Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ff9cf6-c690-4c44-9f63-db1b63a0a8c1/1/8eCQGifeyBiQ38ZrOEcOW3kwzOo.roa
File: 8eCQGifeyBiQ38ZrOEcOW3kwzOo.roa (raw, json)
Hash identifier: 8fdoce8JTl/NRNTA269g4aQW3gYlAWOyMQWdxZ8gvU4=
Subject key identifier: F1:E0:90:1A:27:DE:C8:18:90:DF:C6:6B:38:47:0E:5B:79:30:CC:EA
Certificate issuer: /CN=4730bdd7bbcc56fe9379b118cac7e1f92052a7ae
Certificate serial: 01911299A5D28D7C89AB2D3624CF4FC65F15
Authority key identifier: 47:30:BD:D7:BB:CC:56:FE:93:79:B1:18:CA:C7:E1:F9:20:52:A7:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzC917vMVv6TebEYysfh-SBSp64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ff9cf6-c690-4c44-9f63-db1b63a0a8c1/1/8eCQGifeyBiQ38ZrOEcOW3kwzOo.roa
Signing time: Fri 02 Aug 2024 10:19:04 +0000
ROA not before: Fri 02 Aug 2024 10:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61296
IP address blocks: 109.231.128.0/18 maxlen: 18
185.83.56.0/22 maxlen: 22
2a02:70e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ff9cf6-c690-4c44-9f63-db1b63a0a8c1/1/RzC917vMVv6TebEYysfh-SBSp64.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/ff9cf6-c690-4c44-9f63-db1b63a0a8c1/1/RzC917vMVv6TebEYysfh-SBSp64.mft
rsync://rpki.ripe.net/repository/DEFAULT/RzC917vMVv6TebEYysfh-SBSp64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:99:a5:d2:8d:7c:89:ab:2d:36:24:cf:4f:c6:5f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4730bdd7bbcc56fe9379b118cac7e1f92052a7ae
Validity
Not Before: Aug 2 10:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1e0901a27dec81890dfc66b38470e5b7930ccea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:43:5f:fb:a0:ff:53:c1:36:e8:fe:7c:14:06:
ba:ba:63:16:7b:62:5a:f0:c7:fa:69:51:92:bb:ce:
25:74:62:10:2e:f9:99:74:43:32:ca:6e:3a:39:61:
fc:61:a9:91:8e:dc:e1:96:c3:4d:9e:68:a4:ab:71:
72:42:89:9c:88:03:d1:0b:e8:c4:13:8c:bf:8f:e8:
61:93:fa:59:ef:81:7f:bc:3d:f6:d3:45:02:55:2c:
2f:e5:f1:1b:a0:62:71:a7:f3:7f:5f:ec:39:b4:72:
58:41:e7:e9:ae:ef:b6:d7:64:f2:60:8c:10:d1:17:
f2:0d:80:29:1c:43:04:02:a0:7e:aa:8f:e1:c0:f5:
ea:a0:27:74:15:18:07:d8:53:a5:38:52:fe:a3:2c:
84:8d:4b:1e:5a:df:cc:ac:d4:93:e6:4a:84:fe:89:
33:e6:c4:78:e8:68:e2:e9:15:dc:49:7e:00:a6:db:
1f:2c:61:1e:67:44:7a:40:3c:82:f8:44:23:e6:09:
3f:07:71:71:13:9b:d9:fd:b5:98:ef:0c:5c:d6:71:
b2:29:9e:8c:04:0a:25:3f:ae:3a:74:c3:37:c9:d0:
2b:cf:20:48:29:a1:85:ae:91:c1:a3:9c:3e:c0:0b:
18:12:c4:2f:f6:e8:25:22:92:62:b2:f1:96:7b:29:
7c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E0:90:1A:27:DE:C8:18:90:DF:C6:6B:38:47:0E:5B:79:30:CC:EA
X509v3 Authority Key Identifier:
keyid:47:30:BD:D7:BB:CC:56:FE:93:79:B1:18:CA:C7:E1:F9:20:52:A7:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzC917vMVv6TebEYysfh-SBSp64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ff9cf6-c690-4c44-9f63-db1b63a0a8c1/1/8eCQGifeyBiQ38ZrOEcOW3kwzOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ff9cf6-c690-4c44-9f63-db1b63a0a8c1/1/RzC917vMVv6TebEYysfh-SBSp64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.231.128.0/18
