Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/v8CF-Esc8JqWAWLIsqlkN5ao1sc.roa
File: v8CF-Esc8JqWAWLIsqlkN5ao1sc.roa (raw, json)
Hash identifier: oX5EkoQvdA6g5NM+KBm6HYg1nIQ/EvmTIboQ5NAij8A=
Subject key identifier: BF:C0:85:F8:4B:1C:F0:9A:96:01:62:C8:B2:A9:64:37:96:A8:D6:C7
Certificate issuer: /CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Certificate serial: 018CCA996877B2601F253DE6DFDD1BEE484C
Authority key identifier: 75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/v8CF-Esc8JqWAWLIsqlkN5ao1sc.roa
Signing time: Tue 02 Jan 2024 14:35:00 +0000
ROA not before: Tue 02 Jan 2024 14:35:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47927
IP address blocks: 46.28.120.0/21 maxlen: 21
159.255.140.0/22 maxlen: 22
159.255.152.0/22 maxlen: 22
185.63.40.0/22 maxlen: 22
188.95.72.0/21 maxlen: 21
94.126.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:68:77:b2:60:1f:25:3d:e6:df:dd:1b:ee:48:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Validity
Not Before: Jan 2 14:35:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfc085f84b1cf09a960162c8b2a9643796a8d6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:51:90:3a:69:07:d7:d4:c4:8b:c2:52:b8:d8:
60:1d:b6:4f:e7:ac:af:b1:d4:c4:d6:0e:84:ca:10:
c5:c3:2a:9e:fe:32:aa:fc:06:18:0e:81:92:8a:d6:
30:95:d3:6c:53:9e:eb:09:b5:42:9a:9b:dc:5b:ca:
14:8a:de:11:78:91:e2:16:c4:2f:e7:8a:10:d6:2b:
0a:27:dc:a6:e1:ad:1f:16:dc:9b:c1:e3:5b:56:56:
6b:0a:91:64:18:bf:d7:e7:a2:16:b8:0b:e6:f1:07:
d1:8e:a8:b2:be:3e:3e:53:ae:87:9c:5f:1a:62:d6:
f5:16:3b:d9:23:cc:28:35:d7:81:f9:f0:ec:e7:82:
46:ca:08:7e:9f:1e:2e:a7:25:56:3f:e1:f3:86:3d:
0d:46:ab:a0:fc:09:51:df:c7:7c:eb:99:12:cc:6f:
1f:4d:b1:c4:83:3a:88:7d:17:2f:bb:bd:b8:93:d1:
f2:91:d7:05:d1:da:c7:09:f1:98:dc:ae:65:13:8a:
8f:cf:c3:a5:7a:e0:92:42:4b:fb:a1:5b:81:da:d6:
79:ca:cd:d3:1b:03:f5:b5:f4:66:e4:53:89:42:cc:
c9:ba:b0:6e:ca:1b:9e:6b:e5:2e:8d:34:5c:7e:3d:
12:c0:77:07:43:48:e5:53:21:1c:90:e0:22:fe:9b:
25:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C0:85:F8:4B:1C:F0:9A:96:01:62:C8:B2:A9:64:37:96:A8:D6:C7
X509v3 Authority Key Identifier:
keyid:75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/v8CF-Esc8JqWAWLIsqlkN5ao1sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.120.0/21
94.126.8.0/21
159.255.140.0/22
159.255.152.0/22
185.63.40.0/22
188.95.72.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:8f:6f:e6:21:04:7f:07:a6:6b:8e:3b:02:1e:cf:85:0c:06:
c5:70:ef:3b:7a:51:7f:4d:4e:7d:ab:da:c6:cf:1c:d6:38:fd:
