Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/8GH8YkBm6Dnmmpf9W-5VElG6cK4.roa
File: 8GH8YkBm6Dnmmpf9W-5VElG6cK4.roa (raw, json)
Hash identifier: vAhQKvvPV1v1hZNc319hVKq5CfoNUCR3ae8kiUzW9Os=
Subject key identifier: F0:61:FC:62:40:66:E8:39:E6:9A:97:FD:5B:EE:55:12:51:BA:70:AE
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 018CC348A4D40F07D1056245F561CFC872A2
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/8GH8YkBm6Dnmmpf9W-5VElG6cK4.roa
Signing time: Mon 01 Jan 2024 04:29:27 +0000
ROA not before: Mon 01 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8517
IP address blocks: 193.140.244.0/22 maxlen: 22
193.140.248.0/22 maxlen: 22
193.140.252.0/23 maxlen: 23
193.255.58.0/24 maxlen: 24
193.140.183.0/24 maxlen: 24
193.140.4.0/22 maxlen: 22
193.140.1.0/24 maxlen: 24
193.140.2.0/23 maxlen: 23
193.140.0.0/16 maxlen: 24
193.140.24.0/22 maxlen: 22
193.140.35.0/24 maxlen: 24
193.255.0.0/16 maxlen: 24
193.140.134.0/24 maxlen: 24
193.140.152.0/22 maxlen: 22
193.140.159.0/24 maxlen: 24
193.140.68.0/23 maxlen: 23
193.140.83.0/24 maxlen: 24
79.123.128.0/17 maxlen: 24
193.140.88.0/24 maxlen: 24
193.140.98.0/23 maxlen: 23
194.27.232.0/22 maxlen: 22
194.27.236.0/23 maxlen: 23
95.183.128.0/17 maxlen: 24
194.27.43.0/24 maxlen: 24
185.7.0.0/22 maxlen: 22
194.27.0.0/16 maxlen: 24
2001:a98:1b0::/48 maxlen: 48
2001:a98:170::/48 maxlen: 48
2001:a98:230::/48 maxlen: 48
2001:a98:1f0::/48 maxlen: 48
2001:a98:130::/48 maxlen: 48
2001:a98:240::/48 maxlen: 48
2001:a98:1c0::/48 maxlen: 48
2001:a98:280::/48 maxlen: 48
2001:a98:180::/48 maxlen: 48
2001:a98:200::/48 maxlen: 48
2001:a98:600::/48 maxlen: 48
2001:a98:1e::/48 maxlen: 48
2001:a98:1050::/48 maxlen: 48
2001:a98:1d0::/48 maxlen: 48
2001:a98:150::/48 maxlen: 48
2001:a98:250::/48 maxlen: 48
2001:a98:290::/48 maxlen: 48
2001:a98:210::/48 maxlen: 48
2001:a98:190::/48 maxlen: 48
2001:a98::/32 maxlen: 32
2001:a98:20::/48 maxlen: 48
2001:a98:120::/48 maxlen: 48
2001:a98:220::/48 maxlen: 48
2001:a98:1a0::/48 maxlen: 48
2001:a98:1e0::/48 maxlen: 48
2001:a98:260::/48 maxlen: 48
2001:a98:160::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a4:d4:0f:07:d1:05:62:45:f5:61:cf:c8:72:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f061fc624066e839e69a97fd5bee551251ba70ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a4:03:42:46:bf:75:60:ca:85:ef:ed:b5:51:
2a:c3:93:8a:ed:68:83:d4:5a:23:b4:d1:bb:1d:33:
71:93:98:01:66:06:59:d5:bc:91:b2:76:cd:93:63:
e8:85:e1:a7:9e:5f:77:ce:53:94:d2:3f:d4:78:3b:
ea:e4:49:d8:2f:3b:f2:ee:e8:f5:9f:40:22:29:e2:
20:8a:c0:e8:fa:19:ca:4f:20:ab:2a:6b:93:ea:89:
be:9b:19:08:40:f1:14:1c:16:62:8f:8d:53:2a:7e:
a9:01:f5:0f:08:9f:b1:e4:28:a3:98:20:93:27:b1:
1b:06:64:74:ce:1a:39:7d:25:6a:52:c0:42:94:7f:
77:05:bb:1b:35:cb:51:7f:b5:da:41:2c:3f:40:11:
4c:a0:20:3e:73:e6:54:5d:d9:2f:e6:fc:51:23:56:
47:21:0b:71:4e:12:99:09:89:f6:7f:8d:6b:b9:05:
a0:fe:09:1f:b6:3f:04:e6:2d:e7:84:09:60:d1:16:
4f:27:8c:7b:87:45:46:ca:19:49:ac:66:65:2a:c4:
e3:92:e1:d9:04:0c:95:8c:ba:3c:36:d6:57:e8:3d:
1a:e7:1c:51:ed:4f:0a:21:36:e3:24:e0:d1:38:8b:
f6:75:5e:19:ae:40:45:8a:a3:38:24:5e:2a:fd:7e:
7f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:61:FC:62:40:66:E8:39:E6:9A:97:FD:5B:EE:55:12:51:BA:70:AE
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/8GH8YkBm6Dnmmpf9W-5VElG6cK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.123.128.0/17
95.183.128.0/17
185.7.0.0/22
193.140.0.0/16
193.255.0.0/16
194.27.0.0/16
IPv6:
2001:a98::/32
Signature Algorithm: sha256WithRSAEncryption
38:95:52:d3:99:43:14:6f:a2:fd:e3:52:1c:a6:3e:f9:ee:b6:
69:ba:ce:bf:f5:5d:b6:d1:31:41:ae:e2:bd:1d:07:a8:ec:ca:
73:28:8e:b7:93:ce:fc:8d:f3:9c:bd:fe:8f:5b:ff:ee:85:96:
77:8b:55:5d:bc:83:ad:8d:d5:55:92:3b:f9:52:16:66:19:d0:
4c:67:88:57:24:96:de:99:8f:2e:e6:13:b1:a3:d1:c7:9a:f9:
ce:bd:60:9e:73:22:8b:4b:ff:49:cb:84:99:4b:8b:f4:fa:46:
f2:34:fb:53:5c:93:eb:31:78:b1:54:b9:bd:a1:7e:00:14:6c:
34:5a:ef:df:a8:d2:0f:3b:f2:56:e8:3c:ac:46:86:cf:13:a6:
0e:ff:43:71:e1:d3:77:21:70:63:7d:3f:88:79:71:6a:d1:7a:
51:5c:07:98:48:83:b6:b6:01:41:64:3c:84:d4:54:23:79:7e:
cb:b7:16:f0:3c:fe:26:98:7d:6c:ba:ae:03:aa:ea:6a:38:4a:
34:0b:b8:8e:73:28:6f:10:1f:f4:4e:9b:8c:18:24:c7:b7:39:
e2:b4:7c:04:a3:3a:dd:46:2a:58:c4:4a:c2:ec:77:10:3e:ba:
ff:ee:34:d6:39:c4:8d:2b:7d:52:93:d2:f2:ec:38:1c:ab:21:
65:36:43:bd
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzDSKTUDwfRBWJF9WHPyHKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjQwMTAxMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDYxZmM2MjQwNjZlODM5ZTY5YTk3ZmQ1YmVlNTUxMjUxYmE3MGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qQDQka/dWDKhe/ttVEqw5OK7WiD
1FojtNG7HTNxk5gBZgZZ1byRsnbNk2PoheGnnl93zlOU0j/UeDvq5EnYLzvy7uj1
n0AiKeIgisDo+hnKTyCrKmuT6om+mxkIQPEUHBZij41TKn6pAfUPCJ+x5CijmCCT
J7EbBmR0zho5fSVqUsBClH93BbsbNctRf7XaQSw/QBFMoCA+c+ZUXdkv5vxRI1ZH
IQtxThKZCYn2f41ruQWg/gkftj8E5i3nhAlg0RZPJ4x7h0VGyhlJrGZlKsTjkuHZ
BAyVjLo8NtZX6D0a5xxR7U8KITbjJODROIv2dV4ZrkBFiqM4JF4q/X5/TwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPBh/GJAZug55pqX/VvuVRJRunCuMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvOEdIOFlrQm02RG5tbXBmOVctNVZFbEc2Y0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAnBAIAATAhAwQHT3uAAwQH
X7eAAwQCuQcAAwMAwYwDAwDB/wMDAMIbMA0EAgACMAcDBQAgAQqYMA0GCSqGSIb3
DQEBCwUAA4IBAQA4lVLTmUMUb6L941Icpj757rZpus6/9V220TFBruK9HQeo7Mpz
KI63k878jfOcvf6PW//uhZZ3i1VdvIOtjdVVkjv5UhZmGdBMZ4hXJJbemY8u5hOx
o9HHmvnOvWCecyKLS/9Jy4SZS4v0+kbyNPtTXJPrMXixVLm9oX4AFGw0Wu/fqNIP
O/JW6DysRobPE6YO/0Nx4dN3IXBjfT+IeXFq0XpRXAeYSIO2tgFBZDyE1FQjeX7L
txbwPP4mmH1suq4DqupqOEo0C7iOcyhvEB/0TpuMGCTHtznitHwEozrdRipYxErC
7HcQPrr/7jTWOcSNK31Sk9Ly7DgcqyFlNkO9
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:11:45 2024 by rpki-client on console-ams.rpki-client.org