Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/8714y1cJoUfVDr6-weVdaRbxurg.roa
File: 8714y1cJoUfVDr6-weVdaRbxurg.roa (raw, json)
Hash identifier: /7eK/PzTSWX70+x8AUZ2SDONibdYbjDHtS4mzzmHFIw=
Subject key identifier: F3:BD:78:CB:57:09:A1:47:D5:0E:BE:BE:C1:E5:5D:69:16:F1:BA:B8
Certificate issuer: /CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Certificate serial: 01909C73D21B4419497C2A529B04C4BF4559
Authority key identifier: 0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/8714y1cJoUfVDr6-weVdaRbxurg.roa
Signing time: Wed 10 Jul 2024 11:42:34 +0000
ROA not before: Wed 10 Jul 2024 11:42:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 46.226.52.0/23 maxlen: 23
85.158.140.0/24 maxlen: 24
85.158.141.0/24 maxlen: 24
85.158.142.0/24 maxlen: 24
85.158.143.0/24 maxlen: 24
193.109.254.0/24 maxlen: 24
193.109.255.0/24 maxlen: 24
195.245.230.0/24 maxlen: 24
195.245.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:73:d2:1b:44:19:49:7c:2a:52:9b:04:c4:bf:45:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Validity
Not Before: Jul 10 11:42:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3bd78cb5709a147d50ebebec1e55d6916f1bab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ab:b9:da:ab:d7:c4:ef:2c:8e:2d:d2:25:fe:
28:69:cc:d0:40:47:5d:20:dd:33:e0:2b:ab:43:99:
09:2f:1f:a8:91:75:ea:70:93:8e:da:12:20:45:5c:
20:ad:39:26:e0:1c:03:8c:d6:25:7c:89:f2:a2:6d:
71:79:8d:fa:65:28:97:b6:47:8f:0c:ed:4e:55:37:
f5:92:a9:50:25:72:f7:21:ef:a3:81:aa:cd:91:31:
ca:e5:ab:ca:96:92:16:c3:65:d2:1a:98:66:a4:1c:
bd:10:9a:59:ca:9b:5f:7d:cf:d8:ab:5d:4b:4c:f8:
b2:89:74:5b:af:79:ea:29:da:97:0e:5b:71:0e:04:
4f:63:f1:97:bb:b4:d7:38:46:53:7e:d0:55:ce:3e:
1a:86:9d:92:fa:9b:73:8f:85:ea:03:29:4c:b8:fc:
4c:dc:51:3c:60:81:c2:73:9f:c6:40:74:05:8f:70:
23:b1:76:4e:49:72:ff:24:3d:ef:7e:d6:3f:24:43:
eb:6d:3d:4e:94:62:f2:7e:3e:86:39:24:a3:c9:45:
49:18:27:23:f5:9d:30:8c:76:e2:b7:81:3a:8d:00:
3b:9e:3b:f6:44:0e:2d:8c:cd:5d:79:76:92:11:6e:
75:b8:f8:39:ec:6d:8b:6f:4c:5f:69:dd:f8:5e:18:
ef:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:BD:78:CB:57:09:A1:47:D5:0E:BE:BE:C1:E5:5D:69:16:F1:BA:B8
X509v3 Authority Key Identifier:
keyid:0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/8714y1cJoUfVDr6-weVdaRbxurg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.52.0/23
85.158.140.0/22
193.109.254.0/23
