Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/jASKHBsvkFzcRD4JsowZqcnx83g.roa
File: jASKHBsvkFzcRD4JsowZqcnx83g.roa (raw, json)
Hash identifier: dZ2I2YGvE5goNezpgqWQYKuv2E/2fjTH1copXDLjUOI=
Subject key identifier: 8C:04:8A:1C:1B:2F:90:5C:DC:44:3E:09:B2:8C:19:A9:C9:F1:F3:78
Certificate issuer: /CN=612c1c53f6c1d996236cbb37ba3247670399a62d
Certificate serial: 018CC5DCEA78070B0C52FD56F04A4A8DA1DB
Authority key identifier: 61:2C:1C:53:F6:C1:D9:96:23:6C:BB:37:BA:32:47:67:03:99:A6:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/jASKHBsvkFzcRD4JsowZqcnx83g.roa
Signing time: Mon 01 Jan 2024 16:30:38 +0000
ROA not before: Mon 01 Jan 2024 16:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49215
IP address blocks: 83.220.0.0/21 maxlen: 21
83.220.9.0/24 maxlen: 24
83.220.11.0/24 maxlen: 24
83.220.10.0/24 maxlen: 24
83.220.12.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:ea:78:07:0b:0c:52:fd:56:f0:4a:4a:8d:a1:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=612c1c53f6c1d996236cbb37ba3247670399a62d
Validity
Not Before: Jan 1 16:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c048a1c1b2f905cdc443e09b28c19a9c9f1f378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d3:e6:ba:52:08:fe:16:3c:ba:8f:ca:6a:45:
0c:cb:3b:20:3f:2d:3a:16:7a:b7:4f:43:d8:9c:a2:
34:47:62:a6:4e:52:93:d4:16:b5:11:00:a3:c8:42:
a0:c3:08:a4:29:8b:3f:93:54:ff:71:ac:ea:4c:b6:
b5:7d:9c:e5:02:9f:ea:9d:2a:61:9a:09:4e:58:46:
d6:d4:b0:9e:99:b0:2d:0a:4a:95:c7:e4:e5:d9:ff:
6f:3d:6c:d3:cd:46:44:86:fb:8c:49:aa:fa:2f:c9:
94:34:f4:8b:e6:d8:e1:98:53:a2:2e:1a:0a:c4:d7:
62:3d:1a:6d:c9:4f:2e:d4:3f:43:39:5b:d3:fe:74:
d5:ef:b3:a6:9f:72:10:5b:42:2f:d5:b6:98:76:94:
80:da:a0:56:cb:0e:14:e1:80:dd:80:b9:b8:e5:cf:
94:2d:b6:fc:2f:6d:be:42:87:df:e1:c8:81:78:1b:
80:6e:b1:c8:3a:17:cd:0a:c9:f5:e7:af:9f:af:61:
55:9e:96:76:06:e3:60:bb:0d:f0:1b:3c:1a:0d:90:
e0:54:f5:ed:7f:b3:2b:4b:4e:a7:32:36:69:b1:6f:
3d:4f:f7:09:e8:d5:23:5c:6c:01:d6:19:36:bf:99:
87:e8:79:4e:d3:3d:32:96:f7:95:99:24:53:e9:44:
bd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:04:8A:1C:1B:2F:90:5C:DC:44:3E:09:B2:8C:19:A9:C9:F1:F3:78
X509v3 Authority Key Identifier:
keyid:61:2C:1C:53:F6:C1:D9:96:23:6C:BB:37:BA:32:47:67:03:99:A6:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/jASKHBsvkFzcRD4JsowZqcnx83g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.220.0.0/21
83.220.9.0-83.220.15.255
Signature Algorithm: sha256WithRSAEncryption
3b:08:72:1b:b8:e8:b5:5c:e0:b6:76:b1:74:3d:d4:f0:91:17:
3b:9d:df:a8:38:0c:8e:bf:83:26:88:e0:d8:a4:1f:b5:15:14:
db:36:72:51:a3:5a:91:85:d4:74:c6:b6:69:c4:a4:8b:0f:53:
09:4e:d5:46:a1:4c:26:b5:d8:17:30:da:0d:3c:ea:6c:26:cd:
fb:e5:d4:5a:9a:7d:c8:2b:dd:e2:20:e4:80:0d:45:35:28:c4:
16:5e:1c:86:97:09:bd:1c:f7:4e:c1:cf:79:32:68:f4:ad:e7:
3b:14:2d:7d:77:30:55:d5:60:ca:2a:12:24:aa:80:12:d8:c1:
cd:89:ff:d5:1d:86:50:95:47:08:e1:25:78:a2:9c:50:52:49:
10:44:95:52:6c:d4:c6:80:01:da:03:fd:73:69:f8:45:cb:ce:
03:5c:e3:49:fa:40:f2:7a:1f:98:9d:5d:f4:5c:39:6b:ee:76:
f0:5a:f8:76:ed:63:68:fe:bb:f5:43:e6:ff:1a:3b:c8:1c:ce:
12:b0:a4:51:41:a0:fb:63:39:1f:05:7e:29:71:6c:69:a8:04:
42:9e:bb:fe:1f:ce:7a:dc:1c:9c:c5:42:d5:b9:bd:34:5f:cf:
0a:de:cc:10:f4:74:7b:16:ac:bd:40:01:ff:7e:17:8b:54:46:
bd:d0:d9:0b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzF3Op4BwsMUv1W8EpKjaHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMmMxYzUzZjZjMWQ5OTYyMzZjYmIzN2JhMzI0NzY3MDM5
OWE2MmQwHhcNMjQwMTAxMTYzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzA0OGExYzFiMmY5MDVjZGM0NDNlMDliMjhjMTlhOWM5ZjFmMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdPmulII/hY8uo/KakUMyzsgPy06
Fnq3T0PYnKI0R2KmTlKT1Ba1EQCjyEKgwwikKYs/k1T/cazqTLa1fZzlAp/qnSph
mglOWEbW1LCembAtCkqVx+Tl2f9vPWzTzUZEhvuMSar6L8mUNPSL5tjhmFOiLhoK
xNdiPRptyU8u1D9DOVvT/nTV77Omn3IQW0Iv1baYdpSA2qBWyw4U4YDdgLm45c+U
Lbb8L22+Qoff4ciBeBuAbrHIOhfNCsn156+fr2FVnpZ2BuNguw3wGzwaDZDgVPXt
f7MrS06nMjZpsW89T/cJ6NUjXGwB1hk2v5mH6HlO0z0ylveVmSRT6US9YwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIwEihwbL5Bc3EQ+CbKMGanJ8fN4MB8GA1UdIwQY
MBaAFGEsHFP2wdmWI2y7N7oyR2cDmaYtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVN3Y1VfYkIyWllqYkxzM3VqSkhad09acGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9mMDA3OGUtZDBjNy00MjhlLTk1MjQt
ZWNhZjU3OGEzNGUzLzEvakFTS0hCc3ZrRnpjUkQ0SnNvd1pxY254ODNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9mMDA3OGUtZDBjNy00MjhlLTk1MjQtZWNhZjU3OGEzNGUz
LzEvWVN3Y1VfYkIyWllqYkxzM3VqSkhad09acGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDU9wAMAwD
BABT3AkDBART3AAwDQYJKoZIhvcNAQELBQADggEBADsIchu46LVc4LZ2sXQ91PCR
Fzud36g4DI6/gyaI4NikH7UVFNs2clGjWpGF1HTGtmnEpIsPUwlO1UahTCa12Bcw
2g086mwmzfvl1Fqafcgr3eIg5IANRTUoxBZeHIaXCb0c907Bz3kyaPSt5zsULX13
MFXVYMoqEiSqgBLYwc2J/9UdhlCVRwjhJXiinFBSSRBElVJs1MaAAdoD/XNp+EXL
zgNc40n6QPJ6H5idXfRcOWvudvBa+HbtY2j+u/VD5v8aO8gczhKwpFFBoPtjOR8F
filxbGmoBEKeu/4fznrcHJzFQtW5vTRfzwrezBD0dHsWrL1AAf9+F4tURr3Q2Qs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:52:05 2024 by rpki-client on console-fra.rpki-client.org