Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/8Fyf1ulcFghwi42KexsVuvoEXpc.roa
File: 8Fyf1ulcFghwi42KexsVuvoEXpc.roa (raw, json)
Hash identifier: h6eEpzUfho/RZX45FYjsW5t4mkxHI424diFGdLSK6UM=
Subject key identifier: F0:5C:9F:D6:E9:5C:16:08:70:8B:8D:8A:7B:1B:15:BA:FA:04:5E:97
Certificate issuer: /CN=74198f7022b9560501db448af60301fa285e9236
Certificate serial: 018F0969534921C2353D961375C0F27A026D
Authority key identifier: 74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/8Fyf1ulcFghwi42KexsVuvoEXpc.roa
Signing time: Tue 23 Apr 2024 05:24:08 +0000
ROA not before: Tue 23 Apr 2024 05:24:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3342
IP address blocks: 92.241.192.0/20 maxlen: 20
92.241.216.0/21 maxlen: 21
157.250.160.0/20 maxlen: 20
178.72.16.0/21 maxlen: 21
185.98.96.0/22 maxlen: 22
185.157.132.0/22 maxlen: 22
185.170.132.0/22 maxlen: 22
212.237.250.0/23 maxlen: 23
2a06:b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dBmPcCK5VgUB20SK9gMB-ihekjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dBmPcCK5VgUB20SK9gMB-ihekjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:09:69:53:49:21:c2:35:3d:96:13:75:c0:f2:7a:02:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74198f7022b9560501db448af60301fa285e9236
Validity
Not Before: Apr 23 05:24:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f05c9fd6e95c1608708b8d8a7b1b15bafa045e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:e5:82:19:60:9a:50:33:84:85:f1:8e:33:
f1:13:ba:8d:66:90:f2:cc:41:82:1c:b9:fc:a7:7f:
35:8c:72:e7:21:e5:d8:8b:32:e0:2c:81:95:0e:8d:
54:71:90:ff:c1:a8:86:78:e5:d5:15:e4:81:9e:bb:
85:c6:6d:11:d2:98:13:27:d0:d5:9f:43:56:0d:e0:
1c:10:b4:e9:a2:22:ae:7e:18:bb:69:ac:97:1e:9f:
01:80:1e:f1:44:21:68:e7:f3:0f:d7:79:25:3a:4d:
1d:91:0a:51:fb:94:cc:6a:5d:10:5e:59:2b:4e:0a:
da:35:77:bc:99:c4:00:22:99:7a:b6:26:56:36:e2:
41:77:3b:79:a4:c4:70:d6:2f:5a:ba:6a:64:ea:2e:
7b:6d:6f:19:52:0e:17:93:25:15:0c:e8:5c:fe:9c:
b1:a1:2c:8a:0d:4f:41:8c:a5:a9:61:1d:8e:95:b5:
c8:93:ca:0b:a2:b9:af:d2:2f:88:70:de:97:a5:64:
b8:15:20:e2:e4:94:8c:05:87:af:7c:e3:53:0d:21:
89:8d:d3:6d:67:43:0f:dd:69:b9:85:40:9a:01:5d:
ce:ae:7d:94:93:b4:8b:7d:49:18:19:3f:3f:e6:e2:
8c:bc:4e:6e:ce:82:be:f0:40:0e:61:b4:9d:72:f7:
ca:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:5C:9F:D6:E9:5C:16:08:70:8B:8D:8A:7B:1B:15:BA:FA:04:5E:97
X509v3 Authority Key Identifier:
keyid:74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/8Fyf1ulcFghwi42KexsVuvoEXpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dBmPcCK5VgUB20SK9gMB-ihekjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.241.192.0/20
92.241.216.0/21
157.250.160.0/20
178.72.16.0/21
185.98.96.0/22
185.157.132.0/22
185.170.132.0/22
