Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/S8_XJzDsgwOZ8ktGIdqaGxgfoFY.roa
File: S8_XJzDsgwOZ8ktGIdqaGxgfoFY.roa (raw, json)
Hash identifier: 4JJso85fN6VUSuicVinGOHLgJHIuWcouO20h8sUv5nU=
Subject key identifier: 4B:CF:D7:27:30:EC:83:03:99:F2:4B:46:21:DA:9A:1B:18:1F:A0:56
Certificate issuer: /CN=1da443c33de5ae43506fd2406b7653661c527334
Certificate serial: 018DE5BC702EB959A0979D05CD438E3FFE35
Authority key identifier: 1D:A4:43:C3:3D:E5:AE:43:50:6F:D2:40:6B:76:53:66:1C:52:73:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/S8_XJzDsgwOZ8ktGIdqaGxgfoFY.roa
Signing time: Mon 26 Feb 2024 14:05:48 +0000
ROA not before: Mon 26 Feb 2024 14:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51331
IP address blocks: 188.246.114.0/24 maxlen: 24
188.246.115.0/24 maxlen: 24
188.246.116.0/22 maxlen: 22
188.246.116.0/24 maxlen: 24
188.246.117.0/24 maxlen: 24
188.246.118.0/24 maxlen: 24
188.246.119.0/24 maxlen: 24
2a00:c587:fd00::/40 maxlen: 40
2a00:c587:fe00::/40 maxlen: 40
2a00:c587:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 11:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:bc:70:2e:b9:59:a0:97:9d:05:cd:43:8e:3f:fe:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1da443c33de5ae43506fd2406b7653661c527334
Validity
Not Before: Feb 26 14:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bcfd72730ec830399f24b4621da9a1b181fa056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d0:f7:bf:08:2f:e1:97:50:82:d8:b2:1e:d7:
2a:d2:6b:12:e3:b6:b6:d2:01:f3:ad:37:06:59:07:
ae:8a:e9:3e:98:85:1c:bd:46:25:26:ce:54:da:31:
69:ab:f6:ac:ca:53:97:45:b2:b3:ff:dd:e9:3b:eb:
b5:d9:a7:30:3c:12:57:1b:c5:f2:70:fe:5b:6e:1d:
5d:08:52:6d:43:c3:b3:2e:65:e4:c1:e1:02:b3:8e:
aa:04:92:80:1b:c7:f5:17:76:97:ad:99:e4:29:74:
85:0b:aa:c4:27:db:be:53:1d:ac:68:e7:4e:3a:41:
81:eb:cd:eb:0e:1f:67:5e:11:5d:8c:00:33:02:c9:
01:b3:4f:dc:0b:4e:c9:43:81:7a:09:e4:8f:00:07:
5e:66:1f:b9:bd:a2:c2:38:86:02:e3:41:c5:2d:66:
58:d3:dd:6b:31:cd:bc:34:54:7b:3e:07:1e:c4:b3:
6b:48:54:9d:2c:c7:b0:8d:11:78:88:0b:cd:4e:9d:
65:19:63:46:30:73:ff:93:74:67:8f:80:82:e6:11:
c5:d8:15:ef:9d:0d:9b:09:25:98:47:74:60:b4:3d:
82:c2:9b:4a:dc:8e:9a:b9:8f:a8:cf:9a:1f:1e:cd:
ee:fe:04:3f:e5:30:2b:58:36:6c:ca:55:cb:3e:f4:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CF:D7:27:30:EC:83:03:99:F2:4B:46:21:DA:9A:1B:18:1F:A0:56
X509v3 Authority Key Identifier:
keyid:1D:A4:43:C3:3D:E5:AE:43:50:6F:D2:40:6B:76:53:66:1C:52:73:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/S8_XJzDsgwOZ8ktGIdqaGxgfoFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/67a849-1106-45d0-b722-fe40a05aba7f/1/HaRDwz3lrkNQb9JAa3ZTZhxSczQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.246.114.0-188.246.119.255
