Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/s8Ce173qI3z0YJEDY4-Rwm-NMhA.roa
File: s8Ce173qI3z0YJEDY4-Rwm-NMhA.roa (raw, json)
Hash identifier: HG8XvJwuZMgeBqvZyMVZK1p3wcIpoT5zVZmU1qP+Jpc=
Subject key identifier: B3:C0:9E:D7:BD:EA:23:7C:F4:60:91:03:63:8F:91:C2:6F:8D:32:10
Certificate issuer: /CN=76f90cc123d0d20469d39c6c3455f31ea6123f4e
Certificate serial: 018CC6B8EF02DC5C3C6A3B82E42ECA49F701
Authority key identifier: 76:F9:0C:C1:23:D0:D2:04:69:D3:9C:6C:34:55:F3:1E:A6:12:3F:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dvkMwSPQ0gRp05xsNFXzHqYSP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/s8Ce173qI3z0YJEDY4-Rwm-NMhA.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31127
IP address blocks: 92.245.192.0/19 maxlen: 20
185.22.176.0/22 maxlen: 23
88.80.224.0/19 maxlen: 20
217.144.16.0/20 maxlen: 21
2a01:108::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/dvkMwSPQ0gRp05xsNFXzHqYSP04.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/dvkMwSPQ0gRp05xsNFXzHqYSP04.mft
rsync://rpki.ripe.net/repository/DEFAULT/dvkMwSPQ0gRp05xsNFXzHqYSP04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ef:02:dc:5c:3c:6a:3b:82:e4:2e:ca:49:f7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76f90cc123d0d20469d39c6c3455f31ea6123f4e
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3c09ed7bdea237cf4609103638f91c26f8d3210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e2:09:eb:a7:ae:9d:db:8d:04:7b:e3:82:49:
5e:73:20:11:40:89:27:44:7b:cc:f8:21:82:e6:be:
73:bf:be:42:19:77:08:5a:e8:dc:b8:df:1e:b4:08:
ac:7a:e0:f9:65:d2:61:70:5d:1b:b4:c2:e6:10:f9:
3e:52:7e:8d:8d:44:00:8c:8d:82:21:d9:14:da:87:
0c:d1:e2:ba:1c:6e:eb:35:ac:83:bd:06:6a:6a:68:
c5:18:7e:64:14:d3:d8:45:47:60:15:ab:05:e9:af:
4a:20:85:7a:0a:90:18:e9:b8:4a:65:7d:f6:96:5a:
84:b8:d6:b8:07:29:04:e9:d2:60:4b:03:0a:02:1d:
d8:7c:02:e8:e5:58:49:99:c9:7a:d5:02:b2:df:01:
92:9d:03:b5:83:71:5f:45:ff:b5:5d:27:92:e4:56:
99:c5:61:d6:da:53:17:3b:db:ad:74:f2:a4:21:6b:
aa:ae:f3:34:da:ef:23:c0:23:8c:e8:62:d9:af:fa:
2a:5a:08:5b:71:e9:1d:1e:5d:ec:a5:d1:60:bc:6e:
ee:a2:e6:c9:28:e6:d4:00:9b:e0:c7:44:55:8f:9c:
ab:be:bd:72:cf:36:5d:cd:a4:ec:77:dc:5d:89:9a:
2e:68:84:70:63:ad:44:78:58:14:5e:76:32:a4:3e:
55:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C0:9E:D7:BD:EA:23:7C:F4:60:91:03:63:8F:91:C2:6F:8D:32:10
X509v3 Authority Key Identifier:
keyid:76:F9:0C:C1:23:D0:D2:04:69:D3:9C:6C:34:55:F3:1E:A6:12:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvkMwSPQ0gRp05xsNFXzHqYSP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/s8Ce173qI3z0YJEDY4-Rwm-NMhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/82f901-3f48-429a-8365-7af574941936/1/dvkMwSPQ0gRp05xsNFXzHqYSP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.224.0/19
