Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/8e2q8vth85bBtA-k4T1YIATPrDU.roa
File: 8e2q8vth85bBtA-k4T1YIATPrDU.roa (raw, json)
Hash identifier: wzU48yPPROO/Z+Q0Ay5WbK+i0Rvs5LtsMahvaTLsfrA=
Subject key identifier: F1:ED:AA:F2:FB:61:F3:96:C1:B4:0F:A4:E1:3D:58:20:04:CF:AC:35
Certificate issuer: /CN=33622344f29e6b6420bfebc38bb67a30f4453f71
Certificate serial: 018CC500C88EE91CADBADD5EF070B49A0894
Authority key identifier: 33:62:23:44:F2:9E:6B:64:20:BF:EB:C3:8B:B6:7A:30:F4:45:3F:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/8e2q8vth85bBtA-k4T1YIATPrDU.roa
Signing time: Mon 01 Jan 2024 12:30:11 +0000
ROA not before: Mon 01 Jan 2024 12:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 165.220.128.0/17 maxlen: 24
185.136.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c8:8e:e9:1c:ad:ba:dd:5e:f0:70:b4:9a:08:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33622344f29e6b6420bfebc38bb67a30f4453f71
Validity
Not Before: Jan 1 12:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1edaaf2fb61f396c1b40fa4e13d582004cfac35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:66:98:88:c2:bf:1d:77:80:e7:2c:04:de:
20:5f:fb:4c:50:eb:fc:db:f6:ee:2b:c7:69:4c:e6:
2e:1a:62:e4:40:20:d2:5c:91:70:88:83:fc:77:18:
28:a0:5e:81:98:30:7f:02:f2:31:e7:be:e7:13:32:
71:84:b3:b8:fd:68:56:8b:97:c5:31:50:e9:9f:05:
f0:3c:44:04:fc:47:82:e4:bf:aa:95:7f:dc:67:12:
2b:4f:1f:5e:8d:79:10:32:6b:c2:7c:f6:cd:62:80:
3b:19:fe:94:66:b2:8b:9d:b8:4d:4f:7c:66:99:d9:
14:e6:c1:f4:49:e1:2d:fb:28:b3:25:e1:e8:ce:8d:
30:19:38:ce:62:98:3d:93:70:e8:3a:80:cf:06:44:
3e:7a:31:95:4c:34:3e:39:ac:24:6b:b4:d1:bc:d0:
02:fd:53:37:f4:d8:92:9d:0d:e9:30:ec:cf:1e:d4:
fa:f1:27:2a:36:ab:2b:84:b3:ac:9d:b8:83:dd:02:
d4:47:16:90:a1:d1:31:9d:c7:ca:03:4d:ed:57:f7:
7a:b9:c9:f9:b1:9d:53:54:e3:46:5e:99:e0:c2:67:
d1:68:bd:19:bb:1d:ae:fd:c3:4a:da:0c:74:ca:ab:
8a:b4:fb:3f:44:61:23:79:90:34:05:b8:d2:12:a5:
09:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:ED:AA:F2:FB:61:F3:96:C1:B4:0F:A4:E1:3D:58:20:04:CF:AC:35
X509v3 Authority Key Identifier:
keyid:33:62:23:44:F2:9E:6B:64:20:BF:EB:C3:8B:B6:7A:30:F4:45:3F:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/8e2q8vth85bBtA-k4T1YIATPrDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
165.220.128.0/17
185.136.44.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:a9:d1:ae:5a:9d:f1:ac:58:77:f0:84:86:78:b1:08:e9:a2:
0b:3e:4e:5c:b7:c0:d2:47:bd:0b:59:6e:4a:b3:23:45:cc:e9:
