Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/B81Yrg4BlleuRkMZeXott4cknd8.roa
File: B81Yrg4BlleuRkMZeXott4cknd8.roa (raw, json)
Hash identifier: ImjdcKsCTj1FOfM6GBbgfvWf0dQfSedQ46ABuU63VyE=
Subject key identifier: 07:CD:58:AE:0E:01:96:57:AE:46:43:19:79:7A:2D:B7:87:24:9D:DF
Certificate issuer: /CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Certificate serial: 018F0A0063B099C9889C7E2EAA9B1BAC0B78
Authority key identifier: 80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/B81Yrg4BlleuRkMZeXott4cknd8.roa
Signing time: Tue 23 Apr 2024 08:09:08 +0000
ROA not before: Tue 23 Apr 2024 08:09:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6789
IP address blocks: 45.149.244.0/22 maxlen: 22
80.245.112.0/20 maxlen: 20
80.245.112.0/24 maxlen: 24
83.222.0.0/24 maxlen: 24
83.222.1.0/24 maxlen: 24
83.222.2.0/24 maxlen: 24
83.222.3.0/24 maxlen: 24
85.91.192.0/19 maxlen: 19
91.235.12.0/22 maxlen: 22
91.247.96.0/19 maxlen: 19
109.200.128.0/19 maxlen: 19
185.99.168.0/22 maxlen: 22
185.100.103.0/24 maxlen: 24
185.104.92.0/22 maxlen: 22
185.186.232.0/22 maxlen: 22
2a00:1d80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:00:63:b0:99:c9:88:9c:7e:2e:aa:9b:1b:ac:0b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Validity
Not Before: Apr 23 08:09:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07cd58ae0e019657ae464319797a2db787249ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9f:82:e4:24:ff:a0:fa:5a:e0:fa:2b:97:e6:
be:d4:70:e0:88:cd:86:12:a5:d2:d3:9d:2a:84:f1:
43:a5:d2:84:06:4d:49:f6:ac:4e:61:09:9e:dc:b5:
a0:bc:06:52:a7:62:3f:20:03:14:4f:43:ea:f6:f9:
fb:65:4d:be:7d:74:a7:b0:46:27:81:7b:a0:c1:84:
d4:9a:b2:c6:f3:24:74:ac:93:d7:bd:12:69:1a:70:
a2:02:cf:9f:c8:f6:20:59:e4:69:96:c7:0c:1e:f3:
a1:db:4a:ab:38:1b:0c:fc:84:c1:6f:b2:50:3a:88:
99:88:9f:c4:9b:ab:3e:87:da:95:5b:a5:c7:00:d7:
04:85:52:dc:d1:ca:a5:bd:01:77:28:8f:3f:54:ee:
33:4b:a0:4c:e7:72:cd:bc:21:93:4f:bf:44:c2:7d:
9f:30:c4:a2:9b:dc:6b:19:6d:38:20:e2:6d:ee:ff:
48:65:b5:49:dc:76:fe:42:94:33:13:31:01:92:d2:
3a:30:07:d4:d6:8f:d2:f1:c6:ff:5d:69:55:1c:44:
7e:69:2c:2d:12:c9:de:0f:56:af:55:4d:27:8d:87:
a1:4c:a3:fe:18:f9:f9:73:7b:c0:2f:2b:8d:86:f5:
59:27:7e:27:7d:e0:17:94:27:1a:d0:28:87:90:9d:
ca:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:CD:58:AE:0E:01:96:57:AE:46:43:19:79:7A:2D:B7:87:24:9D:DF
X509v3 Authority Key Identifier:
keyid:80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/B81Yrg4BlleuRkMZeXott4cknd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.244.0/22
80.245.112.0/20
83.222.0.0/22
85.91.192.0/19
91.235.12.0/22
91.247.96.0/19
109.200.128.0/19
