Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/CC8iGdlWt84ylrPXLHgfUIibfZM.roa
File: CC8iGdlWt84ylrPXLHgfUIibfZM.roa (raw, json)
Hash identifier: gxIUQFxFuHUzqvmFnTheCtHaKkwPyzG2HfL8gqG6fJs=
Subject key identifier: 08:2F:22:19:D9:56:B7:CE:32:96:B3:D7:2C:78:1F:50:88:9B:7D:93
Certificate issuer: /CN=9b7d24416aa8a478b3ed36e2e65855d42259d9ee
Certificate serial: 018CC26D2CEC7F38EFDC228AE7253BE3B852
Authority key identifier: 9B:7D:24:41:6A:A8:A4:78:B3:ED:36:E2:E6:58:55:D4:22:59:D9:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m30kQWqopHiz7Tbi5lhV1CJZ2e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/CC8iGdlWt84ylrPXLHgfUIibfZM.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12843
IP address blocks: 37.16.64.0/21 maxlen: 21
109.109.200.0/21 maxlen: 21
46.167.16.0/21 maxlen: 21
88.214.60.0/22 maxlen: 22
213.144.0.0/19 maxlen: 19
93.189.152.0/21 maxlen: 21
109.109.201.200/30 maxlen: 30
185.106.0.0/21 maxlen: 21
185.9.176.0/22 maxlen: 22
37.228.160.0/20 maxlen: 20
46.232.224.0/21 maxlen: 21
85.115.0.0/19 maxlen: 19
81.26.160.0/20 maxlen: 20
2a02:788:1::18/128 maxlen: 128
2a02:788::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/m30kQWqopHiz7Tbi5lhV1CJZ2e4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/m30kQWqopHiz7Tbi5lhV1CJZ2e4.mft
rsync://rpki.ripe.net/repository/DEFAULT/m30kQWqopHiz7Tbi5lhV1CJZ2e4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2c:ec:7f:38:ef:dc:22:8a:e7:25:3b:e3:b8:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b7d24416aa8a478b3ed36e2e65855d42259d9ee
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=082f2219d956b7ce3296b3d72c781f50889b7d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:58:8b:5f:7b:e7:fe:a3:a2:bc:ab:4c:a2:
39:d4:ca:b2:34:78:1c:4a:02:40:99:a6:bb:41:3c:
a5:d3:56:17:93:84:e4:05:15:2b:29:b8:95:b1:b7:
8e:cd:20:66:18:f6:d9:ae:50:67:fc:15:13:85:e3:
9d:38:ef:c4:00:a7:e6:68:0b:5f:5d:53:5f:53:2f:
e6:62:2e:20:9b:2e:dd:76:db:d7:40:23:a5:f6:24:
47:0a:80:58:b2:5d:71:4c:a4:74:73:9b:bb:12:69:
a4:84:8c:83:2d:48:e1:78:96:62:0a:cd:43:ba:ae:
26:eb:55:30:8a:30:ef:f4:35:ed:15:b6:00:6e:55:
a9:f3:69:31:cf:5e:e9:d0:c7:f8:bd:86:29:78:9d:
2f:ef:ad:d6:51:ba:af:76:22:8f:b5:43:94:2f:f9:
46:af:58:79:39:f6:53:76:51:a0:cf:1d:10:49:8c:
5f:45:f8:a3:9b:92:e3:89:f2:9a:17:d0:85:3b:7f:
55:7c:e0:15:b1:ab:df:25:a4:38:cc:f1:88:cb:fe:
c5:74:6f:ff:9e:6c:c6:8c:39:9a:c8:70:08:d9:78:
df:ee:8d:1e:85:f8:0a:ad:63:eb:0f:0c:1c:a5:48:
8a:54:58:df:5b:16:3c:29:9d:b7:d6:d2:37:bf:2d:
b9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2F:22:19:D9:56:B7:CE:32:96:B3:D7:2C:78:1F:50:88:9B:7D:93
X509v3 Authority Key Identifier:
keyid:9B:7D:24:41:6A:A8:A4:78:B3:ED:36:E2:E6:58:55:D4:22:59:D9:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m30kQWqopHiz7Tbi5lhV1CJZ2e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/CC8iGdlWt84ylrPXLHgfUIibfZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/m30kQWqopHiz7Tbi5lhV1CJZ2e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.64.0/21
