Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/_6sxy31l23Ebt-7OJZAYWUkexGY.roa
File: _6sxy31l23Ebt-7OJZAYWUkexGY.roa (raw, json)
Hash identifier: UXZdcK1cO0QOscYIezG2c7Twcjx54hSloxJdrM+D6l8=
Subject key identifier: FF:AB:31:CB:7D:65:DB:71:1B:B7:EE:CE:25:90:18:59:49:1E:C4:66
Certificate issuer: /CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Certificate serial: 018CC3B73FAE24BAB8B660BDA1D0E0275988
Authority key identifier: EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/_6sxy31l23Ebt-7OJZAYWUkexGY.roa
Signing time: Mon 01 Jan 2024 06:30:15 +0000
ROA not before: Mon 01 Jan 2024 06:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8251
IP address blocks: 212.79.96.0/20 maxlen: 20
31.47.96.0/20 maxlen: 20
185.99.64.0/22 maxlen: 22
81.201.48.0/21 maxlen: 21
81.201.56.0/21 maxlen: 21
81.201.48.175/32 maxlen: 32
78.108.96.0/20 maxlen: 20
2a01:490::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/71CC03-8gZmL_PlIpbvdpj7f3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/71CC03-8gZmL_PlIpbvdpj7f3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 00:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3f:ae:24:ba:b8:b6:60:bd:a1:d0:e0:27:59:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef5082d37fbc81998bfcf948a5bbdda63edfdee0
Validity
Not Before: Jan 1 06:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffab31cb7d65db711bb7eece25901859491ec466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:47:27:78:b5:15:af:8d:c9:87:5f:d7:6c:9c:
4a:9f:0e:c1:38:0e:0f:2c:ef:13:fb:da:30:5a:cb:
af:03:a2:ec:c7:a8:a9:bc:5b:01:c9:e6:6d:e3:b0:
8c:bc:08:49:0f:34:39:7c:e0:2f:4b:f0:d6:13:8f:
6c:3a:5a:01:48:be:c2:65:dc:0f:34:67:fc:da:60:
f9:45:19:a9:9e:78:4b:34:56:18:87:40:96:4e:56:
39:c9:94:51:b7:e0:88:c3:4e:26:20:55:21:c3:38:
ae:4e:aa:d0:12:18:20:8b:3f:fb:c0:bc:95:87:96:
31:23:d0:c8:d8:60:5c:e7:50:74:23:83:84:9f:27:
d9:ff:73:9d:ad:72:2f:a7:0a:aa:02:3f:40:9e:7b:
77:8a:4c:71:e4:45:84:78:e7:40:47:05:7c:34:70:
ae:eb:ba:ed:32:47:0f:6d:0e:9e:52:0c:52:d2:1c:
5a:a3:a1:d7:3f:02:dd:ef:7d:74:6a:7a:88:3b:c9:
89:9f:c5:da:88:09:b3:82:c9:2f:c3:1f:e3:8c:d2:
3f:88:2e:e6:e5:cb:b5:9e:5d:47:8e:b7:8b:f7:2d:
3b:69:4e:9b:96:17:ef:8d:11:4e:2d:68:1e:d8:08:
1f:aa:60:95:4c:6b:cd:c1:62:96:f5:7d:04:12:fb:
0f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AB:31:CB:7D:65:DB:71:1B:B7:EE:CE:25:90:18:59:49:1E:C4:66
X509v3 Authority Key Identifier:
keyid:EF:50:82:D3:7F:BC:81:99:8B:FC:F9:48:A5:BB:DD:A6:3E:DF:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71CC03-8gZmL_PlIpbvdpj7f3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/_6sxy31l23Ebt-7OJZAYWUkexGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/0c3c4d-01d2-440a-a51f-9195d02ded55/1/71CC03-8gZmL_PlIpbvdpj7f3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.96.0/20
