Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/9hJ8QVT1yOhHGe_FkNvD1uN3SH0.roa
File: 9hJ8QVT1yOhHGe_FkNvD1uN3SH0.roa (raw, json)
Hash identifier: J1fJTXSQ6GHsr1ejlFWg1yvKGNskG+om72lwlkONKjM=
Subject key identifier: F6:12:7C:41:54:F5:C8:E8:47:19:EF:C5:90:DB:C3:D6:E3:77:48:7D
Certificate issuer: /CN=e1cadc8a421c1f22f1e2904ccfdbbcec5dbe1b11
Certificate serial: 018CCA2B73D2A07D68C16D49FD8B2D0EFD81
Authority key identifier: E1:CA:DC:8A:42:1C:1F:22:F1:E2:90:4C:CF:DB:BC:EC:5D:BE:1B:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/9hJ8QVT1yOhHGe_FkNvD1uN3SH0.roa
Signing time: Tue 02 Jan 2024 12:34:54 +0000
ROA not before: Tue 02 Jan 2024 12:34:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21497
IP address blocks: 128.124.0.0/16 maxlen: 19
77.52.0.0/16 maxlen: 18
5.207.0.0/16 maxlen: 17
88.214.64.0/18 maxlen: 19
46.133.0.0/16 maxlen: 19
178.133.0.0/16 maxlen: 19
31.144.0.0/16 maxlen: 19
80.255.64.0/20 maxlen: 21
89.209.0.0/16 maxlen: 19
2a00:f50::/30 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:73:d2:a0:7d:68:c1:6d:49:fd:8b:2d:0e:fd:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1cadc8a421c1f22f1e2904ccfdbbcec5dbe1b11
Validity
Not Before: Jan 2 12:34:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6127c4154f5c8e84719efc590dbc3d6e377487d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:70:1f:0b:8e:d2:f4:60:a1:c0:c1:b6:70:d0:
e6:08:6c:2a:6c:b0:e0:2b:6a:98:2d:b1:92:75:ef:
ac:79:72:2f:6f:64:12:05:b0:44:9b:b0:a7:83:47:
5a:0a:7f:c6:ed:c6:81:5f:f6:41:cd:bc:f1:84:6f:
91:0a:c1:c1:f9:51:fe:78:06:40:fe:13:45:51:cd:
01:cc:f5:28:7e:83:bc:33:be:7e:93:7c:c4:3b:09:
55:ab:e6:bd:74:b9:04:8d:5d:72:ed:af:d2:6b:ee:
3b:83:c6:77:f8:84:c8:7b:ba:a0:60:6f:85:b6:3b:
c3:0d:b4:27:b4:de:3f:7a:05:88:50:06:0d:5e:37:
78:bc:62:d8:a7:62:f6:4a:35:4d:ad:66:b3:00:7f:
2e:3f:7e:b2:77:8b:7c:b4:c5:ce:d8:35:6e:87:3c:
97:0c:12:4f:61:c0:45:20:ce:b4:d4:9e:ea:e9:e6:
54:46:2d:32:77:7e:10:b2:61:11:a6:4e:58:66:38:
6d:a5:e3:e7:06:59:6b:3b:c5:fb:5a:80:6a:45:6e:
0d:67:52:c8:3e:1e:30:ca:15:0d:08:4a:d7:b2:d8:
c4:8c:18:af:e9:a1:1e:2c:47:b8:09:00:87:74:58:
9a:08:c7:c9:0c:39:63:1b:9f:e9:70:9e:4c:f3:84:
67:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:12:7C:41:54:F5:C8:E8:47:19:EF:C5:90:DB:C3:D6:E3:77:48:7D
X509v3 Authority Key Identifier:
keyid:E1:CA:DC:8A:42:1C:1F:22:F1:E2:90:4C:CF:DB:BC:EC:5D:BE:1B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/9hJ8QVT1yOhHGe_FkNvD1uN3SH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.207.0.0/16
31.144.0.0/16
46.133.0.0/16
77.52.0.0/16
80.255.64.0/20
88.214.64.0/18
89.209.0.0/16
128.124.0.0/16
178.133.0.0/16
IPv6:
2a00:f50::/30
