Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/pSNhVcz4ozKQCN-LCUrqu4lNRzQ.roa
File: pSNhVcz4ozKQCN-LCUrqu4lNRzQ.roa (raw, json)
Hash identifier: J/f/1amfAJOlGnKb0ytkwZwxYnhSDPmLNiJU63xKnhY=
Subject key identifier: A5:23:61:55:CC:F8:A3:32:90:08:DF:8B:09:4A:EA:BB:89:4D:47:34
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1E0213A1DBB7745FA979DA5788E47
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/pSNhVcz4ozKQCN-LCUrqu4lNRzQ.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211595
IP address blocks: 84.1.236.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
195.228.4.0/24 maxlen: 24
195.228.15.0/24 maxlen: 24
195.228.31.0/24 maxlen: 24
195.228.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e0:21:3a:1d:bb:77:45:fa:97:9d:a5:78:8e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5236155ccf8a3329008df8b094aeabb894d4734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:45:e1:fb:49:ae:6e:f8:6e:8e:35:b9:04:6c:
ad:f0:0a:a5:22:fd:d8:a0:b2:47:0c:bb:08:17:e6:
99:54:c9:6d:e3:a2:c9:e1:a5:5c:f9:da:2c:d3:fd:
53:70:f2:8a:82:19:78:5a:3f:77:c2:f6:80:70:5d:
ff:7a:87:7b:12:fa:c3:de:86:d7:42:b9:19:c8:bd:
c5:48:c2:37:90:be:76:d1:ab:3b:80:cd:d9:e8:4d:
e1:c8:dc:21:d8:8e:fa:28:ac:89:9f:05:8e:43:ad:
66:0d:aa:b0:18:95:87:90:66:f3:0e:9f:48:40:bb:
12:7e:6b:ce:b7:88:2e:78:7a:3b:00:11:c3:11:55:
86:b7:ea:02:fa:96:b7:22:26:98:b1:91:5f:4c:38:
a9:08:eb:3f:76:c4:04:d6:78:78:09:91:54:b0:82:
aa:0d:df:c2:40:0e:07:23:b7:46:b6:2d:ed:46:9a:
d7:8f:1f:c6:d4:45:2f:d9:8f:3d:42:53:0d:e8:64:
0e:f8:eb:1a:22:8b:3d:a5:f3:2f:18:92:86:ca:77:
34:25:3a:27:bb:ec:c4:0d:e6:44:0d:a0:a8:03:bb:
89:0e:a0:4c:91:68:66:21:bc:ff:c4:a6:37:28:f9:
a8:a9:83:a1:ea:47:f1:f6:a5:31:18:9a:e7:d5:c2:
b9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:23:61:55:CC:F8:A3:32:90:08:DF:8B:09:4A:EA:BB:89:4D:47:34
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/pSNhVcz4ozKQCN-LCUrqu4lNRzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.228.4.0/24
195.228.15.0/24
195.228.31.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
48:dd:c1:6d:ba:5c:28:58:96:b9:70:0e:39:5b:85:ec:74:3d:
61:d2:02:b0:6d:97:8d:91:29:7a:d0:d5:f4:36:13:18:89:29:
1f:4c:30:8c:50:a8:22:c4:c1:72:a9:dd:ba:c0:2c:db:3f:2d:
35:bb:2a:b5:dd:51:c1:79:de:f9:fd:a9:7e:a9:6f:a8:00:79:
35:55:2e:b2:9d:cf:04:42:5a:d6:0f:0c:12:db:b6:a9:8c:73:
9c:33:23:fc:bf:32:d9:fd:cf:2e:70:89:9f:2a:91:fe:ce:7e:
87:b0:7f:ec:4e:95:73:0e:28:2b:6d:85:78:2d:d5:fb:fd:39:
4d:3a:bb:6c:c3:3e:d2:08:bc:90:a2:7b:98:52:23:b8:35:50:
b1:91:6d:86:6d:1e:11:a4:b0:5d:ae:68:b4:24:dd:b8:ea:1d:
9c:f6:45:10:85:d5:ec:9a:78:da:b4:75:f2:58:32:f0:d7:ff:
d1:fb:b6:52:99:65:fd:29:38:38:30:e8:51:3c:5a:2a:8c:c9:
4d:54:c7:64:c1:de:da:20:21:34:52:6a:94:83:a0:dc:59:7d:
7b:37:3a:ef:41:20:f0:e4:78:7c:eb:a3:e2:3c:91:71:a6:77:
af:01:d2:8a:67:96:9e:2f:a8:ac:92:95:c0:c5:7e:e4:d1:d2:
0c:3e:48:a8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQhseAhOh27d0X6l52leI5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTIzNjE1NWNjZjhhMzMyOTAwOGRmOGIwOTRhZWFiYjg5NGQ0NzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEXh+0mubvhujjW5BGyt8AqlIv3Y
oLJHDLsIF+aZVMlt46LJ4aVc+dos0/1TcPKKghl4Wj93wvaAcF3/eod7EvrD3obX
QrkZyL3FSMI3kL520as7gM3Z6E3hyNwh2I76KKyJnwWOQ61mDaqwGJWHkGbzDp9I
QLsSfmvOt4gueHo7ABHDEVWGt+oC+pa3IiaYsZFfTDipCOs/dsQE1nh4CZFUsIKq
Dd/CQA4HI7dGti3tRprXjx/G1EUv2Y89QlMN6GQO+OsaIos9pfMvGJKGync0JTon
u+zEDeZEDaCoA7uJDqBMkWhmIbz/xKY3KPmoqYOh6kfx9qUxGJrn1cK5zQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKUjYVXM+KMykAjfiwlK6ruJTUc0MB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvcFNOaFZjejRvektRQ04tTENVcnF1NGxOUnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVAHsAwQA
VAI2AwQAw+QEAwQAw+QPAwQAw+QfAwQAw+RwMA0GCSqGSIb3DQEBCwUAA4IBAQBI
3cFtulwoWJa5cA45W4XsdD1h0gKwbZeNkSl60NX0NhMYiSkfTDCMUKgixMFyqd26
wCzbPy01uyq13VHBed75/al+qW+oAHk1VS6ync8EQlrWDwwS27apjHOcMyP8vzLZ
/c8ucImfKpH+zn6HsH/sTpVzDigrbYV4LdX7/TlNOrtswz7SCLyQonuYUiO4NVCx
kW2GbR4RpLBdrmi0JN246h2c9kUQhdXsmnjatHXyWDLw1//R+7ZSmWX9KTg4MOhR
PFoqjMlNVMdkwd7aICE0UmqUg6DcWX17NzrvQSDw5Hh866PiPJFxpnevAdKKZ5ae
L6iskpXAxX7k0dIMPkio
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:45 2025 by rpki-client