Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/86GDzxR4i-ntXsEjVx1DqpFWVvI.roa
File: 86GDzxR4i-ntXsEjVx1DqpFWVvI.roa (raw, json)
Hash identifier: prNtSh0x3JQ5Z79ZzoGVnff1Xkp2ptFpVmjIp//A1Lk=
Subject key identifier: F3:A1:83:CF:14:78:8B:E9:ED:5E:C1:23:57:1D:43:AA:91:56:56:F2
Certificate issuer: /CN=5ca053dfe7712ee63dbff640fae07308d66ce748
Certificate serial: 018CC5DC590805F40C3312DB951E84F4F087
Authority key identifier: 5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/86GDzxR4i-ntXsEjVx1DqpFWVvI.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8426
IP address blocks: 80.67.96.0/20 maxlen: 24
92.54.0.0/18 maxlen: 18
185.10.168.0/22 maxlen: 22
2a02:a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.mft
rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:59:08:05:f4:0c:33:12:db:95:1e:84:f4:f0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ca053dfe7712ee63dbff640fae07308d66ce748
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3a183cf14788be9ed5ec123571d43aa915656f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:14:98:29:62:7e:36:66:1e:21:05:b4:70:4e:
08:b1:c1:3c:46:37:47:00:99:e2:4e:84:0e:21:12:
d8:b1:fc:b9:ef:45:b8:93:7d:d4:67:ba:5f:c7:2f:
6e:45:37:b9:d8:81:0a:e0:de:5d:14:dd:f2:98:8f:
62:24:7e:09:03:2c:9f:53:5b:6e:b4:f8:2b:b9:a0:
a5:55:c6:ea:89:4c:3e:ed:f8:4c:37:c8:4c:9c:4a:
ab:15:6c:7e:06:91:9a:86:8b:e0:6e:97:dd:64:d7:
39:76:6b:29:da:f7:3f:31:9d:7b:87:80:f4:24:d7:
f6:db:0f:ac:32:79:5a:58:51:93:c1:af:1d:c2:a6:
02:85:1c:33:4d:80:e1:fd:de:5c:2c:b9:84:dd:ca:
40:fc:41:db:42:15:fc:ef:43:e8:00:04:0e:e4:d9:
c8:92:e5:74:fc:8f:48:4a:ab:a9:22:64:5b:7e:92:
d8:d5:ed:8e:3b:77:a7:18:7d:7b:a2:26:f5:c6:5d:
47:cd:11:46:ad:91:55:cc:5d:d9:87:32:c1:9d:60:
6c:d6:8b:0e:bc:07:20:8d:29:95:74:f7:cc:b2:c9:
40:5d:73:71:f5:83:6b:c1:6e:d4:f6:4d:1d:0e:82:
ca:ab:d1:e3:10:f1:58:da:71:e2:c5:70:a7:80:b0:
3d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A1:83:CF:14:78:8B:E9:ED:5E:C1:23:57:1D:43:AA:91:56:56:F2
X509v3 Authority Key Identifier:
keyid:5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/86GDzxR4i-ntXsEjVx1DqpFWVvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.96.0/20
92.54.0.0/18
185.10.168.0/22
IPv6:
2a02:a0::/32
Signature Algorithm: sha256WithRSAEncryption
a9:1d:15:c9:b5:73:00:a0:50:ec:f8:5e:3a:85:e7:8c:a5:54:
9f:88:d2:ba:51:4d:c2:53:ea:60:ce:d0:1c:76:1d:39:e8:b2:
be:21:b5:81:d3:9e:1a:9d:74:23:9f:7d:aa:e1:76:b6:02:35:
20:2d:25:05:4b:c7:d3:1e:fb:5f:bc:19:5f:03:3e:e5:ae:3a:
e9:df:b6:8d:77:33:ac:fc:07:5a:47:e6:77:26:72:0b:9d:d2:
87:d1:26:fc:c8:19:e8:e0:7d:4b:1f:0b:4b:58:76:7c:e7:6c:
f5:07:4e:a9:bd:2b:d3:23:c2:a3:b5:a0:8a:a7:fe:24:c2:03:
41:41:2e:c3:9d:43:23:09:18:12:fb:09:48:96:9f:f8:eb:e1:
12:88:65:54:b8:e9:a0:f4:74:e5:b3:15:51:90:eb:1e:40:c9:
1c:c0:9a:a9:59:3f:38:77:b5:67:74:46:e2:ac:70:bc:32:a9:
a1:17:d3:89:03:0c:9f:28:2b:fd:3b:bd:f8:01:f6:4a:71:ce:
4d:ab:0f:46:d3:33:00:b4:b9:d6:60:20:09:52:29:e3:11:86:
91:e2:17:4a:a9:44:0d:4e:40:b9:c0:12:18:f3:a7:ad:a3:a3:
31:e5:8e:d7:1b:90:28:9c:fc:22:57:da:03:1f:72:2e:22:16:
02:2b:e2:63
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF3FkIBfQMMxLblR6E9PCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTA1M2RmZTc3MTJlZTYzZGJmZjY0MGZhZTA3MzA4ZDY2
Y2U3NDgwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2ExODNjZjE0Nzg4YmU5ZWQ1ZWMxMjM1NzFkNDNhYTkxNTY1NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBSYKWJ+NmYeIQW0cE4IscE8RjdH
AJniToQOIRLYsfy570W4k33UZ7pfxy9uRTe52IEK4N5dFN3ymI9iJH4JAyyfU1tu
tPgruaClVcbqiUw+7fhMN8hMnEqrFWx+BpGahovgbpfdZNc5dmsp2vc/MZ17h4D0
JNf22w+sMnlaWFGTwa8dwqYChRwzTYDh/d5cLLmE3cpA/EHbQhX870PoAAQO5NnI
kuV0/I9ISqupImRbfpLY1e2OO3enGH17oib1xl1HzRFGrZFVzF3ZhzLBnWBs1osO
vAcgjSmVdPfMsslAXXNx9YNrwW7U9k0dDoLKq9HjEPFY2nHixXCngLA9TwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPOhg88UeIvp7V7BI1cdQ6qRVlbyMB8GA1UdIwQY
MBaAFFygU9/ncS7mPb/2QPrgcwjWbOdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtCVDMtZHhMdVk5dl9aQS11QnpDTlpzNTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lYmJkMmMtYmY1YS00NmRhLTg2ZmIt
ODBjM2VhNGZkMDAwLzEvODZHRHp4UjRpLW50WHNFalZ4MURxcEZXVnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lYmJkMmMtYmY1YS00NmRhLTg2ZmItODBjM2VhNGZkMDAw
LzEvWEtCVDMtZHhMdVk5dl9aQS11QnpDTlpzNTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUENgAwQG
XDYAAwQCuQqoMA0EAgACMAcDBQAqAgCgMA0GCSqGSIb3DQEBCwUAA4IBAQCpHRXJ
tXMAoFDs+F46heeMpVSfiNK6UU3CU+pgztAcdh056LK+IbWB054anXQjn32q4Xa2
AjUgLSUFS8fTHvtfvBlfAz7lrjrp37aNdzOs/AdaR+Z3JnILndKH0Sb8yBno4H1L
HwtLWHZ852z1B06pvSvTI8KjtaCKp/4kwgNBQS7DnUMjCRgS+wlIlp/46+ESiGVU
uOmg9HTlsxVRkOseQMkcwJqpWT84d7VndEbirHC8MqmhF9OJAwyfKCv9O734AfZK
cc5Nqw9G0zMAtLnWYCAJUinjEYaR4hdKqUQNTkC5wBIY86eto6Mx5Y7XG5AonPwi
V9oDH3IuIhYCK+Jj
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:08:54 2024 by rpki-client on console-fra.rpki-client.org