Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/8d4o9nJy3ox7c1d0Y4u89d8vhtY.roa
File: 8d4o9nJy3ox7c1d0Y4u89d8vhtY.roa (raw, json)
Hash identifier: 46qWcY2COb4ujC/v0epPE9/Goa9hxmmJH0qJbw1P0E4=
Subject key identifier: F1:DE:28:F6:72:72:DE:8C:7B:73:57:74:63:8B:BC:F5:DF:2F:86:D6
Certificate issuer: /CN=a35c5443ae203f647ee306b9ef72dac50b5df514
Certificate serial: 01927575DF0B16B897F3966105F2CD64249C
Authority key identifier: A3:5C:54:43:AE:20:3F:64:7E:E3:06:B9:EF:72:DA:C5:0B:5D:F5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o1xUQ64gP2R-4wa573LaxQtd9RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/8d4o9nJy3ox7c1d0Y4u89d8vhtY.roa
Signing time: Thu 10 Oct 2024 08:05:11 +0000
ROA not before: Thu 10 Oct 2024 08:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39729
IP address blocks: 81.88.48.0/20 maxlen: 24
185.2.4.0/22 maxlen: 24
2a01:8100::/29 maxlen: 48
2a01:8100:2000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/o1xUQ64gP2R-4wa573LaxQtd9RQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/o1xUQ64gP2R-4wa573LaxQtd9RQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/o1xUQ64gP2R-4wa573LaxQtd9RQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:75:75:df:0b:16:b8:97:f3:96:61:05:f2:cd:64:24:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a35c5443ae203f647ee306b9ef72dac50b5df514
Validity
Not Before: Oct 10 08:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1de28f67272de8c7b735774638bbcf5df2f86d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e6:b0:a8:b9:5c:92:7e:be:1d:88:ae:b7:29:
b6:99:fb:df:f9:1c:af:1d:37:53:2c:cc:93:a9:9a:
3c:a0:6c:df:b6:d5:1f:67:6a:ed:ae:ba:5b:e9:a9:
07:25:1d:f0:48:6a:1f:f5:fb:3a:f1:d9:d6:f5:9e:
81:bc:7c:68:d6:18:92:da:ca:17:63:35:86:b7:9d:
9e:b9:b9:b2:1b:b4:a8:d7:33:9c:bc:ff:03:6a:e3:
46:8a:4a:fc:76:9b:72:d2:50:33:e9:7b:5b:79:5f:
ed:02:3b:62:40:05:8c:08:1a:bb:c4:ef:3e:52:86:
e0:a2:b8:01:92:bd:98:b7:48:96:06:f6:14:b7:43:
23:e2:2e:ed:b1:41:9d:39:1a:0d:89:51:86:77:88:
ae:d2:25:6f:b1:27:16:32:95:99:58:60:de:08:3d:
e7:38:ba:37:3e:40:bb:7f:f1:7e:55:bd:07:5d:4f:
45:a1:9c:19:85:3c:f5:4c:2c:84:e5:32:cc:51:95:
ad:e7:78:b0:70:76:fd:3e:d2:07:b4:9f:1d:01:25:
ae:43:c5:07:8a:55:46:c1:a5:a5:db:1f:c5:20:2a:
01:54:fd:88:01:9b:f0:2f:c1:71:01:f6:1f:6f:36:
ba:28:9d:99:bf:37:3e:49:57:82:3a:a7:e3:d5:c9:
f5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DE:28:F6:72:72:DE:8C:7B:73:57:74:63:8B:BC:F5:DF:2F:86:D6
X509v3 Authority Key Identifier:
keyid:A3:5C:54:43:AE:20:3F:64:7E:E3:06:B9:EF:72:DA:C5:0B:5D:F5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o1xUQ64gP2R-4wa573LaxQtd9RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/8d4o9nJy3ox7c1d0Y4u89d8vhtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/o1xUQ64gP2R-4wa573LaxQtd9RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.48.0/20
