Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/mA8hepLNjsMzCWYbFrTldNhog4Q.roa
File: mA8hepLNjsMzCWYbFrTldNhog4Q.roa (raw, json)
Hash identifier: WKney7br9H6EqEzqeWoL4noek9ELMav3ppLwnGpwvOo=
Subject key identifier: 98:0F:21:7A:92:CD:8E:C3:33:09:66:1B:16:B4:E5:74:D8:68:83:84
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC3D7EEAB6B06619A073988A49F1E
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/mA8hepLNjsMzCWYbFrTldNhog4Q.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50129
IP address blocks: 185.215.0.0/22 maxlen: 24
31.44.144.0/20 maxlen: 24
178.239.240.0/20 maxlen: 24
185.30.196.0/22 maxlen: 24
31.222.96.0/19 maxlen: 24
185.209.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c3:d7:ee:ab:6b:06:61:9a:07:39:88:a4:9f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=980f217a92cd8ec33309661b16b4e574d8688384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:78:63:6a:12:5f:59:a1:a6:96:8a:51:e2:07:
25:89:8e:1c:fc:62:9a:5d:e5:cd:36:94:1d:ad:7d:
2e:b7:bf:dd:d6:c8:8f:50:64:df:36:4b:0d:4a:9d:
4d:84:45:6e:9b:4a:39:e7:15:87:95:86:dd:31:9d:
d8:22:90:ca:34:f0:75:03:3b:03:bc:db:80:6b:b4:
d7:8c:c2:5a:01:1d:c0:c0:15:07:d0:df:7e:c1:f2:
94:c2:fe:1e:31:41:39:57:df:8b:78:e0:e5:a0:1e:
d9:7b:19:8f:11:50:90:4f:59:07:e1:51:67:6c:d4:
ec:8b:69:62:3c:3d:2e:86:13:9d:77:67:bb:3a:2f:
c7:3c:77:ed:24:ff:d1:f0:fc:9c:38:fd:2f:0d:a0:
a2:33:1c:e1:72:ce:b9:7e:74:c4:de:11:97:ee:08:
c8:92:e1:c3:f9:c7:d8:f8:bb:f6:a2:a7:19:eb:a2:
e5:e2:5d:e7:10:dc:70:7b:ed:e3:5e:0e:fa:5f:03:
67:bf:d0:84:4c:75:13:d5:a7:0a:75:98:3b:1a:24:
38:c5:15:a9:7c:ba:18:36:21:05:5c:b1:9a:ea:bb:
a8:44:58:47:6b:6d:e0:40:fa:a6:d2:91:77:bd:a8:
f7:ca:0d:c7:6e:9b:7f:74:ef:ae:90:81:62:5d:77:
64:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0F:21:7A:92:CD:8E:C3:33:09:66:1B:16:B4:E5:74:D8:68:83:84
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/mA8hepLNjsMzCWYbFrTldNhog4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.144.0/20
31.222.96.0/19
178.239.240.0/20
185.30.196.0/22
185.209.8.0/22
185.215.0.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:7f:c6:8d:28:a9:fd:30:aa:41:27:75:6f:26:ff:01:56:32:
3c:91:12:cc:aa:18:76:2b:49:27:c5:51:3b:dc:84:ba:b4:46:
eb:c0:39:66:12:50:bd:e1:87:23:b6:aa:59:89:3b:5a:5e:7d:
ce:b4:73:39:fb:03:8c:4c:e0:01:43:48:72:d4:59:d0:bf:c5:
8b:ff:03:c1:c0:64:2c:e6:f9:2c:9a:ff:b3:09:b5:ec:97:22:
3f:61:87:64:52:14:cb:00:2e:26:c0:50:71:81:18:dd:cc:7a:
59:77:2b:3e:b6:85:de:71:45:d4:4c:2a:fb:e9:7e:55:f1:5e:
86:cd:0c:c3:bf:2f:76:1f:c9:ad:2d:1b:2b:4c:cf:58:6f:c3:
80:7f:fd:05:4e:01:c4:0e:20:72:b6:0e:23:8f:79:78:2f:36:
03:44:d6:43:34:b5:9e:4c:e5:9f:20:c4:64:86:32:54:00:ad:
07:16:43:11:a5:c4:3f:b0:6c:e4:0f:fe:2a:b1:6d:d9:02:51:
3f:d0:3b:bc:ac:c9:27:32:18:03:c5:90:74:8b:ec:64:db:8e:
ee:68:80:f2:73:0d:b9:73:e8:d6:10:ab:01:95:92:96:3f:05:
13:a1:94:ce:3a:10:7c:37:ef:35:09:fa:ae:96:5f:ca:82:5f:
64:71:b7:c0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzC2sPX7qtrBmGaBzmIpJ8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBmMjE3YTkyY2Q4ZWMzMzMwOTY2MWIxNmI0ZTU3NGQ4Njg4Mzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HhjahJfWaGmlopR4gcliY4c/GKa
XeXNNpQdrX0ut7/d1siPUGTfNksNSp1NhEVum0o55xWHlYbdMZ3YIpDKNPB1AzsD
vNuAa7TXjMJaAR3AwBUH0N9+wfKUwv4eMUE5V9+LeODloB7ZexmPEVCQT1kH4VFn
bNTsi2liPD0uhhOdd2e7Oi/HPHftJP/R8PycOP0vDaCiMxzhcs65fnTE3hGX7gjI
kuHD+cfY+Lv2oqcZ66Ll4l3nENxwe+3jXg76XwNnv9CETHUT1acKdZg7GiQ4xRWp
fLoYNiEFXLGa6ruoRFhHa23gQPqm0pF3vaj3yg3Hbpt/dO+ukIFiXXdkPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJgPIXqSzY7DMwlmGxa05XTYaIOEMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvbUE4aGVwTE5qc016Q1dZYkZyVGxkTmhvZzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEHyyQAwQF
H95gAwQEsu/wAwQCuR7EAwQCudEIAwQCudcAMA0GCSqGSIb3DQEBCwUAA4IBAQC5
f8aNKKn9MKpBJ3VvJv8BVjI8kRLMqhh2K0knxVE73IS6tEbrwDlmElC94YcjtqpZ
iTtaXn3OtHM5+wOMTOABQ0hy1FnQv8WL/wPBwGQs5vksmv+zCbXslyI/YYdkUhTL
AC4mwFBxgRjdzHpZdys+toXecUXUTCr76X5V8V6GzQzDvy92H8mtLRsrTM9Yb8OA
f/0FTgHEDiBytg4jj3l4LzYDRNZDNLWeTOWfIMRkhjJUAK0HFkMRpcQ/sGzkD/4q
sW3ZAlE/0Du8rMknMhgDxZB0i+xk247uaIDycw25c+jWEKsBlZKWPwUToZTOOhB8
N+81Cfqull/Kgl9kcbfA
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:34 2024 by rpki-client on console-fra.rpki-client.org