Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/bP8qHUcte-as9lVjHC7xMuO9_ow.roa
File: bP8qHUcte-as9lVjHC7xMuO9_ow.roa (raw, json)
Hash identifier: EkS+UM473kWOvtCKCsWztUJudtOnXX6nhFB9YPs901A=
Subject key identifier: 6C:FF:2A:1D:47:2D:7B:E6:AC:F6:55:63:1C:2E:F1:32:E3:BD:FE:8C
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 01936910D403D9BAF0B25B396BF26C2C5A32
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/bP8qHUcte-as9lVjHC7xMuO9_ow.roa
Signing time: Tue 26 Nov 2024 15:22:10 +0000
ROA not before: Tue 26 Nov 2024 15:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42960
IP address blocks: 91.238.203.0/24 maxlen: 24
185.106.176.0/24 maxlen: 24
193.200.130.0/24 maxlen: 24
193.200.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 09:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:69:10:d4:03:d9:ba:f0:b2:5b:39:6b:f2:6c:2c:5a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Nov 26 15:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cff2a1d472d7be6acf655631c2ef132e3bdfe8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:22:d0:28:24:ed:b7:3c:c7:5d:9e:2a:5e:23:
73:e2:2c:f2:44:39:18:81:4b:2c:72:05:fd:38:f6:
16:a4:0f:1b:1c:61:41:ae:b3:7c:0a:dd:e8:dd:8b:
ef:01:8b:0d:a4:72:ce:3a:ee:c9:fb:e9:8e:2d:dc:
73:ba:0c:73:ef:b2:79:eb:87:1c:12:40:bb:9a:d6:
4f:0e:fc:2a:c8:26:89:ec:a2:52:80:24:de:f3:8a:
44:8a:eb:70:46:3c:8d:12:46:a2:ea:f2:ed:26:3e:
4a:da:3e:b2:71:fd:2d:de:70:26:bc:fa:dc:76:ad:
04:6f:79:43:00:04:57:3b:e6:31:3e:1a:43:3b:6f:
be:91:62:0a:73:14:8d:a7:40:1a:c0:07:b5:9c:cc:
65:98:b6:4a:3b:2a:f2:a8:ca:e3:ee:cd:a7:0d:04:
9a:8f:0a:5c:6e:4f:2f:c2:81:47:2d:3d:a1:6f:a1:
ba:65:ab:d8:1a:63:ee:16:80:10:68:ff:9b:f2:4c:
5a:da:3e:55:a3:39:59:65:c4:d7:16:87:ce:3b:5b:
cd:90:39:1b:cc:4b:cc:e3:12:ca:06:f0:af:da:b6:
24:1b:41:a7:74:0f:aa:cd:df:35:de:eb:4a:d1:cd:
c2:fe:aa:f8:15:65:d3:17:6f:1d:18:ad:0f:8b:93:
cc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:FF:2A:1D:47:2D:7B:E6:AC:F6:55:63:1C:2E:F1:32:E3:BD:FE:8C
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/bP8qHUcte-as9lVjHC7xMuO9_ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.203.0/24
185.106.176.0/24
193.200.130.0/24
193.200.134.0/24
Signature Algorithm: sha256WithRSAEncryption
74:f1:72:2f:09:f0:f5:a9:4a:f4:99:e5:fc:09:df:e4:5e:ba:
97:f9:3c:57:16:7a:42:64:9a:e2:16:2a:49:7d:3a:66:00:80:
84:bb:ad:2c:f1:33:06:21:42:09:d6:d8:7e:13:54:27:31:b4:
4d:7c:15:d8:ed:da:88:7b:08:78:3c:42:79:11:07:7a:f4:78:
70:f0:47:8e:20:73:8a:6b:f0:7d:dc:b2:d5:bf:12:1a:55:b0:
43:94:e1:e6:33:9f:05:d8:a6:2a:fc:45:f1:a5:61:23:1e:ee:
d7:f1:25:5a:1e:16:23:75:c2:3b:fa:2d:b9:e7:a4:c8:b0:af:
62:94:9e:3f:9f:b8:ef:35:f7:06:8f:33:83:c5:9d:7d:8b:ba:
a9:1e:c0:33:89:e0:55:51:ed:48:d6:59:b3:48:17:4f:8b:e4:
74:26:b5:63:8c:ee:e1:3c:7f:3c:11:d3:12:e1:bb:f5:a9:92:
7a:46:82:d7:fc:be:23:93:00:79:df:27:ec:4a:88:a2:1b:38:
fd:c9:17:a7:e6:0b:84:7d:db:61:fc:a1:34:c1:fb:ac:84:3f:
9a:ca:20:86:bb:b1:02:8c:87:37:ff:30:f3:4b:5b:ad:bb:cb:
70:ef:77:5b:42:0a:e0:47:a0:e1:69:dd:e4:bc:9e:ff:51:5c:
b6:2b:e1:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNpENQD2brwsls5a/JsLFoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjQxMTI2MTUyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ZmMmExZDQ3MmQ3YmU2YWNmNjU1NjMxYzJlZjEzMmUzYmRmZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCLQKCTttzzHXZ4qXiNz4izyRDkY
gUsscgX9OPYWpA8bHGFBrrN8Ct3o3YvvAYsNpHLOOu7J++mOLdxzugxz77J564cc
EkC7mtZPDvwqyCaJ7KJSgCTe84pEiutwRjyNEkai6vLtJj5K2j6ycf0t3nAmvPrc
dq0Eb3lDAARXO+YxPhpDO2++kWIKcxSNp0AawAe1nMxlmLZKOyryqMrj7s2nDQSa
jwpcbk8vwoFHLT2hb6G6ZavYGmPuFoAQaP+b8kxa2j5VozlZZcTXFofOO1vNkDkb
zEvM4xLKBvCv2rYkG0GndA+qzd813utK0c3C/qr4FWXTF28dGK0Pi5PMvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGz/Kh1HLXvmrPZVYxwu8TLjvf6MMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvYlA4cUhVY3RlLWFzOWxWakhDN3hNdU85X293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+7LAwQA
uWqwAwQAwciCAwQAwciGMA0GCSqGSIb3DQEBCwUAA4IBAQB08XIvCfD1qUr0meX8
Cd/kXrqX+TxXFnpCZJriFipJfTpmAICEu60s8TMGIUIJ1th+E1QnMbRNfBXY7dqI
ewh4PEJ5EQd69Hhw8EeOIHOKa/B93LLVvxIaVbBDlOHmM58F2KYq/EXxpWEjHu7X
8SVaHhYjdcI7+i2556TIsK9ilJ4/n7jvNfcGjzODxZ19i7qpHsAzieBVUe1I1lmz
SBdPi+R0JrVjjO7hPH88EdMS4bv1qZJ6RoLX/L4jkwB53yfsSoiiGzj9yRen5guE
fdth/KE0wfushD+ayiCGu7ECjIc3/zDzS1utu8tw73dbQgrgR6Dhad3kvJ7/UVy2
K+GF
-----END CERTIFICATE-----
Generated at Fri Dec 27 17:53:49 2024 by rpki-client on console-ams.rpki-client.org