Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/bU4zav82KDKRXyhwAVXjzoMbFe8.roa
File: bU4zav82KDKRXyhwAVXjzoMbFe8.roa (raw, json)
Hash identifier: 4+TENmdvmgbQWDSiZZb9INk6vBkeqtlbL3DUHROlCNA=
Subject key identifier: 6D:4E:33:6A:FF:36:28:32:91:5F:28:70:01:55:E3:CE:83:1B:15:EF
Certificate issuer: /CN=8cbd74c6d11d63ca5de3cc637ce967ee97604c67
Certificate serial: 018CC424E2E918B0F7A7F4020A4DF2E1BCAD
Authority key identifier: 8C:BD:74:C6:D1:1D:63:CA:5D:E3:CC:63:7C:E9:67:EE:97:60:4C:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jL10xtEdY8pd48xjfOln7pdgTGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/bU4zav82KDKRXyhwAVXjzoMbFe8.roa
Signing time: Mon 01 Jan 2024 08:30:00 +0000
ROA not before: Mon 01 Jan 2024 08:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25598
IP address blocks: 193.135.4.0/22 maxlen: 22
193.135.4.0/23 maxlen: 24
193.5.126.0/23 maxlen: 23
195.245.237.0/24 maxlen: 24
193.200.144.0/24 maxlen: 24
2a03:8780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/jL10xtEdY8pd48xjfOln7pdgTGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/jL10xtEdY8pd48xjfOln7pdgTGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jL10xtEdY8pd48xjfOln7pdgTGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:e2:e9:18:b0:f7:a7:f4:02:0a:4d:f2:e1:bc:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cbd74c6d11d63ca5de3cc637ce967ee97604c67
Validity
Not Before: Jan 1 08:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d4e336aff362832915f28700155e3ce831b15ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e1:23:25:7b:0e:cf:e0:0e:b0:47:3e:b4:a0:
c1:93:5e:cc:7e:88:7c:d9:ed:d1:d9:c8:b6:13:a5:
af:7d:53:da:ba:f5:4e:ad:e8:45:c4:29:f8:f8:7b:
86:5a:9f:ee:32:7c:18:95:00:c5:38:bb:1e:b4:c9:
cc:e0:4e:04:3e:91:dc:71:3b:9b:59:ac:b2:f1:16:
95:ac:c1:f6:c0:ce:2f:a9:d2:8a:9e:d1:8b:44:11:
b4:01:9a:d7:6f:34:bb:d4:8f:2a:0f:4d:c8:c9:42:
0c:3f:e3:62:cb:d9:aa:db:2d:2c:63:17:85:1d:94:
ec:f0:4c:3e:c7:cf:19:45:9f:8d:0b:b1:24:40:ed:
85:e9:d3:a4:b8:d2:07:b4:d4:23:88:3b:f6:dc:df:
a1:81:34:33:b5:55:ff:69:df:12:5f:48:70:c8:88:
b8:57:6f:04:0a:11:53:e3:fe:ed:36:31:76:69:ae:
40:7e:59:aa:ff:93:ef:f9:d2:b4:27:58:6a:81:92:
5b:ba:f5:a8:85:1a:ee:3a:cf:30:e8:6e:2f:f4:e7:
a2:39:28:93:74:ba:30:30:3c:32:cb:23:be:ab:ba:
cd:d3:9d:37:a2:93:4c:fb:02:bc:5f:da:f7:7a:3a:
64:e6:4c:91:8f:74:80:ae:7d:7e:e3:44:3d:ad:78:
69:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4E:33:6A:FF:36:28:32:91:5F:28:70:01:55:E3:CE:83:1B:15:EF
X509v3 Authority Key Identifier:
keyid:8C:BD:74:C6:D1:1D:63:CA:5D:E3:CC:63:7C:E9:67:EE:97:60:4C:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jL10xtEdY8pd48xjfOln7pdgTGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/bU4zav82KDKRXyhwAVXjzoMbFe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cd3ffb-09da-4fab-b38e-6c8e5d19377e/1/jL10xtEdY8pd48xjfOln7pdgTGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.126.0/23