37.228.160.0/20
46.167.16.0/21
46.232.224.0/21
81.26.160.0/20
85.115.0.0/19
88.214.60.0/22
93.189.152.0/21
109.109.200.0/21
185.9.176.0/22
185.106.0.0/21
213.144.0.0/19
IPv6:
2a02:788::/29
Signature Algorithm: sha256WithRSAEncryption
a3:f2:7b:c1:5b:3b:08:95:71:0d:5a:b6:7a:39:6f:2a:fb:14:
6a:a2:c2:8f:8e:9b:09:cd:24:7d:ad:06:0d:78:1d:9c:58:d4:
8f:fc:47:4f:ae:71:5b:04:31:2d:e5:db:b9:8f:a0:68:63:5a:
08:1c:aa:ea:38:0a:fd:fd:61:77:e9:17:6f:5c:2f:53:fe:c6:
91:a5:92:f7:a9:36:f0:5e:f6:ff:cd:c3:d8:88:58:61:10:d1:
98:37:cb:46:08:e6:fc:5e:07:7c:14:9b:73:30:c7:42:e7:8d:
90:1b:16:47:ec:05:f7:f1:77:fa:99:86:a0:55:8b:b5:a5:d3:
f9:05:3a:96:b2:9d:14:0e:c8:4c:0f:8e:6f:02:66:46:44:2c:
ff:cc:c2:c1:0a:74:f6:25:10:35:4d:8b:50:eb:4e:e9:87:ed:
9c:f7:3d:ad:ae:21:73:11:85:02:44:92:38:c0:44:5a:b6:f6:
f8:92:13:3f:2e:5f:de:0e:cc:f2:c3:ea:4e:0c:1e:16:18:53:
6c:5f:22:ca:6c:67:dd:96:8e:b4:c6:d3:b8:6c:e0:b5:17:53:
2c:96:38:90:a5:ca:af:af:1c:d2:32:18:bb:d9:30:98:4f:00:
7a:9b:00:c1:b9:a2:13:8a:11:25:b5:2f:25:5d:d8:20:33:ee:
8d:50:f8:6a
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzCbSzsfzjv3CKK5yU747hSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliN2QyNDQxNmFhOGE0NzhiM2VkMzZlMmU2NTg1NWQ0MjI1
OWQ5ZWUwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODJmMjIxOWQ5NTZiN2NlMzI5NmIzZDcyYzc4MWY1MDg4OWI3ZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA1Yi1975/6joryrTKI51MqyNHgc
SgJAmaa7QTyl01YXk4TkBRUrKbiVsbeOzSBmGPbZrlBn/BUTheOdOO/EAKfmaAtf
XVNfUy/mYi4gmy7ddtvXQCOl9iRHCoBYsl1xTKR0c5u7EmmkhIyDLUjheJZiCs1D
uq4m61UwijDv9DXtFbYAblWp82kxz17p0Mf4vYYpeJ0v763WUbqvdiKPtUOUL/lG
r1h5OfZTdlGgzx0QSYxfRfijm5LjifKaF9CFO39VfOAVsavfJaQ4zPGIy/7FdG//
nmzGjDmayHAI2Xjf7o0ehfgKrWPrDwwcpUiKVFjfWxY8KZ231tI3vy25awIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFAgvIhnZVrfOMpaz1yx4H1CIm32TMB8GA1UdIwQY
MBaAFJt9JEFqqKR4s+024uZYVdQiWdnuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTMwa1FXcW9wSGl6N1RiaTVsaFYxQ0paMmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xYjhmMmEtMGFiZC00ZmZiLTgyZjYt
ZWYzYmJiMDU2NTVlLzEvQ0M4aUdkbFd0ODR5bHJQWExIZ2ZVSWliZlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xYjhmMmEtMGFiZC00ZmZiLTgyZjYtZWYzYmJiMDU2NTVl
LzEvbTMwa1FXcW9wSGl6N1RiaTVsaFYxQ0paMmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDJRBAAwQE
JeSgAwQDLqcQAwQDLujgAwQEURqgAwQFVXMAAwQCWNY8AwQDXb2YAwQDbW3IAwQC
uQmwAwQDuWoAAwQF1ZAAMA0EAgACMAcDBQMqAgeIMA0GCSqGSIb3DQEBCwUAA4IB
AQCj8nvBWzsIlXENWrZ6OW8q+xRqosKPjpsJzSR9rQYNeB2cWNSP/EdPrnFbBDEt
5du5j6BoY1oIHKrqOAr9/WF36RdvXC9T/saRpZL3qTbwXvb/zcPYiFhhENGYN8tG
COb8Xgd8FJtzMMdC542QGxZH7AX38Xf6mYagVYu1pdP5BTqWsp0UDshMD45vAmZG
RCz/zMLBCnT2JRA1TYtQ607ph+2c9z2triFzEYUCRJI4wERatvb4khM/Ll/eDszy
w+pODB4WGFNsXyLKbGfdlo60xtO4bOC1F1MsljiQpcqvrxzSMhi72TCYTwB6mwDB
uaITihEltS8lXdggM+6NUPhq
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:41:25 2024 by rpki-client on console-fra.rpki-client.org