Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/8UJiVLk4LmsC4txwJvRye6eafjg.roa
File: 8UJiVLk4LmsC4txwJvRye6eafjg.roa (raw, json)
Hash identifier: dUuon/BXVympV6pVQpsPNHeOSwo+3x5ZhwoU3Mh6PhM=
Subject key identifier: F1:42:62:54:B9:38:2E:6B:02:E2:DC:70:26:F4:72:7B:A7:9A:7E:38
Certificate issuer: /CN=7e080bab55bf3473188c20c7366a6cb044c7195c
Certificate serial: 018CC5DC34A9F26DE3A7C00CB950BB4EEBFD
Authority key identifier: 7E:08:0B:AB:55:BF:34:73:18:8C:20:C7:36:6A:6C:B0:44:C7:19:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fggLq1W_NHMYjCDHNmpssETHGVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/8UJiVLk4LmsC4txwJvRye6eafjg.roa
Signing time: Mon 01 Jan 2024 16:29:52 +0000
ROA not before: Mon 01 Jan 2024 16:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39563
IP address blocks: 185.231.16.0/24 maxlen: 24
185.231.17.0/24 maxlen: 24
185.231.18.0/24 maxlen: 24
185.231.19.0/24 maxlen: 24
185.80.8.0/22 maxlen: 24
85.8.131.0/24 maxlen: 24
2a0c:3900::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fggLq1W_NHMYjCDHNmpssETHGVw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fggLq1W_NHMYjCDHNmpssETHGVw.mft
rsync://rpki.ripe.net/repository/DEFAULT/fggLq1W_NHMYjCDHNmpssETHGVw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:34:a9:f2:6d:e3:a7:c0:0c:b9:50:bb:4e:eb:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e080bab55bf3473188c20c7366a6cb044c7195c
Validity
Not Before: Jan 1 16:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1426254b9382e6b02e2dc7026f4727ba79a7e38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:28:83:42:ec:13:e7:10:db:10:7d:6b:01:ca:
9d:4e:a3:99:14:85:42:9c:7f:82:d4:d8:a3:29:59:
f7:fc:11:ce:23:87:e3:0e:d2:7c:ce:8e:20:f4:33:
d2:c6:3b:08:a7:8b:cd:29:27:21:d7:42:d5:e9:5c:
3b:77:65:0d:ee:8a:c7:88:55:c8:5d:29:89:e0:cf:
b6:c4:20:3f:db:be:7f:2a:8b:97:cd:bd:d9:62:f1:
f1:c7:dd:14:79:c3:7b:9f:c2:36:04:58:bb:9f:f4:
89:e8:d4:f4:c2:59:5c:bf:be:5d:97:3c:12:d6:e8:
9e:dd:9a:b5:ca:3a:60:04:3a:d4:7f:48:fe:a0:41:
5c:8c:be:59:bf:4a:3b:61:92:61:78:b2:d1:1f:ec:
76:27:1e:2a:90:29:76:e4:6e:4d:79:86:d5:3b:36:
02:3d:61:12:ce:ea:ff:5e:c5:67:1a:de:66:88:b2:
56:06:11:ce:e0:ec:95:b6:0b:2a:29:20:fc:22:02:
a6:39:01:48:bf:0a:f2:e5:98:41:d7:16:be:2d:ba:
89:d6:98:b4:01:50:2d:94:57:4a:2e:66:81:d6:6e:
89:19:58:07:70:ff:85:52:ed:52:89:07:d2:d5:68:
cf:60:5f:0d:de:2f:a9:6a:46:56:e0:9f:dc:13:95:
56:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:42:62:54:B9:38:2E:6B:02:E2:DC:70:26:F4:72:7B:A7:9A:7E:38
X509v3 Authority Key Identifier:
keyid:7E:08:0B:AB:55:BF:34:73:18:8C:20:C7:36:6A:6C:B0:44:C7:19:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fggLq1W_NHMYjCDHNmpssETHGVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/8UJiVLk4LmsC4txwJvRye6eafjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fggLq1W_NHMYjCDHNmpssETHGVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.131.0/24
