Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/8S3U_gNtf0RLpPdhe1kHeI4kj-k.roa
File: 8S3U_gNtf0RLpPdhe1kHeI4kj-k.roa (raw, json)
Hash identifier: p+Tc5//DpVpQb1QKeekbOBIiNcElynntjNUBNEUhR2c=
Subject key identifier: F1:2D:D4:FE:03:6D:7F:44:4B:A4:F7:61:7B:59:07:78:8E:24:8F:E9
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 01918FC4767C419AA7FD6F2F7203781D51B4
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/8S3U_gNtf0RLpPdhe1kHeI4kj-k.roa
Signing time: Mon 26 Aug 2024 17:38:22 +0000
ROA not before: Mon 26 Aug 2024 17:38:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.188.0/22 maxlen: 22
5.181.189.0/24 maxlen: 24
91.223.3.0/24 maxlen: 24
95.214.52.0/22 maxlen: 23
95.214.52.0/23 maxlen: 23
95.214.54.0/23 maxlen: 23
146.19.24.0/24 maxlen: 24
178.211.139.0/24 maxlen: 24
185.16.36.0/22 maxlen: 24
185.225.191.0/24 maxlen: 24
185.248.24.0/24 maxlen: 24
193.34.212.0/22 maxlen: 22
193.34.212.0/23 maxlen: 23
193.34.214.0/23 maxlen: 23
193.34.215.0/24 maxlen: 24
195.3.220.0/22 maxlen: 22
195.3.220.0/23 maxlen: 23
195.3.222.0/23 maxlen: 23
195.3.222.0/24 maxlen: 24
212.23.222.0/24 maxlen: 24
2a03:cfc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8f:c4:76:7c:41:9a:a7:fd:6f:2f:72:03:78:1d:51:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Aug 26 17:38:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f12dd4fe036d7f444ba4f7617b5907788e248fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:74:67:fb:f9:04:03:11:58:f2:41:0c:b4:fd:
c6:88:4b:cc:27:37:6e:06:e0:d2:c0:d6:31:45:ca:
fe:d8:5f:05:a6:fc:e6:93:89:28:0a:7e:71:80:10:
a3:54:f5:bd:62:c6:2b:ed:9e:c7:5a:6b:a6:72:ea:
45:a0:ab:3a:10:f3:5e:da:e0:ac:a1:41:52:45:87:
92:7a:26:f8:1e:33:70:f9:8d:17:0c:4f:86:48:39:
e8:d9:c7:25:5b:b4:b1:a5:4a:f6:85:e9:f5:36:ba:
84:83:fa:70:a4:d0:6e:0d:f2:e0:09:b4:ad:81:4f:
bb:c4:08:b2:11:ad:bb:8e:18:c2:bc:df:9e:4c:cc:
06:81:f0:f0:4a:87:23:47:e9:62:86:a7:56:39:d7:
c9:13:a0:d0:77:53:ad:24:cb:a1:b4:45:e7:a5:97:
4c:a9:fc:08:20:8e:03:94:a4:40:de:4b:93:10:07:
bd:dc:d3:6e:6d:f1:0f:81:7b:92:b2:8c:61:b1:ed:
0b:1a:f6:ab:d7:b7:a4:07:6f:38:3b:e1:86:2d:10:
09:e9:f6:50:85:0f:57:24:ec:be:a7:f3:c5:2e:f4:
84:dc:f4:0a:77:dc:a5:2e:2b:56:fe:40:79:7a:b1:
87:72:62:5d:2a:d9:ca:d1:c7:d7:e8:32:1f:04:e1:
f2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2D:D4:FE:03:6D:7F:44:4B:A4:F7:61:7B:59:07:78:8E:24:8F:E9
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/8S3U_gNtf0RLpPdhe1kHeI4kj-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