185.99.168.0/22
185.100.103.0/24
185.104.92.0/22
185.186.232.0/22
IPv6:
2a00:1d80::/32
Signature Algorithm: sha256WithRSAEncryption
92:ef:3c:c9:69:f7:a1:10:90:63:b0:d9:d5:99:36:03:ad:b0:
42:37:9f:4a:e5:e1:d7:a2:91:11:1b:e7:66:11:f1:dd:9d:c1:
4f:fa:98:46:fe:09:f0:88:fb:f8:82:81:99:1f:a2:3c:f0:01:
67:17:b8:66:44:27:18:4c:d7:84:77:ba:b7:93:04:45:09:d1:
03:ac:20:e7:98:07:b5:15:5c:12:e8:17:8a:88:cf:a5:16:30:
50:c1:9f:a1:79:b4:49:f1:59:45:7f:3d:bd:2f:0b:41:78:cb:
dd:87:f8:50:d7:be:33:ef:2a:7a:77:9d:03:3f:56:9e:60:6d:
68:74:49:da:39:17:b7:28:8c:92:24:cf:90:40:ce:7d:69:29:
30:17:9d:ad:1a:d4:f6:7b:f6:7e:3d:b5:17:e4:c7:7e:e9:87:
7b:59:40:8b:11:6a:2f:cc:74:c8:9c:2e:e9:0c:b8:2b:b4:fc:
ac:bc:a1:47:e9:f9:b5:ee:7e:03:9f:65:38:7c:52:68:7d:24:
96:26:0e:db:ce:b3:88:1d:37:cc:36:a9:f1:07:af:75:75:bf:
95:60:aa:2f:a2:ec:98:cc:54:97:05:be:11:f7:7a:4d:e8:b3:
f2:bf:9c:be:73:2e:66:88:30:64:53:16:92:54:f8:2a:66:e3:
40:f4:19:07
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY8KAGOwmcmInH4uqpsbrAt4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOGUyMzhlMzBkY2I3NTk3NTlmYjhhMzk0ZDllMjExYTI4
YjlkODcwHhcNMjQwNDIzMDgwOTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2NkNThhZTBlMDE5NjU3YWU0NjQzMTk3OTdhMmRiNzg3MjQ5ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ+C5CT/oPpa4Porl+a+1HDgiM2G
EqXS050qhPFDpdKEBk1J9qxOYQme3LWgvAZSp2I/IAMUT0Pq9vn7ZU2+fXSnsEYn
gXugwYTUmrLG8yR0rJPXvRJpGnCiAs+fyPYgWeRplscMHvOh20qrOBsM/ITBb7JQ
OoiZiJ/Em6s+h9qVW6XHANcEhVLc0cqlvQF3KI8/VO4zS6BM53LNvCGTT79Ewn2f
MMSim9xrGW04IOJt7v9IZbVJ3Hb+QpQzEzEBktI6MAfU1o/S8cb/XWlVHER+aSwt
EsneD1avVU0njYehTKP+GPn5c3vALyuNhvVZJ34nfeAXlCca0CiHkJ3K/wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFAfNWK4OAZZXrkZDGXl6LbeHJJ3fMB8GA1UdIwQY
MBaAFICOI44w3LdZdZ+4o5TZ4hGii52HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDkt
Y2Q5NzQwNDI2NDlmLzEvQjgxWXJnNEJsbGV1UmtNWmVYb3R0NGNrbmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDktY2Q5NzQwNDI2NDlm
LzEvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQCLZX0AwQE
UPVwAwQCU94AAwQFVVvAAwQCW+sMAwQFW/dgAwQFbciAAwQCuWOoAwQAuWRnAwQC
uWhcAwQCubroMA0EAgACMAcDBQAqAB2AMA0GCSqGSIb3DQEBCwUAA4IBAQCS7zzJ
afehEJBjsNnVmTYDrbBCN59K5eHXopERG+dmEfHdncFP+phG/gnwiPv4goGZH6I8
8AFnF7hmRCcYTNeEd7q3kwRFCdEDrCDnmAe1FVwS6BeKiM+lFjBQwZ+hebRJ8VlF
fz29LwtBeMvdh/hQ174z7yp6d50DP1aeYG1odEnaORe3KIySJM+QQM59aSkwF52t
GtT2e/Z+PbUX5Md+6Yd7WUCLEWovzHTInC7pDLgrtPysvKFH6fm17n4Dn2U4fFJo
fSSWJg7bzrOIHTfMNqnxB691db+VYKovouyYzFSXBb4R93pN6LPyv5y+cy5miDBk
UxaSVPgqZuNA9BkH
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:27:58 2024 by rpki-client on console-ams.rpki-client.org