78.108.96.0/20
81.201.48.0/20
185.99.64.0/22
212.79.96.0/20
IPv6:
2a01:490::/32
Signature Algorithm: sha256WithRSAEncryption
75:ce:28:d6:47:16:16:f5:2c:89:61:8e:54:72:b8:24:93:68:
dc:10:d3:72:bb:fa:e0:27:58:93:24:b6:48:8d:64:9f:18:ab:
95:37:9b:e5:9e:76:89:dc:9b:e2:81:09:36:45:ea:b7:03:da:
c7:dc:c0:e7:d9:c4:ef:fc:31:d5:f1:2d:f0:cf:76:35:87:df:
a5:a7:07:5a:50:0c:03:b9:6d:e7:ee:b8:9b:55:93:8e:0a:93:
92:fa:6d:59:3f:08:08:d0:6c:07:8c:6e:b6:6b:20:3d:89:b9:
19:c4:d9:eb:6e:35:a4:7e:38:8f:90:ab:d9:d6:fd:65:ed:ad:
e8:88:f4:73:62:16:c4:ea:ff:d8:1e:5b:2e:86:c8:c1:1e:ab:
22:bd:92:0a:85:a2:70:3d:d1:7b:dd:0f:db:65:a2:b7:9d:44:
ee:64:48:c8:1b:f7:27:d3:86:e6:e5:fb:52:6c:3b:b2:e1:41:
e8:04:e7:f4:c0:f5:7d:ba:78:d5:bf:50:aa:5d:e9:0e:0f:8a:
f7:e6:9b:51:8f:09:84:3f:fc:0c:ea:ea:ef:49:a3:4c:61:d1:
3f:d3:34:c6:37:65:88:91:03:5c:5b:f9:db:8d:f9:13:9d:cc:
5a:3d:c4:3c:ab:58:e7:66:a2:26:0e:2b:22:be:73:cb:4f:7b:
a7:25:8e:33
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtz+uJLq4tmC9odDgJ1mIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTA4MmQzN2ZiYzgxOTk4YmZjZjk0OGE1YmJkZGE2M2Vk
ZmRlZTAwHhcNMjQwMTAxMDYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmFiMzFjYjdkNjVkYjcxMWJiN2VlY2UyNTkwMTg1OTQ5MWVjNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEcneLUVr43Jh1/XbJxKnw7BOA4P
LO8T+9owWsuvA6Lsx6ipvFsByeZt47CMvAhJDzQ5fOAvS/DWE49sOloBSL7CZdwP
NGf82mD5RRmpnnhLNFYYh0CWTlY5yZRRt+CIw04mIFUhwziuTqrQEhggiz/7wLyV
h5YxI9DI2GBc51B0I4OEnyfZ/3OdrXIvpwqqAj9Annt3ikxx5EWEeOdARwV8NHCu
67rtMkcPbQ6eUgxS0hxao6HXPwLd7310anqIO8mJn8XaiAmzgskvwx/jjNI/iC7m
5cu1nl1HjreL9y07aU6blhfvjRFOLWge2AgfqmCVTGvNwWKW9X0EEvsPHwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP+rMct9ZdtxG7fuziWQGFlJHsRmMB8GA1UdIwQY
MBaAFO9QgtN/vIGZi/z5SKW73aY+397gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYt
OTE5NWQwMmRlZDU1LzEvXzZzeHkzMWwyM0VidC03T0paQVlXVWtleEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wYzNjNGQtMDFkMi00NDBhLWE1MWYtOTE5NWQwMmRlZDU1
LzEvNzFDQzAzLThnWm1MX1BsSXBidmRwajdmM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEHy9gAwQE
TmxgAwQEUckwAwQCuWNAAwQE1E9gMA0EAgACMAcDBQAqAQSQMA0GCSqGSIb3DQEB
CwUAA4IBAQB1zijWRxYW9SyJYY5Ucrgkk2jcENNyu/rgJ1iTJLZIjWSfGKuVN5vl
nnaJ3JvigQk2Req3A9rH3MDn2cTv/DHV8S3wz3Y1h9+lpwdaUAwDuW3n7ribVZOO
CpOS+m1ZPwgI0GwHjG62ayA9ibkZxNnrbjWkfjiPkKvZ1v1l7a3oiPRzYhbE6v/Y
HlsuhsjBHqsivZIKhaJwPdF73Q/bZaK3nUTuZEjIG/cn04bm5ftSbDuy4UHoBOf0
wPV9unjVv1CqXekOD4r35ptRjwmEP/wM6urvSaNMYdE/0zTGN2WIkQNcW/nbjfkT
ncxaPcQ8q1jnZqImDisivnPLT3unJY4z
-----END CERTIFICATE-----
Generated at Sun May 19 06:42:24 2024 by rpki-client on console-ams.rpki-client.org