Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/fBHJBJdkuvn6LhH9Q_zqyen8Rt0.roa
File: fBHJBJdkuvn6LhH9Q_zqyen8Rt0.roa (raw, json)
Hash identifier: /Y31ZKMhudsMwcjHg1gRGz55kJiPPmW2fv9vVaRVe3w=
Subject key identifier: 7C:11:C9:04:97:64:BA:F9:FA:2E:11:FD:43:FC:EA:C9:E9:FC:46:DD
Certificate issuer: /CN=8166038385b343d55e76b728efe23c0731787668
Certificate serial: 018CC80188A9B00D0B06F5B9A2FAC3CC148C
Authority key identifier: 81:66:03:83:85:B3:43:D5:5E:76:B7:28:EF:E2:3C:07:31:78:76:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/fBHJBJdkuvn6LhH9Q_zqyen8Rt0.roa
Signing time: Tue 02 Jan 2024 02:29:52 +0000
ROA not before: Tue 02 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201825
IP address blocks: 89.17.35.0/24 maxlen: 24
185.127.224.0/22 maxlen: 22
89.17.33.0/24 maxlen: 24
89.17.49.0/24 maxlen: 24
89.17.51.0/24 maxlen: 24
89.17.52.0/22 maxlen: 22
89.17.56.0/21 maxlen: 21
185.62.192.0/22 maxlen: 22
217.15.53.0/24 maxlen: 24
217.15.62.0/23 maxlen: 23
2a04:f240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/gWYDg4WzQ9Vedrco7-I8BzF4dmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/gWYDg4WzQ9Vedrco7-I8BzF4dmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:88:a9:b0:0d:0b:06:f5:b9:a2:fa:c3:cc:14:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8166038385b343d55e76b728efe23c0731787668
Validity
Not Before: Jan 2 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c11c9049764baf9fa2e11fd43fceac9e9fc46dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:82:dd:34:83:f9:40:95:5f:13:ea:51:dc:8f:
61:93:6b:00:a9:b5:fa:09:14:b3:ae:75:46:43:d0:
33:a2:aa:71:ec:99:d8:4d:c8:e8:54:b3:fd:ed:fe:
67:b7:e8:2c:12:4d:60:ce:5a:9a:9e:41:05:9b:97:
82:b2:26:b6:0e:c8:fd:48:fd:30:8b:18:c6:9b:b2:
7a:26:87:ea:0c:30:50:c5:a2:16:c0:de:51:22:8a:
d0:30:d2:d2:77:09:f2:cf:de:de:7d:6e:99:7d:24:
b7:22:46:fb:bd:88:74:7d:7a:68:4c:92:d8:3f:7f:
5d:f6:8f:40:15:b1:41:e8:cd:c4:86:21:64:fa:cb:
7e:68:86:2a:af:84:6e:3d:04:21:0d:ae:34:58:5d:
33:58:29:fd:73:cd:7b:5a:81:9c:da:f4:28:d3:1b:
60:df:b1:e5:72:92:da:f7:9a:81:2e:08:1b:32:2d:
f1:c3:82:35:26:6f:53:74:3b:c2:22:13:66:bb:76:
91:bd:c5:94:aa:4c:96:42:17:69:51:cf:3f:86:85:
77:cd:ec:48:9b:8c:d3:e9:d7:49:49:f0:82:0b:ac:
57:2c:73:64:b1:53:46:9d:39:63:75:d4:90:ef:77:
99:18:1f:fb:51:7d:e8:27:c0:1e:b3:9c:26:4b:c7:
08:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:11:C9:04:97:64:BA:F9:FA:2E:11:FD:43:FC:EA:C9:E9:FC:46:DD
X509v3 Authority Key Identifier:
keyid:81:66:03:83:85:B3:43:D5:5E:76:B7:28:EF:E2:3C:07:31:78:76:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/fBHJBJdkuvn6LhH9Q_zqyen8Rt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/gWYDg4WzQ9Vedrco7-I8BzF4dmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.17.33.0/24
89.17.35.0/24
89.17.49.0/24