195.245.230.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:e3:0a:53:fd:d8:b1:7b:dd:db:2d:42:31:aa:8e:a0:31:43:
88:cc:dd:8c:57:6c:4c:db:75:f4:e9:02:91:2f:e5:9e:92:6b:
d8:2e:d7:36:d7:ce:52:1b:9c:b2:b0:64:55:f3:0e:93:4e:5b:
b5:73:19:c2:03:cb:24:a9:dd:17:f2:ab:22:16:de:ec:d6:a3:
36:19:50:60:54:b4:c1:0d:3e:a9:b5:7c:d2:1f:5e:4a:ca:a6:
7c:ef:9d:16:46:87:62:ab:ca:98:6d:43:6c:c5:1c:6a:ce:19:
2b:0f:81:cf:d1:ea:49:93:99:a7:50:ea:ae:6f:ca:64:56:9f:
82:99:57:cd:d8:ff:8c:0e:b8:43:69:8e:16:b4:bc:5f:ac:81:
43:78:bb:c4:c5:22:67:81:03:51:9e:35:29:f5:04:db:70:cb:
ce:c5:00:e1:88:0d:46:b2:d2:3c:60:e3:ec:2e:1a:24:03:4f:
45:1a:b8:99:8c:51:06:32:68:c5:9e:21:d8:c6:ce:94:49:17:
7b:19:42:de:63:cb:43:10:a6:89:14:12:f3:28:f6:2c:b4:f0:
45:f6:e9:77:56:39:93:55:a4:0d:81:62:28:bb:dc:78:9e:0e:
7e:61:e5:39:48:b6:f0:ba:d8:da:51:32:66:05:b2:ba:f8:38:
24:fa:8f:3d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCcc9IbRBlJfCpSmwTEv0VZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWM2ZDBkZTcwY2M1MTgwNWI2M2E1ZTIzMjc2MjI1MjVk
MDc1YjEwHhcNMjQwNzEwMTE0MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2JkNzhjYjU3MDlhMTQ3ZDUwZWJlYmVjMWU1NWQ2OTE2ZjFiYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqu52qvXxO8sji3SJf4oaczQQEdd
IN0z4CurQ5kJLx+okXXqcJOO2hIgRVwgrTkm4BwDjNYlfInyom1xeY36ZSiXtkeP
DO1OVTf1kqlQJXL3Ie+jgarNkTHK5avKlpIWw2XSGphmpBy9EJpZyptffc/Yq11L
TPiyiXRbr3nqKdqXDltxDgRPY/GXu7TXOEZTftBVzj4ahp2S+ptzj4XqAylMuPxM
3FE8YIHCc5/GQHQFj3AjsXZOSXL/JD3vftY/JEPrbT1OlGLyfj6GOSSjyUVJGCcj
9Z0wjHbit4E6jQA7njv2RA4tjM1deXaSEW51uPg57G2Lb0xfad34Xhjv8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPO9eMtXCaFH1Q6+vsHlXWkW8bq4MB8GA1UdIwQY
MBaAFAscbQ3nDMUYBbY6XiMnYiUl0HWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAt
Zjc3NGYxZWFmYmZmLzEvODcxNHkxY0pvVWZWRHI2LXdlVmRhUmJ4dXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAtZjc3NGYxZWFmYmZm
LzEvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLuI0AwQC
VZ6MAwQBwW3+AwQBw/XmMA0GCSqGSIb3DQEBCwUAA4IBAQC64wpT/dixe93bLUIx
qo6gMUOIzN2MV2xM23X06QKRL+WekmvYLtc2185SG5yysGRV8w6TTlu1cxnCA8sk
qd0X8qsiFt7s1qM2GVBgVLTBDT6ptXzSH15KyqZ8750WRodiq8qYbUNsxRxqzhkr
D4HP0epJk5mnUOqub8pkVp+CmVfN2P+MDrhDaY4WtLxfrIFDeLvExSJngQNRnjUp
9QTbcMvOxQDhiA1GstI8YOPsLhokA09FGriZjFEGMmjFniHYxs6USRd7GULeY8tD
EKaJFBLzKPYstPBF9ul3VjmTVaQNgWIou9x4ng5+YeU5SLbwutjaUTJmBbK6+Dgk
+o89
-----END CERTIFICATE-----
Generated at Sat Sep 7 21:17:07 2024 by rpki-client on console-ams.rpki-client.org