67:4b:d0:6d:ae:67:66:8a:df:54:8a:82:fd:85:ae:7f:4f:c7:
81:fc:4e:5b:1c:52:4d:c0:46:d1:49:2c:7c:01:e9:e4:89:34:
ce:fa:6c:3f:e8:33:bb:d6:96:46:b9:e2:4b:2e:58:66:ec:37:
c7:cb:bb:7e:f5:b7:ad:56:c6:5c:96:00:5a:f3:42:ce:75:a3:
63:34:44:9c:13:d9:53:5b:13:24:ff:22:8e:93:d0:2a:27:f3:
c0:64:48:dd:a8:9b:e5:09:fd:24:09:25:fa:f6:6a:81:c2:f9:
15:ec:53:72:dd:a6:f2:a1:86:e9:55:85:ce:8f:39:85:dc:02:
36:2a:74:b5:da:45:cb:82:24:03:60:94:c9:9d:0b:83:d6:be:
78:30:c3:a2:35:bb:79:75:a1:e3:ca:b4:00:35:6d:2d:a5:57:
d5:44:06:47:75:d4:57:3c:f1:1d:a1:9e:e0:b8:6f:8b:9d:9f:
3d:a9:95:62:8b:4c:49:c0:9b:db:83:da:25:d6:10:26:2c:29:
18:5d:79:1c:0b:8a:c7:12:15:df:ec:ac:11:a0:5f:ea:95:5a:
a6:1e:09:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAMiO6Rytut1e8HC0mgiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjIyMzQ0ZjI5ZTZiNjQyMGJmZWJjMzhiYjY3YTMwZjQ0
NTNmNzEwHhcNMjQwMTAxMTIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWVkYWFmMmZiNjFmMzk2YzFiNDBmYTRlMTNkNTgyMDA0Y2ZhYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHBmmIjCvx13gOcsBN4gX/tMUOv8
2/buK8dpTOYuGmLkQCDSXJFwiIP8dxgooF6BmDB/AvIx577nEzJxhLO4/WhWi5fF
MVDpnwXwPEQE/EeC5L+qlX/cZxIrTx9ejXkQMmvCfPbNYoA7Gf6UZrKLnbhNT3xm
mdkU5sH0SeEt+yizJeHozo0wGTjOYpg9k3DoOoDPBkQ+ejGVTDQ+Oawka7TRvNAC
/VM39NiSnQ3pMOzPHtT68ScqNqsrhLOsnbiD3QLURxaQodExncfKA03tV/d6ucn5
sZ1TVONGXpngwmfRaL0Zux2u/cNK2gx0yquKtPs/RGEjeZA0BbjSEqUJeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPHtqvL7YfOWwbQPpOE9WCAEz6w1MB8GA1UdIwQY
MBaAFDNiI0TynmtkIL/rw4u2ejD0RT9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJJalJQS2VhMlFndi12RGk3WjZNUFJGUDNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80YzY4ZTQtNGQ3MS00Njk2LTk1NTct
NmM2NjU4YmQ5NTJlLzEvOGUycTh2dGg4NWJCdEEtazRUMVlJQVRQckRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80YzY4ZTQtNGQ3MS00Njk2LTk1NTctNmM2NjU4YmQ5NTJl
LzEvTTJJalJQS2VhMlFndi12RGk3WjZNUFJGUDNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHpdyAAwQC
uYgsMA0GCSqGSIb3DQEBCwUAA4IBAQCeqdGuWp3xrFh38ISGeLEI6aILPk5ct8DS
R70LWW5KsyNFzOlnS9Btrmdmit9UioL9ha5/T8eB/E5bHFJNwEbRSSx8AenkiTTO
+mw/6DO71pZGueJLLlhm7DfHy7t+9betVsZclgBa80LOdaNjNEScE9lTWxMk/yKO
k9AqJ/PAZEjdqJvlCf0kCSX69mqBwvkV7FNy3abyoYbpVYXOjzmF3AI2KnS12kXL
giQDYJTJnQuD1r54MMOiNbt5daHjyrQANW0tpVfVRAZHddRXPPEdoZ7guG+LnZ89
qZVii0xJwJvbg9ol1hAmLCkYXXkcC4rHEhXf7KwRoF/qlVqmHgmG
-----END CERTIFICATE-----
Generated at Mon May 13 11:25:34 2024 by rpki-client on console-fra.rpki-client.org