89.17.51.0-89.17.63.255
185.62.192.0/22
185.127.224.0/22
217.15.53.0/24
217.15.62.0/23
IPv6:
2a04:f240::/29
Signature Algorithm: sha256WithRSAEncryption
63:33:dd:3d:94:71:d1:a9:c7:66:bc:73:b6:44:db:1d:6c:b9:
58:58:d6:8d:34:b4:ef:33:ec:fa:14:91:12:b7:88:88:b7:51:
21:10:2b:fa:05:ed:e8:6f:55:c8:b9:53:44:b3:f4:95:75:e2:
3e:14:e1:3d:2a:ee:e4:09:67:c1:e5:27:75:3c:46:7c:47:a5:
32:cb:ca:93:ee:80:58:bf:52:f0:bf:f4:94:5c:40:37:27:2f:
eb:5c:b4:e5:10:67:81:b1:c6:f9:91:76:46:d5:9c:88:70:83:
c5:97:40:3a:1c:cb:29:3e:8b:89:5f:36:a9:44:a0:fc:94:fd:
2e:75:bd:47:dd:df:7f:b0:32:3d:07:b5:ac:ce:0b:72:49:b1:
aa:b1:3d:1d:a3:1b:2d:4f:d9:a4:4d:16:e4:d9:38:6f:cb:db:
54:0d:eb:14:63:5d:aa:39:fb:b7:b3:19:55:1f:32:16:44:86:
4d:82:63:cf:e5:8c:3f:38:77:47:97:c5:af:56:22:26:15:1d:
a4:a2:e8:ce:e8:67:d8:02:b5:27:a7:d1:4f:d6:21:af:f1:c2:
46:5c:3e:aa:37:de:2e:8d:ea:4f:3f:be:06:53:b1:13:24:3a:
d8:2f:a3:e6:94:6c:7e:cb:f4:e6:97:12:1e:dd:e9:4c:7d:e1:
d5:a2:bb:27
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzIAYipsA0LBvW5ovrDzBSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNjYwMzgzODViMzQzZDU1ZTc2YjcyOGVmZTIzYzA3MzE3
ODc2NjgwHhcNMjQwMTAyMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzExYzkwNDk3NjRiYWY5ZmEyZTExZmQ0M2ZjZWFjOWU5ZmM0NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYLdNIP5QJVfE+pR3I9hk2sAqbX6
CRSzrnVGQ9Azoqpx7JnYTcjoVLP97f5nt+gsEk1gzlqankEFm5eCsia2Dsj9SP0w
ixjGm7J6JofqDDBQxaIWwN5RIorQMNLSdwnyz97efW6ZfSS3Ikb7vYh0fXpoTJLY
P39d9o9AFbFB6M3EhiFk+st+aIYqr4RuPQQhDa40WF0zWCn9c817WoGc2vQo0xtg
37HlcpLa95qBLggbMi3xw4I1Jm9TdDvCIhNmu3aRvcWUqkyWQhdpUc8/hoV3zexI
m4zT6ddJSfCCC6xXLHNksVNGnTljddSQ73eZGB/7UX3oJ8Aes5wmS8cIlQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHwRyQSXZLr5+i4R/UP86snp/EbdMB8GA1UdIwQY
MBaAFIFmA4OFs0PVXna3KO/iPAcxeHZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1dZRGc0V3pROVZlZHJjbzctSThCekY0ZG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy80OGNmZDAtMzIzOC00YWFmLWI2NjMt
NDM3M2I2NTc5MGI4LzEvZkJISkJKZGt1dm42TGhIOVFfenF5ZW44UnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy80OGNmZDAtMzIzOC00YWFmLWI2NjMtNDM3M2I2NTc5MGI4
LzEvZ1dZRGc0V3pROVZlZHJjbzctSThCekY0ZG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQAWREhAwQA
WREjAwQAWRExMAwDBABZETMDBAZZEQADBAK5PsADBAK5f+ADBADZDzUDBAHZDz4w
DQQCAAIwBwMFAyoE8kAwDQYJKoZIhvcNAQELBQADggEBAGMz3T2UcdGpx2a8c7ZE
2x1suVhY1o00tO8z7PoUkRK3iIi3USEQK/oF7ehvVci5U0Sz9JV14j4U4T0q7uQJ
Z8HlJ3U8RnxHpTLLypPugFi/UvC/9JRcQDcnL+tctOUQZ4GxxvmRdkbVnIhwg8WX
QDocyyk+i4lfNqlEoPyU/S51vUfd33+wMj0HtazOC3JJsaqxPR2jGy1P2aRNFuTZ
OG/L21QN6xRjXao5+7ezGVUfMhZEhk2CY8/ljD84d0eXxa9WIiYVHaSi6M7oZ9gC
tSen0U/WIa/xwkZcPqo33i6N6k8/vgZTsRMkOtgvo+aUbH7L9OaXEh7d6Ux94dWi
uyc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:48 2024 by rpki-client on console-fra.rpki-client.org