Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b4aa63-4259-44e6-ac29-4fa53bf0e155/1/r3vWEjv7LXtg2u17LDPPmHu4xHg.roa
File: r3vWEjv7LXtg2u17LDPPmHu4xHg.roa (raw, json)
Hash identifier: wnZqNtFbdr7Y1WWoIByoABz+3IwUzI2hg7NDzKxZupE=
Subject key identifier: AF:7B:D6:12:3B:FB:2D:7B:60:DA:ED:7B:2C:33:CF:98:7B:B8:C4:78
Certificate issuer: /CN=b0d62d1666c5c4d192183531584afd72bed08485
Certificate serial: 018CC801C1E8DF1C9A64927B74E9989CE25F
Authority key identifier: B0:D6:2D:16:66:C5:C4:D1:92:18:35:31:58:4A:FD:72:BE:D0:84:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sNYtFmbFxNGSGDUxWEr9cr7QhIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/b4aa63-4259-44e6-ac29-4fa53bf0e155/1/r3vWEjv7LXtg2u17LDPPmHu4xHg.roa
Signing time: Tue 02 Jan 2024 02:30:07 +0000
ROA not before: Tue 02 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8248
IP address blocks: 81.186.192.0/19 maxlen: 19
194.63.224.0/20 maxlen: 24
81.186.0.0/17 maxlen: 24
81.186.128.0/18 maxlen: 18
194.63.160.0/19 maxlen: 19
194.63.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/b4aa63-4259-44e6-ac29-4fa53bf0e155/1/sNYtFmbFxNGSGDUxWEr9cr7QhIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/b4aa63-4259-44e6-ac29-4fa53bf0e155/1/sNYtFmbFxNGSGDUxWEr9cr7QhIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sNYtFmbFxNGSGDUxWEr9cr7QhIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c1:e8:df:1c:9a:64:92:7b:74:e9:98:9c:e2:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0d62d1666c5c4d192183531584afd72bed08485
Validity
Not Before: Jan 2 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af7bd6123bfb2d7b60daed7b2c33cf987bb8c478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0c:1f:82:bc:4c:3b:20:bb:ce:60:60:06:b9:
f5:d5:11:06:ee:f1:b6:af:de:0f:e5:b0:2e:a0:50:
72:d7:ca:fd:c7:a6:c0:eb:8e:e0:0c:f4:d6:4f:6d:
0b:f4:11:0b:9e:e5:04:3d:de:0d:f5:4f:3b:eb:97:
2b:62:a1:73:03:4b:25:00:3a:dd:39:e9:99:07:54:
d4:b5:4a:a9:8c:ba:c3:e0:31:fb:17:fd:8e:e6:4c:
94:f2:16:fe:03:17:38:a2:bb:49:e2:39:9e:64:92:
4d:80:26:2d:0f:12:52:04:a2:1a:1f:2f:22:02:fb:
f3:4c:f4:4d:a8:7d:e3:10:cd:ca:6d:56:1b:92:70:
17:4b:53:4d:1c:62:0d:9f:b8:4b:c4:4d:f2:70:11:
ab:3d:ba:37:c6:3f:0f:7b:e5:19:ae:da:41:a2:be:
c3:2a:11:31:23:b4:99:c3:4f:51:aa:1c:07:15:12:
8e:04:68:1c:66:73:cc:0a:5b:f5:a6:64:5a:cb:78:
42:8e:bf:8c:26:4c:53:d5:e0:fa:56:1b:5c:ab:49:
c0:2e:81:41:d5:8f:2c:9b:94:46:62:eb:e6:51:44:
1b:3a:f3:4d:43:18:98:bf:ac:37:55:1f:56:af:89:
fe:79:0d:e7:c0:f8:16:e2:cb:6c:dc:47:30:de:3f:
9b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7B:D6:12:3B:FB:2D:7B:60:DA:ED:7B:2C:33:CF:98:7B:B8:C4:78
X509v3 Authority Key Identifier:
keyid:B0:D6:2D:16:66:C5:C4:D1:92:18:35:31:58:4A:FD:72:BE:D0:84:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNYtFmbFxNGSGDUxWEr9cr7QhIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b4aa63-4259-44e6-ac29-4fa53bf0e155/1/r3vWEjv7LXtg2u17LDPPmHu4xHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b4aa63-4259-44e6-ac29-4fa53bf0e155/1/sNYtFmbFxNGSGDUxWEr9cr7QhIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.186.0.0-81.186.223.255
194.63.160.0-194.63.239.255
Signature Algorithm: sha256WithRSAEncryption
74:46:49:39:46:5b:2c:48:40:dd:aa:17:fc:a6:51:f6:6d:4d:
dc:0e:71:39:a6:13:5a:5d:47:fc:15:e5:5c:01:87:9d:22:9a:
89:33:eb:a6:46:6f:36:83:1f:d2:ca:6f:4f:23:49:e9:fd:c1:
b2:fd:b3:06:26:65:be:30:87:1c:70:16:2b:b7:6d:5d:db:86:
5a:38:ae:92:d1:b4:5d:3d:4c:93:61:fd:bf:a0:5b:bb:9b:be:
50:cf:1a:dd:03:3c:82:60:fc:b9:4d:74:72:ea:f3:a0:46:a0:
cd:19:7f:03:09:17:52:8b:61:0d:5a:24:5d:11:76:e4:02:be:
56:1d:b0:71:de:c7:9e:8a:2b:37:40:26:4c:22:09:39:41:01:
e5:82:58:0e:e3:1b:ab:49:63:03:78:1a:a3:9f:e4:1b:a5:49:
2e:b8:3d:b4:fa:72:48:d7:a7:9b:af:4b:98:0d:c8:fe:fe:7b:
3a:3a:42:17:7e:d1:1c:87:26:07:e1:83:97:2d:78:6b:d9:2c:
9e:3a:06:ad:48:4a:bc:e9:14:07:bb:6e:a7:c9:9b:70:33:25:
d8:0b:e3:93:f6:37:d1:fc:d9:9d:7b:b1:46:4e:79:1d:cf:3e:
64:c0:2b:51:30:ef:d3:dd:50:a9:a5:e0:94:1c:3b:bb:22:db:
2e:b2:76:74
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAcHo3xyaZJJ7dOmYnOJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDYyZDE2NjZjNWM0ZDE5MjE4MzUzMTU4NGFmZDcyYmVk
MDg0ODUwHhcNMjQwMTAyMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjdiZDYxMjNiZmIyZDdiNjBkYWVkN2IyYzMzY2Y5ODdiYjhjNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQwfgrxMOyC7zmBgBrn11REG7vG2
r94P5bAuoFBy18r9x6bA647gDPTWT20L9BELnuUEPd4N9U8765crYqFzA0slADrd
OemZB1TUtUqpjLrD4DH7F/2O5kyU8hb+Axc4ortJ4jmeZJJNgCYtDxJSBKIaHy8i
AvvzTPRNqH3jEM3KbVYbknAXS1NNHGINn7hLxE3ycBGrPbo3xj8Pe+UZrtpBor7D
KhExI7SZw09RqhwHFRKOBGgcZnPMClv1pmRay3hCjr+MJkxT1eD6Vhtcq0nALoFB
1Y8sm5RGYuvmUUQbOvNNQxiYv6w3VR9Wr4n+eQ3nwPgW4sts3Ecw3j+bnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK971hI7+y17YNrteywzz5h7uMR4MB8GA1UdIwQY
MBaAFLDWLRZmxcTRkhg1MVhK/XK+0ISFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05ZdEZtYkZ4TkdTR0RVeFdFcjljcjdRaElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iNGFhNjMtNDI1OS00NGU2LWFjMjkt
NGZhNTNiZjBlMTU1LzEvcjN2V0VqdjdMWHRnMnUxN0xEUFBtSHU0eEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iNGFhNjMtNDI1OS00NGU2LWFjMjktNGZhNTNiZjBlMTU1
LzEvc05ZdEZtYkZ4TkdTR0RVeFdFcjljcjdRaElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwFRugME
BVG6wDAMAwQFwj+gAwQEwj/gMA0GCSqGSIb3DQEBCwUAA4IBAQB0Rkk5RlssSEDd
qhf8plH2bU3cDnE5phNaXUf8FeVcAYedIpqJM+umRm82gx/Sym9PI0np/cGy/bMG
JmW+MIcccBYrt21d24ZaOK6S0bRdPUyTYf2/oFu7m75QzxrdAzyCYPy5TXRy6vOg
RqDNGX8DCRdSi2ENWiRdEXbkAr5WHbBx3seeiis3QCZMIgk5QQHlglgO4xurSWMD
eBqjn+QbpUkuuD20+nJI16ebr0uYDcj+/ns6OkIXftEchyYH4YOXLXhr2SyeOgat
SEq86RQHu26nyZtwMyXYC+OT9jfR/Nmde7FGTnkdzz5kwCtRMO/T3VCppeCUHDu7
ItsusnZ0
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:33 2024 by rpki-client on console-fra.rpki-client.org