IPv6:
2a00:c587:fd00::-2a00:c587:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
98:cc:ea:97:a0:12:af:66:bc:20:50:0d:c6:a6:bf:6a:9f:33:
29:fe:1b:19:2c:1d:59:e4:ac:2d:2b:f1:ce:5b:be:81:22:95:
67:0c:ac:e6:09:72:c8:99:9c:18:27:fc:60:c8:04:78:ea:e5:
30:e7:92:45:c1:41:df:64:0f:38:ef:3b:bc:bc:77:00:9e:49:
98:e2:78:a9:df:af:5a:df:41:b9:2d:db:68:b3:38:7c:ae:4d:
95:b1:40:cb:49:ad:21:36:75:0e:4e:ba:f6:ae:01:e8:3a:d2:
57:47:eb:79:d6:49:97:50:6f:40:ad:dc:bf:2e:b9:13:b3:3d:
e0:7c:f7:3f:76:c0:d2:d1:a6:70:ed:e5:d4:b9:9c:f2:ec:7f:
18:29:3d:cb:ad:78:7e:7d:5b:85:b1:39:c6:9a:0a:2f:4a:b3:
11:7e:d5:2b:df:ec:77:e0:d2:c4:68:e0:23:8e:0f:7d:b5:d0:
6c:ea:90:46:e4:ce:03:11:5e:5b:8e:61:39:ae:13:31:78:2e:
85:68:86:b6:ed:ba:15:bc:7e:f5:ce:05:9c:68:95:95:d5:88:
63:c4:55:23:7b:27:fc:34:1e:9d:ee:41:ca:48:2c:c0:fa:f1:
3b:53:07:72:76:50:55:94:29:0c:20:d1:78:11:44:aa:c5:4d:
fd:21:75:49
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY3lvHAuuVmgl50FzUOOP/41MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYTQ0M2MzM2RlNWFlNDM1MDZmZDI0MDZiNzY1MzY2MWM1
MjczMzQwHhcNMjQwMjI2MTQwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmNmZDcyNzMwZWM4MzAzOTlmMjRiNDYyMWRhOWExYjE4MWZhMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtD3vwgv4ZdQgtiyHtcq0msS47a2
0gHzrTcGWQeuiuk+mIUcvUYlJs5U2jFpq/asylOXRbKz/93pO+u12acwPBJXG8Xy
cP5bbh1dCFJtQ8OzLmXkweECs46qBJKAG8f1F3aXrZnkKXSFC6rEJ9u+Ux2saOdO
OkGB683rDh9nXhFdjAAzAskBs0/cC07JQ4F6CeSPAAdeZh+5vaLCOIYC40HFLWZY
091rMc28NFR7PgcexLNrSFSdLMewjRF4iAvNTp1lGWNGMHP/k3Rnj4CC5hHF2BXv
nQ2bCSWYR3RgtD2CwptK3I6auY+oz5ofHs3u/gQ/5TArWDZsylXLPvQm1wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEvP1ycw7IMDmfJLRiHamhsYH6BWMB8GA1UdIwQY
MBaAFB2kQ8M95a5DUG/SQGt2U2YcUnM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGFSRHd6M2xya05RYjlKQWEzWlRaaHhTY3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82N2E4NDktMTEwNi00NWQwLWI3MjIt
ZmU0MGEwNWFiYTdmLzEvUzhfWEp6RHNnd09aOGt0R0lkcWFHeGdmb0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82N2E4NDktMTEwNi00NWQwLWI3MjItZmU0MGEwNWFiYTdm
LzEvSGFSRHd6M2xya05RYjlKQWEzWlRaaHhTY3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBAG89nID
BAO89nAwFwQCAAIwETAPAwYAKgDFh/0DBQMqAMWAMA0GCSqGSIb3DQEBCwUAA4IB
AQCYzOqXoBKvZrwgUA3Gpr9qnzMp/hsZLB1Z5KwtK/HOW76BIpVnDKzmCXLImZwY
J/xgyAR46uUw55JFwUHfZA847zu8vHcAnkmY4nip369a30G5Ldtoszh8rk2VsUDL
Sa0hNnUOTrr2rgHoOtJXR+t51kmXUG9Ardy/LrkTsz3gfPc/dsDS0aZw7eXUuZzy
7H8YKT3LrXh+fVuFsTnGmgovSrMRftUr3+x34NLEaOAjjg99tdBs6pBG5M4DEV5b
jmE5rhMxeC6FaIa27boVvH71zgWcaJWV1YhjxFUjeyf8NB6d7kHKSCzA+vE7Uwdy
dlBVlCkMINF4EUSqxU39IXVJ
-----END CERTIFICATE-----
Generated at Fri May 10 17:28:14 2024 by rpki-client on console-ams.rpki-client.org