Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/8Q9rLwPPXfqpb7lmViLC-fC-DSU.roa
File: 8Q9rLwPPXfqpb7lmViLC-fC-DSU.roa (raw, json)
Hash identifier: MuaDRKOfRiI0QZwTxAGFK17Rq+MSmG8pGQVMwQm90o4=
Subject key identifier: F1:0F:6B:2F:03:CF:5D:FA:A9:6F:B9:66:56:22:C2:F9:F0:BE:0D:25
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018F0BEA3219523A6C45DA73553DB059266D
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/8Q9rLwPPXfqpb7lmViLC-fC-DSU.roa
Signing time: Tue 23 Apr 2024 17:04:08 +0000
ROA not before: Tue 23 Apr 2024 17:04:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 212.68.164.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.166.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.168.0/24 maxlen: 24
212.68.169.0/24 maxlen: 24
212.68.170.0/24 maxlen: 24
212.68.171.0/24 maxlen: 24
212.68.172.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.176.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
212.68.188.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0b:ea:32:19:52:3a:6c:45:da:73:55:3d:b0:59:26:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Apr 23 17:04:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f10f6b2f03cf5dfaa96fb9665622c2f9f0be0d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3b:79:8c:26:c3:17:e8:42:dd:2d:a3:8e:7a:
4c:6b:bc:a9:6c:ee:b9:fa:1b:54:2b:50:41:a8:49:
31:14:36:6a:0b:68:d8:af:e4:b9:e4:a4:52:a6:67:
75:a7:c2:97:e1:d6:1a:af:c3:71:6b:ad:42:4d:51:
f3:63:b5:df:93:8d:a1:6d:a9:14:9d:6b:9a:a8:72:
35:24:05:04:9f:ca:24:17:a0:46:eb:03:9c:11:50:
d7:df:06:0c:49:e7:a2:05:cf:c6:fa:20:d0:8a:e7:
96:f3:cc:50:c3:ff:94:c5:30:7e:e8:90:c4:be:db:
34:2c:c6:11:b5:a4:41:69:6d:ec:85:b8:71:f4:48:
84:3e:1d:b8:38:5a:2e:8c:bd:24:87:b6:0f:4a:e1:
ae:de:0c:30:78:aa:62:a8:d1:99:2c:37:11:81:dd:
73:80:81:9b:f7:4d:76:6a:69:f6:6e:a4:95:92:8a:
9f:fc:95:91:44:59:28:c7:85:d5:38:ed:2d:a7:6b:
42:bc:f8:d6:1b:b6:81:1f:57:7d:3e:47:e4:fc:51:
cc:29:88:7e:03:56:54:b6:87:e2:f8:0f:b5:62:1a:
bd:fe:9c:1c:66:50:fb:58:df:f4:ab:20:d5:1f:28:
d2:2f:9e:7d:5a:3f:d0:7e:19:8e:50:3a:ed:82:95:
8c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:0F:6B:2F:03:CF:5D:FA:A9:6F:B9:66:56:22:C2:F9:F0:BE:0D:25
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/8Q9rLwPPXfqpb7lmViLC-fC-DSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0-212.68.191.255
Signature Algorithm: sha256WithRSAEncryption
3f:b9:cb:41:5d:4f:50:85:3e:95:62:7d:07:09:19:f7:0c:0b:
69:72:35:af:bf:82:01:48:96:56:79:31:8d:7f:f7:f9:63:54:
1c:37:25:65:81:3a:cc:d6:2b:68:c9:d2:10:e1:96:3c:8c:15:
ca:d6:e7:c3:99:cb:bd:1c:39:2a:bf:04:71:e5:3c:9e:b2:be:
7c:fb:55:9f:c8:09:92:74:1d:25:c4:25:66:5a:b1:a0:96:a9:
a1:d0:26:27:8d:7c:7f:a9:5a:e7:47:03:83:02:bc:4d:9c:59:
80:47:8a:60:20:58:19:64:e8:21:07:01:74:89:4e:0e:76:7a:
e9:76:5a:b9:4f:67:a1:db:4f:74:d2:3d:92:f1:fe:4b:9b:c6:
98:79:47:f3:37:a8:fb:9b:f1:15:b1:bf:09:9b:8a:2c:52:b9:
a7:a4:45:ff:87:88:62:1f:d6:e2:73:11:e2:3c:50:54:63:14:
1f:77:6c:fe:08:60:2b:f4:e6:88:a3:61:99:27:35:e8:bf:d4:
a5:2d:b4:ab:cc:aa:64:d9:0f:55:fd:ae:1c:16:97:3f:90:7c:
42:37:71:5c:6b:b8:33:08:7a:97:77:de:db:f8:55:cd:cd:7e:
d3:8c:41:af:16:65:d6:c7:19:6b:c6:c1:84:1c:7f:f7:51:44:
b1:ee:f6:41
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8L6jIZUjpsRdpzVT2wWSZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjQwNDIzMTcwNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTBmNmIyZjAzY2Y1ZGZhYTk2ZmI5NjY1NjIyYzJmOWYwYmUwZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzt5jCbDF+hC3S2jjnpMa7ypbO65
+htUK1BBqEkxFDZqC2jYr+S55KRSpmd1p8KX4dYar8Nxa61CTVHzY7Xfk42hbakU
nWuaqHI1JAUEn8okF6BG6wOcEVDX3wYMSeeiBc/G+iDQiueW88xQw/+UxTB+6JDE
vts0LMYRtaRBaW3shbhx9EiEPh24OFoujL0kh7YPSuGu3gwweKpiqNGZLDcRgd1z
gIGb9012amn2bqSVkoqf/JWRRFkox4XVOO0tp2tCvPjWG7aBH1d9Pkfk/FHMKYh+
A1ZUtofi+A+1Yhq9/pwcZlD7WN/0qyDVHyjSL559Wj/QfhmOUDrtgpWMGwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPEPay8Dz136qW+5ZlYiwvnwvg0lMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvOFE5ckx3UFBYZnFwYjdsbVZpTEMtZkMtRFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALURKQD
BAbURIAwDQYJKoZIhvcNAQELBQADggEBAD+5y0FdT1CFPpVifQcJGfcMC2lyNa+/
ggFIllZ5MY1/9/ljVBw3JWWBOszWK2jJ0hDhljyMFcrW58OZy70cOSq/BHHlPJ6y
vnz7VZ/ICZJ0HSXEJWZasaCWqaHQJieNfH+pWudHA4MCvE2cWYBHimAgWBlk6CEH
AXSJTg52eul2WrlPZ6HbT3TSPZLx/kubxph5R/M3qPub8RWxvwmbiixSuaekRf+H
iGIf1uJzEeI8UFRjFB93bP4IYCv05oijYZknNei/1KUttKvMqmTZD1X9rhwWlz+Q
fEI3cVxruDMIepd33tv4Vc3NftOMQa8WZdbHGWvGwYQcf/dRRLHu9kE=
-----END CERTIFICATE-----
Generated at Sat May 4 18:39:53 2024 by rpki-client on console-ams.rpki-client.org