Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/TB4ycHC2O9MZmbJNUYIJ8MTYXd4.roa
File: TB4ycHC2O9MZmbJNUYIJ8MTYXd4.roa (raw, json)
Hash identifier: bRdd5Mt4hbmxZQqqG3TXu+fHrHyCLdNCw4DHQh/bxRI=
Subject key identifier: 4C:1E:32:70:70:B6:3B:D3:19:99:B2:4D:51:82:09:F0:C4:D8:5D:DE
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 018CC802F9E9805B81CEEB75D464519E28E6
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/TB4ycHC2O9MZmbJNUYIJ8MTYXd4.roa
Signing time: Tue 02 Jan 2024 02:31:27 +0000
ROA not before: Tue 02 Jan 2024 02:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8468
IP address blocks: 81.31.96.0/19 maxlen: 19
185.220.12.0/22 maxlen: 22
195.74.96.0/19 maxlen: 19
87.127.0.0/16 maxlen: 16
188.39.0.0/16 maxlen: 16
79.143.144.0/20 maxlen: 20
84.45.128.0/17 maxlen: 17
78.32.0.0/15 maxlen: 15
62.249.192.0/18 maxlen: 18
2001:4d48::/32 maxlen: 32
2001:4d48::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 10:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f9:e9:80:5b:81:ce:eb:75:d4:64:51:9e:28:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Jan 2 02:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c1e327070b63bd31999b24d518209f0c4d85dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fc:a7:12:4d:07:8f:e7:53:f0:51:9a:0f:5b:
7e:f6:bb:4d:52:0c:c5:13:b3:78:f6:28:8b:2b:fc:
d2:5e:5e:9a:cb:fd:7b:da:1d:82:c9:47:a4:2e:58:
bc:49:d4:46:1b:40:a1:7c:19:b7:f8:78:01:69:39:
eb:e9:06:aa:80:b4:0e:d8:e5:d5:8c:e9:f3:e6:b9:
e8:9c:b4:22:74:23:5b:c6:70:84:c4:ce:d3:3d:43:
a9:40:63:af:9b:dd:ca:81:62:49:c8:f6:e0:6f:42:
1d:3e:e0:be:5c:c4:15:31:53:d2:9b:3a:27:45:02:
c6:52:2b:ad:0c:d9:bc:32:55:13:e3:8c:3b:27:32:
a3:41:22:d0:b2:3b:bf:60:be:9a:cb:47:13:18:67:
ea:75:78:1d:cb:ff:92:c5:01:2d:5c:7b:e4:4d:38:
86:f5:55:4a:c8:a2:7d:5c:40:28:2a:4a:46:28:2c:
6d:5b:ac:55:d7:2e:32:4b:bf:ff:15:07:1b:d2:5b:
8d:71:c2:50:aa:41:8b:6c:a4:91:ac:76:d8:ef:e8:
d8:90:2c:42:c5:c8:c6:04:6f:50:20:f8:cd:24:2a:
db:eb:46:08:71:d9:34:83:c8:90:74:da:3b:88:2a:
cc:50:1a:4f:d1:d2:c3:5f:ab:26:b9:81:36:c3:33:
b6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1E:32:70:70:B6:3B:D3:19:99:B2:4D:51:82:09:F0:C4:D8:5D:DE
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/TB4ycHC2O9MZmbJNUYIJ8MTYXd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.249.192.0/18
78.32.0.0/15
79.143.144.0/20
81.31.96.0/19
84.45.128.0/17
87.127.0.0/16
