Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/IcRRlivrlKJvDp19mIAlMnhGLNk.roa
File: IcRRlivrlKJvDp19mIAlMnhGLNk.roa (raw, json)
Hash identifier: EsfniKX6gYA40BnllWIazQj16gEnW+6CfBGmHqxl6hY=
Subject key identifier: 21:C4:51:96:2B:EB:94:A2:6F:0E:9D:7D:98:80:25:32:78:46:2C:D9
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBD62C42B51963F47DFA8072B02426
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/IcRRlivrlKJvDp19mIAlMnhGLNk.roa
Signing time: Tue 02 Jan 2024 10:32:59 +0000
ROA not before: Tue 02 Jan 2024 10:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211595
IP address blocks: 195.228.112.0/24 maxlen: 24
195.228.4.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
195.228.15.0/24 maxlen: 24
195.228.31.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:d6:2c:42:b5:19:63:f4:7d:fa:80:72:b0:24:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21c451962beb94a26f0e9d7d9880253278462cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f1:39:30:a6:ae:6a:a6:59:5b:94:c6:8d:62:
87:fd:31:71:6e:89:8f:f2:9e:b5:01:d5:31:d6:e3:
fb:ae:b5:95:c7:18:03:30:40:c8:b5:87:8a:dd:24:
8f:b1:4d:a4:d7:14:e5:c1:f6:d2:41:6c:4b:96:f9:
69:33:0e:84:65:fa:f0:d5:2e:c1:db:8c:16:2e:5b:
e9:e9:5c:00:83:dd:35:50:65:3a:cb:a7:1a:c1:3b:
eb:1c:6b:ac:4b:dd:5c:35:c6:a9:c5:95:6f:4d:df:
f6:74:55:69:f4:7e:11:83:3b:d0:97:69:5e:5c:d8:
38:a5:43:11:3b:c0:c8:1e:ed:56:79:2f:a1:f1:1f:
1c:7f:73:17:d6:d5:75:5b:5b:3e:3a:53:7e:f1:29:
f4:3f:7b:22:77:13:17:2d:f2:e0:a2:b8:18:9f:ba:
1c:86:6c:d2:07:ff:8a:32:d9:5c:3c:78:7a:be:ca:
20:ed:94:15:41:fa:05:f2:a5:44:52:1a:7d:b1:a9:
03:db:7d:f5:4d:8b:72:2a:7d:bc:7c:2c:39:27:82:
4b:25:6f:7b:cd:fd:90:06:8c:93:74:2b:31:43:bb:
c0:15:f3:b8:bf:fc:9a:c3:99:a3:09:a9:0a:e0:cf:
8b:5c:da:04:8e:6f:c2:b7:08:9a:1d:c2:33:53:cf:
b8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C4:51:96:2B:EB:94:A2:6F:0E:9D:7D:98:80:25:32:78:46:2C:D9
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/IcRRlivrlKJvDp19mIAlMnhGLNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.228.4.0/24
195.228.15.0/24
195.228.31.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:2f:05:a1:8a:56:d3:0a:37:8e:00:81:bb:b8:5a:6e:78:0b:
32:b1:f6:78:07:4f:bc:bb:8a:e7:6c:f6:de:49:96:d2:13:8b:
ef:17:93:ed:e2:c6:76:aa:41:09:a1:10:b6:cd:ff:c9:8c:30:
bd:c8:db:f8:84:d9:7d:7d:de:9c:40:25:8e:02:ec:1f:ec:46:
bf:8d:49:54:b1:f7:ab:01:78:57:07:44:72:df:89:4e:14:f0:
97:dc:27:87:bd:20:99:05:f7:c4:c5:84:31:db:2e:ef:dd:a7:
84:98:b0:27:71:ee:7c:81:13:b7:1b:c1:8d:2d:65:89:69:b5:
69:ef:c3:91:c2:8f:57:dd:5f:fa:3f:6f:bb:05:a7:f6:41:af:
fe:c1:4b:91:36:89:0f:1f:e3:47:22:4d:39:ef:2d:b6:68:6c:
5d:0a:40:b3:c8:d2:2d:ce:30:94:e5:2b:58:45:80:6d:9f:3c:
2a:fe:51:50:e8:57:99:5c:8e:fa:88:93:ed:d7:5e:d8:b3:76:
be:28:f3:ef:41:45:89:ed:c2:51:62:7d:8a:81:7f:5a:a8:f8:
7c:33:6e:1e:83:e9:28:98:0f:dc:49:ca:83:28:d0:88:55:05:
01:58:b4:3b:2c:dd:38:a6:45:b5:14:d6:25:84:e2:ec:17:18:
05:eb:56:94
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJu9YsQrUZY/R9+oBysCQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWM0NTE5NjJiZWI5NGEyNmYwZTlkN2Q5ODgwMjUzMjc4NDYyY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfE5MKauaqZZW5TGjWKH/TFxbomP
8p61AdUx1uP7rrWVxxgDMEDItYeK3SSPsU2k1xTlwfbSQWxLlvlpMw6EZfrw1S7B
24wWLlvp6VwAg901UGU6y6cawTvrHGusS91cNcapxZVvTd/2dFVp9H4RgzvQl2le
XNg4pUMRO8DIHu1WeS+h8R8cf3MX1tV1W1s+OlN+8Sn0P3sidxMXLfLgorgYn7oc
hmzSB/+KMtlcPHh6vsog7ZQVQfoF8qVEUhp9sakD2331TYtyKn28fCw5J4JLJW97
zf2QBoyTdCsxQ7vAFfO4v/yaw5mjCakK4M+LXNoEjm/CtwiaHcIzU8+4PQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCHEUZYr65Sibw6dfZiAJTJ4RizZMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvSWNSUmxpdnJsS0p2RHAxOW1JQWxNbmhHTE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVAHsAwQA
VAI2AwQAw+QEAwQAw+QPAwQAw+QfAwQAw+RwMA0GCSqGSIb3DQEBCwUAA4IBAQBt
LwWhilbTCjeOAIG7uFpueAsysfZ4B0+8u4rnbPbeSZbSE4vvF5Pt4sZ2qkEJoRC2
zf/JjDC9yNv4hNl9fd6cQCWOAuwf7Ea/jUlUsferAXhXB0Ry34lOFPCX3CeHvSCZ
BffExYQx2y7v3aeEmLAnce58gRO3G8GNLWWJabVp78ORwo9X3V/6P2+7Baf2Qa/+
wUuRNokPH+NHIk057y22aGxdCkCzyNItzjCU5StYRYBtnzwq/lFQ6FeZXI76iJPt
117Ys3a+KPPvQUWJ7cJRYn2KgX9aqPh8M24eg+komA/cScqDKNCIVQUBWLQ7LN04
pkW1FNYlhOLsFxgF61aU
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:25:27 2024 by rpki-client on console-fra.rpki-client.org