91.223.3.0/24
95.214.52.0/22
146.19.24.0/24
178.211.139.0/24
185.16.36.0/22
185.225.191.0/24
185.248.24.0/24
193.34.212.0/22
195.3.220.0/22
212.23.222.0/24
IPv6:
2a03:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
38:70:96:59:9e:ce:81:0b:93:a9:22:ad:29:f2:59:f0:18:31:
12:d4:01:eb:c0:ce:3d:5b:2d:c2:4f:fa:be:5d:b9:89:0d:89:
e6:8b:5b:5a:de:b5:f7:30:0c:43:82:f5:c5:e6:a0:19:15:5a:
33:2d:b6:ff:5c:76:a1:1d:fd:85:fd:73:50:d4:4d:c9:b5:32:
85:47:dd:36:d5:29:ca:76:7d:d1:b9:03:d3:4a:c5:a8:6c:a2:
fa:74:74:eb:39:96:88:e2:46:7e:12:b8:94:87:1a:c8:19:41:
c1:c6:91:83:3f:33:40:bd:8d:2d:47:2d:9c:fc:28:9c:44:1c:
5b:da:55:56:88:fd:8d:81:c0:a1:0e:7f:c4:26:00:dd:79:9b:
23:5b:ab:fe:81:a0:77:33:48:1a:c3:07:4d:72:47:9f:f9:d9:
35:86:2e:f5:d1:b3:ff:40:22:6e:9f:38:ca:7f:90:41:b8:6c:
74:ac:39:3d:b4:d5:25:69:02:72:84:94:b5:8e:01:17:70:b1:
ed:32:1b:5a:5c:ce:8a:14:0b:51:27:ba:37:df:56:4e:d9:28:
92:cf:0b:18:fe:d8:c8:92:5f:45:99:dd:e7:9e:cd:ab:de:f1:
a0:8e:16:14:fa:7e:9a:ec:14:3d:1f:51:25:f9:62:1d:d8:b1:
1c:10:ab:4e
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZGPxHZ8QZqn/W8vcgN4HVG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjQwODI2MTczODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTJkZDRmZTAzNmQ3ZjQ0NGJhNGY3NjE3YjU5MDc3ODhlMjQ4ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnRn+/kEAxFY8kEMtP3GiEvMJzdu
BuDSwNYxRcr+2F8Fpvzmk4koCn5xgBCjVPW9YsYr7Z7HWmumcupFoKs6EPNe2uCs
oUFSRYeSeib4HjNw+Y0XDE+GSDno2cclW7SxpUr2hen1NrqEg/pwpNBuDfLgCbSt
gU+7xAiyEa27jhjCvN+eTMwGgfDwSocjR+lihqdWOdfJE6DQd1OtJMuhtEXnpZdM
qfwIII4DlKRA3kuTEAe93NNubfEPgXuSsoxhse0LGvar17ekB284O+GGLRAJ6fZQ
hQ9XJOy+p/PFLvSE3PQKd9ylLitW/kB5erGHcmJdKtnK0cfX6DIfBOHy2QIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFPEt1P4DbX9ES6T3YXtZB3iOJI/pMB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvOFMzVV9nTnRmMFJMcFBkaGUxa0hlSTRrai1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQCBbW8AwQA
W98DAwQCX9Y0AwQAkhMYAwQAstOLAwQCuRAkAwQAueG/AwQAufgYAwQCwSLUAwQC
wwPcAwQA1BfeMA0EAgACMAcDBQAqA8/AMA0GCSqGSIb3DQEBCwUAA4IBAQA4cJZZ
ns6BC5OpIq0p8lnwGDES1AHrwM49Wy3CT/q+XbmJDYnmi1ta3rX3MAxDgvXF5qAZ
FVozLbb/XHahHf2F/XNQ1E3JtTKFR9021SnKdn3RuQPTSsWobKL6dHTrOZaI4kZ+
EriUhxrIGUHBxpGDPzNAvY0tRy2c/CicRBxb2lVWiP2NgcChDn/EJgDdeZsjW6v+
gaB3M0gawwdNckef+dk1hi710bP/QCJunzjKf5BBuGx0rDk9tNUlaQJyhJS1jgEX
cLHtMhtaXM6KFAtRJ7o331ZO2SiSzwsY/tjIkl9Fmd3nns2r3vGgjhYU+n6a7BQ9
H1El+WId2LEcEKtO
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:53 2024 by rpki-client on console-ams.rpki-client.org