193.135.4.0/22
193.200.144.0/24
195.245.237.0/24
IPv6:
2a03:8780::/32
Signature Algorithm: sha256WithRSAEncryption
73:e1:70:16:ff:d8:d8:cf:f8:d1:db:f6:83:24:24:e5:fa:61:
e9:93:49:cd:e4:9a:41:50:ce:4f:61:bd:62:70:91:3d:29:14:
e2:12:84:ed:f6:98:3c:25:4e:be:f6:a4:9b:51:9e:d2:bd:89:
2a:1b:3b:43:8c:24:a5:c7:be:b3:f3:a4:8c:7e:91:75:ec:cd:
ae:d3:51:9b:d1:b4:01:81:e0:17:98:6f:15:00:c0:cf:bf:16:
22:72:a9:d4:c1:81:f2:d1:bd:d2:76:38:26:c6:23:d7:2c:05:
ae:ef:be:68:e0:92:02:d5:49:89:56:05:d7:2f:e0:9f:52:8a:
cd:7a:ea:98:9a:75:24:60:26:4f:22:d2:d3:44:54:1f:dc:68:
cf:1e:d3:9c:bd:d1:4a:cf:ac:38:d7:b6:f0:e7:1f:d3:7d:2a:
cd:4a:ea:d7:38:1f:ff:0f:8f:67:e0:49:57:57:ff:b8:d4:97:
3f:3c:bf:41:f0:f9:4a:32:30:4d:2a:83:b8:64:39:ae:e5:5b:
f3:6c:e1:ae:48:77:f6:53:fe:be:52:d8:b2:48:24:d2:54:2b:
4c:6a:02:48:0f:a9:5a:b6:a3:1a:bd:e4:2d:d4:ec:30:31:33:
f8:2e:6f:ca:11:fe:43:96:40:1f:40:42:82:47:b2:9c:7b:91:
77:35:d7:dc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEJOLpGLD3p/QCCk3y4bytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYmQ3NGM2ZDExZDYzY2E1ZGUzY2M2MzdjZTk2N2VlOTc2
MDRjNjcwHhcNMjQwMTAxMDgzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRlMzM2YWZmMzYyODMyOTE1ZjI4NzAwMTU1ZTNjZTgzMWIxNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+EjJXsOz+AOsEc+tKDBk17Mfoh8
2e3R2ci2E6WvfVPauvVOrehFxCn4+HuGWp/uMnwYlQDFOLsetMnM4E4EPpHccTub
Wayy8RaVrMH2wM4vqdKKntGLRBG0AZrXbzS71I8qD03IyUIMP+Niy9mq2y0sYxeF
HZTs8Ew+x88ZRZ+NC7EkQO2F6dOkuNIHtNQjiDv23N+hgTQztVX/ad8SX0hwyIi4
V28EChFT4/7tNjF2aa5Aflmq/5Pv+dK0J1hqgZJbuvWohRruOs8w6G4v9OeiOSiT
dLowMDwyyyO+q7rN0503opNM+wK8X9r3ejpk5kyRj3SArn1+40Q9rXhpZwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG1OM2r/NigykV8ocAFV486DGxXvMB8GA1UdIwQY
MBaAFIy9dMbRHWPKXePMY3zpZ+6XYExnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakwxMHh0RWRZOHBkNDh4amZPbG43cGRnVEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jZDNmZmItMDlkYS00ZmFiLWIzOGUt
NmM4ZTVkMTkzNzdlLzEvYlU0emF2ODJLREtSWHlod0FWWGp6b01iRmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jZDNmZmItMDlkYS00ZmFiLWIzOGUtNmM4ZTVkMTkzNzdl
LzEvakwxMHh0RWRZOHBkNDh4amZPbG43cGRnVEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBwQV+AwQC
wYcEAwQAwciQAwQAw/XtMA0EAgACMAcDBQAqA4eAMA0GCSqGSIb3DQEBCwUAA4IB
AQBz4XAW/9jYz/jR2/aDJCTl+mHpk0nN5JpBUM5PYb1icJE9KRTiEoTt9pg8JU6+
9qSbUZ7SvYkqGztDjCSlx76z86SMfpF17M2u01Gb0bQBgeAXmG8VAMDPvxYicqnU
wYHy0b3SdjgmxiPXLAWu775o4JIC1UmJVgXXL+CfUorNeuqYmnUkYCZPItLTRFQf
3GjPHtOcvdFKz6w417bw5x/TfSrNSurXOB//D49n4ElXV/+41Jc/PL9B8PlKMjBN
KoO4ZDmu5VvzbOGuSHf2U/6+UtiySCTSVCtMagJID6latqMaveQt1OwwMTP4Lm/K
Ef5DlkAfQEKCR7Kce5F3Ndfc
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:44 2024 by rpki-client on console-fra.rpki-client.org