185.220.12.0/22
188.39.0.0/16
195.74.96.0/19
IPv6:
2001:4d48::/29
Signature Algorithm: sha256WithRSAEncryption
8c:a5:96:e8:87:fe:de:48:01:70:d5:d0:81:99:f6:1a:81:63:
e1:86:83:dc:99:88:62:6c:eb:b0:e5:96:78:ea:4b:8f:9b:14:
97:1f:e9:33:1e:70:a0:d0:b1:53:5b:36:b4:3b:86:e7:59:60:
5e:56:46:7b:92:87:e5:36:8b:57:4a:e6:8c:89:04:25:3d:21:
5c:b3:30:72:1d:1e:59:c7:c8:12:13:ce:88:d7:29:72:72:5a:
d7:d8:85:3f:5c:d9:90:76:a5:89:6d:3d:8b:04:86:02:9a:41:
b0:e0:29:64:dc:69:d0:9b:c6:03:91:5f:61:43:79:35:37:8a:
6f:de:f7:62:92:61:3a:0c:e6:60:3f:2d:c6:65:b1:f2:f2:66:
d6:e3:37:ee:45:e3:35:0e:f6:ff:39:34:ae:61:c6:13:e6:83:
b7:38:06:e8:b9:b7:b8:30:09:1f:5e:97:d4:f2:95:4f:5f:6a:
1a:ca:8b:e8:48:7e:02:16:f5:2e:9d:88:a4:01:0d:a3:48:1b:
9f:ce:24:2c:3a:60:0d:4b:d1:4b:83:25:ab:e7:0a:64:dc:e9:
26:25:71:cb:16:0b:bf:88:e1:8e:78:a6:0f:c7:d1:a7:f2:78:
3a:77:4c:57:27:b1:af:5d:97:75:07:51:30:d8:e8:cd:09:01:
a8:cb:72:86
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzIAvnpgFuBzut11GRRnijmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjQwMTAyMDIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzFlMzI3MDcwYjYzYmQzMTk5OWIyNGQ1MTgyMDlmMGM0ZDg1ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPynEk0Hj+dT8FGaD1t+9rtNUgzF
E7N49iiLK/zSXl6ay/172h2CyUekLli8SdRGG0ChfBm3+HgBaTnr6QaqgLQO2OXV
jOnz5rnonLQidCNbxnCExM7TPUOpQGOvm93KgWJJyPbgb0IdPuC+XMQVMVPSmzon
RQLGUiutDNm8MlUT44w7JzKjQSLQsju/YL6ay0cTGGfqdXgdy/+SxQEtXHvkTTiG
9VVKyKJ9XEAoKkpGKCxtW6xV1y4yS7//FQcb0luNccJQqkGLbKSRrHbY7+jYkCxC
xcjGBG9QIPjNJCrb60YIcdk0g8iQdNo7iCrMUBpP0dLDX6smuYE2wzO2NwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEweMnBwtjvTGZmyTVGCCfDE2F3eMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvVEI0eWNIQzJPOU1abWJKTlVZSUo4TVRZWGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA5BAIAATAzAwQGPvnAAwMB
TiADBARPj5ADBAVRH2ADBAdULYADAwBXfwMEArncDAMDALwnAwQFw0pgMA0EAgAC
MAcDBQMgAU1IMA0GCSqGSIb3DQEBCwUAA4IBAQCMpZboh/7eSAFw1dCBmfYagWPh
hoPcmYhibOuw5ZZ46kuPmxSXH+kzHnCg0LFTWza0O4bnWWBeVkZ7koflNotXSuaM
iQQlPSFcszByHR5Zx8gSE86I1ylyclrX2IU/XNmQdqWJbT2LBIYCmkGw4Clk3GnQ
m8YDkV9hQ3k1N4pv3vdikmE6DOZgPy3GZbHy8mbW4zfuReM1Dvb/OTSuYcYT5oO3
OAboube4MAkfXpfU8pVPX2oayovoSH4CFvUunYikAQ2jSBufziQsOmANS9FLgyWr
5wpk3OkmJXHLFgu/iOGOeKYPx9Gn8ng6d0xXJ7GvXZd1B1Ew2OjNCQGoy3KG
-----END CERTIFICATE-----
Generated at Sun Jun 2 16:54:51 2024 by rpki-client on console-ams.rpki-client.org