185.80.8.0/22
185.231.16.0/22
IPv6:
2a0c:3900::/29
Signature Algorithm: sha256WithRSAEncryption
02:92:8b:2e:df:d9:0e:93:06:8f:e6:c8:28:49:7a:82:ad:e5:
21:bb:51:52:4b:d5:2d:5c:de:c4:69:1e:51:f4:25:50:d2:91:
bc:f3:c9:66:a0:9c:1f:c1:27:7e:7e:0e:c4:26:6b:3f:ac:38:
91:36:11:55:ef:0d:b0:31:c4:f0:50:a8:aa:a6:bc:4c:ae:0d:
ef:40:70:6c:2b:72:34:30:7e:1d:aa:03:73:50:b5:2a:86:9d:
43:8f:30:95:4b:92:bb:d9:dc:c5:c2:a2:fe:29:88:0f:1c:ab:
43:d1:08:56:4b:8f:15:a8:64:c0:86:e0:1f:38:39:0c:f1:4e:
ee:90:e2:2c:d1:80:aa:b1:a9:d3:31:5a:be:01:67:b4:f6:ee:
28:e3:27:6f:1f:1a:ef:d9:fa:f9:70:62:a2:f5:64:a1:e8:1c:
8c:b5:dc:e5:c8:c0:21:e2:b7:e4:37:94:f2:4d:61:96:81:fd:
00:ed:81:9e:0f:8a:ca:45:31:32:d0:8d:20:6d:0f:a9:89:0a:
7a:fe:47:d1:49:6d:b3:ed:6c:2a:b7:c5:f8:b5:cb:a7:7d:80:
b7:21:a1:0d:4e:ab:60:fc:ca:14:13:e1:24:64:71:2d:f8:35:
b1:cb:72:c2:03:6d:60:9b:b3:b0:52:30:fa:87:02:14:d1:f8:
98:b0:46:dd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF3DSp8m3jp8AMuVC7Tuv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDgwYmFiNTViZjM0NzMxODhjMjBjNzM2NmE2Y2IwNDRj
NzE5NWMwHhcNMjQwMTAxMTYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTQyNjI1NGI5MzgyZTZiMDJlMmRjNzAyNmY0NzI3YmE3OWE3ZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyiDQuwT5xDbEH1rAcqdTqOZFIVC
nH+C1NijKVn3/BHOI4fjDtJ8zo4g9DPSxjsIp4vNKSch10LV6Vw7d2UN7orHiFXI
XSmJ4M+2xCA/275/KouXzb3ZYvHxx90UecN7n8I2BFi7n/SJ6NT0wllcv75dlzwS
1uie3Zq1yjpgBDrUf0j+oEFcjL5Zv0o7YZJheLLRH+x2Jx4qkCl25G5NeYbVOzYC
PWESzur/XsVnGt5miLJWBhHO4OyVtgsqKSD8IgKmOQFIvwry5ZhB1xa+LbqJ1pi0
AVAtlFdKLmaB1m6JGVgHcP+FUu1SiQfS1WjPYF8N3i+pakZW4J/cE5VWbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPFCYlS5OC5rAuLccCb0cnunmn44MB8GA1UdIwQY
MBaAFH4IC6tVvzRzGIwgxzZqbLBExxlcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdnTHExV19OSE1ZakNESE5tcHNzRVRIR1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9mZGE4YzktNmVmYS00OTU0LWE1YzMt
NjMwYmQ3M2NlMjY3LzEvOFVKaVZMazRMbXNDNHR4d0p2UnllNmVhZmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9mZGE4YzktNmVmYS00OTU0LWE1YzMtNjMwYmQ3M2NlMjY3
LzEvZmdnTHExV19OSE1ZakNESE5tcHNzRVRIR1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAVQiDAwQC
uVAIAwQCuecQMA0EAgACMAcDBQMqDDkAMA0GCSqGSIb3DQEBCwUAA4IBAQACkosu
39kOkwaP5sgoSXqCreUhu1FSS9UtXN7EaR5R9CVQ0pG888lmoJwfwSd+fg7EJms/
rDiRNhFV7w2wMcTwUKiqprxMrg3vQHBsK3I0MH4dqgNzULUqhp1DjzCVS5K72dzF
wqL+KYgPHKtD0QhWS48VqGTAhuAfODkM8U7ukOIs0YCqsanTMVq+AWe09u4o4ydv
Hxrv2fr5cGKi9WSh6ByMtdzlyMAh4rfkN5TyTWGWgf0A7YGeD4rKRTEy0I0gbQ+p
iQp6/kfRSW2z7Wwqt8X4tcunfYC3IaENTqtg/MoUE+EkZHEt+DWxy3LCA21gm7Ow
UjD6hwIU0fiYsEbd
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:00:31 2024 by rpki-client on console-ams.rpki-client.org