Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/f1-8DtxwacrQ9nW7DJjOTsUukQY.roa
File: f1-8DtxwacrQ9nW7DJjOTsUukQY.roa (raw, json)
Hash identifier: uDn7X0l0ZolgFOMi8Plw0obaEdrI956f0R4B6FzuemE=
Subject key identifier: 7F:5F:BC:0E:DC:70:69:CA:D0:F6:75:BB:0C:98:CE:4E:C5:2E:91:06
Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Certificate serial: 018CC9BC9B51DF8FDC4405DECF4C2D7EF0E5
Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/f1-8DtxwacrQ9nW7DJjOTsUukQY.roa
Signing time: Tue 02 Jan 2024 10:33:50 +0000
ROA not before: Tue 02 Jan 2024 10:33:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42622
IP address blocks: 80.72.0.0/20 maxlen: 20
185.84.212.0/22 maxlen: 22
2a00:f4c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:9b:51:df:8f:dc:44:05:de:cf:4c:2d:7e:f0:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Validity
Not Before: Jan 2 10:33:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f5fbc0edc7069cad0f675bb0c98ce4ec52e9106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:20:cd:d3:70:40:85:d9:b2:15:a0:91:97:2d:
dc:79:b9:2f:87:6c:a1:a4:de:b4:72:0d:a9:97:73:
55:a3:c6:ce:f9:80:99:c7:c3:10:98:09:13:2b:73:
de:d3:7d:68:0b:89:c7:10:d1:c9:1b:7d:ea:6d:e5:
aa:09:4b:c1:fb:a1:56:cf:b8:67:50:d1:c4:fc:41:
61:be:dd:ba:f2:d4:81:5a:48:3d:68:33:53:09:e8:
59:77:f6:e2:4c:ec:b0:8f:14:40:64:04:a5:1a:5c:
d2:c5:1a:f2:dc:b8:27:e7:c9:a6:d1:ed:9a:46:9e:
94:00:b0:26:6c:fb:40:7f:a9:c5:38:c6:7c:a6:94:
df:5e:d4:ed:51:31:22:07:fd:5a:a0:ec:81:f5:7e:
86:f8:74:77:04:d4:83:dc:03:eb:f5:29:07:72:6e:
ba:19:d3:c2:7b:3a:6b:98:0d:81:d3:6e:41:2e:21:
d8:40:48:5f:59:24:b1:83:0f:f1:c7:67:fb:23:3d:
50:34:f3:60:68:6d:1a:bb:36:7d:f8:7e:62:0a:32:
97:2c:20:32:05:19:97:08:a2:44:99:bc:ef:6c:dd:
aa:d5:40:d6:d6:bb:35:65:fa:45:e0:d6:de:55:1c:
1d:6c:7f:67:44:6a:9f:e5:ac:3f:a9:14:6e:93:f8:
e5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5F:BC:0E:DC:70:69:CA:D0:F6:75:BB:0C:98:CE:4E:C5:2E:91:06
X509v3 Authority Key Identifier:
keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/f1-8DtxwacrQ9nW7DJjOTsUukQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.0.0/20
185.84.212.0/22
IPv6:
2a00:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
68:58:ac:6f:c0:f9:cb:54:e3:e7:b1:40:3f:08:64:f4:2b:bb:
c9:68:0f:25:c3:74:03:6e:12:a9:10:6b:63:86:50:25:fc:6d:
83:5a:d5:c5:04:fb:19:ae:62:ac:32:f8:a5:62:d1:0f:f3:9d:
41:f1:98:03:4f:f3:16:52:c6:4c:f6:7e:0b:8b:93:09:b0:27:
72:ce:69:f5:79:f7:f5:34:3e:30:8b:d5:e9:3c:36:03:41:bc:
d4:64:a1:05:c2:33:e8:90:fb:1a:52:6e:29:58:76:88:1a:5a:
1c:93:e7:70:0d:95:2a:f8:03:8f:93:a5:50:20:b1:b9:c2:30:
50:71:f1:65:02:79:26:93:3c:71:2e:fc:6f:47:81:8d:0b:30:
b1:bd:f2:a1:55:73:e6:d7:d8:da:b9:b3:b5:50:09:d2:10:09:
1d:a0:02:71:dd:05:9f:01:9a:0a:20:3c:5c:79:30:a2:64:03:
7b:be:d5:01:28:91:40:44:63:9d:f4:ac:83:88:1b:55:02:f2:
c6:3d:c1:76:d9:67:36:34:1a:37:32:1d:d7:ac:93:00:72:bc:
4e:a3:54:8f:f8:ad:46:02:c4:ab:67:a9:14:a7:8f:e6:78:3c:
e4:52:96:76:03:26:25:95:8e:50:89:18:59:2a:ef:6c:e2:14:
94:25:1d:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvJtR34/cRAXez0wtfvDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy
M2E0NGYwHhcNMjQwMTAyMTAzMzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjVmYmMwZWRjNzA2OWNhZDBmNjc1YmIwYzk4Y2U0ZWM1MmU5MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iDN03BAhdmyFaCRly3cebkvh2yh
pN60cg2pl3NVo8bO+YCZx8MQmAkTK3Pe031oC4nHENHJG33qbeWqCUvB+6FWz7hn
UNHE/EFhvt268tSBWkg9aDNTCehZd/biTOywjxRAZASlGlzSxRry3Lgn58mm0e2a
Rp6UALAmbPtAf6nFOMZ8ppTfXtTtUTEiB/1aoOyB9X6G+HR3BNSD3APr9SkHcm66
GdPCezprmA2B025BLiHYQEhfWSSxgw/xx2f7Iz1QNPNgaG0auzZ9+H5iCjKXLCAy
BRmXCKJEmbzvbN2q1UDW1rs1ZfpF4NbeVRwdbH9nRGqf5aw/qRRuk/jliQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH9fvA7ccGnK0PZ1uwyYzk7FLpEGMB8GA1UdIwQY
MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt
MmU2MzlmY2E0NjQwLzEvZjEtOER0eHdhY3JROW5XN0RKak9Uc1V1a1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw
LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEgAAwQC
uVTUMA0EAgACMAcDBQAqAPTAMA0GCSqGSIb3DQEBCwUAA4IBAQBoWKxvwPnLVOPn
sUA/CGT0K7vJaA8lw3QDbhKpEGtjhlAl/G2DWtXFBPsZrmKsMvilYtEP851B8ZgD
T/MWUsZM9n4Li5MJsCdyzmn1eff1ND4wi9XpPDYDQbzUZKEFwjPokPsaUm4pWHaI
Glock+dwDZUq+AOPk6VQILG5wjBQcfFlAnkmkzxxLvxvR4GNCzCxvfKhVXPm19ja
ubO1UAnSEAkdoAJx3QWfAZoKIDxceTCiZAN7vtUBKJFARGOd9KyDiBtVAvLGPcF2
2Wc2NBo3Mh3XrJMAcrxOo1SP+K1GAsSrZ6kUp4/meDzkUpZ2AyYllY5QiRhZKu9s
4hSUJR2P
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:53:36 2024 by rpki-client on console-ams.rpki-client.org