72:67:92:2f:05:ff:c7:59:ae:6b:40:ab:30:c2:d3:4c:5f:3d:
fe:a2:8a:57:3a:50:59:95:8a:c2:1c:b3:59:5d:a4:fe:be:3d:
98:23:5b:27:32:4a:21:31:87:b1:ef:09:11:6e:75:5c:60:0c:
12:7f:78:7f:85:d5:02:26:bb:1d:c5:46:b2:c0:1c:fd:88:0d:
e3:c7:74:50:59:24:13:1f:da:f9:83:e8:33:51:51:89:3b:d5:
67:6c:8a:07:40:83:a1:c2:61:6f:e6:fa:ce:8b:cb:18:33:7e:
3b:ae:9c:7b:35:2b:d8:e3:a9:c2:3a:49:bd:79:4e:3a:8b:cf:
d7:0e:1b:a6:7a:31:7e:90:53:11:db:54:30:96:d1:28:07:08:
66:3e:53:e7:57:ba:f5:1f:14:e3:79:9b:8c:1f:6e:ff:bd:50:
3c:8f:a1:dc:9e:35:45:b5:db:48:60:8a:8d:01:47:09:65:ba:
13:0e:75:f1:73:e2:39:88:de:b0:fc:14:c5:63:67:e5:36:77:
38:91:65:10:98:20:a6:24:63:4a:a9:6d:e5:c0:41:6d:b4:57:
8d:6d:22:6c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKmWh3smAfJT3m390b7khMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZmFjYjA3ZjJjY2I5MmVlYmE4Nzg1NGM5NDI0MGU0ZjVh
YzhmNTIwHhcNMjQwMTAyMTQzNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmMwODVmODRiMWNmMDlhOTYwMTYyYzhiMmE5NjQzNzk2YThkNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglGQOmkH19TEi8JSuNhgHbZP56yv
sdTE1g6EyhDFwyqe/jKq/AYYDoGSitYwldNsU57rCbVCmpvcW8oUit4ReJHiFsQv
54oQ1isKJ9ym4a0fFtybweNbVlZrCpFkGL/X56IWuAvm8QfRjqiyvj4+U66HnF8a
Ytb1FjvZI8woNdeB+fDs54JGygh+nx4upyVWP+Hzhj0NRqug/AlR38d865kSzG8f
TbHEgzqIfRcvu724k9HykdcF0drHCfGY3K5lE4qPz8OleuCSQkv7oVuB2tZ5ys3T
GwP1tfRm5FOJQszJurBuyhuea+UujTRcfj0SwHcHQ0jlUyEckOAi/pslPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL/AhfhLHPCalgFiyLKpZDeWqNbHMB8GA1UdIwQY
MBaAFHX6ywfyzLku66h4VMlCQOT1rI9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZyTEJfTE11UzdycUhoVXlVSkE1UFdzajFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MDBjYmYtNDc3Yi00NmJlLThmNWQt
YzkxMTQ4M2RhNzhjLzEvdjhDRi1Fc2M4SnFXQVdMSXNxbGtONWFvMXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MDBjYmYtNDc3Yi00NmJlLThmNWQtYzkxMTQ4M2RhNzhj
LzEvZGZyTEJfTE11UzdycUhoVXlVSkE1UFdzajFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDLhx4AwQD
Xn4IAwQCn/+MAwQCn/+YAwQCuT8oAwQDvF9IMA0GCSqGSIb3DQEBCwUAA4IBAQBb
j2/mIQR/B6ZrjjsCHs+FDAbFcO87elF/TU59q9rGzxzWOP1yZ5IvBf/HWa5rQKsw
wtNMXz3+oopXOlBZlYrCHLNZXaT+vj2YI1snMkohMYex7wkRbnVcYAwSf3h/hdUC
JrsdxUaywBz9iA3jx3RQWSQTH9r5g+gzUVGJO9VnbIoHQIOhwmFv5vrOi8sYM347
rpx7NSvY46nCOkm9eU46i8/XDhumejF+kFMR21QwltEoBwhmPlPnV7r1HxTjeZuM
H27/vVA8j6HcnjVFtdtIYIqNAUcJZboTDnXxc+I5iN6w/BTFY2flNnc4kWUQmCCm
JGNKqW3lwEFttFeNbSJs
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:13:18 2024 by rpki-client on console-ams.rpki-client.org