Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/cJ88pARBNZavJL4febBDwBIv_fI.roa
File: cJ88pARBNZavJL4febBDwBIv_fI.roa (raw, json)
Hash identifier: MN8ZvnCn17JwmzqTssPApim6QXXdwj7Mejl1XlW31BI=
Subject key identifier: 70:9F:3C:A4:04:41:35:96:AF:24:BE:1F:79:B0:43:C0:12:2F:FD:F2
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018CC6B938BFF3BE1090539A5F2B7567E621
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/cJ88pARBNZavJL4febBDwBIv_fI.roa
Signing time: Mon 01 Jan 2024 20:31:16 +0000
ROA not before: Mon 01 Jan 2024 20:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49773
IP address blocks: 151.237.31.0/24 maxlen: 24
151.237.33.0/24 maxlen: 24
151.237.34.0/23 maxlen: 23
185.242.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:38:bf:f3:be:10:90:53:9a:5f:2b:75:67:e6:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 20:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=709f3ca404413596af24be1f79b043c0122ffdf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ca:7a:cb:db:8b:21:44:77:c3:ce:64:ac:33:
ae:f3:19:89:63:8e:44:c4:99:6a:9c:bc:10:19:f1:
98:e7:ac:cd:63:51:69:c6:11:7e:45:a8:62:e9:e5:
1b:74:f3:9c:5a:5d:06:8b:d1:6e:f7:9e:0a:70:7c:
b6:96:b0:09:4d:eb:2e:01:6a:6c:6d:5c:e1:d1:86:
a8:1f:89:3b:f7:90:15:54:b6:5d:21:c7:35:77:d7:
83:3f:9d:61:da:af:1f:41:aa:e9:a4:30:32:35:2a:
c3:f5:16:c1:4d:8d:90:06:f8:ca:d4:a8:66:d6:c8:
13:e0:5b:56:4e:9e:78:ae:a4:31:48:cc:4f:f4:26:
67:3b:a7:77:55:8e:9a:88:2c:28:4f:8b:82:82:41:
77:69:ea:cf:2c:4d:9f:2e:85:9e:be:93:9d:37:cd:
e7:a7:6a:69:ce:42:61:b9:fd:6c:15:df:7d:8c:9e:
61:f9:c9:46:8b:01:83:40:b3:27:2a:f6:6b:83:75:
dc:ec:af:71:f1:9b:cf:69:6c:28:d9:f3:de:7e:ee:
a3:c3:f6:43:68:58:e5:53:cc:91:64:ca:e1:91:74:
8f:04:a5:5b:36:21:fa:07:5e:4e:5c:c6:09:17:5f:
40:c0:a6:a5:04:2d:51:93:2d:ce:a6:84:d2:37:41:
87:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:9F:3C:A4:04:41:35:96:AF:24:BE:1F:79:B0:43:C0:12:2F:FD:F2
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/cJ88pARBNZavJL4febBDwBIv_fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.31.0/24
151.237.33.0-151.237.35.255
185.242.170.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:59:86:53:e8:50:64:e8:b7:d5:c6:ab:8e:31:a5:c6:81:1b:
ac:29:86:3c:bb:e8:ef:78:00:12:74:3a:a8:66:fd:15:69:b4:
74:6c:a2:9e:70:b8:c0:7d:ab:a8:f1:59:b2:c7:00:03:d6:86:
c1:e0:6b:9c:7b:92:5b:44:0f:f1:55:06:39:74:37:f4:89:48:
3f:c0:d3:3e:e1:c0:82:93:ef:88:85:65:43:52:9a:37:58:25:
c5:0f:4f:e1:6a:18:93:15:fd:df:51:21:bf:a7:3d:fc:0f:74:
51:23:e4:c9:0f:b5:07:b7:45:ee:a6:b1:fa:d7:d5:e0:ce:b4:
36:6d:23:d8:bb:e1:b4:1b:3e:37:1b:4d:49:31:c5:af:06:44:
62:3a:43:01:06:4d:a9:66:2f:08:2c:38:b6:d4:ca:12:7d:87:
2f:44:e2:40:da:8c:f1:77:1c:18:3b:89:f6:44:ba:0c:ac:21:
49:91:a7:79:bb:a7:e4:ce:8f:4a:02:fb:23:37:48:62:64:db:
b2:93:59:4b:57:1f:b8:7b:d9:92:e9:09:38:8a:c6:af:15:c3:
b6:57:d8:a7:2f:7d:a6:e3:74:26:43:8a:ed:73:06:0c:75:c3:
44:1d:8a:c3:5f:39:8f:df:f1:89:4e:0b:42:a5:78:14:db:e8:
03:69:91:f4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGuTi/874QkFOaXyt1Z+YhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDlmM2NhNDA0NDEzNTk2YWYyNGJlMWY3OWIwNDNjMDEyMmZmZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcp6y9uLIUR3w85krDOu8xmJY45E
xJlqnLwQGfGY56zNY1FpxhF+Rahi6eUbdPOcWl0Gi9Fu954KcHy2lrAJTesuAWps
bVzh0YaoH4k795AVVLZdIcc1d9eDP51h2q8fQarppDAyNSrD9RbBTY2QBvjK1Khm
1sgT4FtWTp54rqQxSMxP9CZnO6d3VY6aiCwoT4uCgkF3aerPLE2fLoWevpOdN83n
p2ppzkJhuf1sFd99jJ5h+clGiwGDQLMnKvZrg3Xc7K9x8ZvPaWwo2fPefu6jw/ZD
aFjlU8yRZMrhkXSPBKVbNiH6B15OXMYJF19AwKalBC1Rky3OpoTSN0GHXQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHCfPKQEQTWWryS+H3mwQ8ASL/3yMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvY0o4OHBBUkJOWmF2Skw0ZmViQkR3Qkl2X2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAl+0fMAwD
BACX7SEDBAKX7SADBAC58qowDQYJKoZIhvcNAQELBQADggEBAKFZhlPoUGTot9XG
q44xpcaBG6wphjy76O94ABJ0Oqhm/RVptHRsop5wuMB9q6jxWbLHAAPWhsHga5x7
kltED/FVBjl0N/SJSD/A0z7hwIKT74iFZUNSmjdYJcUPT+FqGJMV/d9RIb+nPfwP
dFEj5MkPtQe3Re6msfrX1eDOtDZtI9i74bQbPjcbTUkxxa8GRGI6QwEGTalmLwgs
OLbUyhJ9hy9E4kDajPF3HBg7ifZEugysIUmRp3m7p+TOj0oC+yM3SGJk27KTWUtX
H7h72ZLpCTiKxq8Vw7ZX2KcvfabjdCZDiu1zBgx1w0QdisNfOY/f8YlOC0KleBTb
6ANpkfQ=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:39:14 2024 by rpki-client on console-fra.rpki-client.org