Signature Algorithm: sha256WithRSAEncryption
14:22:ff:a2:fb:f7:f3:9c:6c:9f:22:96:84:9b:4e:d7:60:e6:
e7:8e:b7:39:e2:54:35:ca:fd:ed:da:17:19:4c:fe:5f:24:65:
cb:3c:00:ad:d6:5b:e0:0f:75:82:89:65:86:87:8d:be:30:57:
9d:05:3e:41:9e:34:74:72:65:0a:cd:d5:b6:69:33:7d:2e:8d:
ad:d7:db:13:40:30:34:00:63:5d:b6:68:cb:17:00:49:62:aa:
dc:82:78:ab:60:71:04:59:f7:e2:77:30:40:13:4b:68:5c:a1:
04:b3:4e:78:68:44:9d:9b:c7:b9:fa:f6:b4:d6:e5:a8:8d:30:
4d:6f:da:f2:69:4e:ae:dc:30:f3:89:bd:ef:cf:4c:0c:4d:01:
e4:eb:a4:fb:ce:dd:36:0f:25:84:da:54:c1:54:04:1f:93:13:
78:77:1d:18:cd:f7:a6:f5:69:ba:0a:01:1c:12:2f:b9:c6:5e:
76:46:18:93:ad:b1:1d:91:b4:96:10:c2:3a:3a:c5:50:49:f3:
fa:a3:50:df:31:c3:9d:28:fb:86:ed:00:cc:58:24:0f:cd:fb:
c4:3a:0a:ff:a9:9f:3c:f1:01:32:f5:d7:5b:50:1b:49:27:11:
3a:eb:91:a5:40:1c:38:d4:f1:89:dc:a1:77:52:d9:0a:83:a5:
e9:3b:7b:a6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzKK3PSoH1owW1J/YstDv2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxY2FkYzhhNDIxYzFmMjJmMWUyOTA0Y2NmZGJiY2VjNWRi
ZTFiMTEwHhcNMjQwMTAyMTIzNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjEyN2M0MTU0ZjVjOGU4NDcxOWVmYzU5MGRiYzNkNmUzNzc0ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXAfC47S9GChwMG2cNDmCGwqbLDg
K2qYLbGSde+seXIvb2QSBbBEm7Cng0daCn/G7caBX/ZBzbzxhG+RCsHB+VH+eAZA
/hNFUc0BzPUofoO8M75+k3zEOwlVq+a9dLkEjV1y7a/Sa+47g8Z3+ITIe7qgYG+F
tjvDDbQntN4/egWIUAYNXjd4vGLYp2L2SjVNrWazAH8uP36yd4t8tMXO2DVuhzyX
DBJPYcBFIM601J7q6eZURi0yd34QsmERpk5YZjhtpePnBllrO8X7WoBqRW4NZ1LI
Ph4wyhUNCErXstjEjBiv6aEeLEe4CQCHdFiaCMfJDDljG5/pcJ5M84RnewIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPYSfEFU9cjoRxnvxZDbw9bjd0h9MB8GA1UdIwQY
MBaAFOHK3IpCHB8i8eKQTM/bvOxdvhsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGNyY2lrSWNIeUx4NHBCTXo5dTg3RjItR3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xMWFmNDItZDNlZC00M2NkLTgyNzQt
NzQyZGMwYzk3MGMwLzEvOWhKOFFWVDF5T2hIR2VfRmtOdkQxdU4zU0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xMWFmNDItZDNlZC00M2NkLTgyNzQtNzQyZGMwYzk3MGMw
LzEvNGNyY2lrSWNIeUx4NHBCTXo5dTg3RjItR3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwMABc8DAwAf
kAMDAC6FAwMATTQDBARQ/0ADBAZY1kADAwBZ0QMDAIB8AwMAsoUwDQQCAAIwBwMF
AioAD1AwDQYJKoZIhvcNAQELBQADggEBABQi/6L79/OcbJ8iloSbTtdg5ueOtzni
VDXK/e3aFxlM/l8kZcs8AK3WW+APdYKJZYaHjb4wV50FPkGeNHRyZQrN1bZpM30u
ja3X2xNAMDQAY122aMsXAEliqtyCeKtgcQRZ9+J3MEATS2hcoQSzTnhoRJ2bx7n6
9rTW5aiNME1v2vJpTq7cMPOJve/PTAxNAeTrpPvO3TYPJYTaVMFUBB+TE3h3HRjN
96b1aboKARwSL7nGXnZGGJOtsR2RtJYQwjo6xVBJ8/qjUN8xw50o+4btAMxYJA/N
+8Q6Cv+pnzzxATL111tQG0knETrrkaVAHDjU8YncoXdS2QqDpek7e6Y=
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:54:20 2024 by rpki-client on console-fra.rpki-client.org