Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/MF6slqUbLr4jZBco3VBOFybl7c0.roa
File: MF6slqUbLr4jZBco3VBOFybl7c0.roa (raw, json)
Hash identifier: uPB7OSHJzGKaKVJqeaX4bHMbiVxAW7r60jegdaf6BzU=
Subject key identifier: 30:5E:AC:96:A5:1B:2E:BE:23:64:17:28:DD:50:4E:17:26:E5:ED:CD
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018CC6B93E21E15C60E3839F6BA7C4F3FE02
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/MF6slqUbLr4jZBco3VBOFybl7c0.roa
Signing time: Mon 01 Jan 2024 20:31:17 +0000
ROA not before: Mon 01 Jan 2024 20:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62386
IP address blocks: 151.237.36.0/24 maxlen: 24
151.237.37.0/24 maxlen: 24
151.237.38.0/24 maxlen: 24
151.237.36.0/22 maxlen: 22
151.237.39.0/24 maxlen: 24
85.187.234.0/24 maxlen: 24
85.187.235.0/24 maxlen: 24
85.187.234.0/23 maxlen: 23
151.237.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3e:21:e1:5c:60:e3:83:9f:6b:a7:c4:f3:fe:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 20:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=305eac96a51b2ebe23641728dd504e1726e5edcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bc:71:24:9d:6f:8d:5f:54:60:18:93:4e:bd:
26:e6:b0:68:1e:49:27:40:10:73:84:e1:c7:86:d9:
79:5a:01:0d:f7:cb:38:e2:5f:63:ac:7a:83:69:42:
29:76:fe:ad:b0:ce:5f:a3:a0:9c:79:1e:fe:c7:88:
ee:63:9b:ec:a7:1d:67:bf:37:60:7d:54:a2:0f:0b:
2d:01:f7:7c:81:1f:96:1f:24:e7:b2:09:a1:e3:1e:
19:07:a5:09:cc:57:fc:f6:d5:75:9c:dc:97:5d:ee:
86:99:76:2f:5c:2c:98:0b:07:47:fe:8f:44:16:89:
7a:e0:55:89:c5:f1:a4:c0:89:f3:fc:de:1a:81:b8:
1b:e8:62:ba:89:19:63:53:49:bf:7c:d3:68:81:4d:
f1:8e:e9:64:93:3f:9a:34:c4:50:fe:fa:da:17:03:
6c:96:1d:e4:a8:5c:3f:4a:c2:70:3b:8d:da:fa:0f:
96:1a:1b:21:11:40:cc:aa:29:ff:24:7f:68:3c:17:
0e:4a:51:96:1c:ca:c8:be:25:60:6d:f2:46:bd:24:
64:05:ae:da:65:ba:95:cb:a2:93:8a:e0:6a:72:84:
44:3e:11:1f:36:80:f9:54:70:e6:4b:6c:67:de:3d:
5a:cc:a3:05:86:46:e4:77:83:f2:fb:9e:9c:87:0c:
eb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:5E:AC:96:A5:1B:2E:BE:23:64:17:28:DD:50:4E:17:26:E5:ED:CD
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/MF6slqUbLr4jZBco3VBOFybl7c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.234.0/23
151.237.36.0/22
151.237.63.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:de:c0:d2:26:d7:49:b8:36:18:95:f0:6b:8b:f7:72:51:67:
88:7c:f1:46:de:d2:3e:5d:a6:a6:51:9f:fa:f0:cd:fc:2b:c4:
1a:17:20:d3:53:19:68:66:19:a4:53:2d:8b:bd:15:b5:8d:70:
75:49:0b:29:93:8f:b0:0f:99:6e:3b:3e:e7:73:dd:cd:8b:c2:
14:ef:91:ef:77:22:f5:32:02:1b:ab:d3:8c:ac:72:df:17:77:
ae:16:e9:55:f6:c7:f8:6b:bb:89:1c:ed:f0:46:7a:a1:d6:a0:
3d:2c:7f:72:13:e5:8c:5d:86:72:a2:65:f8:ec:88:f9:69:65:
bd:8a:73:a2:2d:9c:55:45:73:dc:47:f6:65:9c:74:62:4a:62:
29:8f:13:db:ff:e4:84:4b:86:22:b3:54:b2:43:8c:a4:78:01:
b9:b5:3a:99:46:3c:29:03:43:fb:8f:a6:53:26:7f:b7:01:39:
ec:ac:b3:03:73:30:5a:92:d6:49:5a:54:0c:77:d4:a5:88:22:
3b:4d:44:e6:57:97:a9:39:23:8a:5a:9c:01:e4:59:41:85:05:
06:b8:77:92:8c:cc:b8:46:35:03:06:8c:48:b1:56:1d:e3:13:
93:11:5f:77:fe:d8:45:d7:eb:79:1a:33:d1:32:08:7c:69:11:
04:c7:0e:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuT4h4Vxg44Ofa6fE8/4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDVlYWM5NmE1MWIyZWJlMjM2NDE3MjhkZDUwNGUxNzI2ZTVlZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrxxJJ1vjV9UYBiTTr0m5rBoHkkn
QBBzhOHHhtl5WgEN98s44l9jrHqDaUIpdv6tsM5fo6CceR7+x4juY5vspx1nvzdg
fVSiDwstAfd8gR+WHyTnsgmh4x4ZB6UJzFf89tV1nNyXXe6GmXYvXCyYCwdH/o9E
Fol64FWJxfGkwInz/N4agbgb6GK6iRljU0m/fNNogU3xjulkkz+aNMRQ/vraFwNs
lh3kqFw/SsJwO43a+g+WGhshEUDMqin/JH9oPBcOSlGWHMrIviVgbfJGvSRkBa7a
ZbqVy6KTiuBqcoREPhEfNoD5VHDmS2xn3j1azKMFhkbkd4Py+56chwzreQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDBerJalGy6+I2QXKN1QThcm5e3NMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvTUY2c2xxVWJMcjRqWkJjbzNWQk9GeWJsN2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVbvqAwQC
l+0kAwQAl+0/MA0GCSqGSIb3DQEBCwUAA4IBAQAr3sDSJtdJuDYYlfBri/dyUWeI
fPFG3tI+XaamUZ/68M38K8QaFyDTUxloZhmkUy2LvRW1jXB1SQspk4+wD5luOz7n
c93Ni8IU75HvdyL1MgIbq9OMrHLfF3euFulV9sf4a7uJHO3wRnqh1qA9LH9yE+WM
XYZyomX47Ij5aWW9inOiLZxVRXPcR/ZlnHRiSmIpjxPb/+SES4Yis1SyQ4ykeAG5
tTqZRjwpA0P7j6ZTJn+3ATnsrLMDczBaktZJWlQMd9SliCI7TUTmV5epOSOKWpwB
5FlBhQUGuHeSjMy4RjUDBoxIsVYd4xOTEV93/thF1+t5GjPRMgh8aREExw7F
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:54:39 2024 by rpki-client on console-fra.rpki-client.org