuer: /CN=d39493a17997d31e8d5aa6ccc9a6bd757f15c030
Certificate serial: 018CC4922759005B78F4332D9784201866FA
Authority key identifier: D3:94:93:A1:79:97:D3:1E:8D:5A:A6:CC:C9:A6:BD:75:7F:15:C0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/F8TbNCrwfTErtjEIcHStLPdE2vI.roa
Signing time: Mon 01 Jan 2024 10:29:21 +0000
ROA not before: Mon 01 Jan 2024 10:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47447
IP address blocks: 185.13.68.0/22 maxlen: 24
62.113.233.0/24 maxlen: 24
185.252.32.0/22 maxlen: 22
62.113.192.0/18 maxlen: 24
212.83.32.0/19 maxlen: 24
2a0c:2040::/29 maxlen: 29
2a00:f48::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/05SToXmX0x6NWqbMyaa9dX8VwDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/05SToXmX0x6NWqbMyaa9dX8VwDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:27:59:00:5b:78:f4:33:2d:97:84:20:18:66:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d39493a17997d31e8d5aa6ccc9a6bd757f15c030
Validity
Not Before: Jan 1 10:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17c4db342af07d312bb631087074ad2cf744daf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:99:9a:ca:5f:72:e3:c6:d8:0f:f1:8c:b5:3e:
ca:69:92:ca:eb:6a:56:e4:d7:36:cf:ec:cb:2a:36:
0d:01:89:50:1a:e5:31:f0:aa:7d:5a:0c:f4:84:34:
fe:75:f2:5e:b9:f7:a8:ad:52:84:09:3b:67:43:a7:
17:c6:3c:65:92:4e:54:02:ac:93:1b:b1:60:9c:98:
e4:67:6f:b8:e4:39:0b:d0:5e:36:c6:29:08:32:bc:
83:9c:8a:86:71:06:ed:78:5b:aa:b7:20:71:ae:62:
31:14:5a:51:12:de:69:90:dd:92:71:14:c4:55:97:
95:92:39:9e:94:36:6e:cb:a6:e3:a5:45:95:41:03:
42:d7:1f:86:4e:ae:e1:42:de:51:6c:b4:f9:31:49:
fe:b8:61:a8:c1:83:e4:6b:a6:9c:05:e8:43:fd:47:
a1:a5:dc:24:11:24:42:12:cf:53:98:3e:14:83:a9:
77:ea:1b:1f:0f:2c:4d:2c:5b:21:40:4f:62:c0:06:
3d:a1:19:4a:df:7f:73:93:4c:5b:32:cd:32:fb:b9:
b5:56:76:5f:f1:60:24:2e:61:44:73:d4:4c:a2:dd:
49:69:82:54:1d:a0:fb:96:a9:ec:36:90:85:8f:f0:
48:5e:0e:45:73:7a:b1:1f:ed:d1:c5:19:dd:81:a4:
96:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C4:DB:34:2A:F0:7D:31:2B:B6:31:08:70:74:AD:2C:F7:44:DA:F2
X509v3 Authority Key Identifier:
keyid:D3:94:93:A1:79:97:D3:1E:8D:5A:A6:CC:C9:A6:BD:75:7F:15:C0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/F8TbNCrwfTErtjEIcHStLPdE2vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/05SToXmX0x6NWqbMyaa9dX8VwDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.192.0/18
185.13.68.0/22
185.252.32.0/22
212.83.32.0/19
IPv6:
2a00:f48::/32
2a0c:2040::/29
Signature Algorithm: sha256WithRSAEncryption
3b:ea:30:00:13:9f:4f:c4:58:3b:30:76:27:d6:bd:24:eb:3f:
ab:78:88:91:3f:f5:eb:e6:29:7a:a0:72:b0:8e:95:6a:ee:0e:
e6:e0:63:82:1b:da:a4:93:e1:a7:13:83:98:83:6a:18:d6:b9:
db:3d:3b:ae:fc:67:5d:1a:db:a2:f6:e2:79:e1:db:08:d4:9b:
31:95:b3:d5:01:0d:10:5b:7b:1c:2d:a6:89:92:76:3e:cb:30:
26:0d:03:44:ad:d9:59:ce:e1:a6:d8:53:c6:80:fe:6c:28:7b:
b3:ea:39:c2:90:da:81:11:b4:47:3a:99:11:86:7b:ce:47:9b:
00:0a:90:9f:7f:da:ab:a1:29:47:bd:8f:82:78:09:17:f3:8e:
a2:93:a1:73:8e:dc:13:7b:9e:d1:7f:6b:88:bc:f8:0b:32:80:
96:7f:26:9c:c6:54:43:a6:1a:44:02:26:c4:dd:1a:03:e7:9d:
28:c9:1f:79:ce:56:75:b0:f7:08:d1:9c:b7:a3:15:d0:2d:23:
dc:90:c9:26:79:e8:f7:59:8f:64:01:4f:65:83:af:4d:fd:63:
74:aa:c1:44:fa:02:ec:52:d9:14:86:28:a2:e8:5e:60:a6:35:
d5:d4:76:0d:fc:45:55:af:6d:c6:98:87:11:db:65:18:71:25:
c7:86:89:a9
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzEkidZAFt49DMtl4QgGGb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOTQ5M2ExNzk5N2QzMWU4ZDVhYTZjY2M5YTZiZDc1N2Yx
NWMwMzAwHhcNMjQwMTAxMTAyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2M0ZGIzNDJhZjA3ZDMxMmJiNjMxMDg3MDc0YWQyY2Y3NDRkYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopmayl9y48bYD/GMtT7KaZLK62pW
5Nc2z+zLKjYNAYlQGuUx8Kp9Wgz0hDT+dfJeufeorVKECTtnQ6cXxjxlkk5UAqyT
G7FgnJjkZ2+45DkL0F42xikIMryDnIqGcQbteFuqtyBxrmIxFFpREt5pkN2ScRTE
VZeVkjmelDZuy6bjpUWVQQNC1x+GTq7hQt5RbLT5MUn+uGGowYPka6acBehD/Ueh
pdwkESRCEs9TmD4Ug6l36hsfDyxNLFshQE9iwAY9oRlK339zk0xbMs0y+7m1VnZf
8WAkLmFEc9RMot1JaYJUHaD7lqnsNpCFj/BIXg5Fc3qxH+3RxRndgaSWPwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBfE2zQq8H0xK7YxCHB0rSz3RNryMB8GA1UdIwQY
MBaAFNOUk6F5l9MejVqmzMmmvXV/FcAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDVTVG9YbVgweDZOV3FiTXlhYTlkWDhWd0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lODA0ZTQtN2YzMC00MDQ5LTk0OGIt
OTc5MjMyOTdjZGE3LzEvRjhUYk5DcndmVEVydGpFSWNIU3RMUGRFMnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lODA0ZTQtN2YzMC00MDQ5LTk0OGItOTc5MjMyOTdjZGE3
LzEvMDVTVG9YbVgweDZOV3FiTXlhYTlkWDhWd0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQGPnHAAwQC
uQ1EAwQCufwgAwQF1FMgMBQEAgACMA4DBQAqAA9IAwUDKgwgQDANBgkqhkiG9w0B
AQsFAAOCAQEAO+owABOfT8RYOzB2J9a9JOs/q3iIkT/16+YpeqBysI6Vau4O5uBj
ghvapJPhpxODmINqGNa52z07rvxnXRrbovbieeHbCNSbMZWz1QENEFt7HC2miZJ2
PsswJg0DRK3ZWc7hpthTxoD+bCh7s+o5wpDagRG0RzqZEYZ7zkebAAqQn3/aq6Ep
R72PgngJF/OOopOhc47cE3ue0X9riLz4CzKAln8mnMZUQ6YaRAImxN0aA+edKMkf
ec5WdbD3CNGct6MV0C0j3JDJJnno91mPZAFPZYOvTf1jdKrBRPoC7FLZFIYoouhe
YKY11dR2DfxFVa9txpiHEdtlGHElx4aJqQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:08 2024 by rpki-client on console-fra.rpki-client.org