185.83.56.0/22
IPv6:
2a02:70e0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:b2:d3:35:73:a0:0a:c0:23:81:b4:fd:22:2b:e8:68:67:e1:
00:93:94:33:cd:fa:70:f3:ec:a6:3e:40:a1:5f:f1:93:46:a7:
2c:d9:27:68:e3:d0:8b:85:36:f8:df:6d:17:27:32:fa:ce:40:
75:47:d2:bd:52:ba:5c:77:b5:e2:83:9c:52:93:c2:12:96:ca:
fc:16:e5:88:16:e0:5b:b8:5a:4f:15:46:c4:1c:59:ee:5e:06:
33:79:8a:a8:19:f6:d1:89:76:d2:0b:81:35:4d:1f:94:0f:2b:
cb:90:92:24:7d:6e:94:71:ae:da:db:9d:ac:8a:da:ce:7e:de:
20:2f:f8:32:ee:c0:79:32:1f:08:a4:e9:f6:de:98:01:fa:0c:
1e:0d:33:84:7d:a7:73:c3:72:e3:90:9b:7e:e2:ee:e4:31:6a:
36:f0:5c:5a:82:b7:23:1d:d8:fc:6c:88:f4:d1:52:aa:18:9e:
e5:4c:0b:34:d0:dc:de:1f:97:81:65:c4:02:ca:76:f3:ce:1f:
d8:c4:28:ef:33:76:01:fd:4e:d9:59:51:50:cc:54:9b:bc:03:
67:13:16:cb:d8:39:ff:1d:f0:c7:61:33:d7:7d:47:e1:3c:a6:
8a:e7:cd:25:c4:e8:71:b7:ac:f7:47:c9:90:8f:ff:ad:18:95:
51:e8:b4:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZESmaXSjXyJqy02JM9Pxl8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzBiZGQ3YmJjYzU2ZmU5Mzc5YjExOGNhYzdlMWY5MjA1
MmE3YWUwHhcNMjQwODAyMTAxOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWUwOTAxYTI3ZGVjODE4OTBkZmM2NmIzODQ3MGU1Yjc5MzBjY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxENf+6D/U8E26P58FAa6umMWe2Ja
8Mf6aVGSu84ldGIQLvmZdEMyym46OWH8YamRjtzhlsNNnmikq3FyQomciAPRC+jE
E4y/j+hhk/pZ74F/vD3200UCVSwv5fEboGJxp/N/X+w5tHJYQefpru+212TyYIwQ
0RfyDYApHEMEAqB+qo/hwPXqoCd0FRgH2FOlOFL+oyyEjUseWt/MrNST5kqE/okz
5sR46Gji6RXcSX4AptsfLGEeZ0R6QDyC+EQj5gk/B3FxE5vZ/bWY7wxc1nGyKZ6M
BAolP646dMM3ydArzyBIKaGFrpHBo5w+wAsYEsQv9uglIpJisvGWeyl8bwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPHgkBon3sgYkN/GazhHDlt5MMzqMB8GA1UdIwQY
MBaAFEcwvde7zFb+k3mxGMrH4fkgUqeuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpDOTE3dk1WdjZUZWJFWXlzZmgtU0JTcDY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9mZjljZjYtYzY5MC00YzQ0LTlmNjMt
ZGIxYjYzYTBhOGMxLzEvOGVDUUdpZmV5QmlRMzhack9FY09XM2t3ek9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9mZjljZjYtYzY5MC00YzQ0LTlmNjMtZGIxYjYzYTBhOGMx
LzEvUnpDOTE3dk1WdjZUZWJFWXlzZmgtU0JTcDY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGbeeAAwQC
uVM4MA0EAgACMAcDBQAqAnDgMA0GCSqGSIb3DQEBCwUAA4IBAQAOstM1c6AKwCOB
tP0iK+hoZ+EAk5Qzzfpw8+ymPkChX/GTRqcs2Sdo49CLhTb4320XJzL6zkB1R9K9
Urpcd7Xig5xSk8ISlsr8FuWIFuBbuFpPFUbEHFnuXgYzeYqoGfbRiXbSC4E1TR+U
DyvLkJIkfW6Uca7a252sitrOft4gL/gy7sB5Mh8IpOn23pgB+gweDTOEfadzw3Lj
kJt+4u7kMWo28FxagrcjHdj8bIj00VKqGJ7lTAs00NzeH5eBZcQCynbzzh/YxCjv
M3YB/U7ZWVFQzFSbvANnExbL2Dn/HfDHYTPXfUfhPKaK580lxOhxt6z3R8mQj/+t
GJVR6LRx
-----END CERTIFICATE-----
Generated at Mon Nov 25 07:43:22 2024 by rpki-client on console-fra.rpki-client.org