185.2.4.0/22
IPv6:
2a01:8100::/29
Signature Algorithm: sha256WithRSAEncryption
59:79:ec:6e:6d:0c:2d:0e:d4:85:7b:5a:29:33:aa:a5:1f:25:
94:4b:0c:d0:63:89:b0:3d:6d:29:d8:ce:fe:21:be:16:ea:1d:
d4:39:3b:20:fa:b8:b3:c4:a4:fe:97:ae:96:a3:07:c2:e5:fe:
ed:b3:8b:d1:8e:54:fc:f7:6d:d1:9b:1d:eb:39:5d:2f:e0:71:
50:a6:8b:41:14:8c:44:1a:8e:62:b8:b3:54:d8:0e:a6:9f:f0:
6e:61:50:52:bd:54:07:76:2e:e3:3a:f5:97:8c:d5:27:93:f6:
97:ce:12:85:80:76:db:91:23:ee:82:ad:34:78:c6:a0:dd:ff:
69:62:cc:27:8b:70:86:85:fd:5a:dd:a2:4b:dc:9b:66:d1:95:
7c:03:b1:21:28:51:ac:16:f0:5b:bc:76:ad:39:1a:ff:ae:70:
92:76:ca:13:fd:db:0c:84:23:31:44:87:b2:b6:52:e4:23:cb:
87:7d:42:97:cd:96:c3:57:53:38:c5:7a:b8:1e:7d:aa:3a:12:
1e:fe:a2:1f:fa:a1:08:90:97:36:4d:6e:38:89:23:11:aa:42:
1e:43:5f:f1:74:43:da:55:51:ac:13:37:a0:0e:4d:fd:ea:01:
fc:5d:ea:8c:60:34:d2:98:92:8b:cc:88:80:33:8d:d5:2a:10:
ef:ca:38:13
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZJ1dd8LFriX85ZhBfLNZCScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNWM1NDQzYWUyMDNmNjQ3ZWUzMDZiOWVmNzJkYWM1MGI1
ZGY1MTQwHhcNMjQxMDEwMDgwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRlMjhmNjcyNzJkZThjN2I3MzU3NzQ2MzhiYmNmNWRmMmY4NmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+awqLlckn6+HYiutym2mfvf+Ryv
HTdTLMyTqZo8oGzfttUfZ2rtrrpb6akHJR3wSGof9fs68dnW9Z6BvHxo1hiS2soX
YzWGt52eubmyG7So1zOcvP8DauNGikr8dpty0lAz6XtbeV/tAjtiQAWMCBq7xO8+
UobgorgBkr2Yt0iWBvYUt0Mj4i7tsUGdORoNiVGGd4iu0iVvsScWMpWZWGDeCD3n
OLo3PkC7f/F+Vb0HXU9FoZwZhTz1TCyE5TLMUZWt53iwcHb9PtIHtJ8dASWuQ8UH
ilVGwaWl2x/FICoBVP2IAZvwL8FxAfYfbza6KJ2Zvzc+SVeCOqfj1cn1kwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPHeKPZyct6Me3NXdGOLvPXfL4bWMB8GA1UdIwQY
MBaAFKNcVEOuID9kfuMGue9y2sULXfUUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzF4VVE2NGdQMlItNHdhNTczTGF4UXRkOVJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mNjUxYzEtMDJkNi00NDhhLWFjYWQt
MTRjNTkwZmVjN2UzLzEvOGQ0bzluSnkzb3g3YzFkMFk0dTg5ZDh2aHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mNjUxYzEtMDJkNi00NDhhLWFjYWQtMTRjNTkwZmVjN2Uz
LzEvbzF4VVE2NGdQMlItNHdhNTczTGF4UXRkOVJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVgwAwQC
uQIEMA0EAgACMAcDBQMqAYEAMA0GCSqGSIb3DQEBCwUAA4IBAQBZeexubQwtDtSF
e1opM6qlHyWUSwzQY4mwPW0p2M7+Ib4W6h3UOTsg+rizxKT+l66WowfC5f7ts4vR
jlT8923Rmx3rOV0v4HFQpotBFIxEGo5iuLNU2A6mn/BuYVBSvVQHdi7jOvWXjNUn
k/aXzhKFgHbbkSPugq00eMag3f9pYswni3CGhf1a3aJL3Jtm0ZV8A7EhKFGsFvBb
vHatORr/rnCSdsoT/dsMhCMxRIeytlLkI8uHfUKXzZbDV1M4xXq4Hn2qOhIe/qIf
+qEIkJc2TW44iSMRqkIeQ1/xdEPaVVGsEzegDk396gH8XeqMYDTSmJKLzIiAM43V
KhDvyjgT
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:02 2024 by rpki-client on console-fra.rpki-client.org