92.245.192.0/19
185.22.176.0/22
217.144.16.0/20
IPv6:
2a01:108::/32
Signature Algorithm: sha256WithRSAEncryption
5c:d6:47:ff:52:b3:0a:73:be:ad:ff:ef:9b:fb:09:1c:da:69:
17:da:32:a4:7f:44:61:be:92:9d:d8:d4:54:2c:9f:70:95:21:
97:ac:a4:6e:41:bb:46:14:be:e8:e2:6c:b3:30:13:ef:b0:dd:
68:80:b9:4c:c0:e0:4b:15:17:28:8b:cd:cf:3d:66:b6:90:c0:
c4:56:bb:ec:72:b8:18:50:1e:bf:9c:e4:32:b7:38:6f:d9:3e:
8f:31:9c:cf:0b:79:2f:54:70:3f:70:cc:0d:72:27:f7:4b:e0:
ec:55:b7:4c:d4:6e:92:7c:eb:ec:4d:5f:0a:93:a3:ff:8f:ed:
f3:20:07:3a:ad:20:31:ed:d8:0d:98:2c:16:2c:d4:06:a3:e5:
d9:77:fa:51:9d:97:f6:30:3d:23:0a:b6:0f:42:5b:ce:72:1b:
2f:de:44:72:90:06:eb:3c:15:b5:e5:ed:86:8a:50:bd:a5:ed:
c0:e7:7c:d9:c9:ec:90:95:d9:e8:cd:38:df:27:2e:ee:cf:c2:
45:f0:ec:18:86:fa:0e:0d:11:3e:7a:04:9e:d3:cf:93:6b:0c:
89:a0:31:44:c1:d7:8d:f6:10:84:e9:41:cd:93:cb:c9:55:ea:
78:05:99:ba:ef:3e:83:b6:b7:86:d4:d7:44:70:3a:04:1d:02:
74:94:b0:f0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGuO8C3Fw8ajuC5C7KSfcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZjkwY2MxMjNkMGQyMDQ2OWQzOWM2YzM0NTVmMzFlYTYx
MjNmNGUwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2MwOWVkN2JkZWEyMzdjZjQ2MDkxMDM2MzhmOTFjMjZmOGQzMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteIJ66eunduNBHvjgklecyARQIkn
RHvM+CGC5r5zv75CGXcIWujcuN8etAiseuD5ZdJhcF0btMLmEPk+Un6NjUQAjI2C
IdkU2ocM0eK6HG7rNayDvQZqamjFGH5kFNPYRUdgFasF6a9KIIV6CpAY6bhKZX32
llqEuNa4BykE6dJgSwMKAh3YfALo5VhJmcl61QKy3wGSnQO1g3FfRf+1XSeS5FaZ
xWHW2lMXO9utdPKkIWuqrvM02u8jwCOM6GLZr/oqWghbcekdHl3spdFgvG7uoubJ
KObUAJvgx0RVj5yrvr1yzzZdzaTsd9xdiZouaIRwY61EeFgUXnYypD5VawIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLPAnte96iN89GCRA2OPkcJvjTIQMB8GA1UdIwQY
MBaAFHb5DMEj0NIEadOcbDRV8x6mEj9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHZrTXdTUFEwZ1JwMDV4c05GWHpIcVlTUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84MmY5MDEtM2Y0OC00MjlhLTgzNjUt
N2FmNTc0OTQxOTM2LzEvczhDZTE3M3FJM3owWUpFRFk0LVJ3bS1OTWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84MmY5MDEtM2Y0OC00MjlhLTgzNjUtN2FmNTc0OTQxOTM2
LzEvZHZrTXdTUFEwZ1JwMDV4c05GWHpIcVlTUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFWFDgAwQF
XPXAAwQCuRawAwQE2ZAQMA0EAgACMAcDBQAqAQEIMA0GCSqGSIb3DQEBCwUAA4IB
AQBc1kf/UrMKc76t/++b+wkc2mkX2jKkf0RhvpKd2NRULJ9wlSGXrKRuQbtGFL7o
4myzMBPvsN1ogLlMwOBLFRcoi83PPWa2kMDEVrvscrgYUB6/nOQytzhv2T6PMZzP
C3kvVHA/cMwNcif3S+DsVbdM1G6SfOvsTV8Kk6P/j+3zIAc6rSAx7dgNmCwWLNQG
o+XZd/pRnZf2MD0jCrYPQlvOchsv3kRykAbrPBW15e2GilC9pe3A53zZyeyQldno
zTjfJy7uz8JF8OwYhvoODRE+egSe08+TawyJoDFEwdeN9hCE6UHNk8vJVep4BZm6
7z6DtreG1NdEcDoEHQJ0lLDw
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:55:15 2024 by rpki-client on console-ams.rpki-client.org