212.237.250.0/23
IPv6:
2a06:b00::/29
Signature Algorithm: sha256WithRSAEncryption
37:67:41:4f:e4:63:ae:2c:d0:32:01:f4:61:09:e6:09:c7:05:
db:6b:40:bf:79:6e:86:d4:7e:02:74:ee:d6:e0:65:59:2a:9e:
23:8f:e6:bf:32:2e:6b:9a:ee:b1:51:c2:bc:20:7d:13:3a:37:
29:ea:75:69:4d:eb:ac:a9:2d:9c:b2:52:83:10:7b:d4:72:cf:
0f:ff:29:ce:71:d7:bb:65:10:44:20:9c:21:8f:33:0c:c3:b5:
f4:5e:49:1a:df:5c:d5:34:d4:dd:16:27:68:f4:7c:d1:56:a7:
c3:35:b2:68:b9:cd:1f:a1:d3:e3:86:e2:11:b5:52:f3:ca:ed:
4e:32:69:ae:b1:70:15:8e:9a:f8:28:05:01:44:9b:3b:26:28:
be:be:c9:b6:2d:06:16:0d:4e:df:51:5f:bc:cd:e6:78:56:38:
e1:e1:27:f3:f6:2c:22:05:e1:1b:9c:bb:7e:59:dc:0d:c9:14:
34:8b:5a:8d:f0:5e:87:85:c6:a2:10:38:e3:c0:fb:64:c5:1f:
02:b8:59:05:f0:89:63:b1:8d:02:e9:3d:5d:30:0a:1d:01:e1:
55:8c:6d:ce:71:b2:3b:22:ac:b3:d6:d1:eb:cc:32:8e:56:8a:
1f:aa:73:19:84:c0:b8:59:2a:27:fd:21:87:2a:f1:a3:b0:99:
1c:b5:29:34
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY8JaVNJIcI1PZYTdcDyegJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTk4ZjcwMjJiOTU2MDUwMWRiNDQ4YWY2MDMwMWZhMjg1
ZTkyMzYwHhcNMjQwNDIzMDUyNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDVjOWZkNmU5NWMxNjA4NzA4YjhkOGE3YjFiMTViYWZhMDQ1ZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4rlghlgmlAzhIXxjjPxE7qNZpDy
zEGCHLn8p381jHLnIeXYizLgLIGVDo1UcZD/waiGeOXVFeSBnruFxm0R0pgTJ9DV
n0NWDeAcELTpoiKufhi7aayXHp8BgB7xRCFo5/MP13klOk0dkQpR+5TMal0QXlkr
TgraNXe8mcQAIpl6tiZWNuJBdzt5pMRw1i9aumpk6i57bW8ZUg4XkyUVDOhc/pyx
oSyKDU9BjKWpYR2OlbXIk8oLormv0i+IcN6XpWS4FSDi5JSMBYevfONTDSGJjdNt
Z0MP3Wm5hUCaAV3Orn2Uk7SLfUkYGT8/5uKMvE5uzoK+8EAOYbSdcvfKswIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPBcn9bpXBYIcIuNinsbFbr6BF6XMB8GA1UdIwQY
MBaAFHQZj3AiuVYFAdtEivYDAfooXpI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJtUGNDSzVWZ1VCMjBTSzlnTUItaWhla2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8xYmU1ZTEtNTZiNC00YzY2LWJlYWIt
NmYxNjM5NjZhZjhiLzEvOEZ5ZjF1bGNGZ2h3aTQyS2V4c1Z1dm9FWHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8xYmU1ZTEtNTZiNC00YzY2LWJlYWItNmYxNjM5NjZhZjhi
LzEvZEJtUGNDSzVWZ1VCMjBTSzlnTUItaWhla2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEXPHAAwQD
XPHYAwQEnfqgAwQDskgQAwQCuWJgAwQCuZ2EAwQCuaqEAwQB1O36MA0EAgACMAcD
BQMqBgsAMA0GCSqGSIb3DQEBCwUAA4IBAQA3Z0FP5GOuLNAyAfRhCeYJxwXba0C/
eW6G1H4CdO7W4GVZKp4jj+a/Mi5rmu6xUcK8IH0TOjcp6nVpTeusqS2cslKDEHvU
cs8P/ynOcde7ZRBEIJwhjzMMw7X0Xkka31zVNNTdFido9HzRVqfDNbJouc0fodPj
huIRtVLzyu1OMmmusXAVjpr4KAUBRJs7Jii+vsm2LQYWDU7fUV+8zeZ4Vjjh4Sfz
9iwiBeEbnLt+WdwNyRQ0i1qN8F6HhcaiEDjjwPtkxR8CuFkF8IljsY0C6T1dMAod
AeFVjG3OcbI7Iqyz1tHrzDKOVoofqnMZhMC4WSon/SGHKvGjsJkctSk0
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:59:01 2024 by rpki-client on console-ams.rpki-client.org