Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1-8iYSJWhb5Q4jqXPfdEFOZ-nKpQ.roa
File: 1-8iYSJWhb5Q4jqXPfdEFOZ-nKpQ.roa (raw, json)
Hash identifier: xGzHhFtz3+6ti0gNdZutOcJs5Vjom+Cgjn+83uEq3e4=
Subject key identifier: FB:C8:98:48:95:A1:6F:94:38:8E:A5:CF:7D:D1:05:39:9F:A7:2A:94
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 019009FA9186C7AF5BDC6F1EB3F41FE5A256
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1-8iYSJWhb5Q4jqXPfdEFOZ-nKpQ.roa
Signing time: Wed 12 Jun 2024 01:05:34 +0000
ROA not before: Wed 12 Jun 2024 01:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397563
IP address blocks: 80.253.252.0/23 maxlen: 24
80.253.254.0/23 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.81.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.135.0/24 maxlen: 24
213.142.136.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.142.0/24 maxlen: 32
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.152.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Jun 2024 04:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:09:fa:91:86:c7:af:5b:dc:6f:1e:b3:f4:1f:e5:a2:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jun 12 01:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbc8984895a16f94388ea5cf7dd105399fa72a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b5:05:7e:ca:7a:99:96:c4:6f:e3:6a:94:74:
3a:4f:a1:6e:9e:4c:3a:9d:b0:63:96:3b:59:95:24:
13:17:1b:80:b3:90:84:b4:4f:f9:91:3c:44:da:14:
4d:40:8e:af:18:83:bc:8d:bc:10:38:35:5a:58:51:
ad:51:8e:97:8a:8e:fe:81:9d:75:fa:32:0d:75:ae:
99:81:b1:6c:97:b8:a7:18:86:87:31:82:ab:ec:7f:
42:a0:bc:aa:0e:27:c4:09:f0:24:e0:c8:82:38:20:
82:c2:42:92:06:eb:6f:7f:7a:f3:cf:d6:1e:f1:18:
5f:f0:93:db:54:5f:76:2d:1b:fa:68:0d:bf:59:37:
1c:bf:a7:6f:ec:8f:d4:a0:38:09:61:6f:ad:0b:b5:
cb:ce:43:52:a4:d8:40:c0:12:27:6b:3f:a1:31:9f:
e5:fb:f1:0c:ce:24:f1:a7:5d:73:d6:e4:49:29:1b:
b6:77:30:da:7f:c6:2b:f1:7d:ca:60:f8:78:af:1f:
41:a2:c8:26:bd:47:15:50:3c:96:45:cf:c6:6c:cf:
84:51:bd:0a:51:ad:db:39:09:35:c0:05:43:a4:c8:
3d:5d:18:c1:4d:b6:c3:f0:1f:a9:86:51:61:79:79:
1d:d3:90:4c:0a:b8:84:26:cf:ee:fd:6e:16:b7:44:
69:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C8:98:48:95:A1:6F:94:38:8E:A5:CF:7D:D1:05:39:9F:A7:2A:94
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/1-8iYSJWhb5Q4jqXPfdEFOZ-nKpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/22
91.151.80.0-91.151.82.255
91.151.91.0/24
213.142.128.0/22
213.142.135.0-213.142.137.255
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
de:f0:28:90:91:b9:a8:8e:89:3c:89:80:1a:52:8f:8c:da:08:
92:f1:6c:03:4c:a2:08:39:7c:f2:c5:9c:6a:79:4d:d7:9e:05:
a8:34:5d:b0:60:dd:6f:a3:e0:84:1c:b7:4e:61:33:ee:4f:5a:
61:7e:f6:6a:e8:c0:53:ed:e4:8f:10:f1:15:3d:30:37:ce:f6:
74:ca:69:ac:1c:17:00:ab:96:7b:0d:52:8f:9f:64:18:b2:5c:
ea:aa:1d:aa:4e:20:0e:3b:7a:82:b5:96:9b:b0:5c:82:6c:5e:
54:b9:6e:18:b9:0c:82:f6:84:2f:bf:29:75:62:ec:8b:39:e1:
77:58:da:a0:cd:68:fc:ce:c7:a5:de:54:b4:dd:12:6e:92:f1:
84:52:b6:82:c1:14:09:3c:ba:95:ed:73:7b:f9:bc:23:fc:ab:
20:f6:9d:07:a8:27:8b:f5:91:9f:c1:12:f9:96:29:3f:88:60:
e9:53:d4:71:df:31:14:90:dc:0c:50:9f:8e:6a:d0:bd:81:76:
7b:e1:38:eb:8e:7e:06:18:15:8e:ab:b0:b5:cf:75:e7:d7:38:
12:a7:3d:b8:db:18:bf:7c:d2:ac:f8:23:68:c9:af:08:26:59:
cb:fd:8e:ab:1a:9d:95:0d:d5:a2:32:5a:43:09:c2:11:91:1d:
04:16:1e:92
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZAJ+pGGx69b3G8es/Qf5aJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQwNjEyMDEwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmM4OTg0ODk1YTE2Zjk0Mzg4ZWE1Y2Y3ZGQxMDUzOTlmYTcyYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17UFfsp6mZbEb+NqlHQ6T6Funkw6
nbBjljtZlSQTFxuAs5CEtE/5kTxE2hRNQI6vGIO8jbwQODVaWFGtUY6Xio7+gZ11
+jINda6ZgbFsl7inGIaHMYKr7H9CoLyqDifECfAk4MiCOCCCwkKSButvf3rzz9Ye
8Rhf8JPbVF92LRv6aA2/WTccv6dv7I/UoDgJYW+tC7XLzkNSpNhAwBInaz+hMZ/l
+/EMziTxp11z1uRJKRu2dzDaf8Yr8X3KYPh4rx9BosgmvUcVUDyWRc/GbM+EUb0K
Ua3bOQk1wAVDpMg9XRjBTbbD8B+phlFheXkd05BMCriEJs/u/W4Wt0RpJwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFPvImEiVoW+UOI6lz33RBTmfpyqUMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvMS04aVlTSldoYjVRNGpxWFBmZEVGT1otbktwUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdh
MC8xL3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBZBggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEAlD9/DAM
AwQEW5dQAwQAW5dSAwQAW5dbAwQC1Y6AMAwDBADVjocDBAHVjogDBADVjo4DBAHV
jpADBAHVjpgwDQYJKoZIhvcNAQELBQADggEBAN7wKJCRuaiOiTyJgBpSj4zaCJLx
bANMogg5fPLFnGp5TdeeBag0XbBg3W+j4IQct05hM+5PWmF+9mrowFPt5I8Q8RU9
MDfO9nTKaawcFwCrlnsNUo+fZBiyXOqqHapOIA47eoK1lpuwXIJsXlS5bhi5DIL2
hC+/KXVi7Is54XdY2qDNaPzOx6XeVLTdEm6S8YRStoLBFAk8upXtc3v5vCP8qyD2
nQeoJ4v1kZ/BEvmWKT+IYOlT1HHfMRSQ3AxQn45q0L2BdnvhOOuOfgYYFY6rsLXP
defXOBKnPbjbGL980qz4I2jJrwgmWcv9jqsanZUN1aIyWkMJwhGRHQQWHpI=
-----END CERTIFICATE-----
Generated at Thu Jun 13 09:38:47 2024 by rpki-client on console-fra.rpki-client.org