Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/8czIv6xafySuKjLGHy6qwH1kmhw.roa
File: 8czIv6xafySuKjLGHy6qwH1kmhw.roa (raw, json)
Hash identifier: OkgfYBrmoHRm6nN9rqTUG/pdWxLFOVZzXI/AyMD821c=
Subject key identifier: F1:CC:C8:BF:AC:5A:7F:24:AE:2A:32:C6:1F:2E:AA:C0:7D:64:9A:1C
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 018CC4931CAD26E0CCA52F5E16BF008EC003
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/8czIv6xafySuKjLGHy6qwH1kmhw.roa
Signing time: Mon 01 Jan 2024 10:30:24 +0000
ROA not before: Mon 01 Jan 2024 10:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49666
IP address blocks: 5.232.0.0/13 maxlen: 13
5.233.240.0/20 maxlen: 20
5.239.0.0/16 maxlen: 16
5.239.244.0/23 maxlen: 23
46.100.44.0/24 maxlen: 24
46.100.43.0/24 maxlen: 24
89.37.144.0/23 maxlen: 23
188.215.176.0/20 maxlen: 20
185.105.102.0/23 maxlen: 23
5.238.0.0/16 maxlen: 16
185.105.100.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1c:ad:26:e0:cc:a5:2f:5e:16:bf:00:8e:c0:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 1 10:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1ccc8bfac5a7f24ae2a32c61f2eaac07d649a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:91:c0:57:60:e8:8c:d2:26:c5:e2:5c:65:28:
fb:94:af:98:3e:d8:5c:06:d0:04:a8:f2:d6:59:1a:
c0:e1:a9:21:cf:67:76:19:4a:6d:f4:af:09:0e:b8:
4d:50:68:4c:21:f3:57:29:c4:6b:c6:4f:6f:9b:a2:
b8:78:fb:3b:73:e5:a7:0f:09:97:13:77:b5:12:24:
bf:41:32:0b:be:b1:32:5f:e0:7b:93:f3:09:4f:0e:
7b:91:1c:fd:f6:b6:43:41:d8:c2:a7:69:80:fb:10:
f1:22:12:36:a3:57:bd:28:cf:e6:c2:52:39:0d:0b:
5a:63:6c:e8:a2:93:7b:cb:14:76:bc:55:fa:e0:02:
77:a6:a5:99:38:72:ad:85:5d:72:f9:ff:0a:43:f5:
0f:b5:bf:cc:c8:43:69:7d:37:56:fc:5d:e9:7d:8f:
9f:28:b6:91:d9:94:bc:5d:06:1f:cf:41:57:57:3b:
fe:75:2b:24:bf:c0:6a:b9:c9:c6:cb:e3:c8:59:1e:
c2:50:67:e6:07:1a:cf:21:ca:d8:e2:10:c9:25:38:
e5:40:3d:99:52:61:e7:d1:c0:f5:17:4a:94:f6:c4:
a6:c1:57:61:4d:1d:1e:f0:cc:95:e3:ef:3a:3d:91:
52:ff:18:e1:b4:a4:e3:fa:18:a7:5b:3b:25:2a:3a:
a9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CC:C8:BF:AC:5A:7F:24:AE:2A:32:C6:1F:2E:AA:C0:7D:64:9A:1C
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/8czIv6xafySuKjLGHy6qwH1kmhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.232.0.0/13
46.100.43.0-46.100.44.255
89.37.144.0/23
185.105.100.0/22
188.215.176.0/20
Signature Algorithm: sha256WithRSAEncryption
99:2d:98:6e:da:d5:d3:57:01:3b:e9:8f:33:25:ec:eb:23:20:
b5:ed:43:ce:14:74:e9:a5:7d:f7:89:44:99:54:14:c7:53:4a:
f0:de:92:eb:bf:ff:48:84:e2:76:fa:6a:2c:4f:ad:80:8d:b3:
46:45:f0:a2:a2:bf:ed:e3:34:e0:45:db:89:cb:23:f1:6f:de:
3e:12:08:74:2a:a1:18:4e:4c:18:7b:06:f8:92:4e:a4:26:70:
8b:43:3f:e3:89:d9:d3:b1:66:43:d9:04:1d:15:43:22:98:50:
f7:a5:99:fe:3f:92:48:dc:19:1e:ea:3d:fb:5f:f6:11:ab:4f:
3a:f5:26:f2:8e:18:22:e3:41:f5:21:2c:41:4d:8f:41:1f:07:
78:56:5a:25:5d:89:5a:55:a9:06:bf:2e:8c:6d:b0:41:c7:34:
d6:d1:98:63:58:f7:ee:dd:70:6e:f1:82:e9:31:09:89:1a:db:
27:6d:ea:f6:ae:c9:e6:da:fa:01:10:69:a6:55:7e:43:c8:49:
01:2b:c5:f1:51:74:d3:11:14:94:ae:c2:83:4a:b4:93:f2:99:
5d:5a:30:2e:be:f7:e8:95:52:ea:44:25:87:6f:30:34:26:28:
56:c5:df:98:60:f9:b7:c2:33:a7:d3:a2:6f:79:58:87:64:b0:
d6:34:63:ba
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzEkxytJuDMpS9eFr8AjsADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjQwMTAxMTAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNjYzhiZmFjNWE3ZjI0YWUyYTMyYzYxZjJlYWFjMDdkNjQ5YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpHAV2DojNImxeJcZSj7lK+YPthc
BtAEqPLWWRrA4akhz2d2GUpt9K8JDrhNUGhMIfNXKcRrxk9vm6K4ePs7c+WnDwmX
E3e1EiS/QTILvrEyX+B7k/MJTw57kRz99rZDQdjCp2mA+xDxIhI2o1e9KM/mwlI5
DQtaY2zoopN7yxR2vFX64AJ3pqWZOHKthV1y+f8KQ/UPtb/MyENpfTdW/F3pfY+f
KLaR2ZS8XQYfz0FXVzv+dSskv8BqucnGy+PIWR7CUGfmBxrPIcrY4hDJJTjlQD2Z
UmHn0cD1F0qU9sSmwVdhTR0e8MyV4+86PZFS/xjhtKTj+hinWzslKjqpAQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPHMyL+sWn8krioyxh8uqsB9ZJocMB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvOGN6SXY2eGFmeVN1S2pMR0h5NnF3SDFrbWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwMDBegwDAME
AC5kKwMEAC5kLAMEAVklkAMEArlpZAMEBLzXsDANBgkqhkiG9w0BAQsFAAOCAQEA
mS2YbtrV01cBO+mPMyXs6yMgte1DzhR06aV994lEmVQUx1NK8N6S67//SITidvpq
LE+tgI2zRkXwoqK/7eM04EXbicsj8W/ePhIIdCqhGE5MGHsG+JJOpCZwi0M/44nZ
07FmQ9kEHRVDIphQ96WZ/j+SSNwZHuo9+1/2EatPOvUm8o4YIuNB9SEsQU2PQR8H
eFZaJV2JWlWpBr8ujG2wQcc01tGYY1j37t1wbvGC6TEJiRrbJ23q9q7J5tr6ARBp
plV+Q8hJASvF8VF00xEUlK7Cg0q0k/KZXVowLr736JVS6kQlh28wNCYoVsXfmGD5
t8Izp9Oib3lYh2Sw1jRjug==
-----END CERTIFICATE-----
Generated at Sat Sep 28 14:41:00 2024 by rpki-client on console-ams.rpki-client.org